Skip to content

GHA security cleanup #225

GHA security cleanup

GHA security cleanup #225

name: Auto-merge Dependabot PRs
on:
pull_request_target:
branches: [main]
jobs:
#
# Automatically review dependabot PRs and set them to automerge (on successful checks)
#
Automerge:
runs-on: ubuntu-latest
if: github.actor == 'dependabot[bot]'
env:
GH_TOKEN: ${{ github.token }}
GH_REPO: ${{ github.repository }}
GH_PR: ${{ github.event.pull_request.number }}
permissions:
contents: write
pull-requests: write
steps:
- name: Set auto-merge
run: gh pr merge -R "$GH_REPO" --merge --auto "$GH_PR"
- name: Review PR
run: gh pr review -R "$GH_REPO" --approve "$GH_PR"