dependabot-pr-automation
Dependabot PR Automation for chainloop
This skill reviews open Dependabot pull requests, assesses their risk, approves safe ones, and merges them.
Repository Info
| Item | Value |
|---|---|
| Owner | chainloop-dev |
| Repo | chainloop |
Step 1: List Open Dependabot PRs
Use mcp__github__list_pull_requests to fetch open PRs:
owner:chainloop-devrepo:chainloopstate:open
More from chainloop-dev/chainloop
upgrading-golang
Upgrades Go version across the entire Chainloop codebase including source files, Docker images, CI/CD workflows, and documentation. Use when the user mentions upgrading Go, golang version, or updating Go compiler version.
42upgrading-chart
Upgrades Helm chart dependencies (PostgreSQL, Vault) in the Chainloop project, including vendorized charts, container images, and CI/CD workflows. Use when the user mentions upgrading Helm charts, Bitnami dependencies, PostgreSQL chart, or Vault chart. CRITICAL - Major version upgrades are FORBIDDEN and must be escalated.
37custom-builtin-functions
Create a custom builtin function to be used in the Rego policy engine
37vulnerability-remediation
Reviews vulnerability policy violations for the chainloop project recorded in Chainloop and performs fixes in Dockerfiles or go.mod. Use when asked to fix vulnerabilities, review CVEs, or remediate security issues in chainloop.
22