Skip to content

Commit

Permalink
Initial commit from auto-approve-action
Browse files Browse the repository at this point in the history 
Add auto approve action

Update main.workflow

Remove action- prefix

Clean up action Dockerfile

Update main.workflow

Update README

Remove workflow file

Add debug action

Make entrypoint executable

Update github library

Check event name in approval action

Docs for debug action

Note about GITHUB_TOKEN checkbox for approval action

Add screenshot of workflow

Fix image formatting in README

Update image in README

Remove debug action - one action per repo

You can only publish actions in the marketplace if they live at the root
of a repository.

Update README.md

Improve readme

Move README to docs

Revert "Move README to docs"

This reverts commit 8d56a73.

Update screenshot

Switch to golang alpine base image

Clarify use of `uses` in the workflow file

The actor name is wrong, it should be dependabot-preview

actor is "dependabot-preview[bot]", not any of "dependabot[bot]"

The actor name changed when Github bought dependabot.

:)

Update README.md

Bump github.com/google/go-github/v24 from 24.0.0 to 24.0.1

Bumps [github.com/google/go-github/v24](https://github.com/google/go-github) from 24.0.0 to 24.0.1.
- [Release notes](https://github.com/google/go-github/releases)
- [Commits](google/go-github@v24.0.0...v24.0.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Remove Actions v1 version

Add actions v2 skeleton

Add build artefact

Point to build artefact

Approve PR

Update docs

Add lint action

Install deps in lint step

Use npm run-script

See diff

Pin to node 12.10

See if using yarn makes the build deterministic

Use yarn in action

Go back to diff --quiet for exit codes

Remove reference to the filter action in README.md

Add branding

Remove bracket

Remove duplicated text in README

Bump @actions/core from 1.1.0 to 1.1.1

Bumps [@actions/core](https://github.com/actions/toolkit) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Commits](https://github.com/actions/toolkit/compare/@actions/core@1.1.0...@actions/tool-cache@1.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Add build artefact

Bump @types/node from 12.7.5 to 12.7.8

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.7.5 to 12.7.8.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.7.8 to 12.7.9

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.7.8 to 12.7.9.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @actions/core from 1.1.1 to 1.1.3

Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.1.1 to 1.1.3.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/master/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

New build artefact

Bump @types/node from 12.7.9 to 12.7.11

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.7.9 to 12.7.11.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.7.11 to 12.7.12

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.7.11 to 12.7.12.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump typescript from 3.6.3 to 3.6.4

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.6.3 to 3.6.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v3.6.3...v3.6.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.7.12 to 12.11.0

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.7.12 to 12.11.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.11.0 to 12.11.1

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.11.0 to 12.11.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.11.1 to 12.11.6

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.11.1 to 12.11.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @actions/core from 1.1.3 to 1.2.0

Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.1.3 to 1.2.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/master/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Re-build

Bump @types/node from 12.11.6 to 12.11.7

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.11.6 to 12.11.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.11.7 to 12.12.0

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.11.7 to 12.12.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.0 to 12.12.5

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.0 to 12.12.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump typescript from 3.6.4 to 3.7.2

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.6.4 to 3.7.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.5 to 12.12.6

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.5 to 12.12.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump prettier from 1.18.2 to 1.19.1

Bumps [prettier](https://github.com/prettier/prettier) from 1.18.2 to 1.19.1.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/master/CHANGELOG.md)
- [Commits](prettier/prettier@1.18.2...1.19.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.6 to 12.12.7

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.6 to 12.12.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.7 to 12.12.8

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.7 to 12.12.8.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.8 to 12.12.9

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.8 to 12.12.9.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.9 to 12.12.11

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.9 to 12.12.11.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump typescript from 3.7.2 to 3.7.3

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.7.2 to 3.7.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v3.7.2...v3.7.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.11 to 12.12.14

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.11 to 12.12.14.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.14 to 12.12.17

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.14 to 12.12.17.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.17 to 12.12.18

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.17 to 12.12.18.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.18 to 12.12.20

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.18 to 12.12.20.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @zeit/ncc from 0.20.5 to 0.21.0

