deactivate codeql run on dependabot commits

cryptomator · Nov 29, 2023 · 6c00398 · 6c00398
1 parent 0da3cee
commit 6c00398
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -13,7 +13,8 @@ jobs:
  analyse:
  name: Analyse
  runs-on: ubuntu-latest
- if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
+ # dependeabot has on push events only read-only access, but codeql requires write access
+ if: ${{ !(github.actor == 'dependabot[bot]' && contains(fromJSON('["push"]'), github.event_name)) }}
  steps:
  - uses: actions/checkout@v4
  with: