@@ -78,38 +78,13 @@ jobs:
7878 echo "Changes detected in sbom.json"
7979 fi
8080
81- name : Create Pull Request
82- if : steps.git_status.outputs.HAS_CHANGES == 'true'
83- uses : peter-evans/create-pull-request@v6
84- with :
85- token : ${{ secrets.GITHUB_TOKEN }}
86- commit-message : ' chore: update SBOM after dependency changes'
87- add-paths : |
88- sbom.json
89- branch : auto-update-sbom-${{ github.run_id }}
90- delete-branch : true
91- title : ' chore: Update SBOM'
92- body : |
93- ## Automated SBOM Update
94-
95- This PR was automatically generated because package files changed.
96-
97- ### Environment
98- - Node.js version: ${{ steps.versions.outputs.node-version }}
99-
100- ### Changes
101- - Updated `sbom.json` to reflect current dependencies
102-
103- ### Verification
104- The SBOM was generated using CycloneDX NPM.
105-
106- ### Triggered by
107- - Commit: ${{ github.sha }}
108- - Workflow run: ${{ github.run_id }}
109-
110- ---
111- _This PR was created automatically by the [SBOM workflow](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})_
112- labels : |
113- sbom
114- automated
115- dependencies
81+ name : " Commit SBOM changes"
82+ if : steps.sbom_status.outputs.HAS_CHANGES == 'true'
83+ run : |
84+ git config user.name "github-actions[bot]"
85+ git config user.email "github-actions[bot]@users.noreply.github.com"
86+ git add ${{ env.SBOM_FILE }}
87+ git commit -m "chore(deps): Update SBOM after dependency changes"
88+ git push
89+ echo "📦 SBOM updated and committed" >> $GITHUB_STEP_SUMMARY
90+ continue-on-error : true
0 commit comments