deps: bump the all-dependencies group with 13 updates #231
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependabot Auto Merge and Resolve Lockfile Conflicts | |
| on: | |
| pull_request: | |
| branches: | |
| - master | |
| types: | |
| - opened | |
| - synchronize | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| resolve-conflicts: | |
| if: github.event.pull_request.user.login == 'dependabot[bot]' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| - name: Set up pnpm | |
| uses: pnpm/action-setup@v4 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "lts/*" | |
| cache: pnpm | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Check for lockfile conflicts | |
| id: check-conflict | |
| run: | | |
| if git diff --name-only | grep 'pnpm-lock.yaml'; then | |
| echo "conflict=true" >> $GITHUB_OUTPUT | |
| else | |
| echo "conflict=false" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Resolve lockfile conflict | |
| if: steps.check-conflict.outputs.conflict == 'true' | |
| run: | | |
| echo "Deleting pnpm-lock.yaml..." | |
| rm pnpm-lock.yaml | |
| echo "Reinstalling dependencies..." | |
| pnpm install | |
| - name: Commit and push updated lockfile | |
| if: steps.check-conflict.outputs.conflict == 'true' | |
| run: | | |
| git config --global user.name "dependabot-bot" | |
| git config --global user.email "[email protected]" | |
| git add pnpm-lock.yaml | |
| git commit -m "fix: Resolve pnpm-lock.yaml conflicts" | |
| git push origin ${{ github.event.pull_request.head.ref }} | |
| auto-merge: | |
| needs: resolve-conflicts | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Mark auto-merge check for non-Dependabot PRs | |
| if: github.event.pull_request.user.login != 'dependabot[bot]' | |
| run: | | |
| echo "Skipping dependabot-auto-merge for non-Dependabot PRs." | |
| exit 0 | |
| - name: Checkout PR branch | |
| if: github.event.pull_request.user.login == 'dependabot[bot]' | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| fetch-depth: 0 | |
| - name: Pull latest changes from PR branch | |
| if: github.event.pull_request.user.login == 'dependabot[bot]' | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "github-actions[bot]@users.noreply.github.com" | |
| git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }} | |
| git fetch origin ${{ github.event.pull_request.head.ref }} | |
| git rebase origin/${{ github.event.pull_request.head.ref }} || git rebase --abort | |
| git push origin HEAD --force-with-lease | |
| - name: Enable auto-merge for Dependabot PRs | |
| if: github.event.pull_request.user.login == 'dependabot[bot]' | |
| run: gh pr merge --auto --merge "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |