This changes the workflow to only use a single step based on "actions/github-script".
It now uses the javascript/octokit client to create the merged branch instead of performing git commands in bash. This simplifies the workflow, avoids the need for inter-step data sharing, and greatly reduces the surface area for malicious actors to attack.
The merges are now performed one at a time instead of a single octopus merge (the octokit/github api doesn't have an easy way to create an octopus merge - it would currently require manually creating the merge commit's tree and SHA, which would be error prone).
If any merges fail, the workflow now recovers gracefully and just merges as many PRs as possible, while noting which ones were left out due to merge conflicts. 🎉
It now uses the new combined status API instead of running through the list of all status changes, in order to check which PRs are green.
This changes the workflow to only use a single step based on "actions/github-script".