Dependabot pnpm Resolver

Autonomously resolve Dependabot security alerts in pnpm projects by analyzing dependency chains, applying appropriate fixes, and documenting decisions.

Workflow Overview

1. Check setup     → First run? Configure the repo
2. Fetch alerts    → Get open alerts via gh api
3. Plan            → Group by fix, prioritize by severity
4. Baseline        → Run install, build, typecheck, lint, test
5. Execute fixes   → Apply fixes, validate each with install
6. Final validate  → Confirm baseline still passes
7. Log & report    → Document decisions, report issues

First-Run Setup

On first use in a repo, check if setup exists by looking for a dependabot workflow include in CLAUDE.md or AGENTS.md.