dependabot/fetch-metadata
2
0
Fork 0
mirror of https://github.com/dependabot/fetch-metadata.git synced 2026-03-13 18:17:13 -04:00
Code Issues Packages Projects Releases Wiki Activity
493 Commits 8 Branches 28 Tags
d7bff0acb91a78b12e0c1ffc05ff3c07fbfbea03
Commit Graph

35 Commits

Author SHA1 Message Date
Jeff Widman
3077e54b98 Group :dependabot: PR's for eslint-related deps (#374) 
There are multiple deps that are `eslint`-related, and since they're all related to a linter, it's very safe to merge them as a single group.

So try kicking the tires on the new "grouping" feature that the :dependabot: team is working on.
 2023-05-22 10:15:05 -07:00
Jeff Widman
a2a3a43b4a Add workflow for floating the v1 tag to the latest release (#361) 
This adds a workflow for floating the `v1` tag to the latest release.

This way we reduce the chance of someone fat-fingering the necessary
`git` commands.
 2023-05-19 08:37:20 -07:00
Jeff Widman
6c5b8c2d48 Add workflow for creating release PR's (#360) 
Add a workflow for creating release PR's. This way we don't have to do
it locally, and we guarantee the `npm` version used to generate the
version bump is consistent and stays in-sync with the repo instead of
whatever the dev happened to have on their local computer.
 2023-05-18 11:56:46 -07:00
Jeff Widman
c40140bc51 Stop using deprecated set-output (#370) 
The initial impetus for this change was:
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

However, it turns out the entire step is unnecesary since
`actions/setup-node` supports directly reading the `.nvmrc` file.
 2023-05-18 11:05:35 -07:00
Jeff Widman
4ada81eca0 Remove unused step (#358) 
The output of looking for metadata is never used in this workflow, so
delete the step.
 2023-05-17 10:49:26 -07:00
Jeff Widman
14d75f3862 No need to request escalated permissions for GITHUB_TOKEN (#357) 
Several of these job steps that use `GITHUB_TOKEN` are read-only
operations, so they don't need elevated permissions for the
`GITHUB_TOKEN`.

And the jobs that _do_ need elevated permissions we're already using a
PAT, so it's not even using the `GITHUB_TOKEN`.

So no need for any custom permissions on the `GITHUB_TOKEN` at all.
 2023-05-17 10:46:35 -07:00
Jeff Widman
597dd46738 Inline the PR URL (#359) 
I'm not sure why this went to the trouble of using an env token, I am
fairly sure this can be inlined.
 2023-05-17 10:32:42 -07:00
Jeff Widman
b3bc7993c0 Use the full email for the GitHub Actions bot (#354) 
This is an aesthetic tweak to let the proper avatar show up:
* https://github.com/orgs/community/discussions/26560
* https://github.com/actions/checkout/pull/1184
 2023-05-01 20:17:34 -07:00
Barry Gordon
2c14e91d87 Fix typo in build workflow 2022-04-20 11:10:47 +01:00
Barry Gordon
5566d3bb08 Avoid using actor 2022-04-20 10:04:52 +01:00
Barry Gordon
9a3ea4fc12 Correctly checkout the repository to use the local action 2022-04-20 09:59:02 +01:00
Barry Gordon
221b2c09c5 Prefer npm to NPM 
Co-authored-by: Jurre <jurre@github.com>
 2022-04-19 20:01:37 +01:00
Barry Gordon
a20aed188f Fix script path 2022-04-19 20:00:27 +01:00
Barry Gordon
a5e702392a Use a single automation PAT 2022-04-19 20:00:27 +01:00
Barry Gordon
f9682a0a6a Add a workflow to compile dist/ for Dependabot PRs 2022-04-19 20:00:27 +01:00
Barry Gordon
6790cb69ed Use a separate workflow to check the diff compilation 2022-04-19 20:00:26 +01:00
Barry Gordon
083b8484d8 Dependabot checks monthly, and checks GitHub Actions 2022-04-19 20:00:23 +01:00
Jack Bates
0caf82fe41 Default github-token 2022-02-23 09:57:53 -07:00
Barry Gordon
62295ac080 Execute automerges using a PAT 2022-02-21 21:07:12 +00:00
Barry Gordon
4f3ec532ac Allow CI to be built on demand 2022-02-21 17:53:57 +00:00
Michael Waddell
960d125896 Check PR Author instead of Action Actor 
closes issue #112
 2022-02-07 11:24:33 -06:00
Barry Gordon
01f7c47c95 Prefer node 16.x 2021-08-03 13:37:24 +01:00
Barry Gordon
4632eebdeb Automerge needs to checkout repo 2021-06-21 11:26:00 +01:00
Barry Gordon
0a6d9fa005 Merge pull request #29 from dependabot/brrygrdn/enable-auto-merge 
Enable auto-merge ourselves
 2021-06-07 12:26:05 +01:00
Barry Gordon
61c290e9b0 Fix wording for the new issue picker 2021-06-07 12:07:31 +01:00
Barry Gordon
65603acbe7 fix issue templates 2021-06-07 12:05:08 +01:00
Barry Gordon
5c38fd9a13 Rename issue templates 2021-06-07 12:01:43 +01:00
Barry Gordon
53da41479b Add some issue templates to route support 2021-06-07 11:59:42 +01:00
Barry Gordon
4bf7f88e3b Enable auto-merge ourselves 2021-06-07 11:09:22 +01:00
Barry Gordon
0871e821e3 Remove old integration test 2021-06-04 11:07:34 +01:00
Barry Gordon
0508b40071 Only run the integration test on Dependabot PRs for now 2021-06-01 14:52:37 +01:00
Barry Gordon
29bd4ae06e Create dependabot.yml 2021-05-26 18:00:50 +01:00
Barry Gordon
b4eba09477 Add an integration workflow file 2021-05-26 17:56:03 +01:00
Barry Gordon
77e6e637ae Add main.js as the action entry point 2021-05-26 17:45:19 +01:00
Barry Gordon
0d51a971f0 Add a class to verify dependabot prs/commits 
- Add ci config
 2021-05-26 17:17:18 +01:00