Bumps [@zeit/ncc](https://github.com/zeit/ncc) from 0.20.5 to 0.21.0.
- [Release notes](https://github.com/zeit/ncc/releases)
- [Commits](vercel/ncc@0.20.5...0.21.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 12.12.20 to 13.1.4

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 12.12.20 to 13.1.4.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump typescript from 3.7.3 to 3.7.4

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.7.3 to 3.7.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 13.1.4 to 13.1.6

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.1.4 to 13.1.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 13.1.6 to 13.1.7

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.1.6 to 13.1.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump typescript from 3.7.4 to 3.7.5

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.7.4 to 3.7.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v3.7.4...v3.7.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 13.1.7 to 13.1.8

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.1.7 to 13.1.8.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 13.1.8 to 13.5.1

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.1.8 to 13.5.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Bump @types/node from 13.5.1 to 13.5.2

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.5.1 to 13.5.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Update Dependabot usage example with branch matching pattern

Add dependabot config file

Bump @zeit/ncc from 0.21.0 to 0.21.1

Bumps [@zeit/ncc](https://github.com/zeit/ncc) from 0.21.0 to 0.21.1.
- [Release notes](https://github.com/zeit/ncc/releases)
- [Commits](vercel/ncc@0.21.0...0.21.1)

Signed-off-by: dependabot[bot] <support@github.com>

Bump @types/node from 13.5.2 to 13.7.1

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.5.2 to 13.7.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot[bot] <support@github.com>

Bump typescript from 3.7.5 to 3.8.2

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.7.5 to 3.8.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v3.7.5...v3.8.2)

Signed-off-by: dependabot[bot] <support@github.com>

Remove branches filter from the example

Update dependabot.yml v2 syntax

Bump typescript from 3.8.2 to 3.8.3

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.8.2 to 3.8.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v3.8.2...v3.8.3)

Signed-off-by: dependabot[bot] <support@github.com>

Bump @types/node from 13.7.1 to 13.7.7

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.7.1 to 13.7.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot[bot] <support@github.com>

Bump @types/node from 13.7.7 to 13.9.0

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.7.7 to 13.9.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot[bot] <support@github.com>

Bump @types/node from 13.9.0 to 13.9.1

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.9.0 to 13.9.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot[bot] <support@github.com>

Bump @types/node from 13.9.1 to 13.9.4

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.9.1 to 13.9.4.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot[bot] <support@github.com>

Add LICENSE

Update license in package.json

Bump @types/node from 13.9.4 to 14.0.1

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.9.4 to 14.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot[bot] <support@github.com>

Bump @types/node from 14.0.1 to 14.0.14

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.0.1 to 14.0.14.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot[bot] <support@github.com>

Dependabot: run monthly

Bump @types/node from 14.0.14 to 14.11.4

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.0.14 to 14.11.4.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot[bot] <support@github.com>

Use pull_request_target

this doesn't cause the issues with `Resource not accessible by integration`
hmarr#166

Update Dependabot config file

Switch from yarn to npm, upgrade deps

Update build artefact

Switch lint job to npm

Update lint job actions and use npm not yarn

Add testing setup

More tests, better error handling

Re-build

Add missing breaks

More useful error message for 422 errors

Closes hmarr#85

Helpful error message for 404 errors

Turn off version updates for now

Bump @types/node from 14.14.34 to 14.14.35

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.34 to 14.14.35.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot[bot] <support@github.com>

Add code owners section to the README

v2.1.0

Lint on pull requests

Rename workflow

Run tests in CI

Update ci job name

Update action metadata file

Make action support pull-request-number input

Add test

Update README instructions

Commit changes to package.json after npm i

Fix typo in README

Update README to use workflow_dispatch inputs

Allow prNumber to be undefined

Remove unnecessary 0s from tests

Revert changes to package.json

Rebuild action

Provide radix parameter for parseInt

Rebuild action

Fix conditional in main.ts

Rebuild action

Do not approve the same PR twice

Disable network in tests

Clean up nock mocks

Change PR number in test

Remove redundant import

Clean env in tests for Actions CI builds

When the tests are run in GitHub Actions, the GITHUB_* environment
variables were present, and causing tests to fail. Now we (mostly) clear
the environment variables before each test.

