Skip to content

fix: skip Claude Code Review on dependabot PRs #228

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Copilot wants to merge 4 commits into from
Closed

fix: skip Claude Code Review on dependabot PRs #228

Copilot wants to merge 4 commits into from

Conversation

Copy link
Contributor

Copilot AI commented Jan 27, 2026
edited
Loading

Fix Claude Code Review workflow failure on dependabot PRs

Problem

The Claude Code Review workflow is failing when triggered by dependabot PRs with the error:

Workflow initiated by non-human actor: dependabot (type: Bot). 
Add bot to allowed_bots list or use '*' to allow all bots.

Reference: https://github.com/bitflight-devops/github-action-jira-transition-manager/actions/runs/21342884692/job/61425127293#step:3:1

Solution

Added a condition to skip the Claude Code Review workflow for dependabot PRs since dependency updates don't need code review.

Changes Made

  • Added if: github.event.pull_request.user.login != 'dependabot[bot]' to the claude-review job
  • This prevents the workflow from running on dependabot PRs, avoiding the error
  • Merged latest updates from base branch (vitest v4, actions updates)

Checklist

  • Add condition to skip Claude Code Review for dependabot PRs
  • Test the fix by examining the workflow configuration
  • Run code review (no issues found)
  • Run security checks (no vulnerabilities found)
  • Verify the changes are minimal and correct
  • Rebase/merge with base branch updates

Security Summary

No security vulnerabilities were found in this change. The change only adds a conditional check to skip workflow execution for dependabot PRs.

Original prompt

Reference: https://github.com/bitflight-devops/github-action-jira-transition-manager/actions/runs/21342884692/job/61425127293#step:3:1 please address this error

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

dependabot bot and others added 2 commits January 26, 2026 01:04
@dependabot
build(deps-dev): bump sinon and @types/sinon
7bc421a 
Bumps [sinon](https://github.com/sinonjs/sinon) and [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon). These dependencies needed to be updated together.

Updates `sinon` from 19.0.5 to 21.0.1
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](sinonjs/sinon@v19.0.5...v21.0.1)

Updates `@types/sinon` from 17.0.4 to 21.0.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon)

---
updated-dependencies:
- dependency-name: sinon
  dependency-version: 21.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
- dependency-name: "@types/sinon"
  dependency-version: 21.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Initial plan
165d62d
@Jamie-BitFlight
fix: skip Claude Code Review workflow for dependabot PRs
b3f43f2 
The Claude Code Review workflow was failing when triggered by dependabot PRs
because dependabot is not in the allowed_bots list. This adds a condition to
skip the workflow for dependabot PRs since dependency updates don't typically
need code review.

Fixes error: "Workflow initiated by non-human actor: dependabot (type: Bot)"
Reference: https://github.com/bitflight-devops/github-action-jira-transition-manager/actions/runs/21342884692/job/61425127293#step:3:1

Co-authored-by: Jamie-BitFlight <25075504+Jamie-BitFlight@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix error in Jira transition manager action fix: skip Claude Code Review on dependabot PRs Jan 27, 2026
Copilot AI requested a review from Jamie-BitFlight January 27, 2026 23:36
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-470cbfbbdb branch from 7bc421a to 1e33386 Compare January 27, 2026 23:37
@Jamie-BitFlight Jamie-BitFlight marked this pull request as ready for review January 27, 2026 23:39
Copilot AI review requested due to automatic review settings January 27, 2026 23:39
@coderabbitai
Copy link

coderabbitai bot commented Jan 27, 2026

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

  • 🔍 Trigger a full review

Comment @coderabbitai help to get the list of available commands and usage tips.

@Jamie-BitFlight
Copy link
Contributor

Jamie-BitFlight commented Jan 27, 2026

Rebase please. @copilot

Copilot AI reviewed Jan 27, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes the Claude Code Review workflow to prevent failures on dependabot PRs by adding a conditional check to skip the review job when the PR author is dependabot. The PR also includes updates to the sinon testing library and its type definitions.

Changes:

  • Added conditional to skip Claude Code Review workflow for dependabot PRs
  • Removed placeholder comment demonstrating PR author filtering
  • Updated sinon from v19.0.2 to v21.0.1 and @types/sinon from v17.0.3 to v21.0.0

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.

File Description
.github/workflows/claude-code-review.yml Added conditional check to skip workflow execution for dependabot PRs and removed commented placeholder examples
package.json Updated sinon and @types/sinon to latest major versions (v21)
yarn.lock Lockfile updates reflecting sinon v21 upgrade, including removal of nise dependency (now embedded in sinon)

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Jamie-BitFlight
Merge base branch updates (dependabot/npm_and_yarn/multi-470cbfbbdb)
ccf7cb5 
Merge updates from base branch including:
- vitest v4 update (#227)
- actions/upload-artifact v4 to v6 (#222)
- actions/cache v4 to v5 (#223)

Resolved yarn.lock conflict by accepting incoming changes.

Co-authored-by: Jamie-BitFlight <25075504+Jamie-BitFlight@users.noreply.github.com>
Copy link
Contributor Author

Copilot AI commented Jan 27, 2026

Rebase please. @copilot

Done! Merged latest updates from base branch in commit ccf7cb5. The branch now includes:

Note: Used merge instead of rebase since force push is not available in this environment.

Copilot AI requested a review from Jamie-BitFlight January 27, 2026 23:43
@Jamie-BitFlight
Copy link
Contributor

Jamie-BitFlight commented Jan 27, 2026

There's still merge conflicts

@Jamie-BitFlight Jamie-BitFlight deleted the copilot/fix-jira-transition-error branch January 29, 2026 02:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@Jamie-BitFlight Jamie-BitFlight Jamie-BitFlight approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@Jamie-BitFlight Jamie-BitFlight

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Jamie-BitFlight