-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Actions: Updated dependabot open issues
- Loading branch information
1 parent
41a87a2
commit 2e456a5
Showing
2 changed files
with
39 additions
and
34 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| # This workflow opens issues for pull requests opened by dependabot. | ||
| # See for more info: https://github.com/actions-cool/issues-helper | ||
|
|
||
| name: Open Dependabot Issues # from pull requests | ||
|
|
||
| on: | ||
| pull_request: | ||
| types: [opened] | ||
| branches: [develop] | ||
|
|
||
| jobs: | ||
| create-issue: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| issues: write | ||
| if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }} | ||
| steps: | ||
| - name: Create issue | ||
| uses: actions-cool/issues-helper@v3 | ||
| with: | ||
| actions: "create-issue" | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
| title: ${{ github.event.pull_request.title }} | ||
| body: | | ||
| ### Dependabot opened a pull request to update a dependency. Please review it: ${{ github.event.pull_request.html_url }} | ||
| - [ ] Comment on this issue tagging Chayn staff (@kyleecodes) to be assigned this issue. | ||
| - [ ] If you are a Chayn volunteer, we will assign you as a reviewer to the PR after you've accepted an invite to join this repo as a collaborator. | ||
| - [ ] Review the pull request. Check dependency files (such as package.json) to verify that the dependency has not already been updated. | ||
| - [ ] See GitHub Docs below for guidance. Check the files changed, dependency review, and workflow test runs. | ||
| - [ ] Upgrade the dependency. Please research it instead of simply updating the version numbers, as some upgrades may require code changes. | ||
| - [ ] Verify tests and happy paths are functional by cloning the dependabot branch and running locally. | ||
| - [ ] Next, complete the pull request review if you a volunteer, or notify us in issue discussions that you are done reviewing the PR. | ||
| - If the dependency upgrade does not pass tests or breaks the app, notify us in issue discussions, or in the pull request review if you're a volunteer. You may work on the required code changes or finish the review as is. | ||
| - If the dependency upgrade passes tests without breaking the app, notify us in the issue discussions, or approve the pull request if you are a volunteer. Then we'll get the PR merged! | ||
| ### Resources | ||
| - GitHub Docs - Reviewing Pull Requests with Dependency Updates: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-dependency-changes-in-a-pull-request | ||
| - GitHub Docs - Reviewing Pull Requests: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request | ||
| labels: "dependencies" |