Merge branch 'main' into renovate/major-7-eslint

emmercm · Apr 6, 2024 · 5e5506f · 5e5506f
2 parents e9d8d03 + 993d4a6
commit 5e5506f
Show file tree

Hide file tree

Showing 4 changed files with 60 additions and 1 deletion.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,31 @@
+version: 2
+
+updates:
+  # Configure security updates for some package managers. This requires these repository settings:
+  #   Code security and analysis > Dependabot > Dependabot alerts
+  #   Code security and analysis > Dependabot > Dependabot security updates
+  - package-ecosystem: npm
+    directory: "/"
+    schedule:
+      interval: daily
+    commit-message:
+      prefix: Chore
+      include: scope
+    # Disable non-security updates, let Renovate handle it
+    open-pull-requests-limit: 0
+    labels: []
+    # Disable rebasing, let .github/workflows/gh-automerge-rebase.yml handle it
+    rebase-strategy: disabled
+  - package-ecosystem: pip
+    directory: "/"
+    schedule:
+      interval: daily
+    commit-message:
+      prefix: Chore
+      include: scope
+    # Disable non-security updates, let Renovate handle it
+    open-pull-requests-limit: 0
+    labels: [ ]
+    # Disable rebasing, let .github/workflows/gh-automerge-rebase.yml handle it
+    rebase-strategy: disabled
+  # Note: .github/workflows/gh-dependabot-automerge.yml will auto-merge these PRs
diff --git a/.github/workflows/gh-automerge-disabler.yml b/.github/workflows/gh-automerge-disabler.yml
@@ -1,7 +1,7 @@
 # The adRise/update-pr-branch action has force-pushed an empty branch to outside contributions
 #   before (e.g. https://github.com/emmercm/igir/pull/943), causing the PR to merge but no code to
 #   actually end up in the main repository. This action is to automatically disable auto-merge in
-#   case this ever gets enabled again
+#   case this ever gets enabled again.
 
 name: GitHub Auto-Merge Disabler
 

diff --git a/.github/workflows/gh-dependabot-automerge.yml b/.github/workflows/gh-dependabot-automerge.yml
@@ -0,0 +1,27 @@
+name: Dependabot Automerge
+
+on:
+  pull_request_target:
+    types:
+      # - edited  # PR's base branch was changed
+      - opened
+      - reopened
+      - synchronize  # PR's branch was edited (i.e. new commits)
+
+permissions:
+  # actions/checkout@v4, `gh` CLI
+  contents: write
+  # `gh` CLI
+  repository-projects: read
+  pull-requests: write
+
+jobs:
+  dependabot-automerge:
+    if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
+    runs-on: ubuntu-latest
+    steps:
+      # Required for `gh` CLI
+      - uses: actions/checkout@v4
+      - run: gh pr merge "${{ github.event.pull_request.number }}" --squash --auto
+        env:
+          GH_TOKEN: ${{ github.token }}
diff --git a/.github/workflows/pr-renamer.yml b/.github/workflows/pr-renamer.yml
@@ -48,6 +48,7 @@ jobs:
 
           NEW_TITLE="$(echo "${OLD_TITLE}" | sed -r \
             `# Strip scope` \
+            -e 's/^[a-z]+\(deps\)(!?:)/Chore:/i' \
             -e 's/^([a-z]+)\([^)]+\)(!?:)/\1\2/i' \
             `# Massage scope` \
             -e 's/^[a-z]+!:/Breaking:/i' \