added required properties of package-ecosystem and schedule.interval

2025-03-24 09:52:25 -07:00 · 2025-03-24 09:52:25 -07:00 · a8dded40d3
commit a8dded40d3
parent 65292e4a38
1 changed files with 25 additions and 20 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -30,27 +30,32 @@ updates:
    schedule:
      interval: "weekly"
-  #Dependabot auto-merge PRs for patch/minor versions that are related to critical vulnerabilities
+  #Dependabot auto-merge PRs for patch/minor versions that are related to critical vulnerabilities (maven)
-  - name: Dependabot auto-merge
+  - package-ecosystem: "maven"
    directory: "/"
    target-branch: "master"
    schedule:
      interval: "daily"
    name: Dependabot auto-merge
    on: pull_request
    permissions:
      pull-requests: write
      contents: write
-    jobs:
+      jobs:
-      dependabot:
+        dependabot:
-        runs-on: ubuntu-latest #needed?
+          runs-on: ubuntu-latest #needed?
-        if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'owner/my_repo' #edit?
+          if: github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'owner/my_repo' #edit?
-        steps:
+          steps:
-          - name: Fetch Dependabot metadata
+            - name: Fetch Dependabot metadata
-            id: dependabot-metadata
+              id: dependabot-metadata
-            uses: dependabot/fetch-metadata@v2
+              uses: dependabot/fetch-metadata@v2
-            with:
+              with:
-              alert-lookup: true
+                alert-lookup: true
-              github-token: "${{ secrets.PAT_TOKEN }}"
+                github-token: "${{ secrets.PAT_TOKEN }}"
-          - name: Enable auto-merge for security critical Dependabot PRs
+            - name: Enable auto-merge for security critical Dependabot PRs
-            #if: ${{contains(steps.dependabot-metadata.outputs.dependency-names, 'rails') && steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch'}}
+              #if: ${{contains(steps.dependabot-metadata.outputs.dependency-names, 'rails') && steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch'}}
-            if: steps.dependabot-metadata.outputs.cvss != '0'
+              if: steps.dependabot-metadata.outputs.cvss != '0'
-            run: gh pr merge --auto --merge "$PR_URL"
+              run: gh pr merge --auto --merge "$PR_URL"
-            env:
+              env:
-              PR_URL: ${{github.event.pull_request.html_url}}
+                PR_URL: ${{github.event.pull_request.html_url}}
-              GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+                GH_TOKEN: ${{secrets.GITHUB_TOKEN}}