Update README with a high-level description of the action

2026-03-13 18:17:13 -04:00 · 2021-05-26 16:16:40 +01:00
parent e9ccf2b7a7
commit c09c9eb18b
1 changed files with 57 additions and 2 deletions
--- a/README.md
+++ b/README.md
@@ -1,2 +1,57 @@
-# dependabot-pr-action
-[WIP] GitHub Action to help automate reviewing Pull Requests created by Dependabot
+<p align="center">
+  <img src="https://s3.eu-west-2.amazonaws.com/dependabot-images/logo-with-name-horizontal.svg?v5" alt="Dependabot" width="336">
+</p>
+
+# Dependabot Pull Request Action
+
+**Name:** `dependabot/pull-request-action`
+## Usage instructions
+
+Create a workflow file that contains a step that uses: dependabot/pull-request-action@v1`, e.g.
+
+```yaml
+-- .github/workflows/dependabot-prs.yml
+name: Dependabot Pull Request
+on: pull_request_target
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Fetch Dependabot metadata
+      id: metadata
+      uses: dependabot/pull-request-action
+      with:
+        github-token: "${{ secrets.GITHUB_TOKEN }}"
+```
+
+Subsequent actions will have access to `steps.metadata.outputs.dependabot-updated-dependencies` which will contain a
+JSON object with information about the changes, e.g.
+
+```json
+[
+  {
+    "name": "dependabot-core",
+    "type": "direct:production",
+    "updateType": "version-update:semver-major"
+  }
+]
+```
+
+**Note:** This output will only be populated if the target Pull Request was opened by Dependabot and contains **only** Dependabot-created commits.
+
+### Auto-approving
+
+NYI
+
+### Enabling GitHub automerge
+
+NYI
+
+## Why?
+
+NYI
+
+## Development and release process
+
+NYI