chore(deps): bump @testing-library/react from 16.3.0 to 16.3.2 #12
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependabot Changeset | |
| on: | |
| pull_request: | |
| types: [opened] | |
| workflow_dispatch: | |
| inputs: | |
| pr-number: | |
| description: "Pull request number to add a changeset for" | |
| required: true | |
| type: string | |
| permissions: | |
| contents: write | |
| pull-requests: read | |
| jobs: | |
| changeset: | |
| name: Add changeset for dependency update | |
| runs-on: ubuntu-latest | |
| if: github.actor == 'dependabot[bot]' || github.event_name == 'workflow_dispatch' | |
| steps: | |
| - name: Get PR metadata | |
| id: pr | |
| env: | |
| GH_TOKEN: ${{ secrets.KNOCK_ENG_BOT_GITHUB_TOKEN }} | |
| EVENT_NAME: ${{ github.event_name }} | |
| INPUT_PR_NUMBER: ${{ inputs.pr-number }} | |
| REPO: ${{ github.repository }} | |
| PR_NUMBER_FROM_EVENT: ${{ github.event.pull_request.number }} | |
| PR_TITLE_FROM_EVENT: ${{ github.event.pull_request.title }} | |
| PR_REF_FROM_EVENT: ${{ github.event.pull_request.head.ref }} | |
| run: | | |
| if [ "$EVENT_NAME" = "workflow_dispatch" ]; then | |
| PR_JSON=$(gh pr view "$INPUT_PR_NUMBER" --repo "$REPO" --json title,headRefName) | |
| echo "number=$INPUT_PR_NUMBER" >> "$GITHUB_OUTPUT" | |
| echo "title=$(echo "$PR_JSON" | jq -r '.title')" >> "$GITHUB_OUTPUT" | |
| echo "ref=$(echo "$PR_JSON" | jq -r '.headRefName')" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "number=$PR_NUMBER_FROM_EVENT" >> "$GITHUB_OUTPUT" | |
| echo "title=$PR_TITLE_FROM_EVENT" >> "$GITHUB_OUTPUT" | |
| echo "ref=$PR_REF_FROM_EVENT" >> "$GITHUB_OUTPUT" | |
| fi | |
| # Checkout the PR branch for package.json analysis and committing. | |
| - name: Checkout PR branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ steps.pr.outputs.ref }} | |
| token: ${{ secrets.KNOCK_ENG_BOT_GITHUB_TOKEN }} | |
| fetch-depth: 2 | |
| # Checkout the trusted script from main into a subdirectory. | |
| # This ensures we never execute code from an untrusted PR branch | |
| # when triggered via workflow_dispatch. | |
| - name: Checkout trusted script from main | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: main | |
| sparse-checkout: .github/scripts | |
| path: .trusted | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: "package.json" | |
| - name: Detect affected packages and create changeset | |
| id: changeset | |
| env: | |
| PR_TITLE: ${{ steps.pr.outputs.title }} | |
| PR_NUMBER: ${{ steps.pr.outputs.number }} | |
| run: node .trusted/.github/scripts/dependabot-changeset.js | |
| - name: Commit and push changeset | |
| if: steps.changeset.outputs.created == 'true' | |
| run: | | |
| git config user.name "knock-eng-bot" | |
| git config user.email "knock-eng-bot@users.noreply.github.com" | |
| git add .changeset/ | |
| git commit -m "chore(deps): add changeset for dependency update" | |
| git push |