build: bump npm-check-updates from 16.14.20 to 17.1.3 #217
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # https://docs.github.com/ja/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions | |
| name: Dependabot auto-approve/merge | |
| "on": pull_request | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| dependabot: | |
| runs-on: ubuntu-latest | |
| if: github.actor == 'dependabot[bot]' | |
| steps: | |
| - name: Dependabot metadata | |
| id: metadata | |
| uses: dependabot/fetch-metadata@v2 | |
| - name: Approve and auto-merge the PR | |
| if: > | |
| steps.metadata.outputs.update-type == 'version-update:semver-minor' || | |
| steps.metadata.outputs.update-type == 'version-update:semver-patch' | |
| run: | | |
| gh pr review --approve "$PR_URL" | |
| # 当リポジトリの auto-merge 設定とデフォルトブランチ(例:main)に | |
| # 対する保護の両方が有効な場合、次の行をアンコメントできます。 | |
| # gh pr merge --auto --merge "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # yamllint disable rule:comments-indentation rule:line-length | |
| # 依存性更新がマイナーアップデートとパッチアップデートのどちらでもないとき | |
| # に特定のユーザーに自動で PR レビューを依頼する場合、以下のステップを | |
| # アンコメントしてください。 | |
| # 注意:リポジトリの可視性がプライベートの場合、 | |
| # 以下のステップは失敗する可能性があります。 | |
| # - name: Request reviews for the PR | |
| # if: > | |
| # steps.metadata.outputs.update-type != 'version-update:semver-minor' && | |
| # steps.metadata.outputs.update-type != 'version-update:semver-patch' | |
| # run: gh pr edit "$PR_URL" --add-reviewer <login> | |
| # env: | |
| # PR_URL: ${{ github.event.pull_request.html_url }} | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # yamllint enable rule:comments-indentation rule:line-length |