Depend-a-lot-bot

A bot for GitHub that automatically approves + merges PRs from dependabot and PyUp.io when they meet certain criteria:

• All the checks are passing
• The package is on a safe-list (see configuration)

Installation

Go to github.com/apps/depend-a-lot-bot to install.

Configuration

In your repository, create a file .github/dependabot-bot.yml after installing the dependabot-bot application.

The safe property should be a list of packages allowed to be merged automatically.

safe:
 - package-1
 - package-2 

About

This bot is powered by Python Serverless technologies on Azure Functions.

The bot was written by Anthony Shaw and the source code is available at github.com/tonybaloney/dependabot-bot