build(deps-dev): bump postcss from 8.4.48 to 8.4.49 #540
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is the workflow to automatically approve and merge dependabot PRs | |
# | |
name: Dependabot automation | |
on: | |
pull_request_target: | |
types: [opened, synchronize, reopened] | |
# Allows you to call this workflow from other workflows | |
workflow_call: | |
secrets: | |
GH_TOKEN: | |
required: false | |
permissions: | |
pull-requests: write | |
contents: write | |
jobs: | |
dependabot: | |
runs-on: ubuntu-latest | |
if: ${{ github.actor == 'dependabot[bot]' }} | |
steps: | |
- name: Dependabot metadata | |
id: metadata | |
uses: dependabot/fetch-metadata@v2 | |
with: | |
github-token: '${{ secrets.GITHUB_TOKEN }}' | |
skip-verification: true # skip actor verification to avoid error on workflow-run event. Actor is checked on the job level | |
- name: Enable auto-merge for Dependabot PRs | |
continue-on-error: true | |
run: gh pr merge --auto --squash "$PR_URL" | |
env: | |
PR_URL: ${{github.event.pull_request.html_url}} | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }} # GH_TOKEN needed to trigger follow up worlflow: https://github.com/fastify/github-action-merge-dependabot/issues/134 | |
- name: Approve a PR | |
continue-on-error: true | |
# if: ${{contains(steps.metadata.outputs.dependency-names, '') && steps.metadata.outputs.update-type == 'version-update:semver-patch'}} | |
# Auto merge all dependencies with patch or minor version updates | |
if: ${{(steps.metadata.outputs.update-type == 'version-update:semver-patch') || (steps.metadata.outputs.update-type == 'version-update:semver-minor')}} | |
run: gh pr review --approve "$PR_URL" | |
env: | |
PR_URL: ${{github.event.pull_request.html_url}} | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN || secrets.GITHUB_TOKEN }} # GH_TOKEN needed to approve PR as code owner on protected branches |