chore(dependabot): Change event type to pull_request
.
#10144
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does / why we need it:
We are still facing permission error in enabling auto-merge for dependabot PRs example: https://github.com/grafana/loki/actions/runs/5737803871/job/15550129786?pr=10138
After discussing it with internal security team, they asked to try changing the event type from
pull_request_target
->pull_request
.Personally, I suspect this would make any difference, given It worked with
pull_request_target
when testing it with my personal repo.https://github.com/kavirajk/dependabot-play/blob/main/.github/workflows/dependabot_reviewer.yml#L5
Auto-merged PR.
kavirajk/dependabot-play#15
But still wanted to test this.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Checklist
CONTRIBUTING.md
guide (required)