Rebuild action

Update dependencies

docs: Use consistent syntax

Use node 16

Handle top-level errors

Mark dist/index.js as generated

Handle GITHUB_TOKEN 403 error gracefully

Update documentation

Switch back to node 12

Node 16 is only available on GHES 3.4+, which was released relatively
recently. This Action still works with Node 12, so switching back to
that version widens compatibility for self-hosted runners users.

Bump @actions/core from 1.6.0 to 1.9.1

Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.6.0 to 1.9.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Run build

Invalid PR number error handling, test main func

Prettier

Prettier

Add vscode config

Loud diff

Feature/add optional review message (hmarr#200)

Custom review messages

Co-authored-by: Harry Marr <harry.marr@gmail.com>

Use node 18 in CI

Typo in README

feat: default `github-token` to `github.token` (hmarr#202)

Improve dist CI check

Clarify version in README

Add instructions for overriding the GitHub token

Specify scope required for PAT in README

Add note about Dependabot and secrets access

Promote `if` to job level (hmarr#204)

Start v3 branch

Update actions runner node install to v16 (hmarr#205)

Update version in lockfile

Reduce mocking duplication in tests

fix: Add a check in PR's `requested_reviewers` (hmarr#210)

Add a check in PR's `requested_reviewers` before considering the PR as
already approved, fixes the issue wherein action skips approving a PR
that was approved before but requested a re-review, closes hmarr#206

Concurrent API requests

Bump version to v3.1.0

Update actions workflows

CI badge

Bump json5 from 2.2.0 to 2.2.3 (hmarr#211)

Don't re-review when new commits are pushed (hmarr#214)

It is possible to require re-reviews when new commits are pushed via
branch protection rules, but when that setting is enabled existing
reviews are transitioned to `DISMISSED`, so we should already handle
that case with the `state === "APPROVED"` check.

Only consider the latest review for a user (hmarr#216)
  • Loading branch information
@hmarr @studroid
hmarr authored and studroid committed Jun 22, 2023
0 parents commit 617f3b0
Show file tree
Hide file tree
Showing 16 changed files with 19,077 additions and 0 deletions.
1 change: 1 addition & 0 deletions .gitattributes
@@ -0,0 +1 @@
dist/index.js linguist-generated=true
33 changes: 33 additions & 0 deletions .github/workflows/ci.yml
@@ -0,0 +1,33 @@
name: CI
on: [push, pull_request]

jobs:
test:
name: Lint and test
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3

- name: Setup nodejs
uses: actions/setup-node@v3
with:
node-version: '18'

- name: Install dependencies
run: npm ci

- name: Check style with prettier
run: npm run format-check

- name: Run tests
run: npm test

- name: Compare the expected and actual dist/ directories
run: |
npm run build
if [ "$(git diff --ignore-blank-lines --ignore-space-at-eol dist/ | wc -l)" -gt "0" ]; then
echo "Detected uncommitted changes after build. See status below:"
git diff
exit 1
fi
1 change: 1 addition & 0 deletions .gitignore
@@ -0,0 +1 @@
/node_modules/
5 changes: 5 additions & 0 deletions .vscode/settings.json
@@ -0,0 +1,5 @@
{
"[typescript]": {
"editor.defaultFormatter": "esbenp.prettier-vscode"
}
}
21 changes: 21 additions & 0 deletions LICENSE
@@ -0,0 +1,21 @@
MIT License

Copyright (c) 2020 Harry Marr

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
124 changes: 124 additions & 0 deletions README.md
@@ -0,0 +1,124 @@
# Auto Approve GitHub Action

[![CI](https://github.com/hmarr/auto-approve-action/actions/workflows/ci.yml/badge.svg?event=push)](https://github.com/hmarr/auto-approve-action/actions/workflows/ci.yml)

**Name:** `hmarr/auto-approve-action`

Automatically approve GitHub pull requests.

**Important:** use v3 or later, as v2 uses Node.js 12, which is deprecated. If you're on an old version of GHES (earlier than 3.4) you may need to use v2 until you can upgrade. v1 was designed for the initial GitHub Actions beta, and no longer works.

