dependabot-auto-merge.yml

Author: PhilippSchmelter

.github/CODEOWNERS

@@ -0,0 +1,5 @@
+# Reviewers for Dependabot PRs
+build.gradle  @sebastian-peter  @danielfeismann @staudtMarius
+
+# Reviewers for CI/CD related PRs
+.github/workflows/  @sebastian-peter  @PhilippSchmelter

.github/workflows/dependabot-auto-merge.yml

@@ -16,6 +16,19 @@ jobs:
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
 
+      - name: Check Snapshot
+        if: contains(steps.metadata.outputs.new-version, 'snap')
+        run: |
+          echo "::error::Snapshot versions are not allowed – workflow stopped."
+          exit 1 
+
+      - name: Approve the PR
+        if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
+        run: gh pr review --approve "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GH_TOKEN: ${{secrets.GITHUB_TOKEN}}
+
       - name: Enable auto-merge for Dependabot PRs
         if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
         run: gh pr merge --auto --merge "$PR_URL"

CHANGELOG.md

@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased/Snapshot]
 
+### Changed
+- Updated dependabot workflow and added CODEOWNERS [#]()
+
 ## [7.0.0] - 2025-05-08
 
 ### Added