After we switched the dependabot workflow from pull_request_target to pull_request dependabot can no longer access the deploy keys, while require users in our org can when setting the node_modules label.
GitHub supports setting specific workflow secrets for dependabot via this API.
github-upload-secrets and setup-deploy-keys need to be taught how to generate & upload the deploy keys
After we switched the dependabot workflow from
pull_request_targettopull_requestdependabot can no longer access the deploy keys, while require users in our org can when setting thenode_moduleslabel.GitHub supports setting specific workflow secrets for dependabot via this API.
github-upload-secretsandsetup-deploy-keysneed to be taught how to generate & upload the deploy keys