3030 build-and-push-artifacts :
3131 name : Build and push artifacts for Python ${{ matrix.python_version }}
3232 runs-on : ubuntu-latest
33- # Only run for base repo, not forks
34- if : github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request'
33+ # Only run for base repo, not forks or dependabot
34+ if : ( github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request') && github.actor != 'dependabot[bot] '
3535 strategy :
3636 fail-fast : false
3737 matrix :
@@ -122,8 +122,8 @@ jobs:
122122 name : All artifacts pushed
123123 runs-on : ubuntu-latest
124124 needs : build-and-push-artifacts
125- # Only run if the build job ran (i.e., not for forks)
126- if : always() && (github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request')
125+ # Only run if the build job ran (i.e., not for forks or dependabot )
126+ if : always() && (github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request') && github.actor != 'dependabot[bot]'
127127 steps :
128128 - name : Check matrix job results
129129 env :
@@ -144,8 +144,8 @@ jobs:
144144publish-python-package :
145145 name : Publish Python package
146146 runs-on : ubuntu-latest
147- # Only run for base repo, not forks
148- if : github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request'
147+ # Only run for base repo, not forks or dependabot
148+ if : ( github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request') && github.actor != 'dependabot[bot] '
149149 outputs :
150150 version : ${{ steps.build.outputs.version }}
151151 permissions :
@@ -284,8 +284,8 @@ jobs:
284284 name : Publish to PyPI
285285 runs-on : ubuntu-latest
286286 needs : publish-python-package
287- # Only run for base repo when a new tag is created
288- if : (github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request') && startsWith(github.ref, 'refs/tags/')
287+ # Only run for base repo when a new tag is created, not for dependabot
288+ if : (github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request') && startsWith(github.ref, 'refs/tags/') && github.actor != 'dependabot[bot]'
289289 permissions :
290290 contents : read
291291 id-token : write
@@ -308,8 +308,8 @@ jobs:
308308 name : Deploy review app
309309 runs-on : ubuntu-latest
310310 needs : build-and-push-artifacts-status
311- # Only run for base repo PRs, not forks
312- if : github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository
311+ # Only run for base repo PRs, not forks or dependabot
312+ if : github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]'
313313 steps :
314314 - name : Checkout code
315315 uses : actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
@@ -353,8 +353,8 @@ jobs:
353353 name : Jupyter for local
354354 runs-on : ubuntu-latest
355355 needs : build-and-push-artifacts-status
356- # Only run for base repo, not forks
357- if : github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request'
356+ # Only run for base repo, not forks or dependabot
357+ if : ( github.event.pull_request.head.repo.full_name == github.repository || github.event_name != 'pull_request') && github.actor != 'dependabot[bot] '
358358 permissions :
359359 id-token : write
360360 contents : read
0 commit comments