chore(deps-dev): bump vite from 7.3.6 to 8.1.5 in the vite group across 1 directory #3220
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow is provided via the organization template repository | |
| # | |
| # https://github.com/nextcloud-libraries/.github | |
| # https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization | |
| # | |
| # SPDX-FileCopyrightText: Nextcloud GmbH and Nextcloud contributors | |
| # SPDX-License-Identifier: MIT | |
| name: Auto approve Dependabot PRs | |
| on: | |
| pull_request_target: # zizmor: ignore[dangerous-triggers] | |
| branches: | |
| - main | |
| - master | |
| - stable* | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: dependabot-approve-merge-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| jobs: | |
| auto-approve-merge: | |
| if: github.event.pull_request.user.login == 'dependabot[bot]' || github.event.pull_request.user.login == 'renovate[bot]' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| # for auto-approve step to work | |
| pull-requests: write | |
| # for alexwilson/enable-github-automerge-action to approve PRs | |
| contents: write | |
| steps: | |
| - name: Disabled on forks | |
| if: ${{ github.event.pull_request.head.repo.full_name != github.repository }} | |
| run: | | |
| echo 'Can not approve PRs from forks' | |
| exit 1 | |
| - uses: mdecoleman/pr-branch-name@55795d86b4566d300d237883103f052125cc7508 # v3.0.0 | |
| id: branchname | |
| with: | |
| repo-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Dependabot metadata | |
| id: metadata | |
| if: startsWith(steps.branchname.outputs.branch, 'dependabot/') | |
| uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 # v3.1.0 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check for ignored dependencies in the PR | |
| id: validate | |
| if: startsWith(steps.branchname.outputs.branch, 'dependabot/') | |
| env: | |
| IGNORE_PATTERN: ${{ env.IGNORE_PATTERN }} | |
| DEPENDENCY_NAMES: ${{ steps.metadata.outputs.dependency-names }} | |
| run: | | |
| if [[ -z ${IGNORE_PATTERN} ]]; then | |
| echo "ignore=false" >> "$GITHUB_OUTPUT" | |
| elif [[ -z ${DEPENDENCY_NAMES} ]]; then | |
| echo "ignore=false" >> "$GITHUB_OUTPUT" | |
| elif [[ ${DEPENDENCY_NAMES} =~ ${IGNORE_PATTERN} ]]; then | |
| echo "ignore=true" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: GitHub actions bot approve | |
| id: auto_approve | |
| if: ${{ | |
| startsWith(steps.branchname.outputs.branch, 'dependabot/') | |
| && steps.validate.outputs.ignore != 'true' | |
| }} | |
| run: gh pr review --approve "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Enable GitHub auto merge | |
| - name: Auto merge | |
| uses: alexwilson/enable-github-automerge-action@2c32e18a76e0726ffe7a573bfff2d42a20885126 # 3.0.0 | |
| if: ${{ | |
| startsWith(steps.branchname.outputs.branch, 'dependabot/') | |
| && steps.auto_approve.conclusion == 'success' | |
| && (github.event.action == 'opened' || github.event.action == 'reopened') | |
| && ( | |
| steps.metadata.outputs.update-type == 'version-update:semver-patch' | |
| || (fromJSON(env.ALLOW_MINOR) && steps.metadata.outputs.update-type == 'version-update:semver-minor') | |
| || (fromJSON(env.ALLOW_MAJOR) && steps.metadata.outputs.update-type == 'version-update:semver-major') | |
| ) | |
| }} | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} |