From fe3617d6e9d89d9b2ddd353e1b3c5d20d20c896f Mon Sep 17 00:00:00 2001
From: Kevin Stillhammer <kevin.stillhammer@gmail.com>
Date: Sat, 7 Mar 2026 12:12:14 +0100
Subject: [PATCH] Delete .github/workflows/dependabot-build.yml (#789)

Too many security issues and complex setup. Using a Skill instead
---
 .github/workflows/dependabot-build.yml | 67 --------------------------
 1 file changed, 67 deletions(-)
 delete mode 100644 .github/workflows/dependabot-build.yml

diff --git a/.github/workflows/dependabot-build.yml b/.github/workflows/dependabot-build.yml
deleted file mode 100644
index 3f68f64..0000000
--- a/.github/workflows/dependabot-build.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-name: Dependabot Build
-
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
-  cancel-in-progress: true
-
-permissions:
-  contents: write
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    if: >-
-      github.event.pull_request.user.login == 'dependabot[bot]' &&
-      github.event.pull_request.head.repo.full_name == github.repository &&
-      startsWith(github.head_ref, 'dependabot/')
-    timeout-minutes: 15
-    steps:
-      - name: Checkout PR branch
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          persist-credentials: false
-
-      - name: Setup Node.js
-        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
-        with:
-          node-version-file: .nvmrc
-          cache: npm
-
-      - name: Install dependencies
-        run: npm ci --ignore-scripts
-
-      - name: Build and test
-        run: npm run all
-
-      - name: Commit built dist
-        env:
-          EXPECTED_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git config --local core.hooksPath /dev/null
-
-          git fetch --no-tags --depth=1 origin "${GITHUB_HEAD_REF}"
-          if [ "$(git rev-parse FETCH_HEAD)" != "${EXPECTED_HEAD_SHA}" ]; then
-            echo "::notice::Skipping dist commit because ${GITHUB_HEAD_REF} moved after the workflow started."
-            exit 0
-          fi
-
-          git add --all dist/
-
-          if git diff --cached --quiet; then
-            echo "No dist changes to commit."
-            exit 0
-          fi
-
-          git commit -m "Build dist for Dependabot update"
-
-          auth="$(printf 'x-access-token:%s' "$GITHUB_TOKEN" | base64 | tr -d '\n')"
-          git -c "http.https://github.com/.extraheader=AUTHORIZATION: basic ${auth}" \
-            push origin "HEAD:${GITHUB_HEAD_REF}"