From 908d50a721fc4c21aed749ecf35f624d3fa7946f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Mar 2026 21:28:29 +0000 Subject: [PATCH 1/4] build(deps): bump docker/login-action from 3 to 4 Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 77a37c2..a4edc78 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,7 +31,7 @@ jobs: uses: docker/setup-buildx-action@v3 - name: Log in to GHCR - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} From d6d6014ff373985aa5f9140e6acbc03af3e0cbaf Mon Sep 17 00:00:00 2001 From: Giovanni Ferri Date: Wed, 11 Mar 2026 21:45:11 +0000 Subject: [PATCH 2/4] fix(ci): skip dependabot-incompatible PR checks --- .github/workflows/ci.yml | 1 + .github/workflows/dependency-review.yml | 1 + .github/workflows/lint.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9075a8a..58e83ea 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,6 +49,7 @@ jobs: python-version: "3.x" - name: Commit message convention check + if: github.actor != 'dependabot[bot]' run: | python -m pip install --upgrade pip commitizen if [ "${{ github.event_name }}" = "pull_request" ]; then diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 61beb66..eb5f7f6 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -6,6 +6,7 @@ on: jobs: dependency-review: + if: github.actor != 'dependabot[bot]' runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index cc3928c..a99957c 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -23,6 +23,7 @@ jobs: python-version: "3.x" - name: Commit message convention check + if: github.actor != 'dependabot[bot]' run: | python -m pip install --upgrade pip commitizen if [ "${{ github.event_name }}" = "pull_request" ]; then From d6dc4b3e41ceae9b4191b0516f5de9e782ac8763 Mon Sep 17 00:00:00 2001 From: Giovanni Ferri Date: Wed, 11 Mar 2026 21:51:58 +0000 Subject: [PATCH 3/4] fix(ci): detect dependabot PRs by head branch --- .github/workflows/ci.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/lint.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 58e83ea..261398c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,7 +49,7 @@ jobs: python-version: "3.x" - name: Commit message convention check - if: github.actor != 'dependabot[bot]' + if: ${{ !(github.event_name == 'pull_request' && startsWith(github.head_ref, 'dependabot/')) }} run: | python -m pip install --upgrade pip commitizen if [ "${{ github.event_name }}" = "pull_request" ]; then diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index eb5f7f6..5f00665 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -6,7 +6,7 @@ on: jobs: dependency-review: - if: github.actor != 'dependabot[bot]' + if: ${{ !startsWith(github.head_ref, 'dependabot/') }} runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index a99957c..d55e3cc 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -23,7 +23,7 @@ jobs: python-version: "3.x" - name: Commit message convention check - if: github.actor != 'dependabot[bot]' + if: ${{ !(github.event_name == 'pull_request' && startsWith(github.head_ref, 'dependabot/')) }} run: | python -m pip install --upgrade pip commitizen if [ "${{ github.event_name }}" = "pull_request" ]; then From fd869434a21cb308bdf1c3ba825fd8153682f446 Mon Sep 17 00:00:00 2001 From: Giovanni Ferri Date: Wed, 11 Mar 2026 21:58:46 +0000 Subject: [PATCH 4/4] fix(ci): skip branch lint commit checks for dependabot refs --- .github/workflows/ci.yml | 2 +- .github/workflows/lint.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 261398c..5848d59 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,7 +49,7 @@ jobs: python-version: "3.x" - name: Commit message convention check - if: ${{ !(github.event_name == 'pull_request' && startsWith(github.head_ref, 'dependabot/')) }} + if: ${{ !(startsWith(github.head_ref, 'dependabot/') || startsWith(github.ref_name, 'dependabot/')) }} run: | python -m pip install --upgrade pip commitizen if [ "${{ github.event_name }}" = "pull_request" ]; then diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index d55e3cc..dd434f6 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -23,7 +23,7 @@ jobs: python-version: "3.x" - name: Commit message convention check - if: ${{ !(github.event_name == 'pull_request' && startsWith(github.head_ref, 'dependabot/')) }} + if: ${{ !(startsWith(github.head_ref, 'dependabot/') || startsWith(github.ref_name, 'dependabot/')) }} run: | python -m pip install --upgrade pip commitizen if [ "${{ github.event_name }}" = "pull_request" ]; then