Skip to content

[Repo Assist] eng: add Dependabot config for GitHub Actions; bump setup-dotnet to v4Β #453

New issue
New issue
Open
Open
[Repo Assist] eng: add Dependabot config for GitHub Actions; bump setup-dotnet to v4#453
Labels
agentic-workflowsautomationrepo-assist
@github-actions

Description

@github-actions
github-actions
bot
opened on Mar 9, 2026

πŸ€– This is an automated PR from Repo Assist.

Summary

Two small engineering improvements to CI/CD infrastructure:

  1. Add Dependabot config (.github/dependabot.yml) β€” enables weekly automatic version update PRs for GitHub Actions used in .github/workflows/. This will keep actions/checkout, actions/setup-dotnet, Particular/install-sql-server-action etc. current without manual monitoring.

  2. Bump actions/setup-dotnet from v3 β†’ v4 β€” v4 is the current stable release and the canonical version recommended by GitHub. v3 is still functional but receiving only security fixes.

Changes

  • .github/dependabot.yml β€” new file; weekly schedule for github-actions ecosystem
  • .github/workflows/dotnet-core.yml β€” one-line bump: setup-dotnet@v3 β†’ setup-dotnet@v4

Test Status

Documentation/config-only changes β€” no source code or test files modified. The workflow uses windows-latest with SQL Server, so CI cannot be triggered from this environment. The actions/setup-dotnet@v4 API is backwards-compatible; the dotnet-version: 8.0.100 input is unchanged.

Generated by Repo Assist Β· β—·

To install this agentic workflow, run

gh aw add githubnext/agentics/workflows/repo-assist.md@346204513ecfa08b81566450d7d599556807389f

Warning

πŸ›‘οΈ Protected Files β€” Push Permission Denied

This was originally intended as a pull request, but the patch modifies protected files: .github/dependabot.yml, .github/workflows/dotnet-core.yml.

The push was rejected because GitHub Actions does not have workflows permission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission. A human must create the pull request manually.

To create a pull request with the changes:

# Download the patch from the workflow run
gh run download 22870339272 -n agent-artifacts -D /tmp/agent-artifacts-22870339272

# Create a new branch
git checkout -b repo-assist/eng-dependabot-actions-20260309-6d55cadbee0aadf1 master

# Apply the patch (--3way handles cross-repo patches)
git am --3way /tmp/agent-artifacts-22870339272/aw-repo-assist-eng-dependabot-actions-20260309.patch

# Push the branch and create the pull request
git push origin repo-assist/eng-dependabot-actions-20260309-6d55cadbee0aadf1
gh pr create --title '[Repo Assist] eng: add Dependabot config for GitHub Actions; bump setup-dotnet to v4' --base master --head repo-assist/eng-dependabot-actions-20260309-6d55cadbee0aadf1 --repo fsprojects/FSharp.Data.SqlClient

Metadata

Metadata

Assignees

No one assigned

    Labels

    agentic-workflowsautomationrepo-assist

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions