Drop Scala Steward auto-merge job

xerial · claude · xerial · commit c91ff24fb4b6 · 2026-05-05T13:06:19.000-07:00
The semver-major label guard was a no-op: this repo's Scala Steward PRs
only carry library-update (and sometimes internal), so the guard would
have auto-merged every Scala Steward PR including major bumps. Defer
Scala Steward auto-merge until the repo has proper semver labeling
configured.

Co-Authored-By: Claude Opus 4.7 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml
@@ -24,14 +24,3 @@ jobs:
         run: gh pr merge --squash --auto "${{ github.event.pull_request.html_url }}"
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-  auto-merge-scala-steward:
-    name: Auto-Merge Scala Steward PRs
-    runs-on: ubuntu-latest
-    if: ${{ github.event.pull_request.user.login == 'scala-steward' }}
-    steps:
-      - name: Enable auto-merge for non-major updates
-        if: ${{ !contains(github.event.pull_request.labels.*.name, 'semver-major') }}
-        run: gh pr merge --squash --auto "${{ github.event.pull_request.html_url }}"
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/plans/2026-05-05-auto-merge.md b/plans/2026-05-05-auto-merge.md
@@ -35,27 +35,40 @@ pattern used in `wvlet/uni/.github/workflows/auto-merge.yml`.
 
 ## Plan
 
-1. Add `.github/workflows/auto-merge.yml` with two jobs:
-   - **auto-merge-dependabot**: triggers when `github.actor == 'dependabot[bot]'`,
-     uses `dependabot/fetch-metadata@v3` to read the update type, and runs
+1. Add `.github/workflows/auto-merge.yml` with one job:
+   - **auto-merge-dependabot**: triggers when
+     `github.event.pull_request.user.login == 'dependabot[bot]'`, uses
+     `dependabot/fetch-metadata@v2` to read the update type, and runs
      `gh pr merge --squash --auto` only when the update is **not**
      `version-update:semver-major`.
-   - **auto-merge-scala-steward**: triggers when `github.actor == 'scala-steward'`
-     and runs `gh pr merge --squash --auto` for all such PRs (Scala Steward
-     does not surface a structured "major" signal the way Dependabot's
-     fetch-metadata action does, so we rely on Scala Steward's own
-     `pullRequests.allowedUpdates` config — already filtered upstream — and
-     skip if the PR has a `semver-major` label).
 2. Set workflow-level `permissions` to the minimum required:
    `contents: write` and `pull-requests: write`.
 3. Use `GITHUB_TOKEN` directly via `env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}`.
 
+### Scala Steward (deferred)
+
+The initial draft also auto-merged Scala Steward PRs, gated on a
+`semver-major` label being absent. But this repo's existing Scala Steward PRs
+only carry `library-update` (and sometimes `internal`) — no semver labels are
+configured, so a `!contains(..., 'semver-major')` guard is effectively a
+no-op and would auto-merge every Scala Steward PR including major bumps.
+Codex review caught this. Rather than ship an unsafe guard, we drop the
+Scala Steward job from this PR. Re-adding it should be a follow-up that
+either:
+- Defines `early-semver-major`/`early-semver-minor`/`early-semver-patch`
+  labels in the repo (Scala Steward only applies labels that already exist)
+  and adds a `.scala-steward.conf` enabling them, then guards on
+  `early-semver-major`.
+- Or uses a manual opt-in label like `auto-merge` that the maintainer adds
+  after a quick review.
+
 ## Out of scope
 
 - Setting up a GitHub App for elevated bot identity.
 - Auto-approving PRs (a human approval may still be required by branch
   protection — auto-merge will simply wait for it).
 - Changing branch protection rules.
+- Scala Steward auto-merge (see above).
 
 ## Validation
 
