From d9a6a3da2d19d5d3c1f55094daa5afdbc0b0e807 Mon Sep 17 00:00:00 2001 From: goodliu Date: Mon, 22 Apr 2024 14:56:27 +0800 Subject: [PATCH] github-action: allow dependabot to contribute code and bump cla to v2.3.2 --- .github/workflows/cla.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index de11c47..795467b 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -18,7 +18,7 @@ jobs: steps: - name: "CLA Assistant" if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' - uses: contributor-assistant/github-action@v2.3.1 + uses: contributor-assistant/github-action@v2.3.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_DATABASE_ACCESS_TOKEN }} @@ -28,4 +28,5 @@ jobs: path-to-signatures: 'signatures/${{ github.event.repository.name }}-${{ github.repository_id }}/cla.json' path-to-document: 'https://github.com/trpc-group/cla-database/blob/main/Tencent-Contributor-License-Agreement.md' # branch should not be protected - branch: 'main' \ No newline at end of file + branch: 'main' + allowlist: dependabot \ No newline at end of file