Bump checkmarx/ast-github-action from 9fda4ab4c1b67c35de380552a972a82997d97731 to e3f1356c077fcb2ad2062ccc8c9f1631bae59128 #1711
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependabot auto-merge | |
| on: pull_request | |
| permissions: | |
| contents: write | |
| jobs: | |
| dependabot-merge: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.actor == 'dependabot[bot]' }} | |
| steps: | |
| - name: Dependabot metadata | |
| id: metadata | |
| uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34 #v2.2.0 | |
| with: | |
| github-token: "${{ secrets.PERSONAL_ACCESS_TOKEN }}" | |
| - name: Enable auto-merge for Dependabot PRs | |
| env: | |
| PR_URL: ${{github.event.pull_request.html_url}} | |
| GITHUB_TOKEN: ${{secrets.PERSONAL_ACCESS_TOKEN }} | |
| run: gh pr merge --auto --squash "$PR_URL" | |
| - name: Auto approve dependabot PRs | |
| uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 #v4 | |
| with: | |
| github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} |