Skip to content

Commit

Permalink
Merge pull request #83 from jablko/patch-1
Browse files Browse the repository at this point in the history
Default github-token
  • Loading branch information
brrygrdn authored Feb 28, 2022
2 parents a30bbbb + 26e18ca commit f4b2d0d
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 11 deletions.
2 changes: 0 additions & 2 deletions .github/workflows/dependabot-auto-merge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,6 @@ jobs:
- name: Fetch metadata
id: metadata
uses: ./
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"

- name: Auto-merge
run: gh pr merge --auto --merge "$PR_URL"
Expand Down
10 changes: 2 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,14 +24,14 @@ jobs:
id: dependabot-metadata
uses: dependabot/fetch-metadata@v1.2.1
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
alert-lookup: true
```
Supported inputs are:
- `github-token` (REQUIRED string)
- `github-token` (string)
- The `GITHUB_TOKEN` secret
- Defaults to `${{ github.token }}`
- `alert-lookup` (boolean)
- If `true`, then call populate the `alert-state`, `ghsa-id` and `cvss` outputs.
- Defaults to `false`
Expand Down Expand Up @@ -88,8 +88,6 @@ jobs:
- name: Dependabot metadata
id: dependabot-metadata
uses: dependabot/fetch-metadata@v1.2.1
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Approve a PR
run: gh pr review --approve "$PR_URL"
env:
Expand Down Expand Up @@ -118,8 +116,6 @@ jobs:
- name: Dependabot metadata
id: dependabot-metadata
uses: dependabot/fetch-metadata@v1.2.1
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Enable auto-merge for Dependabot PRs
if: ${{contains(steps.dependabot-metadata.outputs.dependency-names, 'rails') && steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch'}}
run: gh pr merge --auto --merge "$PR_URL"
Expand Down Expand Up @@ -149,8 +145,6 @@ jobs:
- name: Dependabot metadata
id: dependabot-metadata
uses: dependabot/fetch-metadata@v1.2.1
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Add a label for all production dependencies
if: ${{ steps.dependabot-metadata.outputs.dependency-type == 'direct:production' }}
run: gh pr edit "$PR_URL" --add-label "production"
Expand Down
2 changes: 1 addition & 1 deletion action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ inputs:
description: 'If true, then call populate the `alert-state`, `ghsa-id` and `cvss` outputs'
github-token:
description: 'The GITHUB_TOKEN secret'
required: true
default: ${{ github.token }}
outputs:
dependency-names:
description: 'A comma-separated list of all package names updated.'
Expand Down

0 comments on commit f4b2d0d

Please sign in to comment.