Skip to content

chore(dependabot): regenerate and commit dist/ #257

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Aug 15, 2025
Merged

chore(dependabot): regenerate and commit dist/ #257

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 38 additions & 0 deletions .github/workflows/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,44 @@ jobs:
uses: dependabot/fetch-metadata@v2
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- uses: actions/checkout@v5
with:
fetch-depth: 2
if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
- name: Check if package-lock.json has been changed
if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
Copy link
Owner

@Swatinem Swatinem Aug 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you want to do this for all kinds of dependabot updates unconditionally

Copy link
Contributor Author

@reneleonhardt reneleonhardt Aug 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wouldn't do that, we already saw patches breaking CI 😞

And as I mentioned, currently there is no connection to any other CI jobs, even if any of them (eventually) fail this workflow will be executed, all run in parallel to each other.

Current conditions:

  • if a new PR has been created
  • if the author is dependabot
  • if update_type is patch

id: npm
env:
PR_URL: ${{github.event.pull_request.html_url}}
GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
run: |
if ! git diff --quiet HEAD~1.. -- package-lock.json; then
echo "changed=true" >> $GITHUB_OUTPUT
echo "changed=true, checking out $PR_URL to allow amend"
gh pr checkout "$PR_URL"
fi
- name: Setup node if necessary
if: steps.npm.outputs.changed != ''
uses: actions/setup-node@v4
with:
node-version: 20.x
cache: npm
- name: Re-generate and commit dist/ if changed
id: amend
if: steps.npm.outputs.changed != ''
run: |
npm ci
npm run prepare
if ! git diff --quiet dist/*/index.js; then
echo "dist/ changed, amending last commit"
export $(git log -1 --pretty=format:'GIT_COMMITTER_NAME=%cn GIT_COMMITTER_EMAIL=%ce GIT_AUTHOR_NAME=%an GIT_AUTHOR_EMAIL=%ae')
git fetch --unshallow
echo "Before amend:" && git show --name-only --pretty=
git commit --amend --no-edit --no-reset-author -- dist/*/index.js
echo "After amend:" && git show --name-only --pretty=
git push --force-with-lease origin HEAD
echo "changed=true" >> $GITHUB_OUTPUT
fi
- name: Auto-merge Patch PRs
if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
run: gh pr merge --auto --merge "$PR_URL"
Expand Down
Loading