Skip to content
DependaBot PRs

Improve GitHub Actions #6858

Sign in to view logs

Improve GitHub Actions

Improve GitHub Actions #6858

Workflow file for this run

.github/workflows/dependabot_prs.yml at b96ca83
name: DependaBot PRs
on:
pull_request:
permissions:
actions: read
checks: none
contents: write
deployments: none
issues: read
packages: none
pull-requests: write
repository-projects: none
security-events: none
statuses: none
jobs:
handle_npm_update:
name: Handle NPM dependency updates for production packages
runs-on: ubuntu-24.04
if: github.event.pull_request.user.login == 'dependabot[bot]'
steps:
- name: Dependabot metadata
id: dependabot-metadata
uses: dependabot/fetch-metadata@v2
- uses: actions/checkout@v6
if: ${{ steps.dependabot-metadata.outputs.package-ecosystem == 'npm_and_yarn' }}
with:
ref: ${{ github.head_ref }}
submodules: false
lfs: false
persist-credentials: false
- name: Prepare Git
if: ${{ steps.dependabot-metadata.outputs.package-ecosystem == 'npm_and_yarn' }}
run: |
git config --global user.email "innocraft-automation@users.noreply.github.com"
git config --global user.name "innocraft-automation"
git remote add upstream https://github.com/${GITHUB_REPOSITORY}.git
- name: Install npm dependencies
if: ${{ steps.dependabot-metadata.outputs.package-ecosystem == 'npm_and_yarn' }}
run: npm install --omit=dev --ignore-scripts
- name: Commit changes if needed
id: npm-changes
if: ${{ steps.dependabot-metadata.outputs.package-ecosystem == 'npm_and_yarn' }}
run: |
if git diff --quiet -- node_modules
then
echo "has-changes=false" >> "$GITHUB_OUTPUT"
exit 0
fi
echo "has-changes=true" >> "$GITHUB_OUTPUT"
git add ./node_modules
git commit -m "Update npm dependencies"
shell: bash
- name: Push changes if needed
if: ${{ steps.npm-changes.outputs.has-changes == 'true' }}
run: |
git push "https://x-access-token:${CUSTOM_ACCESS_TOKEN}@github.com/${GITHUB_REPOSITORY}" "HEAD:${GITHUB_HEAD_REF}"
shell: bash
env:
CUSTOM_ACCESS_TOKEN: ${{ secrets.CUSTOM_ACCESS_TOKEN }}