mirror of
https://github.com/anchore/grype
synced 2024-11-10 06:34:13 +00:00
chore: enable automatic approval of dependabot PRs (#1664)
To reduce toil in this repo, enable dependabot PRs to be automatically approved, but not merged. They are not automatically merged because if the default GitHub token is used to automatically merge a PR, the resulting commit will not trigger workflows on main. Rather than generate a more potent token, just automatically review them, which reduces toil by eliminating several clicks and page loads for maintainers who are trying to merge dependabot PRs. Signed-off-by: Will Murphy <will.murphy@anchore.com>
This commit is contained in:
William Murphy
GitHub
parent
85be82158b
commit
cd1c2ac66e
1 changed files with 10 additions and 0 deletions
10
.github/workflows/dependabot-automation.yaml
vendored
Normal file
10
.github/workflows/dependabot-automation.yaml
vendored
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
name: Dependabot Automation
|
||||
on:
|
||||
pull_request:
|
||||
|
||||
permissions:
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
run:
|
||||
uses: anchore/workflows/.github/workflows/dependabot-automation.yaml@main
|
||||
Loading…
Reference in a new issue