A wapper around the Github CLI, this tool aims to streamline your Dependabot pull request review process with this interactive command-line assistant. This script automates the fetching, display, and approval of Dependabot PRs, allowing you to quickly manage dependency updates and maintain your project's security and health.
- Fetching: Automatically retrieves open Dependabot pull requests where you are a requested reviewer.
- Overview: Displays essential PR information at a glance, including repository name, PR title, associated labels, and the status of CI/CD checks.
- Approval & Merging: Approve and merge Dependabot PRs with a single keypress, significantly reducing manual effort.
This script requires uv and the GitHub CLI.
-
Install GitHub CLI: Follow the instructions on the GitHub CLI documentation to install the CLI for your operating system. After installation, log in to your GitHub account with
gh auth login -
Install uv: Follow the instructions on the uv documentation to install uv for your operating system.
-
Install the tool using uv:
uv tool install git+https://github.com/MatthewCane/dependabot-reviews
Once installed, you can run the script to start reviewing Dependabot PRs:
uvx dependabot-reviewsThis will launch the interactive review assistant in your terminal. Follow the on-screen prompts to approve and merge PRs. You can also modify the PR search space with the following arguments:
| flag | Help |
|---|---|
--repo REPO |
filter the results to a specific repository. Searches all repos by default |
--all-reviewers |
if set, will not filter PRs to only those assigned to you to review |