mirror of
https://github.com/astral-sh/setup-uv.git
synced 2026-03-10 08:42:21 +00:00
Fix: check PR author instead of event sender for Dependabot detection (#787)
The previous implementation checked `github.event.sender.login`, which is whoever triggered the event (e.g., someone closing/reopening the PR). This fixes it to check `github.event.pull_request.user.login` instead — the PR author — so the workflow runs correctly whenever a Dependabot-created PR is opened, synchronized, or reopened.
This commit is contained in:
eifinger-bot
GitHub
2
.github/workflows/dependabot-build.yml
vendored
2
.github/workflows/dependabot-build.yml
vendored
@@ -10,7 +10,7 @@ permissions:
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.event.sender.login == 'dependabot[bot]' && github.event.sender.type == 'Bot'
|
||||
if: github.event.pull_request.user.login == 'dependabot[bot]'
|
||||
steps:
|
||||
- name: Checkout PR branch
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
||||
|
||||
Reference in New Issue
Block a user