Files
langsmith-fleet[bot] c9a5b303bb chore: Add guarded Dependabot auto-merge workflow (#2594)
## Summary
- add a Dependabot-only workflow to auto-approve and enable GitHub
auto-merge for guarded low-risk dependency updates
- use pinned dependabot/fetch-metadata metadata to classify update type,
dependency type, ecosystem, group, and maintainer changes
- deny auto-merge for major updates, direct production runtime
dependencies, sensitive dependency names, large diffs, and
infra/deploy/workflow-risk file changes

## Safety notes
- uses pull_request_target but does not checkout or execute PR code
- restricts execution to Dependabot PRs whose head repo is
langchain-ai/langgraphjs
- relies on branch protection / required checks before GitHub auto-merge
can complete

## Test plan
- parsed workflow YAML with Ruby Psych
- ran git diff --check
- actionlint was unavailable in the sandbox

---------

Co-authored-by: langsmith-fleet[bot] <langsmith-fleet[bot]@users.noreply.github.com>
Co-authored-by: John Kennedy <jkennedyvz@users.noreply.github.com>
2026-07-08 17:09:38 -07:00
..
2026-03-02 12:06:42 -05:00