action.yml

name: 'Github Action Merge Dependabot'
description: 'Automatically approve and merge dependabot PRs'

inputs:
  github-token:
    description: 'A GitHub token'
    required: false
    default: ${{ github.token }}
  exclude:
    description: 'Packages that you want to manually review before upgrading'
    required: false
  approve-only:
    description: 'If true, the PR is only approved but not merged'
    required: false
    default: false
  merge-method:
    description: 'The merge method you would like to use (squash, merge, rebase)'
    required: false
    default: 'squash'
  merge-comment:
    description: "An arbitrary message that you'd like to comment on the PR after it gets auto-merged"
    required: false
    default: ''
  use-github-auto-merge:
    description: 'If true, the PR is only marked as auto-merge enabled'
    required: false
    default: false
  target:
    description: 'Auto-merge on major, minor, patch updates based on Semantic Versioning'
    required: false
    default: 'any'
  pr-number:
    description: 'A pull request number, only required if triggered from a workflow_dispatch event'
    required: false

runs:
  using: 'composite'
  steps:
    - name: Fetch metadata
      id: dependabot-metadata
      uses: dependabot/fetch-metadata@v1
      if: ${{ github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' }}
    - name: Merge/approve PR
      uses: actions/github-script@v6
      if: ${{ github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' }}
      with:
        github-token: ${{ inputs.github-token }}
        script: |
          const script = require('${{ github.action_path }}/dist/index.js')
          await script({
            github,
            context,
            inputs: ${{ toJSON(inputs) }},
            dependabotMetadata: {
              updateType:  '${{ steps.dependabot-metadata.outputs.update-type }}',
              dependencyType:'${{ steps.dependabot-metadata.outputs.dependency-type }}',
              dependencyNames: '${{ steps.dependabot-metadata.outputs.dependency-names }}',
            }
          })

branding:
  icon: 'git-pull-request'
  color: 'gray-dark'