A bot for GitHub that automatically merges PRs from dependabot when they meet certain criteria:
- All the checks are passing
- The package is on a safe-list
Go to github.com/apps/depend-a-lot-bot to install.
In your repository, create a file
.github/dependabot-bot.yml after installing the dependabot-bot application.
safe property should be a list of packages allowed to be merged automatically.
safe: - package-1 - package-2
This bot is powered by Python Serverless technologies on Azure Functions.
The bot was written by Anthony Shaw and the source code is available at github.com/tonybaloney/dependabot-bot