6066407a89
Instead of using merify which seems to not do what we want, use a combination of mergify and automerge. We let mergify review dependabot PRs. We let mergify dismiss reviews on updates but exclude those from Schutzbot. We then let Schutzbot update and merge the PRs via automerge if the `ci:automerge` label is set.
24 lines
629 B
YAML
24 lines
629 B
YAML
|
|
pull_request_rules:
|
|
- name: Automatic review for Dependabot pull requests
|
|
conditions:
|
|
- author~=^dependabot(|-preview)\[bot\]$
|
|
- title~=^Bump [^\s]+ from ([\d]+)\..+ to \1\.
|
|
- "#changes-requested-reviews-by=0"
|
|
- base=main
|
|
actions:
|
|
review:
|
|
type: APPROVE
|
|
message: Automatically approving dependabot (minor version bump)
|
|
label:
|
|
add:
|
|
- ci:automerge
|
|
|
|
- name: Dismiss reviews for non trusted authors
|
|
conditions:
|
|
- base=main
|
|
- author!=@Schutzbot
|
|
actions:
|
|
dismiss_reviews:
|
|
approved: True
|
|
changes_requested: True
|