feat: implement issue #252 — Compliance: non-stub-dependabot-rebase.yml#271
feat: implement issue #252 — Compliance: non-stub-dependabot-rebase.yml#271don-petry wants to merge 4 commits into
Conversation
|
Warning Review limit reached
More reviews will be available in 59 minutes and 44 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
This PR aims to address compliance issue #252 by bringing the repository’s Dependabot rebase workflow into alignment with the org’s central workflow standard (specifically around how the reusable workflow is referenced/version-pinned).
Changes:
- Updated the
uses:ref in.github/workflows/dependabot-rebase.ymlto a different commit SHA. - Added another
.dev-lead/entry to.gitignore.
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
.gitignore |
Adds an additional .dev-lead/ ignore entry (currently duplicative). |
.github/workflows/dependabot-rebase.yml |
Changes the referenced reusable workflow ref (still pinned by SHA rather than @v1). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| permissions: | ||
| pull-requests: write # call update-branch API on behind PRs and merge when ready | ||
| uses: petry-projects/.github/.github/workflows/dependabot-rebase-reusable.yml@06fc488675d87e339ce6474a43d55bd67f602260 # v1 | ||
| uses: petry-projects/.github/.github/workflows/dependabot-rebase-reusable.yml@b51e2edf830ea085be0277bcf3174c7b3ec8f958 # v1 | ||
| secrets: |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 9071332953
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| permissions: | ||
| pull-requests: write # call update-branch API on behind PRs and merge when ready | ||
| uses: petry-projects/.github/.github/workflows/dependabot-rebase-reusable.yml@06fc488675d87e339ce6474a43d55bd67f602260 # v1 | ||
| uses: petry-projects/.github/.github/workflows/dependabot-rebase-reusable.yml@b51e2edf830ea085be0277bcf3174c7b3ec8f958 # v1 |
There was a problem hiding this comment.
Keep the newer dependabot rebase workflow
This pin moves the caller from 06fc488 back to b51e2ed; I checked the central petry-projects/.github tree at both SHAs, and the older b51e2ed reusable unconditionally continues after update-branch fails, while the newer 06fc488 version falls through to the direct merge attempt. In the documented workflow-file-change / missing workflows permission case, behind Dependabot PRs will now be skipped forever instead of using the existing fallback, so the automated Dependabot queue can stall after this downgrade.
Useful? React with 👍 / 👎.
Dev-Lead — fix-bot-comment (applied)Changes committed and pushed. |
|
|
Closing due to merge conflict that cannot be auto-rebased. Re-implementing from fresh main via dev-lead. |
Pull request was closed



Closes #252
Implemented by dev-lead agent. Please review.