GitHub-native Dependabot can't merge to protect branch #24017
-
I’m trying to migrate from dependabot-preview to the GitHub-native Dependabot. One issue I’m running into is branch protections: once a PR is ready to merge, I’ve tried issuing a How can I get GitHub-native Dependabot to successfully execute the merge command against a protected branch? |
Beta Was this translation helpful? Give feedback.
Replies: 7 comments
-
Hi there @ZebraFlesh – I love your name and av =D So you should just be able to add Merging after approval and protected branches
We have the following setup: a non-master default branch requiring approval before merging into this default branch master as a protected branch We don't have... Can you let us know if you’re running into any particular issue in adding the bot to your protected branch’s settings? |
Beta Was this translation helpful? Give feedback.
-
The |
Beta Was this translation helpful? Give feedback.
-
Hey @ZebraFlesh I’m so sorry. I now realize I’m totally looking at outdated information and the post I linked to is not at all relevant anymore. Also, you straight up said you had the I think there is more information that will be helpful, though. Is this a public repo? If so, got a link? If not, no worries! Though the main difference is that the preview had a user that was required to have privileges. With the released Dependabot, it’s managed in the platform itself and there’s no user to add to your repositories. Dependabot features are located in I really hope this is more helpful than my first response! 🤞 |
Beta Was this translation helpful? Give feedback.
-
This is a private repo. There doesn’t seem to be a setting in |
Beta Was this translation helpful? Give feedback.
-
Hey @ZebraFlesh – after some more diggin’, it looks like auto-merges aren’t quite possible with Dependabot, as-is. This issue discusses your options (use Actions) in more detail. This comment outlines the steps to create an Actions workflow which leverages Dependabot and mentions the configuration required for private repos. |
Beta Was this translation helpful? Give feedback.
-
Thanks, but that still doesn’t answer my initial question: how to get a v2 |
Beta Was this translation helpful? Give feedback.
-
I’ll have to agree with @ZebraFlesh. Using an action to tell dependabot to merge is not a solution to the issue here.
It is also not a solution to automate the merge ourselves, because dependabot takes care of auto-updating the PRs if there is a conflict with the target branch. |
Beta Was this translation helpful? Give feedback.
Hey @ZebraFlesh – after some more diggin’, it looks like auto-merges aren’t quite possible with Dependabot, as-is.
This issue discusses your options (use Actions) in more detail.
This comment outlines the steps to create an Actions workflow which leverages Dependabot and mentions the configuration required for private repos.