chore: use dependabot to bump oxlint rules #1

	name: Dependabot Update oxc

	on: pull_request

	permissions:
	pull-requests: write

	env:
	OXLINT_PACKAGE_NAME: oxlint

	jobs:
	setup:
	runs-on: ubuntu-latest
	if: github.actor == 'dependabot[bot]'
	outputs:
	oxlint-updated: ${{ contains(steps.metadata.outputs.dependency-names, env.OXLINT_PACKAGE_NAME) }}
	steps:
	- name: Dependabot metadata
	id: metadata
	uses: dependabot/fetch-metadata@v1
	with:
	github-token: "${{ secrets.GITHUB_TOKEN }}"

	bump-oxlint-rules:
	runs-on: ubuntu-latest
	needs: setup
	if: needs.setup.outputs.oxlint-updated == 'true'
	steps:
	- uses: actions/checkout@v4

	- name: Install pnpm
	uses: pnpm/action-setup@v2

	- name: Set node
	uses: actions/setup-node@v4
	with:
	node-version-file: .node-version
	cache: pnpm
	registry-url: "https://registry.npmjs.org"

	- name: Install Dependencies
	run: pnpm i

	- name: Bump oxlint rules
	run: \|
	pnpm run generate
	git commit -am "feat(oxlint): bump oxlint rules"
	git push

	# - name: Enable auto-merge for Dependabot PRs
	# if: steps.metadata.outputs.update-type == 'version-update:semver-patch'
	# run: gh pr merge --auto --merge "$PR_URL"
	# env:
	# PR_URL: ${{github.event.pull_request.html_url}}
	# GH_TOKEN: ${{secrets.GITHUB_TOKEN}}

Provide feedback