This repository was archived by the owner on Feb 3, 2026. It is now read-only.
Bump brace-expansion from 2.0.1 to 2.0.2 #7
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependabot Auto Fix and Merge | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| dependabot-auto-fix: | |
| runs-on: ubuntu-latest | |
| if: github.actor == 'dependabot[bot]' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.head_ref }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - uses: actions/setup-node@v4 | |
| - run: yarn install --no-immutable | |
| env: | |
| WORKSPACE_LOCKFILE_FORCE_WRITE: true | |
| - name: Commit and push changes if any | |
| run: | | |
| git config user.name "github-actions[bot]" | |
| git config user.email "github-actions[bot]@users.noreply.github.com" | |
| if ! git diff --quiet; then | |
| git add -A | |
| git commit -m "update lockfiles after yarn install [auto-fix]" | |
| git push | |
| fi | |
| - name: Enable auto-merge for Dependabot PRs | |
| run: gh pr merge --auto --squash "$PR_URL" | |
| env: | |
| PR_URL: ${{ github.event.pull_request.html_url }} | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} |