From 24d9985f7fb2190d9865ba28575989e03ff7a1f9 Mon Sep 17 00:00:00 2001 From: Robert Allen Date: Fri, 12 Jun 2026 14:52:59 -0400 Subject: [PATCH] chore(ci): stop dependabot from bumping gh-aw refs in compiled lock files gh-aw action refs in .lock.yml are compiler output; bumping them without recompiling broke every agentic workflow (exit 127 at Start MCP Gateway). gh-aw upgrades go through `gh aw upgrade`. --- .github/dependabot.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index d6b9ee1..430f78a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,6 +10,13 @@ updates: - "area/ci" commit-message: prefix: "ci" + ignore: + # gh-aw action refs inside compiled .lock.yml files are owned by the + # gh-aw compiler. Dependabot bumping them without `gh aw compile` + # breaks the runtime (missing gateway scripts, exit 127). Upgrades + # happen via `gh aw upgrade` instead. + - dependency-name: "github/gh-aw" + - dependency-name: "github/gh-aw-actions" - package-ecosystem: "cargo" directory: "/" schedule: