gradle/actions
1
0
Fork 0
mirror of https://github.com/gradle/actions.git synced 2025-04-21 02:09:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
actions/CONTRIBUTING.md
daz a628cf9f2e
Replace occurrances of gradle-build-action 
- Mostly with `setup-gradle`
- Some with `gradle-actions`
2024-01-25 12:36:53 -07:00

15 lines
878 B
Markdown
Raw Permalink Blame History

### How to merge a Dependabot PR
The "distribution" for a GitHub Action is checked into the repository itself.
In the case of these actions, the transpiled sources are committed to the `dist` directory.
Any production dependencies are inlined into the distribution.
So if a Dependabot PR updates a production dependency (or a dev dependency that changes the distribution, like the Typescript compiler),
then a manual step is required to rebuild the dist and commit.
The simplest process to follow is:
1. Checkout the dependabot branch locally eg: `git checkout dependabot/npm_and_yarn/actions/github-5.1.0`
2. In the `sources` directory, run `npm install` to download NPM dependencies
3. In the `sources` directory, run `npm run build` to regenerate the distribution
4. Push the changes to the dependabot branch
5. If/when the checks pass, you can merge the dependabot PR
Reference in New Issue View Git Blame Copy Permalink