[ISSUE #144] Auto approve when dependabot's branch is changed by some…

…one else (#145) * a more standard way to prevent creating dependabot PRs * approve if the PR author is dependabot * approve if the PR branch belongs to dependabot * Revert "approve if the PR branch belongs to dependabot" This reverts commit aabcdc4.
apache · May 27, 2024 · 8b0e4e5 · 8b0e4e5
1 parent 06e73c9
commit 8b0e4e5
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -27,12 +27,13 @@ updates:
         update-types: [ "version-update:semver-major" ]
   - package-ecosystem: "npm"
     directory: "./eventmesh-dashboard-view"
+    # Disable front-end PRs temporarily since 'npm run build' fails
+    open-pull-requests-limit: 0
     schedule:
       interval: "monthly"
     ignore:
       - dependency-name: "*"
-        # Disable front-end PRs temporarily since 'npm run build' fails
-        update-types: [ "version-update:semver-major", "version-update:semver-minor", "version-update:semver-patch" ]
+        update-types: [ "version-update:semver-major", "version-update:semver-patch" ]
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:

diff --git a/.github/workflows/auto-dependabot.yml b/.github/workflows/auto-dependabot.yml
@@ -27,7 +27,7 @@ jobs:
   # Pull request Auto merge is not enabled for this repository
   dependabot:
     runs-on: ubuntu-latest
-    if: github.actor == 'dependabot[bot]'
+    if: github.event.pull_request.user.login == 'dependabot[bot]'
     steps:
       - name: Dependabot metadata
         id: metadata