kotovalexarian-likes-github
/
ruby--ruby
mirror of https://github.com/ruby/ruby.git
1
0
Fork 0
Code Releases Activity

Disable dependabot for auto-request-review for now 

because you have to manually update the version tag comment.
It feels unsafe to trust third party git tags when you need to pass
MATZBOT_GITHUB_TOKEN to it. Git commit sha alone isn't human-readable
and I'm reluctant to remove the comment either. It doesn't seem worth
the effort to review changes for every release of this action.
This commit is contained in:
Takashi Kokubun 2022-10-16 22:47:49 -07:00
parent bfc6c1f1cb
commit b7de04d161
No known key found for this signature in database
GPG Key ID: 6FFC433B12EE23DD
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/dependabot.yml vendored
View File

@ -4,3 +4,6 @@ updates:
directory: '/'
schedule:
interval: 'weekly'
ignore:
# It doesn't update the version comment for us
- dependency-name: 'necojackarc/auto-request-review'

2
.github/workflows/auto_request_review.yml vendored
View File

@ -8,7 +8,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Request review based on files changes and/or groups the author belongs to
uses: necojackarc/auto-request-review@b5e81876454003a4ccb9b89cb205c67d77d7035b # v0.7.0, checking sha
uses: necojackarc/auto-request-review@b5e81876454003a4ccb9b89cb205c67d77d7035b # v0.8.0, checking sha
with:
# scope: public_repo
token: ${{ secrets.MATZBOT_GITHUB_TOKEN }}