From 525fbe9201a37c573823fd43c81f1268d0c5b5d1 Mon Sep 17 00:00:00 2001 From: Barry Gordon Date: Wed, 20 Apr 2022 11:36:39 +0100 Subject: [PATCH 1/2] v1.3.1 --- README.md | 10 +++++----- package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 37289112..1404ba03 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ Extract information about the dependencies being updated by a Dependabot-generat ## Usage instructions -Create a workflow file that contains a step that uses: `dependabot/fetch-metadata@v1.3.0`, e.g. +Create a workflow file that contains a step that uses: `dependabot/fetch-metadata@vv1.3.1`, e.g. ```yaml -- .github/workflows/dependabot-prs.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Fetch Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.3.0 + uses: dependabot/fetch-metadata@vv1.3.1 with: alert-lookup: true compat-lookup: true @@ -95,7 +95,7 @@ jobs: steps: - name: Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.3.0 + uses: dependabot/fetch-metadata@vv1.3.1 - uses: actions/checkout@v3 - name: Approve a PR if not already approved run: | @@ -129,7 +129,7 @@ jobs: steps: - name: Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.3.0 + uses: dependabot/fetch-metadata@vv1.3.1 - name: Enable auto-merge for Dependabot PRs if: ${{contains(steps.dependabot-metadata.outputs.dependency-names, 'rails') && steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch'}} run: gh pr merge --auto --merge "$PR_URL" @@ -158,7 +158,7 @@ jobs: steps: - name: Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@v1.3.0 + uses: dependabot/fetch-metadata@vv1.3.1 - name: Add a label for all production dependencies if: ${{ steps.dependabot-metadata.outputs.dependency-type == 'direct:production' }} run: gh pr edit "$PR_URL" --add-label "production" diff --git a/package-lock.json b/package-lock.json index 649b0dd3..c5e06d28 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "dependabot-pull-request-action", - "version": "1.3.0", + "version": "1.3.1", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "dependabot-pull-request-action", - "version": "1.3.0", + "version": "1.3.1", "license": "MIT", "dependencies": { "@actions/core": "^1.6.0", diff --git a/package.json b/package.json index cb87e1da..60e668bd 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "dependabot-pull-request-action", - "version": "1.3.0", + "version": "1.3.1", "description": "Parse Dependabot commit metadata to automate PR handling", "main": "dist/index.js", "scripts": { From 80173ff966677a9fa09a782f48aee580b106fdbb Mon Sep 17 00:00:00 2001 From: Barry Gordon Date: Wed, 20 Apr 2022 11:59:32 +0100 Subject: [PATCH 2/2] Small correction to bump-version script --- README.md | 10 +++++----- bin/bump-version | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 1404ba03..ea39cca7 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ Extract information about the dependencies being updated by a Dependabot-generat ## Usage instructions -Create a workflow file that contains a step that uses: `dependabot/fetch-metadata@vv1.3.1`, e.g. +Create a workflow file that contains a step that uses: `dependabot/fetch-metadata@v1.3.1`, e.g. ```yaml -- .github/workflows/dependabot-prs.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Fetch Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@vv1.3.1 + uses: dependabot/fetch-metadata@v1.3.1 with: alert-lookup: true compat-lookup: true @@ -95,7 +95,7 @@ jobs: steps: - name: Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@vv1.3.1 + uses: dependabot/fetch-metadata@v1.3.1 - uses: actions/checkout@v3 - name: Approve a PR if not already approved run: | @@ -129,7 +129,7 @@ jobs: steps: - name: Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@vv1.3.1 + uses: dependabot/fetch-metadata@v1.3.1 - name: Enable auto-merge for Dependabot PRs if: ${{contains(steps.dependabot-metadata.outputs.dependency-names, 'rails') && steps.dependabot-metadata.outputs.update-type == 'version-update:semver-patch'}} run: gh pr merge --auto --merge "$PR_URL" @@ -158,7 +158,7 @@ jobs: steps: - name: Dependabot metadata id: dependabot-metadata - uses: dependabot/fetch-metadata@vv1.3.1 + uses: dependabot/fetch-metadata@v1.3.1 - name: Add a label for all production dependencies if: ${{ steps.dependabot-metadata.outputs.dependency-type == 'direct:production' }} run: gh pr edit "$PR_URL" --add-label "production" diff --git a/bin/bump-version b/bin/bump-version index 1873df19..557a6b59 100755 --- a/bin/bump-version +++ b/bin/bump-version @@ -22,7 +22,7 @@ fi new_version=$(npm version "${patch_level}" --no-git-tag-version) git checkout -b "${new_version}"-release-notes -sed -i.bak "s|dependabot/fetch-metadata@v[0-9.]*|dependabot/fetch-metadata@v${new_version}|g" "README.md" +sed -i.bak "s|dependabot/fetch-metadata@v[0-9.]*|dependabot/fetch-metadata@${new_version}|g" "README.md" rm README.md.bak git add package.json package-lock.json README.md git commit -m "${new_version}"