Skip to content
Dependabot Commit Signer

chore(deps-dev): bump @typescript-eslint/eslint-plugin from 8.61.0 to 8.62.0 #4

Sign in to view logs

chore(deps-dev): bump @typescript-eslint/eslint-plugin from 8.61.0 to 8.62.0

chore(deps-dev): bump @typescript-eslint/eslint-plugin from 8.61.0 to 8.62.0 #4

Workflow file for this run

.github/workflows/dependabot-signature.yml at cc6d471
name: Dependabot Commit Signer
on:
pull_request_target:
types: [opened, reopened]
jobs:
append-signature:
name: Sign Commit Message
if: github.actor == 'dependabot[bot]'
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Checkout Dependabot Branch
uses: actions/checkout@v6
with:
repository: ${{ github.event.pull_request.head.repo.full_name }}
ref: ${{ github.event.pull_request.head.ref }}
token: ${{ secrets.GITHUB_TOKEN }}
fetch-depth: 0
- name: Configure Git Identity
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com"
- name: Inject Valid Co-authored Trailer
env:
OWNER_NAME: ${{ github.repository_owner }}
OWNER_ID: ${{ github.event.repository.owner.id }}
run: |
# 1. Fetch the raw commit description generated by Dependabot
ORIGINAL_MSG=$(git log -1 --pretty=%B)
# 2. Build your profile's anonymous GitHub no-reply email string dynamically
COAUTHOR_EMAIL="${OWNER_ID}+${OWNER_NAME}@users.noreply.github.com"
# 3. Assemble the explicit Git trailer layout
# Two consecutive newlines (\n\n) provide the mandatory empty line spacer.
TRAILER="Co-authored-by: ${OWNER_NAME} <${COAUTHOR_EMAIL}>"
# 4. Reconstruct and rewrite the metadata commit block
# Using printf ensures that trailing newlines parse perfectly into the Git log ledger.
printf "%s\n\n%s\n" "$ORIGINAL_MSG" "$TRAILER" > .git/commit_msg.tmp
git commit --amend -F .git/commit_msg.tmp
# 5. Push the signed update securely to the target pull request
git push origin HEAD:${{ github.event.pull_request.head.ref }} --force