Skip to content
Dependabot Pull Request Approve and Merge

[fix] Security Hardening: Fix SOQL Injection & XSS Vulnerabilities, Update API to v65 #67

Sign in to view logs

[fix] Security Hardening: Fix SOQL Injection & XSS Vulnerabilities, Update API to v65

[fix] Security Hardening: Fix SOQL Injection & XSS Vulnerabilities, Update API to v65 #67

Workflow file for this run

.github/workflows/dependabot-approve-and-auto-merge.yml at 0a0abd1
name: Dependabot Pull Request Approve and Merge
on: pull_request_target
permissions:
pull-requests: write
contents: write
jobs:
# Auto merge Dependabot PRs for:
# - patch updates on prod dependencies
# - minor updates on dev dependencies
dependabot-auto-merge:
# Only run for Dependabot PRs
if: ${{ github.actor == 'dependabot[bot]' }}
runs-on: ubuntu-latest
steps:
- name: "Fetch Dependabot metadata"
id: dependabot
uses: dependabot/fetch-metadata@v1
- name: "Check auto merge conditions"
id: auto-merge
if: |
(
steps.dependabot.outputs.update-type == 'version-update:semver-patch' &&
contains('direct:production,indirect:production', steps.dependabot.outputs.dependency-type)
) || (
contains('version-update:semver-minor,version-update:semver-patch', steps.dependabot.outputs.update-type) &&
contains('direct:development,indirect:development', steps.dependabot.outputs.dependency-type)
)
run: echo "::notice ::auto-merge conditions satisfied"
- name: "Approve and merge PR"
if: ${{ steps.auto-merge.conclusion == 'success' }}
run: |
gh pr review --approve "$PR_URL"
gh pr merge --auto --squash "$PR_URL"
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_URL: ${{ github.event.pull_request.html_url }}