We use a codeowners file to automatically assign reviews to Pull Requests. We also have Dependabot creating PRs for major versions.
We do not want to automatically add reviews to the PRs created by Dependabot. According to https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners#codeowners-syntax it is not possible to use !
to exclude.
Is there a way to:
- Use codeowners for all PRs created but users
- Not assign reviewers on PRs create by Dependabot
Thanks!
I have read the documentation for Codeowners file, and for Dependabot. https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/customizing-dependency-updates#setting-reviewers-and-assignees
We do not use any reviews in the Dependabot action.
Using @andreas-olsson's comment, this is what I set up in the CODEOWNERS file.
This is slightly imperfect, as it means that if a real user only makes a change to a
package.json
file and no other files, the codeowners will not get notified of that PR. However, there is currently no better solution.Check out the CODEOWNERS syntax docs if you need help modifying this to fit your file structure (the above solution assumes that the package files are in the root directory).