Skip to content

chore: (dependabot): move back to npm #144

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jul 12, 2025
Merged

chore: (dependabot): move back to npm #144

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b81548c
chore(dependabot): move back to npm
GalvinPython Jul 12, 2025
d0a85ef
chore(dependabot): add paths restrictions to dependabot and eslint
GalvinPython Jul 12, 2025
188f2ff
chore(dependabot): update eslint
GalvinPython Jul 12, 2025
a956066
revert: nevermind, removing this from pull requests means no checks
GalvinPython Jul 12, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions .github/dependabot.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,23 +1,23 @@
# Moving back to npm for package management rather than bun
# because wow dependabot is so broken for it 😭
# TODO: Labels on package updates after project restructure

version: 2
updates:
- package-ecosystem: "bun"
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
assignees:
- "GalvinPython"
target-branch: "dev"

- package-ecosystem: "bun"
- package-ecosystem: "npm"
directory: "/web"
schedule:
interval: "weekly"
assignees:
- "GalvinPython"
target-branch: "dev"
labels: ["dependencies", "javascript", "component: web"]

- package-ecosystem: "cargo"
directory: "/api"
schedule:
interval: "weekly"
interval: "weekly"
target-branch: "dev"
44 changes: 44 additions & 0 deletions .github/workflows/dependabot_bun.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
name: Update bun.lock

on:
pull_request:
branches: [main, dev]

permissions:
contents: write

jobs:
update-bun-lock:
name: "Update bun.lock"
runs-on: ubuntu-latest
if: github.actor == 'dependabot[bot]'
steps:
- name: Set up Bun
uses: oven-sh/setup-bun@v2

- name: Check out repository
uses: actions/checkout@v4

- name: Install dependencies with Bun
run: bun install

- name: Check for changes
id: git_status
run: |
git add bun.lock
if [ -z "$(git status --porcelain)" ]; then
echo "No changes to bun.lock"
echo "changes_detected=false" >> "$GITHUB_OUTPUT"
else
echo "Changes detected to bun.lock"
echo "changes_detected=true" >> "$GITHUB_OUTPUT"
fi

- name: Commit and push changes to bun.lock
if: steps.git_status.outputs.changes_detected == 'true'
run: |
git config --global user.name 'github-actions[bot]'
git config --global user.email 'github-actions[bot]@users.noreply.github.com'
git commit -m "Update bun.lock (via GitHub Actions)"
git pull --rebase origin ${{ github.head_ref }}
git push origin ${{ github.head_ref }}