Skip to content

build(deps-dev): bump @arethetypeswrong/cli from 0.12.2 to 0.13.0 #47

build(deps-dev): bump @arethetypeswrong/cli from 0.12.2 to 0.13.0

build(deps-dev): bump @arethetypeswrong/cli from 0.12.2 to 0.13.0 #47

# Dependabot Dedupe
#
# Deduplicate dependencies for @dependabot.
#
# Note: This workflow can be removed once dependabot supports some type of automatic deduplication.
# See https://github.com/dependabot/dependabot-core/issues/5830 for details.
#
# References:
#
# - https://docs.github.com/actions/learn-github-actions/contexts
# - https://docs.github.com/actions/learn-github-actions/expressions
# - https://docs.github.com/actions/using-workflows/events-that-trigger-workflows#pull_request
# - https://docs.github.com/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions
# - https://docs.github.com/webhooks-and-events/webhooks/webhook-events-and-payloads#pull_request
# - https://github.com/actions/checkout
# - https://github.com/actions/create-github-app-token
# - https://github.com/actions/setup-node
# - https://github.com/actions/setup-node/blob/main/docs/advanced-usage.md#yarn2-configuration
# - https://github.com/hmarr/debug-action
# - https://github.com/tohgarashi/verified-commit
---
name: dependabot-dedupe
on:
pull_request:
branches:
- main
paths:
- package.json
concurrency:
cancel-in-progress: true
group: ${{ github.workflow }}-${{ github.ref }}
jobs:
dependabot-dedupe:
if: github.actor == 'dependabot[bot]' && startsWith(github.head_ref, 'dependabot/npm_and_yarn/')
permissions:
packages: read
runs-on: ubuntu-latest
steps:
- id: debug
name: Print environment variables and event payload
uses: hmarr/[email protected]
- id: bot-token
name: Get bot token
uses: actions/[email protected]
with:
app-id: ${{ secrets.BOT_APP_ID }}
private-key: ${{ secrets.BOT_PRIVATE_KEY }}
- id: checkout
name: Checkout ${{ github.head_ref }}
uses: actions/[email protected]
with:
persist-credentials: false
ref: ${{ github.head_ref }}
token: ${{ steps.bot-token.outputs.token }}
- id: node
name: Setup Node.js
uses: actions/[email protected]
with:
cache: yarn
cache-dependency-path: yarn.lock
node-version-file: .nvmrc
- id: dedupe
name: Deduplicate dependencies
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
YARN_ENABLE_GLOBAL_CACHE: true
YARN_ENABLE_IMMUTABLE_INSTALLS: false
YARN_ENABLE_SCRIPTS: false
run: yarn dedupe --mode=update-lockfile
- id: commit
name: Commit and push yarn.lock
uses: tohgarashi/[email protected]
env:
GH_TOKEN: ${{ steps.bot-token.outputs.token }}
with:
commit-message: 'build(yarn): [dependabot skip] deduplicate dependencies for @dependabot'
detect-changed: true
ref: ${{ github.head_ref }}