A bot for GitHub that automatically merges PRs from dependabot when they meet certain criteria:
- All the checks are passing
- The package is on a safe-list
Go to github.com/apps/depend-a-lot-bot to install.
In your repository, create a file .github/dependabot-bot.yml
after installing the dependabot-bot application.
The safe
property should be a list of packages allowed to be merged automatically.
safe:
- package-1
- package-2
This bot is powered by Python Serverless technologies on Azure Functions.
The bot was written by Anthony Shaw and the source code is available at github.com/tonybaloney/dependabot-bot