Skip to content

Promote: canonical learnings wording + every-tier Dependabot auto-merge#114

Merged
ptr727 merged 5 commits into
mainfrom
develop
Jul 3, 2026
Merged

Promote: canonical learnings wording + every-tier Dependabot auto-merge#114
ptr727 merged 5 commits into
mainfrom
develop

Conversation

@ptr727

@ptr727 ptr727 commented Jul 3, 2026

Copy link
Copy Markdown
Owner

Promotes the develop changes to main.

Closes #112

What's promoted

Diff

develop is a clean superset of main: the diff is exactly the #103/#113 edits (AGENTS.md, WORKFLOW.md, merge-bot-pull-request.yml). The --only lines are develop's own removal of the guard/metadata step (unpromoted work), not main-only stragglers. upstream-version.json matches main after #85. Mermaid + actionlint + markdownlint validated.

dependabot Bot and others added 5 commits July 2, 2026 00:14
Bumps the actions-deps group with 2 updates: [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/setup-qemu-action` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@0611638...96fe6ef)

Updates `docker/build-push-action` from 7.2.0 to 7.3.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@f9f3042...53b7df9)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: docker/build-push-action
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the actions-deps group with 2 updates: [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) and [docker/login-action](https://github.com/docker/login-action).


Updates `docker/setup-buildx-action` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@d7f5e7f...bb05f3f)

Updates `docker/login-action` from 4.2.0 to 4.3.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@650006c...c99871d)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: docker/login-action
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
)

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Remove the fetch-metadata step and the semver-major guard from the
merge-dependabot job so every tier auto-merges on green - the required checks
are the gate, not the version bump. The guard was inert here anyway (this repo's
ecosystems are github-actions + docker, no NuGet). Update WORKFLOW.md D8.2, the
self-sufficiency prose, the merge-bot flow diagram, and the D8/D9 summary to
match. Closes the last policy drift vs the sibling repos.

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
….4 (#85)

Co-authored-by: ptr727-codegen[bot] <275599072+ptr727-codegen[bot]@users.noreply.github.com>
Copilot AI review requested due to automatic review settings July 3, 2026 19:09

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Promotes develop to main, carrying forward the repo’s canonical documentation wording and the “every-tier” Dependabot auto-merge policy, plus the current upstream-version pins.

Changes:

  • Update WORKFLOW/AGENTS documentation to the canonical “develop staleness” and issue-closing guidance, and to explicitly state that Dependabot auto-merges all tiers (including semver-major).
  • Simplify the merge-bot by removing the Dependabot metadata step and the semver-major guard so Dependabot PRs auto-merge on green unconditionally.
  • Refresh upstream-version.json pins (device_builder + ESPHome) and bump several Docker GitHub Actions SHAs.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Show a summary per file
File Description
WORKFLOW.md Align docs and diagrams to “every-tier” Dependabot auto-merge and canonical wording.
upstream-version.json Update pinned upstream versions (device_builder, esphome).
AGENTS.md Add canonical process learnings (develop mirroring + issue-closing keyword placement).
.github/workflows/merge-bot-pull-request.yml Remove Dependabot metadata/guard so all Dependabot PRs auto-merge on passing required checks.
.github/workflows/build-docker-task.yml Update pinned SHAs for Docker-related GitHub Actions used in the build/publish flow.

@ptr727 ptr727 merged commit 04ed5d4 into main Jul 3, 2026
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Auto-merge every Dependabot tier (drop semver-major skip)

2 participants