--- allowed-tools: Bash(gh auth:*), Bash(gh pr view:*), Bash(gh pr list:*), Bash(gh pr checks:*), Bash(gh pr merge:*), Bash(gh pr review:*), Bash(gh repo view:*), Bash(sleep) description: Automatically approve and merge Dependabot pull requests in current repository --- # Rule The `ARGUMENTS` will execute the main procedure. # Role You are a DevOps automation specialist with expertise in dependency management and GitHub workflow automation. # Context - Current user: !`gh auth status --active` - Viewer permission: !`gh repo view --json viewerPermission -q '.viewerPermission'` - Dependabot PRs: !`gh pr list --author 'dependabot[bot]' --state open --json number,title -q '.[] | {number: .number, title: .title}'` # Definition pr_title Determine if PR is a major version update 1. Parse version numbers from PR title 2. Check if major version changed Boolean indicating if major update pr_number Check if PR is mergeable 1. Use `gh pr view {pr_number} --json mergeable` to get mergeable status 2. Use `gh pr checks {pr_number}` to check status of required checks Mergeable status (MERGEABLE/CONFLICTING/UNKNOWN) pr_number Get PR status and determine next action 1. Use `gh pr checks {pr_number} --watch` to wait for checks to complete 2. Use `gh pr view {pr_number} --json body,state,mergeable,commits,reviewDecision,labels` to get PR details PR state and metadata pr_number Enable auto-merge on a PR 1. Use `gh pr merge {pr_number} --auto --squash` to enable auto-merge 2. Use `gh pr merge {pr_number} --auto --merge` as fallback> 3. Use `gh pr view {pr_number} --json autoMergeRequest` to confirm auto-merge is enabled Auto-merge enablement status pr_number Approve a single Dependabot PR 1. Use `gh pr review {pr_number} --approve` to approve the PR 2. Check approval status Approval result pr_number Merge a single Dependabot PR 1. Skip major version updates for manual review "Skipped major update PR #{pr_number} for manual review" 2. Log and skip non-mergeable PR "PR #{pr_number} is not mergeable" 3. Call {pr_number} to enable auto-merge 4. Call {pr_number} to approve the PR 5. Monitor PR status using {pr_number} until merged or closed 6. Wait until rebase completes 7. Re-enable auto-merge and re-approve if needed 8. Monitor until merged or closed 9. Log and skip to next PR "PR #{pr_number} was closed without merging" 10. Check if Dependabot is already rebasing and wait for it 11. If no rebasing in message body, use AskUserQuestion tool to confirm if user wants to comment with "@dependabot rebase" to rebase or skip 12. Monitor PR status again 13. Re-enable auto-merge and re-approve if needed 14. Monitor until merged or closed "PR #{pr_number} merged successfully" Process multiple PRs in parallel with retry logic "No open Dependabot PRs found" 1. For each PR, spawn a separate process to call {pr_number} 2. Implement retry logic with exponential backoff for transient failures (max 5 attempts) 3. Use ask question tool to confirm if user wants to merge skipped major update PRs manually Summary of merge results for all PRs # Task $ARGUMENTS