diff --git a/.github/auto-merge.yml b/.github/auto-merge.yml new file mode 100644 index 00000000..ca804276 --- /dev/null +++ b/.github/auto-merge.yml @@ -0,0 +1,11 @@ +- match: + dependency_type: all + update_type: security:minor # includes patch updates! + +- match: + dependency_type: development + update_type: semver:minor # includes patch updates! + +- match: + dependency_type: production + update_type: semver:patch diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml index 13b35a43..6c283da3 100644 --- a/.github/workflows/dependabot.yml +++ b/.github/workflows/dependabot.yml @@ -7,19 +7,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Automerge dependabot dependencies - uses: actions/github-script@v3 - if: github.actor == 'dependabot[bot]' + uses: ahmadnassri/action-dependabot-auto-merge@v2 with: github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - github.pullRequests.createReview({ - owner: context.payload.repository.owner.login, - repo: context.payload.repository.name, - pull_number: context.payload.pull_request.number, - event: 'APPROVE' - }) - github.pullRequests.merge({ - owner: context.payload.repository.owner.login, - repo: context.payload.repository.name, - pull_number: context.payload.pull_request.number - })