name: Dependabot PR actions on: pull_request: types: - opened - reopened - synchronize - labeled - unlabeled jobs: dependabot: runs-on: ubuntu-latest permissions: pull-requests: write contents: write if: ${{ github.actor == 'dependabot[bot]' }} steps: - name: GitHub App token id: github_app_token uses: tibdex/github-app-token@v1.5.0 with: app_id: ${{ secrets.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} installation_id: 22958780 - name: Check out code uses: actions/checkout@v3 with: token: ${{ steps.github_app_token.outputs.token }} - name: Update the changelog uses: dangoslen/dependabot-changelog-helper@v2 with: version: 'Unreleased' - name: Commit the changes uses: stefanzweifel/git-auto-commit-action@v4 with: commit_message: "Update changelog" branch: ${{ github.head_ref }} commit_user_name: dependabot[bot] commit_user_email: support@github.com commit_options: '--signoff'