search

ahmadnassri / action-dependabot-auto-merge

Automatically merge Dependabot PRs when version comparison is within range
MIT License
342 stars 48 forks source link

Target minor fails to automerge pip from 23.3 to 23.3.1 #238

Open woutervh opened 1 year ago

woutervh commented 1 year ago

using following config at https://github.com/libranet/libranet-flask/blob/main/.github/workflows/dependabot-auto-merge.yaml

# see https://github.com/ahmadnassri/action-dependabot-auto-merge
name: Auto Merge Dependabot

on:
  pull_request:

jobs:
  auto-merge:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: ahmadnassri/action-dependabot-auto-merge@v2
        with:
          target: minor
          github-token: ...

relevant job-output:

title: "Bump pip from 23.3 to 23.3.1"
depName: pip
from: unknown
to: 23.3.1
dependency type: production
security critical: false
config: all:semver:minor
Warning: no version range detected in PR title
manual merging required