Skip to content

Bump com.github.spotbugs:spotbugs-annotations from 4.8.5 to 4.8.6 #159

Bump com.github.spotbugs:spotbugs-annotations from 4.8.5 to 4.8.6

Bump com.github.spotbugs:spotbugs-annotations from 4.8.5 to 4.8.6 #159

#
# Copyright © 2024 Piotr P. Karwasz
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
name: merge-dependabot
on:
pull_request_target:
permissions: read-all
jobs:
build:
if: github.repository == 'copernik-eu/log4j-tomcat' && github.actor == 'dependabot[bot]'
uses: copernik-eu/log4j-tomcat/.github/workflows/build-reusable.yaml@main
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
merge:
needs: build
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # 4.1.7
with:
fetch-depth: 32
fetch-tags: false
ref: ${{ github.head_ref }}
- name: Setup GPG
id: setup-gpg
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # 6.1.0
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
git_user_signingkey: true
git_commit_gpgsign: true
- name: Automatically merge
env:
BASE: ${{ github.base_ref }}
run: |
git fetch origin "+refs/heads/$BASE:refs/remotes/origin/$BASE"
git rebase "origin/$BASE"
git push origin "HEAD:$BASE"
# Push the PR branch
git push -f