Skip to content

Migrate to frequenz-floss dependabot-auto-approve action #473

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 3, 2025
Merged

Migrate to frequenz-floss dependabot-auto-approve action #473

merged 1 commit into from
Nov 3, 2025

Conversation

@Marenz
Copy link
Contributor

@Marenz Marenz commented Nov 3, 2025

Use commit hash instead of version tag for better security and reproducibility.

@Marenz
Migrate to frequenz-floss dependabot-auto-approve action
7654f80 
Use commit hash instead of version tag for better security and
reproducibility.

Signed-off-by: Mathias L. Baumann <[email protected]>
Copilot AI review requested due to automatic review settings November 3, 2025 10:34
@Marenz Marenz requested a review from a team as a code owner November 3, 2025 10:34
@github-actions github-actions bot added the part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) label Nov 3, 2025
Copilot AI reviewed Nov 3, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates the Dependabot auto-approval GitHub Action to use a different repository source with a pinned commit SHA for improved security and reproducibility.

  • Replaces the action reference from ad/dependabot-auto-approve@v1 to frequenz-floss/dependabot-auto-approve with a specific commit SHA
  • Pins the version to v1.3.0 via commit hash 005e52004f5d5c6af2f81b89ec25e5cf6f3dfd77

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Marenz Marenz merged commit dd21a3e into frequenz-floss:v1.x.x Nov 3, 2025
12 checks passed
@Marenz Marenz deleted the update-dependabot-action branch November 3, 2025 13:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@ela-kotulska-frequenz ela-kotulska-frequenz Awaiting requested review from ela-kotulska-frequenz ela-kotulska-frequenz is a code owner automatically assigned from frequenz-floss/python-sdk-team

Assignees

No one assigned

Labels

part:tooling Affects the development tooling (CI, deployment, dependency management, etc.)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Marenz