skip pr link for dependabot and renovate

[kernelsam]

Pull request questions

Which issue does this address

Issue number: #nnn

Why was change needed

???

What does change improve

???

[github-actions]

🤖 Claude Code Review

PR Code Review

File: .github/workflows/link-issues-to-pull-request-post-merge.yaml

Code Quality

• ✅ Style guide: YAML workflow follows GitHub Actions conventions and standard formatting.
• ✅ No commented-out code: The added comment is explanatory, not commented-out code.
• ✅ Meaningful variable names: N/A for this change; condition references well-known GitHub context variables.
• ✅ DRY principle: No duplication introduced.
• ✅ Defects / logic: The if condition correctly uses >- (folded scalar, strip trailing newline) for a multi-line YAML string. The logic is sound — both bot logins are checked with &&, which is correct (skip if either condition is true for the respective bot). No edge cases missed; these are the standard login names for these bots.

Testing

• ✅ Unit/integration tests: Not applicable — GitHub Actions workflow change with no testable logic beyond the condition itself.
• ✅ Edge cases: The two most common dependency automation bots (dependabot and renovate) are covered. If other bots are used in the future, the condition would need updating, but this is acceptable for now.

Documentation

• ✅ Inline comment: The added comment clearly explains why the skip is needed, which is valuable context.
• ❌ CHANGELOG.md: No CHANGELOG.md update is included in this diff. Per project standards, changes should be reflected in the changelog.

Security

• ✅ No hardcoded credentials: None present.
• ✅ Input validation: N/A.
• ✅ Error handling: N/A.
• ✅ No sensitive data: None present.
• ✅ No license files: None present.

---

Summary

The change is small, correct, and well-commented. The only issue is:

• Missing CHANGELOG.md update — this workflow behavior change should be documented in the changelog under the appropriate section (e.g., Changed or Fixed).

---

Automated code review analyzing defects and coding standards

[github-actions]

Super-linter summary

Language	Validation result
CHECKOV	Pass ✅
GITHUB_ACTIONS	Pass ✅
GITHUB_ACTIONS_ZIZMOR	Pass ✅
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Pass ✅
TRIVY	Pass ✅
YAML	Pass ✅
YAML_PRETTIER	Fail ❌

Super-linter detected linting errors

For more information, see the GitHub Actions workflow run

Powered by Super-linter

YAML_PRETTIER

Checking formatting...[�[33mwarn�[39m] .github/workflows/link-issues-to-pull-request-post-merge.yaml
[�[33mwarn�[39m] Code style issues found in the above file. Run Prettier with --write to fix.

[github-actions]

🤖 Claude Code Review

PR Code Review

File: .github/workflows/link-issues-to-pull-request-post-merge.yaml

Summary: Adds a job-level if condition to skip the link-issues job for dependabot[bot] and renovate[bot] PRs.

---

Code Quality

• ✅ Style guide — YAML formatting is consistent with the rest of the workflow file.
• ✅ No commented-out code — Comments added are explanatory, not commented-out code.
• ✅ Meaningful variable names — N/A for this change; uses standard GitHub Actions context variables.
• ✅ DRY principle — No duplication introduced.
• ✅ Defects/Logic errors — Logic is correct. The >- block scalar for a multi-line if expression is valid GitHub Actions YAML and will fold newlines into spaces, producing a valid boolean expression. The && operator is appropriate here.
• ✅ CLAUDE.md — No issues; the comment in the workflow correctly explains the motivation. The project config is appropriately general.

Testing

• ✅ Unit/Integration tests — Not applicable for GitHub Actions workflow changes.
• ✅ Edge cases — The condition correctly handles both known bot actors. If other bots (e.g., github-actions[bot]) are added in future, they'd need separate entries, but that's a future concern not a defect.

Documentation

• ✅ Inline comments — Clear comment explaining why bot PRs are skipped, which is non-obvious.
• ❌ CHANGELOG.md — No CHANGELOG.md update is included in the diff. Per Senzing standards, all changes should be reflected in the changelog.
• ✅ README — No README update needed for this workflow-internal change.
• ✅ Markdown formatting — No Markdown files modified.

Security

• ✅ No hardcoded credentials — None present.
• ✅ Input validation — Condition uses trusted GitHub context values, not user-controlled input.
• ✅ Error handling — Skipping via if is a clean, safe pattern; no error path introduced.
• ✅ No sensitive data in logs — No logging changes.
• ✅ No .lic files or AQAAAD strings — None present.

---

Summary

The change is small, correct, and well-commented. One issue to address:

Required: Add a CHANGELOG.md entry (e.g., under Added or Fixed) documenting that dependency bot PRs are now excluded from the issue-linking workflow.

Automated code review analyzing defects and coding standards

[github-actions]

Super-linter summary

Language	Validation result
CHECKOV	Pass ✅
GITHUB_ACTIONS	Pass ✅
GITHUB_ACTIONS_ZIZMOR	Pass ✅
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Pass ✅
TRIVY	Pass ✅
YAML	Pass ✅
YAML_PRETTIER	Pass ✅

All files and directories linted successfully

For more information, see the GitHub Actions workflow run

Powered by Super-linter