actions/setup-uv
2
0
Fork 0
mirror of https://github.com/astral-sh/setup-uv.git synced 2026-03-10 08:42:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix: check PR author instead of event sender for Dependabot detection (#787)

Browse Source 
The previous implementation checked `github.event.sender.login`, which
is whoever triggered the event (e.g., someone closing/reopening the PR).

This fixes it to check `github.event.pull_request.user.login` instead —
the PR author — so the workflow runs correctly whenever a
Dependabot-created PR is opened, synchronized, or reopened.
This commit is contained in:
eifinger-bot
2026-03-07 11:21:46 +01:00
committed by GitHub
parent 4bc8fabc0c
commit 5ba8a7e5d0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/dependabot-build.yml vendored
View File

@@ -10,7 +10,7 @@ permissions:
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: github.event.sender.login == 'dependabot[bot]' && github.event.sender.type == 'Bot' if: github.event.pull_request.user.login == 'dependabot[bot]'
steps: steps:
- name: Checkout PR branch - name: Checkout PR branch
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2