ci(deps): auto-approve / auto-merge dependencies from dependabot

[mwbrooks]

Summary

Add a GitHub Actions workflow to auto-approve and auto-merge Dependabot pull requests for patch and minor version updates.

This reduces maintenance burden by automatically handling low-risk dependency updates while still requiring manual review for major version bumps.

Repository Settings Required

To enable auto-merge functionality, the following repository settings must be configured:

• Settings → General → Pull Requests

  • ✅ Allow auto-merge

• Settings → Branches → main branch protection rule

  • ✅ Require status checks to pass before merging
    • Add required checks: Build, Unit Tests

• Settings → Actions → General → Workflow permissions

  • ✅ Allow GitHub Actions to create and approve pull requests

Requirements (place an x in each [ ])

• I've read and understood the Contributing Guidelines and have done my best effort to follow them.
• I've read and agree to the Code of Conduct.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.91%. Comparing base (95e80f8) to head (95eb96f).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1830   +/-   ##
=======================================
  Coverage   83.91%   83.91%           
=======================================
  Files         115      115           
  Lines       13080    13080           
=======================================
  Hits        10976    10976           
  Misses       2104     2104           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[zimeg]

LGTM - clean dependabot auto-merge workflow

[mwbrooks]

Thanks for the quick review @zimeg!

Everything was configured correctly on this repo (of course). I didn't add any additional required status checks.