diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 7874c5d4a..811547188 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,11 +7,6 @@ updates: interval: "weekly" commit-message: prefix: "ci:" - ignore: - # Ignore v6 until update-flake-lock upgrades to create-pull-request@v7.0.9+ - - dependency-name: "actions/checkout" - update-types: ["version-update:semver-major"] - - package-ecosystem: "github-actions" directory: "/" target-branch: "release-25.11" @@ -20,6 +15,3 @@ updates: commit-message: prefix: "ci:" ignore: - # Ignore v6 until update-flake-lock upgrades to create-pull-request@v7.0.9+ - - dependency-name: "actions/checkout" - update-types: ["version-update:semver-major"] diff --git a/.github/workflows/update-flake.yml b/.github/workflows/update-flake.yml index 3d03461be..817ff4a80 100644 --- a/.github/workflows/update-flake.yml +++ b/.github/workflows/update-flake.yml @@ -35,19 +35,14 @@ jobs: echo "email=$id+$name@users.noreply.github.com" } >> "$GITHUB_OUTPUT" - name: Checkout repository - # NOTE: v6 is incompatible with update-flake-lock@v27 due to credential - # storage changes. update-flake-lock uses peter-evans/create-pull-request@v6.0.5 - # which doesn't work with v6's $RUNNER_TEMP credential storage. - # Can upgrade to v6 once update-flake-lock uses create-pull-request@v7.0.9+ - # See: https://github.com/peter-evans/create-pull-request/issues/690 - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: ref: ${{ matrix.branch }} token: ${{ steps.app-token.outputs.token || secrets.GITHUB_TOKEN }} - name: Install Nix uses: cachix/install-nix-action@v31 - name: Update flake.lock - uses: DeterminateSystems/update-flake-lock@v27 + uses: DeterminateSystems/update-flake-lock@v28 with: token: ${{ steps.app-token.outputs.token || secrets.GITHUB_TOKEN }} git-committer-name: ${{ steps.user-info.outputs.name || 'github-actions[bot]' }}