ACS-6650 Avoid running SAST scan on DependaBot PRs (#2418)

Skipping SAST scan on DependaBot PRs as it won't provide any additional insights and requires sharing more secrets with DependaBot than we're willing to.
2025-07-24 17:32:48 +00:00 · 2024-01-25 12:08:04 +01:00
parent 1ef7b5bea9
commit 0cea265153
1 changed files with 1 additions and 0 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -74,6 +74,7 @@ jobs:
    needs: [prepare]
    if: >
      (github.ref_name == 'master' || startsWith(github.ref_name, 'release/') || github.event_name == 'pull_request') &&
+      github.actor != 'dependabot[bot]' &&
      !contains(github.event.head_commit.message, '[skip tests]') &&
      !contains(github.event.head_commit.message, '[force')
    steps: