From b81548c1ce108c59a72ee691ba2f942044b677c6 Mon Sep 17 00:00:00 2001
From: GalvinPython <imgalvin@pm.me>
Date: Sat, 12 Jul 2025 21:21:10 +0100
Subject: [PATCH 1/4] chore(dependabot): move back to npm

also removes me as assignee (codeowners)
---
 .github/dependabot.yml               | 16 +++++-----
 .github/workflows/dependabot_bun.yml | 44 ++++++++++++++++++++++++++++
 2 files changed, 52 insertions(+), 8 deletions(-)
 create mode 100644 .github/workflows/dependabot_bun.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 10f3d87..b6cf540 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,23 +1,23 @@
+# Moving back to npm for package management rather than bun
+# because wow dependabot is so broken for it 😭
+# TODO: Labels on package updates after project restructure
+
 version: 2
 updates:
-  - package-ecosystem: "bun"
+  - package-ecosystem: "npm"
     directory: "/"
     schedule:
       interval: "weekly"
-    assignees:
-      - "GalvinPython"
     target-branch: "dev"
 
-  - package-ecosystem: "bun"
+  - package-ecosystem: "npm"
     directory: "/web"
     schedule:
       interval: "weekly"
-    assignees:
-      - "GalvinPython"
     target-branch: "dev"
-    labels: ["dependencies", "javascript", "component: web"]
 
   - package-ecosystem: "cargo"
     directory: "/api"
     schedule:
-      interval: "weekly"
\ No newline at end of file
+      interval: "weekly"
+    target-branch: "dev"
diff --git a/.github/workflows/dependabot_bun.yml b/.github/workflows/dependabot_bun.yml
new file mode 100644
index 0000000..75cd234
--- /dev/null
+++ b/.github/workflows/dependabot_bun.yml
@@ -0,0 +1,44 @@
+name: Update bun.lock
+
+on:
+  pull_request:
+    branches: [main, dev]
+
+permissions:
+  contents: write
+
+jobs:
+  update-bun-lock:
+    name: "Update bun.lock"
+    runs-on: ubuntu-latest
+    if: github.actor == 'dependabot[bot]'
+    steps:
+      - name: Set up Bun
+        uses: oven-sh/setup-bun@v2
+
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Install dependencies with Bun
+        run: bun install
+
+      - name: Check for changes
+        id: git_status
+        run: |
+          git add bun.lock
+          if [ -z "$(git status --porcelain)" ]; then
+            echo "No changes to bun.lock"
+            echo "changes_detected=false" >> "$GITHUB_OUTPUT"
+          else
+            echo "Changes detected to bun.lock"
+            echo "changes_detected=true" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Commit and push changes to bun.lock
+        if: steps.git_status.outputs.changes_detected == 'true'
+        run: |
+          git config --global user.name 'github-actions[bot]'
+          git config --global user.email 'github-actions[bot]@users.noreply.github.com'
+          git commit -m "Update bun.lock (via GitHub Actions)"
+          git pull --rebase origin ${{ github.head_ref }}
+          git push origin ${{ github.head_ref }}

From d0a85ef34a46a7e5b397d38e6305f0959423c0c6 Mon Sep 17 00:00:00 2001
From: GalvinPython <imgalvin@pm.me>
Date: Sat, 12 Jul 2025 21:25:57 +0100
Subject: [PATCH 2/4] chore(dependabot): add paths restrictions to dependabot
 and eslint

---
 .github/workflows/dependabot_bun.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/dependabot_bun.yml b/.github/workflows/dependabot_bun.yml
index 75cd234..47583bb 100644
--- a/.github/workflows/dependabot_bun.yml
+++ b/.github/workflows/dependabot_bun.yml
@@ -3,6 +3,9 @@ name: Update bun.lock
 on:
   pull_request:
     branches: [main, dev]
+    paths:
+      - "bun.lock"
+      - "package.json"
 
 permissions:
   contents: write

From 188f2ff7c43bc96b3fcbede9ee97b3a3f4e9d6a8 Mon Sep 17 00:00:00 2001
From: GalvinPython <imgalvin@pm.me>
Date: Sat, 12 Jul 2025 21:28:19 +0100
Subject: [PATCH 3/4] chore(dependabot): update eslint

---
 .github/workflows/eslint.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml
index d08d619..eea5287 100644
--- a/.github/workflows/eslint.yml
+++ b/.github/workflows/eslint.yml
@@ -12,6 +12,14 @@ on:
       - "**/*.mjs"
   pull_request:
     types: [opened, reopened, synchronize]
+    branches:
+      - "*"
+    paths:
+      - "**/*.js"
+      - "**/*.jsx"
+      - "**/*.ts"
+      - "**/*.tsx"
+      - "**/*.mjs"
 
 jobs:
   lint:
@@ -29,4 +37,4 @@ jobs:
         run: bun install
 
       - name: Run ESLint
-        run: bun run lint
\ No newline at end of file
+        run: bun run lint

From a9560665593933ce5230596774300408294bb22b Mon Sep 17 00:00:00 2001
From: GalvinPython <imgalvin@pm.me>
Date: Sat, 12 Jul 2025 21:30:13 +0100
Subject: [PATCH 4/4] revert: nevermind, removing this from pull requests means
 no checks

---
 .github/workflows/dependabot_bun.yml |  3 ---
 .github/workflows/eslint.yml         | 10 +---------
 2 files changed, 1 insertion(+), 12 deletions(-)

diff --git a/.github/workflows/dependabot_bun.yml b/.github/workflows/dependabot_bun.yml
index 47583bb..75cd234 100644
--- a/.github/workflows/dependabot_bun.yml
+++ b/.github/workflows/dependabot_bun.yml
@@ -3,9 +3,6 @@ name: Update bun.lock
 on:
   pull_request:
     branches: [main, dev]
-    paths:
-      - "bun.lock"
-      - "package.json"
 
 permissions:
   contents: write
diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml
index eea5287..d08d619 100644
--- a/.github/workflows/eslint.yml
+++ b/.github/workflows/eslint.yml
@@ -12,14 +12,6 @@ on:
       - "**/*.mjs"
   pull_request:
     types: [opened, reopened, synchronize]
-    branches:
-      - "*"
-    paths:
-      - "**/*.js"
-      - "**/*.jsx"
-      - "**/*.ts"
-      - "**/*.tsx"
-      - "**/*.mjs"
 
 jobs:
   lint:
@@ -37,4 +29,4 @@ jobs:
         run: bun install
 
       - name: Run ESLint
-        run: bun run lint
+        run: bun run lint
\ No newline at end of file