From 13860574db1402cc290609dc795a622635a2a953 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 18 Oct 2024 22:48:39 +0000
Subject: [PATCH 1/2] composer(deps-dev): update phpstan/phpstan requirement

Updates the requirements on [phpstan/phpstan](https://github.com/phpstan/phpstan) to permit the latest version.

Updates `phpstan/phpstan` to 1.12.7
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/2.0.x/CHANGELOG.md)
- [Commits](https://github.com/phpstan/phpstan/compare/1.12.6...1.12.7)

---
updated-dependencies:
- dependency-name: phpstan/phpstan
  dependency-type: direct:development
  dependency-group: version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 composer.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/composer.json b/composer.json
index 371fc87..8ecaa53 100644
--- a/composer.json
+++ b/composer.json
@@ -40,7 +40,7 @@
   },
   "require-dev": {
     "phpstan/extension-installer": "^1.4.3",
-    "phpstan/phpstan": "^1.12.6",
+    "phpstan/phpstan": "^1.12.7",
     "phpstan/phpstan-deprecation-rules": "^1.2.1",
     "rector/type-perfect": "^1.0.0",
     "symplify/phpstan-rules": "^13.0.1",

From d70f593595006188f51c2aa453bd5d510abc9f09 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?= <mimmi20@live.de>
Date: Sat, 19 Oct 2024 10:17:08 +0200
Subject: [PATCH 2/2] update workflow

---
 .github/dependabot.yml             | 74 +-----------------------------
 .github/workflows/auto-approve.yml | 19 ++++----
 .github/workflows/auto-merge.yml   | 21 +++++----
 3 files changed, 26 insertions(+), 88 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 75913fd..1392bdd 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -81,65 +81,7 @@ updates:
       - dependency-name: "symfony/yaml"
 
     # Disable rebasing for all pull requests
-    rebase-strategy: "disabled"
-
-  - package-ecosystem: "npm"
-
-    directory: "/"
-
-    schedule:
-      interval: "daily"
-
-    groups:
-      security-updates:
-        applies-to: "security-updates"
-        patterns:
-          - "*"
-      version-updates:
-        applies-to: "version-updates"
-        patterns:
-          - "*"
-
-    open-pull-requests-limit: 10
-
-    reviewers:
-      - "mimmi20"
-
-    assignees:
-      - "mimmi20"
-
-    labels:
-      - "dependencies"
-
-    versioning-strategy: "increase"
-
-    target-branch: "master"
-
-    commit-message:
-      include: "scope"
-      prefix: "npm"
-
-    ignore:
-      - dependency-name: "@localnerve/imagemin-gifsicle"
-      - dependency-name: "@localnerve/imagemin-pngquant"
-      - dependency-name: "@node-minify/core"
-      - dependency-name: "@node-minify/no-compress"
-      - dependency-name: "@node-minify/terser"
-      - dependency-name: "@typescript-eslint/eslint-plugin"
-      - dependency-name: "@typescript-eslint/parser"
-      - dependency-name: "@typescript-eslint/typescript-estree"
-      - dependency-name: "@vheemstra/vite-plugin-imagemin"
-      - dependency-name: "@vitest/coverage-istanbul"
-      - dependency-name: "@vitest/ui"
-      - dependency-name: "cssnano"
-      - dependency-name: "cssnano-preset-default"
-      - dependency-name: "imagemin"
-      - dependency-name: "postcss-load-config"
-      - dependency-name: "supports-color"
-      - dependency-name: "vitest"
-
-    # Disable rebasing for all pull requests
-    rebase-strategy: "disabled"
+    rebase-strategy: "auto"
 
   - package-ecosystem: "github-actions"
 
@@ -148,18 +90,6 @@ updates:
     schedule:
       interval: "daily"
 
-    groups:
-      # Specify a name for the group, which will be used in pull request titles
-      # and branch names
-      security-updates:
-        applies-to: "security-updates"
-        patterns:
-          - "*"
-      version-updates:
-        applies-to: "version-updates"
-        patterns:
-          - "*"
-
     open-pull-requests-limit: 10
 
     reviewers:
@@ -177,4 +107,4 @@ updates:
       prefix: "github-actions"
 
     # Disable rebasing for all pull requests
-    rebase-strategy: "disabled"
+    rebase-strategy: "auto"
diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml
index e9ac3f3..a08b4a7 100644
--- a/.github/workflows/auto-approve.yml
+++ b/.github/workflows/auto-approve.yml
@@ -1,16 +1,19 @@
 name: "Auto approve"
 
-permissions:
-  pull-requests: write
-  contents: write
-
 on:
   - pull_request_target
 
 jobs:
   auto-approve:
-    name: "auto approve PR"
+    runs-on: "ubuntu-24.04"
+
+    if: ${{ github.actor == 'dependabot[bot]' }}
+
+    permissions:
+      pull-requests: write
 
-    uses: "mimmi20/ci/.github/workflows/auto-approve.yml@8.1"
-    with:
-      pullRequestUrl: "${{ github.event.pull_request.html_url }}"
+    steps:
+      - uses: "fastify/github-action-merge-dependabot@v3"
+        with:
+          approve-only: true
+          github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml
index 9f05b46..5c3c100 100644
--- a/.github/workflows/auto-merge.yml
+++ b/.github/workflows/auto-merge.yml
@@ -1,16 +1,21 @@
 name: "Auto merge"
 
-permissions:
-  pull-requests: write
-  contents: write
-
 on:
   - pull_request_target
 
 jobs:
   automerge:
-    name: "enable auto merge for PR"
+    runs-on: "ubuntu-24.04"
+
+    if: ${{ github.actor == 'dependabot[bot]' }}
+
+    permissions:
+      pull-requests: write
+      contents: write
 
-    uses: "mimmi20/ci/.github/workflows/auto-merge.yml@8.1"
-    with:
-      pullRequestUrl: "${{ github.event.pull_request.html_url }}"
+    steps:
+      - uses: "fastify/github-action-merge-dependabot@v3"
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          use-github-auto-merge: true
+          merge-method: "merge"