Skip to content

fix: make Dependabot auto-merge match modern gh and indirect deps#29

Merged
bitwise-fast-forward-merge[bot] merged 1 commit into
bitwise-media-group:mainfrom
dmccaffery:fix/dependabot-format-diffs
Jun 29, 2026
Merged

fix: make Dependabot auto-merge match modern gh and indirect deps#29
bitwise-fast-forward-merge[bot] merged 1 commit into
bitwise-media-group:mainfrom
dmccaffery:fix/dependabot-format-diffs

Conversation

@dmccaffery

Copy link
Copy Markdown
Collaborator

The reusable Dependabot auto-merge silently no-op'd on every PR:

  • gh now reports the PR author from its GraphQL backing as app/dependabot, not dependabot[bot], so the author filter dropped every Dependabot PR ("No open Dependabot PR; nothing to do"). Accept either spelling; the REST commit-author + signature gate is unchanged.
  • Indirect (transitive) deps ship a dependency-version: trailer but no update-type:, so the semver-token grep found nothing and refused them. Derive the level from the from <old> to <new> versions in the commit message, anchored to the Bumps/Updates lines. Unparsable versions and a major hidden in a grouped update still fall back to a human.

The reusable Dependabot auto-merge silently no-op'd on every PR:

- gh now reports the PR author from its GraphQL backing as `app/dependabot`,
  not `dependabot[bot]`, so the author filter dropped every Dependabot PR
  ("No open Dependabot PR; nothing to do"). Accept either spelling; the REST
  commit-author + signature gate is unchanged.
- Indirect (transitive) deps ship a `dependency-version:` trailer but no
  `update-type:`, so the semver-token grep found nothing and refused them.
  Derive the level from the `from <old> to <new>` versions in the commit
  message, anchored to the Bumps/Updates lines. Unparsable versions and a
  major hidden in a grouped update still fall back to a human.

Signed-off-by: Deavon M. McCaffery <dmccaffery@users.noreply.github.com>
@github-actions

Copy link
Copy Markdown
Contributor

Note

Merging this PR: this repository merges by fast-forward so every
commit keeps its original signature. The GitHub merge button is not used.
Once this PR is approved and all checks pass, a maintainer merges it by
commenting /merge on the PR.

The branch must be up to date with main (rebased and re-signed) to
fast-forward. If /merge reports it is not fast-forwardable, rebase onto
main and comment /merge again.

@dmccaffery

Copy link
Copy Markdown
Collaborator Author

/auto-merge

@bitwise-fast-forward-merge bitwise-fast-forward-merge Bot added the auto-merge Fast-forward this PR once it is approved and all required checks pass label Jun 29, 2026
@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Note

Auto-merge armed. Once this PR is approved and every required check
passes, it will be fast-forwarded into the base branch automatically,
preserving every commit signature.

Remove the auto-merge label to cancel. If the branch is not
fast-forwardable, rebase onto the base branch and re-sign — CI re-runs
and the merge retries.

@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Cannot /merge this PR yet:

  • review decision is REVIEW_REQUIRED, need APPROVED
  • checks not passing: analyze / Analyze (actions) (pending), ci / build (pending)

@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Cannot /merge this PR yet:

  • checks not passing: ack / ack (pending), analyze / Analyze (actions) (pending)

@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Cannot /merge this PR yet:

  • checks not passing: analyze / Analyze (actions) (pending)

@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Fast-forwarded main to 1e7e5d8fd1e7 — original signature preserved, no re-sign.

@bitwise-fast-forward-merge bitwise-fast-forward-merge Bot merged commit 1e7e5d8 into bitwise-media-group:main Jun 29, 2026
11 checks passed
@dmccaffery dmccaffery deleted the fix/dependabot-format-diffs branch June 29, 2026 23:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

auto-merge Fast-forward this PR once it is approved and all required checks pass

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants