Closed jpmckinney closed 5 months ago
If we get major upgrades again to dev dependencies, we can try using steps.dependabot-metadata.outputs.dependency-type
matching direct:development
(I think this is equivalent to Dependabot emails wth "deps-dev" in the subject).
Had to edit the precommit job: https://github.com/open-contracting/lib-cove-oc4ids/commit/a627685f709ae7c1daa109273d67a569af38ce5a
How to: https://blog.phaizel.com/auto-merge-dependabot-pr-with-github-actions
Add workflows to:
profile templateNot used, as merging causes a deploymentOriginal with more security concerns: https://blog.somewhatabstract.com/2021/10/11/setting-up-dependabot-with-github-actions-to-approve-and-merge/