# This is a combination of 9 commits.

# This is the 1st commit message: Fix sonar badge # This is the commit message #2: Add deployment # This is the commit message #3: Add concurrency check # This is the commit message #4: Fix CI/CD deployment # This is the commit message #5: Add hash to build # This is the commit message #6: Inject version into template # This is the commit message #7: Fix typo in deployment # This is the commit message #8: Bump the allpip group across 1 directory with 5 updates Bumps the allpip group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [sqlmodel](https://github.com/tiangolo/sqlmodel) | `0.0.18` | `0.0.19` | | [pydantic](https://github.com/pydantic/pydantic) | `2.7.3` | `2.7.4` | | [pydantic-settings](https://github.com/pydantic/pydantic-settings) | `2.3.1` | `2.3.3` | | [ruff](https://github.com/astral-sh/ruff) | `0.4.8` | `0.4.9` | | [pyright](https://github.com/RobertCraigie/pyright-python) | `1.1.366` | `1.1.367` | Updates `sqlmodel` from 0.0.18 to 0.0.19 - [Release notes](https://github.com/tiangolo/sqlmodel/releases) - [Changelog](https://github.com/tiangolo/sqlmodel/blob/main/docs/release-notes.md) - [Commits](fastapi/sqlmodel@0.0.18...0.0.19) Updates `pydantic` from 2.7.3 to 2.7.4 - [Release notes](https://github.com/pydantic/pydantic/releases) - [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md) - [Commits](pydantic/pydantic@v2.7.3...v2.7.4) Updates `pydantic-settings` from 2.3.1 to 2.3.3 - [Release notes](https://github.com/pydantic/pydantic-settings/releases) - [Commits](pydantic/pydantic-settings@v2.3.1...v2.3.3) Updates `ruff` from 0.4.8 to 0.4.9 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@v0.4.8...v0.4.9) Updates `pyright` from 1.1.366 to 1.1.367 - [Release notes](https://github.com/RobertCraigie/pyright-python/releases) - [Commits](RobertCraigie/pyright-python@v1.1.366...v1.1.367) --- updated-dependencies: - dependency-name: sqlmodel dependency-type: direct:production update-type: version-update:semver-patch dependency-group: allpip - dependency-name: pydantic dependency-type: direct:production update-type: version-update:semver-patch dependency-group: allpip - dependency-name: pydantic-settings dependency-type: direct:production update-type: version-update:semver-patch dependency-group: allpip - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-patch dependency-group: allpip - dependency-name: pyright dependency-type: direct:development update-type: version-update:semver-patch dependency-group: allpip ... Signed-off-by: dependabot[bot] <[email protected]> # This is the commit message #9: Add automerge for dependabot & pre-commit and change CODEOWNERS
MinBZK · Jul 3, 2024 · d9a2816 · d9a2816
1 parent ac97cc5
commit d9a2816
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 5 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -1 +1,9 @@
 * @MinBZK/ai-validation-team
+
+# excluded files so github actions bot can auto update dependencies
+#  see https://github.com/orgs/community/discussions/23064
+poetry.lock
+pyproject.toml
+.github/workflows/*
+.devcontainer/devcontainer.json
+.pre-commit-config.yaml
diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml
@@ -0,0 +1,52 @@
+name: Dependabot & Pre-Commit auto-merge
+on: pull_request
+
+
+jobs:
+  automerge-dependabot:
+    runs-on: ubuntu-latest
+    if: github.actor == 'dependabot[bot]'
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/fetch-metadata@v2
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"
+
+      - name: Enable Auto-Approve for Dependabot PRs
+        if: steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch'
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
+      - name: Enable Auto-Merge for Dependabot PRs
+        if: steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch'
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
+  automerge-pre-commit:
+    runs-on: ubuntu-latest
+    if: github.actor == 'pre-commit-ci[bot]'
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+      - name: Enable Auto-Approve for Pre-Commit
+        if: github.head_ref == 'pre-commit-ci-update-config'
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
+      - name: Enable Auto-Merge for Pre-Commit
+        if: github.head_ref == 'pre-commit-ci-update-config'
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
diff --git a/pyproject.toml b/pyproject.toml
@@ -23,11 +23,11 @@ packages = [
 [tool.poetry.dependencies]
 python = "^3.10"
 fastapi = "^0.111.0"
-sqlmodel = "^0.0.18"
+sqlmodel = "^0.0.19"
 alembic = "^1.13.1"
-pydantic = "^2.7.2"
+pydantic = "^2.7.4"
 jinja2 = "^3.1.4"
-pydantic-settings = "^2.2.1"
+pydantic-settings = "^2.3.3"
 psycopg2-binary = "^2.9.9"
 uvicorn = {extras = ["standard"], version = "^0.30.1"}
 pyyaml = "^6.0.1"
@@ -41,9 +41,9 @@ playwright = "^1.44.0"
 pytest-playwright = "^0.5.0"
 
 [tool.poetry.group.dev.dependencies]
-ruff = "^0.4.7"
+ruff = "^0.4.9"
 pre-commit = "^3.7.0"
-pyright = "^1.1.365"
+pyright = "^1.1.367"
 liccheck = "^0.9.2"
 
 [tool.poetry.urls]