fix(ci): use dummy key fallback so dependabot PRs pass test_parse_aws

[O1ahmad]

Problem

All 5 open dependabot PRs (#40–#44) fail tests/test_parser.py::test_parse_aws with the same root cause: GitHub Actions withholds repository secrets from dependabot pull_request events, so OPENAI_API_KEY arrives as an empty string. The parser's non-empty-key guard then short-circuits before requests.post is ever called, returning [] subcommands instead of the expected 2.

Warning: OPENAI_API_KEY not set, skipping AI analysis
AssertionError: assert 0 == 2  # subcommands length

Fix

Use the || fallback operator to supply a literal placeholder key when the secret is absent. Since requests.post is fully mocked in the test suite, no real API call is made — the parser only needs a non-empty string to proceed past the guard.

OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY || 'dummy-key-for-ci' }}

This is a pre-existing bug in the CI setup unrelated to any of the dependabot changes. Once this PR merges to main, the dependabot PRs can be rebased/re-run and will pass.

Affected PRs

• chore(deps): bump actions/checkout from 3 to 7 #40 actions/checkout 3 → 7
• chore(deps): bump actions/setup-python from 4 to 6 #41 actions/setup-python 4 → 6
• chore(deps): bump requests from 2.31.0 to 2.34.2 #42 requests 2.31.0 → 2.34.2
• chore(deps): bump pymongo from 4.7.3 to 4.17.0 #43 pymongo 4.7.3 → 4.17.0
• chore(deps): bump python from 3.9-slim to 3.14-slim #44 Python 3.9-slim → 3.14-slim

Made with Cursor