Improve documentation and clarify workflow purpose

Copilot · hotlong · Copilot · commit ed2ccaf6bc49 · 2026-01-15T12:56:51.000Z
Co-authored-by: hotlong &lt;50353452+hotlong@users.noreply.github.com&gt;
diff --git a/.github/workflows/README.md b/.github/workflows/README.md
@@ -6,20 +6,23 @@ This directory contains automated workflows for the ObjectQL project.
 
 ### 🔄 auto-merge-dependabot.yml
 
-Automatically merges Dependabot pull requests with lockfile conflict resolution.
+Enables GitHub's auto-merge feature for Dependabot pull requests.
 
 **Features:**
 - Runs only for PRs created by `dependabot[bot]`
-- Automatically resolves `pnpm-lock.yaml` conflicts using a temporary merge driver
-- Enables GitHub's auto-merge feature after successful merge
-- No permanent changes to repository configuration
+- Enables auto-merge (squash) on the PR
+- Relies on GitHub's merge queue and branch protection rules
+- Delegtes merge conflict handling to GitHub or other workflows
+
+**Note:** This workflow doesn't implement the lockfile fix itself. For automatic lockfile conflict resolution, you can:
+1. Use the CI script approach in your CI workflow (see merge-with-lockfile-fix.yml)
+2. Configure branch protection rules that require CI to pass
+3. Use GitHub's merge queue feature
 
 **How it works:**
-1. Configures a temporary merge driver in the CI environment
-2. Uses `.git/info/attributes` (not tracked by Git) to apply the driver
-3. Merges the base branch into the PR branch
-4. Regenerates lockfile if conflicts are detected
-5. Enables auto-merge for the PR
+1. Detects Dependabot PRs
+2. Enables auto-merge with squash strategy
+3. GitHub will merge the PR once all checks pass
 
 ### 🔧 merge-with-lockfile-fix.yml
 
diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml
@@ -1,9 +1,16 @@
 name: Auto-merge Dependabot PRs
 
-# This workflow demonstrates enabling auto-merge for Dependabot PRs.
-# GitHub's auto-merge will handle the actual merge, and if configured
-# with the CI script approach in the release/CI workflows, lockfile
-# conflicts will be automatically resolved.
+# This workflow enables auto-merge for Dependabot PRs.
+# It relies on GitHub's merge queue and branch protection rules to handle
+# the actual merge. For automatic lockfile conflict resolution, see
+# merge-with-lockfile-fix.yml or add the CI script approach to your CI workflow.
+#
+# To use the CI script approach in another workflow that runs on Dependabot PRs,
+# add the following before any git merge operation:
+#
+#   git config merge.pnpm-merge.name "pnpm-lock.yaml merge driver"
+#   git config merge.pnpm-merge.driver "pnpm install --no-frozen-lockfile"
+#   echo "pnpm-lock.yaml merge=pnpm-merge" >> .git/info/attributes
 
 'on':
   pull_request:
diff --git a/docs/CI_AUTO_MERGE_LOCKFILE.md b/docs/CI_AUTO_MERGE_LOCKFILE.md
@@ -87,6 +87,12 @@ Add this step before any `git merge` operation in your existing workflows:
 
 The `--no-frozen-lockfile` flag allows pnpm to regenerate the lockfile if needed. This is essential for the merge driver to resolve conflicts by creating a new, consistent lockfile.
 
+**Note:** The existing `scripts/setup-merge-driver.sh` uses just `pnpm install` without this flag. Both approaches work:
+- `pnpm install` - Simpler, relies on pnpm's default behavior
+- `pnpm install --no-frozen-lockfile` - Explicit, ensures lockfile can be updated
+
+For CI environments, `--no-frozen-lockfile` is recommended to be explicit about the intent.
+
 ### Error Handling
 
 If the merge fails for reasons other than lockfile conflicts, the workflow will:
