fix(raids): stop clipping toggle-group right border (#233) #94
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependabot auto-merge | ||
| on: | ||
| pull_request_target: | ||
| types: [opened, synchronize, reopened, ready_for_review] | ||
| # Claim push events so GitHub doesn't create phantom 0-job failed runs. | ||
| # The job early-exits for non-pull_request_target events. | ||
| push: | ||
| permissions: | ||
| contents: write | ||
| pull-requests: write | ||
| jobs: | ||
| auto-merge: | ||
| # Skip the job entirely on push events so GitHub records the run as "skipped" | ||
| # (neutral, green in status UI) instead of "failure" with 0 jobs. The prior | ||
| # approach of claiming push with in-step gates still produced failed runs | ||
| # because the job itself never spawned for non-dependabot pushes. | ||
| if: github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]' | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Fetch Dependabot metadata | ||
| id: meta | ||
| if: github.actor == 'dependabot[bot]' | ||
| uses: dependabot/fetch-metadata@v2 | ||
| - name: Enable auto-merge for low-risk bumps | ||
| # Auto-merge criteria: | ||
| # - any patch-level bump | ||
| # - any grouped bundle (groups are curated; CI gates) | ||
| # - GitHub Actions minor bumps | ||
| # Majors and runtime-dep minors wait for human review. | ||
| if: | | ||
| github.actor == 'dependabot[bot]' && ( | ||
| steps.meta.outputs.update-type == 'version-update:semver-patch' || | ||
| steps.meta.outputs.dependency-group != '' || | ||
| (steps.meta.outputs.package-ecosystem == 'github_actions' && | ||
| steps.meta.outputs.update-type == 'version-update:semver-minor') | ||
| ) | ||
| run: gh pr merge --auto --squash "$PR_URL" | ||
| env: | ||
| PR_URL: ${{ github.event.pull_request.html_url }} | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Approve on behalf of repo | ||
| if: | | ||
| github.actor == 'dependabot[bot]' && ( | ||
| steps.meta.outputs.update-type == 'version-update:semver-patch' || | ||
| steps.meta.outputs.dependency-group != '' | ||
| ) | ||
| run: gh pr review --approve "$PR_URL" --body "Auto-approved: low-risk bump, gated on CI." | ||
| env: | ||
| PR_URL: ${{ github.event.pull_request.html_url }} | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
