From 6f4b3eb6434db831acd9724e3fbc2b9c10c2355e Mon Sep 17 00:00:00 2001
From: Ed Morley <501702+edmorley@users.noreply.github.com>
Date: Mon, 9 Oct 2023 12:30:48 +0100
Subject: [PATCH] Group minor/patch version Rust Dependabot updates into one PR
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Previously only libcnb related dependency updates were grouped into
one Dependabot PR.

Now there is a second group, that takes advantage of Dependabot's new
semver version level grouping feature:
https://github.blog/changelog/2023-08-17-grouped-version-updates-by-semantic-version-level-for-dependabot/

In addition, the check changelog skipping strategy has been updated to
use the explicit `skip changelog` label for (a) explicitness, (b) to
allow removing the label in situations where we realise a changelog
entry is required (eg libcnb buildpack API version bumps), (c) for
consistency with other repos.

Lastly, the redundant `bundler` entry in the Dependabot config has
been removed (a leftover from #674).

GUS-W-14258249.
---
 .github/dependabot.yml                | 17 +++++++++++++----
 .github/workflows/check_changelog.yml |  9 ++-------
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index b933ebdf..32526d48 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,19 +1,28 @@
 version: 2
 updates:
-  - package-ecosystem: "bundler"
-    directory: "/"
-    schedule:
-      interval: "monthly"
   - package-ecosystem: "cargo"
     directory: "/"
     schedule:
       interval: "monthly"
+    labels:
+      - "dependencies"
+      - "rust"
+      - "skip changelog"
     groups:
+      # Note: The group order matters, since updates are assigned to the first matching group.
       libcnb:
         patterns:
           - "libcnb*"
           - "libherokubuildpack"
+      rust-dependencies:
+        update-types:
+          - "minor"
+          - "patch"
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "monthly"
+    labels:
+      - "dependencies"
+      - "github actions"
+      - "skip changelog"
diff --git a/.github/workflows/check_changelog.yml b/.github/workflows/check_changelog.yml
index e1e09400..c0cc43b7 100644
--- a/.github/workflows/check_changelog.yml
+++ b/.github/workflows/check_changelog.yml
@@ -2,7 +2,7 @@ name: Check Changelog
 
 on:
   pull_request:
-    types: [opened, reopened, edited, labeled, unlabeled, synchronize]
+    types: [opened, reopened, labeled, unlabeled, synchronize]
 
 permissions:
   contents: read
@@ -10,12 +10,7 @@ permissions:
 jobs:
   check-changelog:
     runs-on: ubuntu-latest
-    if: |
-      !contains(github.event.pull_request.body, '[skip changelog]') &&
-      !contains(github.event.pull_request.body, '[changelog skip]') &&
-      !contains(github.event.pull_request.body, '[skip ci]') &&
-      !contains(github.event.pull_request.labels.*.name, 'skip changelog') &&
-      !contains(github.event.pull_request.labels.*.name, 'dependencies')
+    if: (!contains(github.event.pull_request.labels.*.name, 'skip changelog'))
     steps:
       - name: Checkout
         uses: actions/checkout@v4