You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Dependabot Pull Requests (PRs) are scoped to read-only access (by GitHub policy).
Due to this limitation, the pipeline fails to execute on these PRs.
Proposed Solution:
Separate the PR Pipeline:
Build and Test Stage: The PR pipeline should be restricted to read-only operations like building and testing.
Generation Stage: Move the write operations, such as documentation generation, to be executed only when changes are pushed to the main branch.
Advantages:
Security Enhancement: This approach adheres to best practices by ensuring that pipelines do not modify PRs, thereby preventing the bots from being a co-author on every PR.
Pipeline Efficiency: By splitting the pipeline, we can ensure smoother and more secure CI/CD processes.
The text was updated successfully, but these errors were encountered:
Current Situation:
Proposed Solution:
Advantages:
The text was updated successfully, but these errors were encountered: