Skip to content

deps(dev): bump dotenv from 16.4.5 to 16.4.7 #802

deps(dev): bump dotenv from 16.4.5 to 16.4.7

deps(dev): bump dotenv from 16.4.5 to 16.4.7 #802

name: Dependabot auto-approve minor updates
on: pull_request
permissions:
pull-requests: write
jobs:
dependabot:
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
strategy:
matrix:
dependencyStartsWith:
- '@sentry/'
- mocha
- '@glif/'
- debug
- '@ipld/car'
- '@filecoin-station/spark-impact-evaluator'
- pg
- braces
- typescript
- postgrator
- '@types/'
- standard
- ethers
- p-retry
- '@web3-storage/w3up-client'
- cross-spawn
- p-map
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v2
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Approve a PR
if: ${{startsWith(steps.metadata.outputs.dependency-names, matrix.dependencyStartsWith) && (steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor')}}
run: gh pr review --approve "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}