name: Process Dependabot PRs on: pull_request: types: [opened, reopened] jobs: process-dependabot-prs: permissions: pull-requests: read contents: write runs-on: ubuntu-latest if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }} steps: - name: Fetch Dependabot metadata id: dependabot-metadata uses: dependabot/fetch-metadata@v2.1.0 - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.ref }} - name: Update Version Number in Other Files uses: jacobtomlinson/gha-find-replace@v3 with: find: ${{ steps.dependabot-metadata.outputs.previous-version }} replace: ${{ steps.dependabot-metadata.outputs.new-version }} regex: false exclude: CHANGES.rst - name: Commit & Push Changes to PR uses: EndBug/add-and-commit@v9.1.4 with: message: 'Update version number in other files' committer_name: GitHub Actions committer_email: 41898282+github-actions[bot]@users.noreply.github.com