ci: use canonical @v1 stub for dependabot-automerge workflow

[don-petry]

Summary

• Replaces the SHA-pinned reusable workflow reference (@ee22b427cbce9ecadcf2b436acb57c3adf0cb63d # v1) with the org-standard @v1 tag in .github/workflows/dependabot-automerge.yml
• File is now verbatim copy of petry-projects/.github/standards/workflows/dependabot-automerge.yml as required by org CI standards

Compliance

Resolves the non-stub-dependabot-automerge.yml compliance finding: the workflow was referencing the reusable via a SHA pin rather than the canonical @v1 tag, which is the org standard for centralized workflows.

Closes #149

---

Generated with Claude Code

[coderabbitai]

Warning

Rate limit exceeded

@github-actions[bot] has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 5 minutes and 31 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 3d04d96a-e25b-4047-b5e8-ea1f749e91cf

📥 Commits

Reviewing files that changed from the base of the PR and between 66a318b and 50891db.

📒 Files selected for processing (1)

• .github/workflows/dependabot-automerge.yml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/issue-149-20260501-1332

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 5 minutes and 31 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[don-petry]

Self-review complete — no issues found. The change is a minimal, single-line fix:

• Before: uses: ...dependabot-automerge-reusable.yml@ee22b427cbce9ecadcf2b436acb57c3adf0cb63d # v1
• After: uses: ...dependabot-automerge-reusable.yml@v1

The rest of the file is verbatim from the org standard template. No logic changes, no risk of regression.

@don-petry — you're the code owner for .github/ — please review and merge when ready.

[sonarqubecloud]

Quality Gate failed

Failed conditions
1 Security Hotspot

See analysis details on SonarQube Cloud

[Copilot]

Pull request overview

Updates the Dependabot automerge workflow stub to match the org-standard centralized workflow reference, resolving the compliance finding in #149.

Changes:

• Switches the reusable workflow reference from a SHA pin to the canonical @v1 tag.
• Keeps the workflow as a thin caller stub delegating logic to petry-projects/.github reusable workflow.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

Auto-rebase failed — merge conflict — this branch has conflicts with main that must be resolved manually.

Please resolve the conflicts and push:

git fetch origin
git merge origin/main
# resolve conflicts, then:
git add .
git commit
git push