Skip to content

build(deps): bump ridedott/merge-me-action from e45e8ab1dd3d3dc1d27b8c0a3f465e40e8c9fb8e to e586c33ceb8c6f00e1ee2584c7ee6916adaabf64#1333

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/ridedott/merge-me-action-e586c33ceb8c6f00e1ee2584c7ee6916adaabf64
Open

build(deps): bump ridedott/merge-me-action from e45e8ab1dd3d3dc1d27b8c0a3f465e40e8c9fb8e to e586c33ceb8c6f00e1ee2584c7ee6916adaabf64#1333
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/ridedott/merge-me-action-e586c33ceb8c6f00e1ee2584c7ee6916adaabf64

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps ridedott/merge-me-action from e45e8ab1dd3d3dc1d27b8c0a3f465e40e8c9fb8e to e586c33ceb8c6f00e1ee2584c7ee6916adaabf64.

Changelog

Sourced from ridedott/merge-me-action's changelog.

2.10.174 (2026-06-29)

Chores

  • deps: bump @​sigstore/core, semantic-release and @​semantic-release/npm (543b8795)

2.10.173 (2026-06-29)

Chores

2.10.172 (2026-06-26)

Chores

  • deps: bump ridedott/release-me-action from 3.10.113 to 3.10.114 (2b681138)

2.10.171 (2026-06-26)

Chores

2.10.170 (2026-06-26)

Continuous Integration

2.10.169 (2026-06-25)

Chores

  • deps: bump ridedott/release-me-action from 3.10.112 to 3.10.113 (b7a33975)

2.10.168 (2026-06-22)

Chores

  • deps-dev: bump form-data from 3.0.4 to 3.0.5

... (truncated)

Commits
  • e586c33 chore(deps-dev): bump nock from 13.5.6 to 14.0.16
  • 876045e chore(deps-dev): bump @​commitlint/cli from 21.1.0 to 21.2.0
  • d2d715c chore(deps-dev): bump prettier from 3.9.3 to 3.9.4
  • 06dbf2f chore(deps-dev): bump @​vercel/ncc from 0.44.0 to 0.44.1
  • 648a8ea chore(deps-dev): bump @​commitlint/cli from 20.5.3 to 21.1.0
  • 247e838 chore(deps-dev): bump prettier from 3.9.1 to 3.9.3
  • a767f79 chore(deps-dev): bump lint-staged from 16.4.0 to 17.0.8
  • c5ec7d3 chore(deps-dev): bump cspell from 9.8.0 to 10.0.1
  • 9103f38 chore(deps-dev): bump @​commitlint/config-conventional from 20.5.3 to 21.1.0
  • 98f5cf6 chore(release): v2.10.174
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [ridedott/merge-me-action](https://github.com/ridedott/merge-me-action) from e45e8ab1dd3d3dc1d27b8c0a3f465e40e8c9fb8e to e586c33ceb8c6f00e1ee2584c7ee6916adaabf64.
- [Release notes](https://github.com/ridedott/merge-me-action/releases)
- [Changelog](https://github.com/ridedott/merge-me-action/blob/master/CHANGELOG.md)
- [Commits](ridedott/merge-me-action@e45e8ab...e586c33)

---
updated-dependencies:
- dependency-name: ridedott/merge-me-action
  dependency-version: e586c33ceb8c6f00e1ee2584c7ee6916adaabf64
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 1, 2026
@greptile-apps

greptile-apps Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR bumps the ridedott/merge-me-action GitHub Action used in the dependabot automerge workflow from commit e45e8ab1 to e586c33c, covering versions v2.10.168–v2.10.174.

  • The upstream changelog shows only chore/dependency updates (node version bumps, dev dependency upgrades, CI runner migrations) with no functional changes to the merge action itself.
  • The action reference remains pinned to a full commit SHA, which is the correct security practice for third-party Actions.

Confidence Score: 5/5

This PR is safe to merge — it updates a single pinned SHA for the automerge Action with no workflow logic changes.

The only change is bumping a commit SHA in the automerge workflow. The new SHA corresponds to upstream v2.10.168–v2.10.174, which contain only internal dependency and CI updates with no behavioral changes to the merge action itself. The pin remains a full commit SHA, preserving supply-chain hygiene.

No files require special attention.

Important Files Changed

Filename Overview
.github/workflows/dependabot-automerge.yml Single-line bump of ridedott/merge-me-action SHA; no structural changes to the workflow.

Sequence Diagram

%%{init: {'theme': 'neutral'}}%%
sequenceDiagram
    participant dependabot as dependabot[bot]
    participant CI as CI Workflow
    participant AutoMerge as dependabot-automerge.yml
    participant MergeAction as ridedott/merge-me-action@e586c33

    dependabot->>CI: Open PR
    CI->>CI: Run checks
    CI-->>AutoMerge: "workflow_run conclusion=success"
    AutoMerge->>MergeAction: "Trigger (if actor == dependabot[bot])"
    MergeAction->>dependabot: Auto-merge PR via AWBOT_GH_TOKEN
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
sequenceDiagram
    participant dependabot as dependabot[bot]
    participant CI as CI Workflow
    participant AutoMerge as dependabot-automerge.yml
    participant MergeAction as ridedott/merge-me-action@e586c33

    dependabot->>CI: Open PR
    CI->>CI: Run checks
    CI-->>AutoMerge: "workflow_run conclusion=success"
    AutoMerge->>MergeAction: "Trigger (if actor == dependabot[bot])"
    MergeAction->>dependabot: Auto-merge PR via AWBOT_GH_TOKEN
Loading

Reviews (1): Last reviewed commit: "build(deps): bump ridedott/merge-me-acti..." | Re-trigger Greptile

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants