Potential fix for code scanning alert no. 4: Code injection #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Auto-merge | |
| on: | |
| pull_request: | |
| types: [labeled, unlabeled, synchronize, opened, edited, ready_for_review, reopened] | |
| jobs: | |
| auto-merge: | |
| runs-on: ubuntu-latest | |
| if: contains(github.event.pull_request.labels.*.name, 'auto-merge') | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| checks: read | |
| steps: | |
| - name: Wait for CI checks | |
| uses: fountainhead/[email protected] | |
| id: wait-for-ci | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| checkName: test | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| timeoutSeconds: 600 | |
| intervalSeconds: 10 | |
| - name: Auto-merge PR | |
| if: steps.wait-for-ci.outputs.conclusion == 'success' | |
| run: | | |
| gh pr merge ${{ github.event.pull_request.number }} --auto --squash | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Comment on failed auto-merge | |
| if: steps.wait-for-ci.outputs.conclusion != 'success' | |
| run: | | |
| gh pr comment ${{ github.event.pull_request.number }} --body "❌ Auto-merge failed: CI checks did not pass. Please review and fix any issues." | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |