Adds dependabot configuration to address npm workspace lockfile issues
that caused PR #3021 to fail.
The root cause was Dependabot trying to update the same package (glob)
to different major versions across workspace directories, creating an
inconsistent package-lock.json that fails `npm ci`.
Key changes:
- Configure npm updates from root directory only (per issue #6346)
- Use versioning-strategy: increase for consistent lockfile updates
- Explicitly configure security update grouping via applies-to
See:
- https://github.com/dependabot/dependabot-core/issues/6346
- https://github.com/dependabot/dependabot-core/issues/7157
The 'Check if tests exist' step was actually running tests with
continue-on-error: true. If tests failed, it would set has-tests=false
and skip the actual test step, making CI appear green even with failing tests.
Simplified to use 'npm test --if-present' which:
- Runs tests if a test script exists (and fails if tests fail)
- Does nothing and exits 0 if no test script exists
- Removes the need for the complex check logic
Fixes the issue where PR #3014 had failing tests but CI was green.
Updates the Claude Code GitHub Action to use the stable v1 GA release instead of the beta version.
## Changes
- Updates action version from `@beta` to `@v1`
- Migrates `allowed_tools` to `claude_args: --allowedTools`
- Migrates `custom_instructions` to `claude_args: --system-prompt`
- Retains `additional_permissions` and `assignee_trigger` (both still supported in v1)
## Behavior
The action continues to work the same way:
- Triggers on `@claude` mentions in comments, reviews, and issues
- Triggers when assigned to an issue as "claude"
- Allows Claude to run Bash commands
- Allows Claude to read CI results on PRs
- Applies custom instructions for posting concise summaries
- in create-release job condition
- check for all combinations of publish results that should lead to a release creation
- npm = success / pypi = skipped
- npm = skipped / pypi = success
- npm = success / pypi = success
- in create-release job condition
- check for all combinations of publish results that should lead to a release creation
- npm = success / pypi = skipped
- npm = skipped / pypi = success
- npm = success / pypi = success
- in create-release job condition
- check for all combinations of publish results that should lead to a release creation
- npm = success / pypi = skipped
- npm = skipped / pypi = success
- npm = success / pypi = success
- in publish-pypi job,
- only proceed if there are python packages to publish
- in publish-npm job,
- only proceed if there are npm packages to publish
- Added test job that runs before build
- Tests are conditionally executed only for packages that have test scripts
- Filesystem tests will now run automatically in CI on every push and PR
- Build job now depends on successful test completion
