chore(deps-dev): bump @changesets/changelog-github from 0.5.1 to 0.7.0 #133

Workflow file for this run

.github/workflows/ci_dependencies.yml at 7667ad6

	---
	name: Dependencies

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main

	permissions:
	contents: read
	issues: none
	pull-requests: none

	jobs:
	call_deps_reviewer:
	name: General
	uses: complytime/org-infra/.github/workflows/reusable_deps_reviewer.yml@2c193416adbc621a64021ace52bf57114d703888 # v0.3.1

	call_dependabot_reviewer:
	name: Dependabot
	uses: complytime/org-infra/.github/workflows/reusable_dependabot_reviewer.yml@cfd981e757253218aefb37c91969c32827e5c4b1 # v0.2.1

	comment_on_dependabot_prs:
	name: Dependabot Comment
	if: github.actor == 'dependabot[bot]'
	runs-on: ubuntu-latest
	needs: [call_deps_reviewer, call_dependabot_reviewer]
	permissions:
	issues: read
	pull-requests: write
	steps:
	- name: Comment from Dependabot Reviewer
	uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
	env:
	REVIEW_CONCLUSION: ${{ needs.call_deps_reviewer.outputs.review_conclusion }}
	RISK_LEVEL: ${{ needs.call_dependabot_reviewer.outputs.risk_level }}
	UPDATES_COUNT: ${{ needs.call_dependabot_reviewer.outputs.updates_count }}
	with:
	issue-number: ${{ github.event.pull_request.number }}
	edit-mode: replace
	body: \|
	🤖 Standardized Dependabot Review Summary 🤖

	This PR was processed by the organization's reusable CI pipeline.

	- Dependencies Review: ${{ env.REVIEW_CONCLUSION }}
	- [View detailed logs](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})
	- Calculated Risk: ${{ env.RISK_LEVEL }}
	- Dependency Usage: At least ${{ env.UPDATES_COUNT }} repositories are using this dependency version

	---

	Maintainer check list:
	1. Ensure the PR passed all CI tests (required status checks).
	2. Investigate failures for Major updates or any manual review requirement.
	3. Don't overlook breaking changes and changelog information.
	4. If the scorecard value is low, consider to contribute to make it higher. Everybody wins!
	5. Be diligent. When in doubt, ask another maintainer for additional review.

	approve_dependabot_prs:
	name: Dependabot Auto-approve
	if: github.actor == 'dependabot[bot]'
	runs-on: ubuntu-latest
	needs: [call_deps_reviewer, call_dependabot_reviewer]
	permissions:
	pull-requests: write
	steps:
	- name: Auto-approve if Confident
	if: ${{ env.RISK_LEVEL != 'high' && env.REVIEW_CONCLUSION == 'success' && env.UPDATES_COUNT > 10 }}
	env:
	REVIEW_CONCLUSION: ${{ needs.call_deps_reviewer.outputs.review_conclusion }}
	RISK_LEVEL: ${{ needs.call_dependabot_reviewer.outputs.risk_level }}
	UPDATES_COUNT: ${{ needs.call_dependabot_reviewer.outputs.updates_count }}
	uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
	with:
	script: \|
	github.rest.pulls.createReview({
	owner: context.repo.owner,
	repo: context.repo.repo,
	pull_number: context.issue.number,
	event: 'APPROVE',
	body: 'Automatically approved by GitHub Action for Dependabot PRs.'
	});
	console.log('Dependabot PR approved successfully.');

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps-dev): bump @changesets/changelog-github from 0.5.1 to 0.7.0 #133

Workflow file

chore(deps-dev): bump @changesets/changelog-github from 0.5.1 to 0.7.0 #133

Uh oh!

Workflow file for this run