## Usage instructions

Create a workflow file (e.g. `.github/workflows/auto-approve.yml`) that contains a step that `uses: hmarr/auto-approve-action@v3`. Here's an example workflow file:

```yaml
name: Auto approve
on: pull_request_target

jobs:
build:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- uses: hmarr/auto-approve-action@v3
```

Combine with an `if` clause to only auto-approve certain users. For example, to auto-approve [Dependabot][dependabot] pull requests, use:

```yaml
name: Auto approve

on: pull_request_target

jobs:
auto-approve:
runs-on: ubuntu-latest
permissions:
pull-requests: write
if: github.actor == 'dependabot[bot]'
steps:
- uses: hmarr/auto-approve-action@v3
```

If you want to use this action from a workflow file that doesn't run on the `pull_request` or `pull_request_target` events, use the `pull-request-number` input:

```yaml
name: Auto approve

on:
workflow_dispatch:
inputs: pullRequestNumber
description: Pull request number to auto-approve
required: false

jobs:
auto-approve:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- uses: hmarr/auto-approve-action@v3
with:
pull-request-number: ${{ github.event.inputs.pullRequestNumber }}
```

Optionally, you can provide a message for the review:

```yaml
name: Auto approve

on: pull_request_target

jobs:
auto-approve:
runs-on: ubuntu-latest
permissions:
pull-requests: write
if: github.actor == 'dependabot[bot]'
steps:
- uses: hmarr/auto-approve-action@v3
with:
review-message: "Auto approved automated PR"
```

### Approving on behalf of a different user

By default, this will use the [automatic GitHub token](https://docs.github.com/en/actions/security-guides/automatic-token-authentication) that's provided to the workflow. This means the approval will come from the "github-actions" bot user. Make sure you enable the `pull-requests: write` permission in your workflow.

To approve the pull request as a different user, pass a GitHub Personal Access Token into the `github-token` input. In order to approve the pull request, the token needs the `repo` scope enabled.

```yaml
name: Auto approve

on: pull_request_target

jobs:
auto-approve:
runs-on: ubuntu-latest
steps:
- uses: hmarr/auto-approve-action@v3
with:
github-token: ${{ secrets.SOME_USERS_PAT }}
```

### Approving Dependabot pull requests

When a workflow is run in response to a Dependabot pull request using the `pull_request` event, the workflow won't have access to secrets. If you're trying to use a Personal Access Token (as above) but getting an error on Dependabot pull requests, this is probably why.

Fortunately the fix is simple: use the `pull_request_target` event instead of `pull_request`. This runs the workflow in the context of the base branch of the pull request, which does have access to secrets.

## Why?

GitHub lets you prevent merges of unapproved pull requests. However, it's occasionally useful to selectively circumvent this restriction - for instance, some people want Dependabot's automated pull requests to not require approval.

[dependabot]: https://github.com/marketplace/dependabot

## Code owners

If you're using a [CODEOWNERS file](https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners), you'll need to give this action a personal access token for a user listed as a code owner. Rather than using a real user's personal access token, you're probably better off creating a dedicated bot user, and adding it to a team which you assign as the code owner. That way you can restrict the bot user's permissions as much as possible, and your workflow won't break when people leave the team.

## Development and release process

Each major version corresponds to a branch (e.g. `v2`, `v3`). The latest major version (`v3` at the time of writing) is the repository's default branch. Releases are tagged with semver-style version numbers (e.g. `v1.2.3`).
19 changes: 19 additions & 0 deletions action.yml
@@ -0,0 +1,19 @@
name: 'Auto Approve'
description: 'Automatically approve pull requests'
branding:
icon: 'check-circle'
color: 'green'
inputs:
github-token:
default: ${{ github.token }}
description: 'The GITHUB_TOKEN secret'
required: false
pull-request-number:
description: '(optional) The ID of a pull request to auto-approve. By default, this action tries to use the pull_request event payload.'
required: false
review-message:
description: '(optional) The message of the pull request review.'
required: false
runs:
using: 'node16'
main: 'dist/index.js'

0 comments on commit 617f3b0

Please sign in to comment.