build(deps): bump rexml from 3.2.9 to 3.3.9 #2990
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Auto merge | |
# both actions get started on PR create/update | |
# approve gets done right away | |
# merge sleeps and retries until CI finishes successfully up to 25 minutes | |
# not ideal, much better would be to trigger merge later, exactly whenever CI finishes. But couldn't make make it work. | |
# Trigger the workflow on pull request | |
on: | |
pull_request_target: | |
types: | |
- synchronize | |
- opened | |
jobs: | |
autoapprove: | |
name: Approve | |
runs-on: ubuntu-latest | |
steps: | |
- name: Auto approve | |
uses: hmarr/auto-approve-action@v4 # Custom action for auto approval already available on marketplace | |
# Perform the auto approve action only when the PR is raised by dependabot | |
if: github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]' | |
with: | |
# Create a personal access token and store it under the Secrets section of the particular repository | |
# with the key "GITHUB_ACTIONS_TOKEN" | |
github-token: ${{ secrets.FLOWCRYPT_ROBOT_ACCESS_TOKEN }} | |
automerge: | |
name: Enable automerge on dependabot PRs | |
runs-on: ubuntu-latest | |
steps: | |
- name: Enable automerge on dependabot PRs | |
uses: daneden/enable-automerge-action@v1 | |
with: | |
# A personal access token that you have generated and saved in the | |
# repo or org’s encrypted secrets | |
github-token: ${{ secrets.FLOWCRYPT_ROBOT_ACCESS_TOKEN }} | |
# The name of the PR author to enable automerge for | |
# Defaults to dependabot[bot] | |
allowed-author: "dependabot[bot]" | |
# Allowed values: MERGE | SQUASH | REBASE | |
# Defaults to MERGE | |
merge-method: SQUASH |