mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
Disable dependabot for auto-request-review for now
because you have to manually update the version tag comment. It feels unsafe to trust third party git tags when you need to pass MATZBOT_GITHUB_TOKEN to it. Git commit sha alone isn't human-readable and I'm reluctant to remove the comment either. It doesn't seem worth the effort to review changes for every release of this action.
This commit is contained in:
parent
bfc6c1f1cb
commit
b7de04d161
2 changed files with 4 additions and 1 deletions
3
.github/dependabot.yml
vendored
3
.github/dependabot.yml
vendored
|
@ -4,3 +4,6 @@ updates:
|
||||||
directory: '/'
|
directory: '/'
|
||||||
schedule:
|
schedule:
|
||||||
interval: 'weekly'
|
interval: 'weekly'
|
||||||
|
ignore:
|
||||||
|
# It doesn't update the version comment for us
|
||||||
|
- dependency-name: 'necojackarc/auto-request-review'
|
||||||
|
|
2
.github/workflows/auto_request_review.yml
vendored
2
.github/workflows/auto_request_review.yml
vendored
|
@ -8,7 +8,7 @@ jobs:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Request review based on files changes and/or groups the author belongs to
|
- name: Request review based on files changes and/or groups the author belongs to
|
||||||
uses: necojackarc/auto-request-review@b5e81876454003a4ccb9b89cb205c67d77d7035b # v0.7.0, checking sha
|
uses: necojackarc/auto-request-review@b5e81876454003a4ccb9b89cb205c67d77d7035b # v0.8.0, checking sha
|
||||||
with:
|
with:
|
||||||
# scope: public_repo
|
# scope: public_repo
|
||||||
token: ${{ secrets.MATZBOT_GITHUB_TOKEN }}
|
token: ${{ secrets.MATZBOT_GITHUB_TOKEN }}
|
||||||
|
|
Loading…
Reference in a new issue