chore(deps): Bump loader-utils from 1.4.0 to 1.4.2 in /examples/blockly-vue #12
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow runs `lerna bootstrap` after dependabot updates a package-lock file. | |
| # Without it, package-locks become cluttered with incorrect dependencies that | |
| # normally would be removed by lerna. It wouldn't be necessary if we weren't using | |
| # lerna bootstrap. | |
| name: Clean up after dependabot | |
| # Triggered when a PR is (re)opened or synchronized | |
| on: pull_request | |
| permissions: | |
| pull-requests: write # This action adds commits to PRs | |
| jobs: | |
| update: | |
| runs-on: ubuntu-latest | |
| # Only run on dependabot PRs | |
| if: ${{ github.actor == 'dependabot[bot]' }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| # Check out the dependabot PR so commits are added there | |
| - name: Checkout PR | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: gh pr checkout ${{ github.event.pull_request.number }} | |
| # This uses a reverse-engineered email for the github actions bot. See | |
| # https://github.com/actions/checkout/issues/13#issuecomment-724415212 | |
| - name: Git identity | |
| run: | | |
| git config --global user.name 'github-actions[bot]' | |
| git config --global user.email '<41898282+github-actions[bot]@users.noreply.github.com' | |
| - name: Setup node | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: 20 | |
| # Running npm ci also runs lerna bootstrap, | |
| # which does the magic update we need to remove local dependencies. | |
| - name: Fix package locks | |
| run: npm ci | |
| # If any package-locks were updated by lerna bootstrap, commit them | |
| # Using `[dependabot skip]` in the commit message allows dependabot | |
| # to continue making changes to this PR after it is updated | |
| # https://docs.github.com/en/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates#allowing-dependabot-to-rebase-and-force-push-over-extra-commits | |
| - name: Commit changes | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| git status | |
| if [[ $(git status | grep '.package-lock.json') ]]; then | |
| git commit -am "chore: update package-locks [dependabot skip]" | |
| git push | |
| else | |
| echo "No changes detected" | |
| fi |