Skip to content
Fix Dependabot PRs

fix(deps): bump the all-dependencies group across 1 directory with 9 updates #62

Sign in to view logs

fix(deps): bump the all-dependencies group across 1 directory with 9 updates

fix(deps): bump the all-dependencies group across 1 directory with 9 updates #62

Workflow file for this run

.github/workflows/dependabot-lockfile.yml at 6d59c16
name: Fix Dependabot PRs
on:
pull_request_target:
branches: [main]
permissions:
actions: read
contents: write
pull-requests: write
jobs:
fix-dependabot:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Check if Dependabot PR
id: guard
env:
GH_TOKEN: ${{ github.token }}
PR_AUTHOR: ${{ github.event.pull_request.user.login }}
HEAD_REF: ${{ github.event.pull_request.head.ref }}
run: |
if [[ "$PR_AUTHOR" != "dependabot[bot]" ]]; then
echo "Not a Dependabot PR (author: $PR_AUTHOR), nothing to do."
echo "skip=true" >> "$GITHUB_OUTPUT"
exit 0
fi
# Prevent infinite loops: count how many times this workflow has already
# run successfully on this branch (max 2 attempts: initial + one retry)
RUN_COUNT=$(gh api "repos/${{ github.repository }}/actions/workflows/dependabot-lockfile.yml/runs?branch=$HEAD_REF&status=success" --jq '.total_count')
if [[ "$RUN_COUNT" -ge 2 ]]; then
echo "Already ran $RUN_COUNT times on this branch, skipping to prevent loop."
echo "skip=true" >> "$GITHUB_OUTPUT"
exit 0
fi
echo "skip=false" >> "$GITHUB_OUTPUT"
- name: Generate App Token
if: steps.guard.outputs.skip != 'true'
id: generate-token
uses: actions/create-github-app-token@v3
with:
app-id: ${{ secrets.CI_APP_ID }}
private-key: ${{ secrets.CI_APP_PRIVATE_KEY }}
- name: Checkout Dependabot branch
if: steps.guard.outputs.skip != 'true'
uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.ref }}
token: ${{ steps.generate-token.outputs.token }}
- name: Set up pnpm
if: steps.guard.outputs.skip != 'true'
uses: pnpm/action-setup@v5
with:
version: 10
- name: Set up Node.js
if: steps.guard.outputs.skip != 'true'
uses: actions/setup-node@v6
with:
node-version: "22.x"
- name: Configure git identity
if: steps.guard.outputs.skip != 'true'
run: |
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
- name: Regenerate lockfile
if: steps.guard.outputs.skip != 'true'
run: pnpm install --no-frozen-lockfile --ignore-scripts
- name: Commit lockfile changes
if: steps.guard.outputs.skip != 'true'
id: lockfile
run: |
if git diff --quiet pnpm-lock.yaml; then
echo "changed=false" >> "$GITHUB_OUTPUT"
else
git add pnpm-lock.yaml
git commit -m "fix(deps): regenerate pnpm-lock.yaml"
git push
echo "changed=true" >> "$GITHUB_OUTPUT"
fi
- name: Try building
if: steps.guard.outputs.skip != 'true'
id: build
continue-on-error: true
run: |
set -o pipefail
pnpm install --frozen-lockfile
pnpm run build 2>&1 | tee /tmp/build-output.txt
- name: Try linting
if: steps.guard.outputs.skip != 'true' && steps.build.outcome == 'success'
id: lint
continue-on-error: true
run: |
set -o pipefail
pnpm exec eslint . 2>&1 | tee /tmp/lint-output.txt
- name: Try testing
if: steps.guard.outputs.skip != 'true' && steps.build.outcome == 'success'
id: test
continue-on-error: true
run: |
set -o pipefail
failed=0
pnpm test:unit 2>&1 | tee /tmp/test-output.txt || failed=1
pnpm --filter @ably/react-web-cli test 2>&1 | tee -a /tmp/test-output.txt || failed=1
exit $failed
- name: Check if fixes needed
if: steps.guard.outputs.skip != 'true'
id: needs-fix
run: |
if [[ "${{ steps.build.outcome }}" == "failure" || "${{ steps.lint.outcome }}" == "failure" || "${{ steps.test.outcome }}" == "failure" ]]; then
echo "needed=true" >> "$GITHUB_OUTPUT"
else
echo "needed=false" >> "$GITHUB_OUTPUT"
fi
- name: Capture error output
if: steps.needs-fix.outputs.needed == 'true'
id: errors
run: |
{
echo "build_output<<ENDOFOUTPUT"
if [ -f /tmp/build-output.txt ]; then
tail -n 200 /tmp/build-output.txt
else
echo "No build output captured"
fi
echo "ENDOFOUTPUT"
echo "lint_output<<ENDOFOUTPUT"
if [ -f /tmp/lint-output.txt ]; then
tail -n 200 /tmp/lint-output.txt
else
echo "Lint was not run"
fi
echo "ENDOFOUTPUT"
echo "test_output<<ENDOFOUTPUT"
if [ -f /tmp/test-output.txt ]; then
tail -n 200 /tmp/test-output.txt
else
echo "Tests were not run"
fi
echo "ENDOFOUTPUT"
} >> "$GITHUB_OUTPUT"
- name: Fix issues with Claude
if: steps.needs-fix.outputs.needed == 'true'
uses: anthropics/claude-code-action@v1
with:
anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
github_token: ${{ steps.generate-token.outputs.token }}
direct_prompt: |
This is a Dependabot PR that bumps dependencies. The lockfile has been
regenerated but the build, lint, or tests are failing.
Read .claude/CLAUDE.md for project context.
## Errors
Build output (if failed):
${{ steps.errors.outputs.build_output }}
Lint output (if failed):
${{ steps.errors.outputs.lint_output }}
Test output (if failed):
${{ steps.errors.outputs.test_output }}
## Instructions
1. Diagnose why the build/lint/tests fail after the dependency bump
2. Make the MINIMUM changes needed to fix it — do not refactor unrelated code
3. Run `pnpm run build`, `pnpm exec eslint .`, `pnpm test:unit`, and `pnpm --filter @ably/react-web-cli test` to verify your fixes
4. Commit your changes with a descriptive message
5. Push to the current branch
If the fix requires significant code changes beyond simple type/import
adjustments, leave a PR comment explaining what's needed instead of
attempting a risky fix.
claude_args: |
--max-turns 30
--model claude-sonnet-4-6
--allowedTools "Bash,Read,Write,Edit,Glob,Grep"