Dependabot config (#105)

* Group Symfony and twig

* Enable automerge for dev dependencies
This commit is contained in:
2026-05-21 20:35:48 +02:00
committed by GitHub
parent 55bbe962c1
commit aa39db3f5e
2 changed files with 41 additions and 1 deletions
+16 -1
View File
@@ -7,9 +7,24 @@ version: 2
updates:
- package-ecosystem: "composer" # See documentation for possible values
directory: "/" # Location of package manifests
allow:
# Allow both direct and indirect updates for all packages
- dependency-type: "all"
schedule:
interval: "daily"
ignore:
- dependency-name: "symfony/*"
update-types: [ "version-update:semver-major", "version-update:semver-minor" ]
groups:
dev-dependencies:
dependency-type: "development"
symfony:
patterns:
- "symfony/*"
twig:
patterns:
- "twig/*"
- package-ecosystem: "docker"
directtory: "/"
directory: "/"
schedule:
interval: "daily"
@@ -0,0 +1,25 @@
name: Dependabot auto-merge
on: pull_request
permissions:
contents: write
pull-requests: write
jobs:
dependabot:
runs-on: ubuntu-latest
if: github.event.pull_request.user.login == 'dependabot[bot]'
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v2
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"
- name: Enable auto-merge for Dependabot PRs
if: contains(steps.metadata.outputs.dependency-type, 'development')
run: |
gh pr review --approve "$PR_URL"
gh pr merge --auto --squash "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}