Skip to content

fix(workflow): support dependabot pr titles#451

Merged
brunocroh merged 5 commits intonodejs:mainfrom
brunocroh:fix/script-validate-pr-title
May 1, 2026
Merged

fix(workflow): support dependabot pr titles#451
brunocroh merged 5 commits intonodejs:mainfrom
brunocroh:fix/script-validate-pr-title

Conversation

@brunocroh
Copy link
Copy Markdown
Member

@brunocroh brunocroh commented Apr 30, 2026

The PRs created by Dependabot do not have valid titles for our CI, so I updated the regex to support dep: bump ... as well.

brunocroh
brunocroh commented Apr 30, 2026
View reviewed changes
Comment thread .github/scripts/pr-title.ts Outdated
assert.match(PR_TITLE, SCOPE_RGX, INVALID_PR_TITLE_ERR);
const firstParen = PR_TITLE.indexOf('(');
const prefix = PR_TITLE.slice(0, firstParen);
const [_, prefix] = SCOPE_RGX.exec(PR_TITLE) || [];
Copy link
Copy Markdown
Member Author

@brunocroh brunocroh Apr 30, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added an alternative in the regex and captured the prefix for both scenarios. I think this is simpler than implementing a separate approach here, especially since this PR introduces dep: bump as a valid case as well, which doesn’t have parentheses.

But if this isn't good for some reason, let me know

AugustinMauroy
AugustinMauroy approved these changes May 1, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@AugustinMauroy AugustinMauroy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGMT !

@JakobJingleheimer
Copy link
Copy Markdown
Member

JakobJingleheimer commented May 1, 2026

I think it would be better to update Dependabot's config to include scope (and then the PR title will pass).

@brunocroh
Copy link
Copy Markdown
Member Author

brunocroh commented May 1, 2026

I think it would be better to update Dependabot's config to include scope (and then the PR title will pass).

Oh yeah, I agree—that sounds better. What should the prefix be?

dep(workspace)? Or is there a clearer name for the scope?

@JakobJingleheimer
Copy link
Copy Markdown
Member

JakobJingleheimer commented May 1, 2026
edited
Loading

dep(workspace)? Or is there a clearer name for the scope?

Yeah that sounds good for the gh action ones

Edit: Wait, do you mean dep(workflow)?

There are 2 dependapot categories defined in its config (the other is for npm). In the npm case, if possible something like dep(dev) and dep(prod)? (IIR, dependabot can differentiate dev vs prod)

@brunocroh
Copy link
Copy Markdown
Member Author

brunocroh commented May 1, 2026

dep(workspace)? Or is there a clearer name for the scope?

Yeah that sounds good for the gh action ones

Edit: Wait, do you mean dep(workflow)?

There are 2 dependapot categories defined in its config (the other is for npm). In the npm case, if possible something like dep(dev) and dep(prod)? (IIR, dependabot can differentiate dev vs prod)

What do dev and prod actually represent in our case?
I was thinking of using dep(workspace) for both, but it’s probably better to distinguish between them, e.g.:

  - package-ecosystem: github-actions
    commit-message:
      prefix: dep(gh-actions)

  - package-ecosystem: npm
    commit-message:
      prefix: dep(npm)

@JakobJingleheimer
Copy link
Copy Markdown
Member

JakobJingleheimer commented May 1, 2026
edited
Loading

What do dev and prod actually represent in our case?

An npm development dependency (eg "devDependencies") and an npm production dependency (eg "dependencies")

@brunocroh
Copy link
Copy Markdown
Member Author

brunocroh commented May 1, 2026

What do dev and prod actually represent in our case?

An npm development dependency (eg "devDependencies") and an npm production dependency (eg "dependencies")

Got it, done. Let me know if I missed anything or if there’s any room for improvement. Thanks for your patience 😁

JakobJingleheimer
JakobJingleheimer approved these changes May 1, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@JakobJingleheimer JakobJingleheimer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙌 ha, no patience needed. Thanks for handling!

Comment thread .github/dependabot.yml Outdated
brunocroh and others added 2 commits May 1, 2026 11:36
@brunocroh @JakobJingleheimer
Update .github/dependabot.yml
ff417da 
Co-authored-by: Jacob Smith <3012099+JakobJingleheimer@users.noreply.github.com>
@brunocroh
Merge branch 'main' into fix/script-validate-pr-title
b00a641
@brunocroh brunocroh merged commit 04a4ee1 into nodejs:main May 1, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@JakobJingleheimer JakobJingleheimer JakobJingleheimer approved these changes

@AugustinMauroy AugustinMauroy AugustinMauroy approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@brunocroh @JakobJingleheimer @AugustinMauroy