diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml
new file mode 100644
index 0000000..616e448
--- /dev/null
+++ b/.github/workflows/dependabot.yml
@@ -0,0 +1,21 @@
+name: Handle Dependabot PRs
+
+on:
+ pull_request:
+ types: [opened, reopened, synchronize]
+
+jobs:
+ ApproveAndMerge:
+ name: Auto approve Dependabot PRs
+ runs-on: ubuntu-latest
+ # Only run for PRs created by Dependabot - extended verification is done in the reusable workflow
+ if: github.actor == 'dependabot[bot]'
+ # These permissions are needed to approve pull requests
+ permissions:
+ contents: read
+ pull-requests: write
+ steps:
+ - name: Auto approve Dependabot PR
+ uses: secure-software-engineering/actions/dependabot@develop
+ with:
+ token: ${{ secrets.AUTO_MERGE_PAT }}
\ No newline at end of file
diff --git a/.github/workflows/zombie-mode.yml b/.github/workflows/zombie-mode.yml
index 47f4783..d1f073d 100644
--- a/.github/workflows/zombie-mode.yml
+++ b/.github/workflows/zombie-mode.yml
@@ -1,23 +1,9 @@
name: Zombie Mode
on:
- pull_request:
- types: [opened]
- branches: [develop]
schedule:
- - cron: '0 6 * * MON'
- workflow_dispatch:
+ - cron: '0 6 * * 1-5'
jobs:
- auto-approve-dependabot:
- if: github.actor == 'dependabot[bot]'
- runs-on: ubuntu-latest
- permissions:
- pull-requests: write
- steps:
- - uses: secure-software-engineering/actions/dependabot@develop
- with:
- token: ${{ secrets.GITHUB_TOKEN }}
-
zombie-release:
runs-on: ubuntu-latest
permissions:
@@ -26,10 +12,11 @@ jobs:
steps:
- uses: secure-software-engineering/actions/zombie-mode/prepare-pr@develop
with:
- github-token: ${{ secrets.GITHUB_TOKEN }}
- base-branch: 'develop'
- auto-merge-days: '3'
- version-file: 'pom.xml'
+ github-token: ${{secrets.AUTO_MERGE_PAT}}
+ base-branch: develop
+ merge-timeout-days: 3
+ version-file: pom.xml
+
auto-merge-aged:
runs-on: ubuntu-latest
@@ -39,8 +26,8 @@ jobs:
steps:
- uses: secure-software-engineering/actions/zombie-mode/merge-pr@develop
with:
- github-token: ${{ secrets.GITHUB_TOKEN }}
- age-days: '3'
- merge-method: 'squash'
- delete-branch: 'true'
- zombie-label: 'zombie-mode'
\ No newline at end of file
+ github-token: ${{secrets.AUTO_MERGE_PAT}}
+ merge-timeout-days: 3
+ merge-method: squash
+ delete-branch: true
+ label: zombie-mode
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index e9e9c25..457d0c7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -135,7 +135,7 @@
junit
junit
- 4.13.2
+ 4.13.1
test