👷 Add Dependabot reviewer workflow

This commit adds a new workflow file `review-dependabot.yml` that sets up a Dependabot reviewer for pull requests. The workflow is triggered on the `pull_request_target` event and grants the necessary permissions for writing pull requests and contents. The workflow runs on `ubuntu-latest` and includes a step to review Dependabot PRs using the `pwshrc/actions-review-dependabot` action. The action requires the `GITHUB_TOKEN` secret and specifies that only pull requests by the user `dependabot[bot]` are required.
pwshrc · Aug 31, 2023 · 718498d · 718498d
1 parent a4ce129
commit 718498d
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/.github/workflows/review-dependabot.yml b/.github/workflows/review-dependabot.yml
@@ -0,0 +1,18 @@
+name: Dependabot reviewer
+
+on: pull_request_target
+
+permissions:
+  pull-requests: write
+  contents: write
+
+jobs:
+  review-dependabot-pr:
+    name: Review Dependabot PR
+    runs-on: ubuntu-latest
+    steps:
+      - name: Review Dependabot PR
+        uses: pwshrc/actions-review-dependabot@v0.2.0
+        with:
+          github_token: "${{ secrets.GITHUB_TOKEN }}"
+          required-pr-user-login: 'dependabot[bot]'