mirror of
https://github.com/Significant-Gravitas/AutoGPT.git
synced 2026-04-08 03:00:28 -04:00
fix(ci): correct Dependabot PR detection in Claude workflow
- Fix workflow condition to use github.event.pull_request.user.login - Add fallback condition with github.actor for security - Add workflow_dispatch trigger for manual testing - Implements the "belt and suspenders" approach from issue analysis Co-authored-by: ntindle <8845353+ntindle@users.noreply.github.com>
This commit is contained in:
5
.github/workflows/claude-dependabot.yml
vendored
5
.github/workflows/claude-dependabot.yml
vendored
@@ -14,11 +14,14 @@ name: Claude Dependabot PR Review
|
||||
on:
|
||||
pull_request:
|
||||
types: [opened, synchronize]
|
||||
workflow_dispatch: # Allow manual testing
|
||||
|
||||
jobs:
|
||||
dependabot-review:
|
||||
# Only run on Dependabot PRs
|
||||
if: github.actor == 'dependabot[bot]'
|
||||
if: |
|
||||
github.actor == 'dependabot[bot]' ||
|
||||
github.event.pull_request.user.login == 'dependabot[bot]'
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 30
|
||||
|
||||
|
||||
Reference in New Issue
Block a user