chore(deps-dev): bump @oclif/plugin-command-snapshot from 5.1.8 to 5.1.9 #3816

Workflow file for this run

.github/workflows/dependabot-reviewer.yml at b1ab7a0

	name: dependabot-reviewer
	on: pull_request_target
	permissions:
	pull-requests: write
	contents: write
	repository-projects: read
	jobs:
	review-dependabot-pr:
	runs-on: ubuntu-latest
	if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
	steps:
	- name: Dependabot metadata
	id: dependabot-metadata
	uses: dependabot/fetch-metadata@v2
	- uses: actions/checkout@v4
	- name: Approve a PR if not already approved
	id: check-approval
	run: \|
	gh pr checkout "$PR_URL"
	echo "approved=true" >> "$GITHUB_OUTPUT"
	if [ "$(gh pr status --json reviewDecision -q .currentBranch.reviewDecision)" != "APPROVED" ];
	then echo "approved=false" >> "$GITHUB_OUTPUT";
	else echo "PR already approved, skipping additional approvals to minimize emails/notification noise.";
	fi
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
	- name: Enable auto-merge for Dependabot PRs
	run: gh pr merge --auto --squash "$PR_URL"
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
	- name: Approve patch and minor updates
	if: ${{(steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch' \|\| steps.dependabot-metadata.outputs.update-type == 'version-update:semver-minor') && steps.check-approval.outputs.approved != 'true'}}
	run: gh pr review $PR_URL --approve -b "I'm approving this pull request because it includes a patch or minor update"
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
	- name: Approve major updates of development dependencies
	if: ${{(steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major' && steps.dependabot-metadata.outputs.dependency-type == 'direct:development') && steps.check-approval.outputs.approved != 'true'}}
	run: gh pr review $PR_URL --approve -b "I'm approving this pull request because it includes a major update of a dependency used only in development"
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
	- name: Comment on major updates of non-development dependencies
	if: ${{(steps.dependabot-metadata.outputs.update-type == 'version-update:semver-major' && steps.dependabot-metadata.outputs.dependency-type == 'direct:production') && steps.check-approval.outputs.approved != 'true'}}
	run: \|
	if [ "$(gh pr view --json comments --jq '[.comments[] \| select(.author.login == "github-actions") \| .body \| contains("not approving")] \| any')" != "true" ];
	then
	gh pr comment $PR_URL --body "I'm not approving this PR because it includes a major update of a dependency used in production";
	gh pr edit $PR_URL --add-label "requires-manual-qa";
	else echo "PR already approved, skipping additional approvals to minimize emails/notification noise.";
	fi
	env:
	PR_URL: ${{github.event.pull_request.html_url}}
	GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps-dev): bump @oclif/plugin-command-snapshot from 5.1.8 to 5.1.9 #3816

Workflow file

chore(deps-dev): bump @oclif/plugin-command-snapshot from 5.1.8 to 5.1.9 #3816

Jobs

Run details

Workflow file for this run