From c8e30918d4f70b9c26a8e4da45683333eba032cc Mon Sep 17 00:00:00 2001
From: Yasunobu <42543015+P4suta@users.noreply.github.com>
Date: Wed, 17 Jun 2026 21:06:17 +0900
Subject: [PATCH] ci: fix commitlint dependabot guard
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The guard skipped committed only when github.actor was dependabot, but a
human re-trigger (`gh pr update-branch` on a dependabot PR) changes the
actor — so committed ran and failed on the bot's long subjects and on the
update-branch merge commit. Guard on the PR author instead, and pass
`--no-merge-commit` so merge commits never fail the lint.
---
 .github/workflows/ci.yml | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 392f719..2f33ad6 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -70,16 +70,19 @@ jobs:
         with:
           fetch-depth: 0
       - uses: taiki-e/install-action@v2
-        if: github.actor != 'dependabot[bot]'
+        if: github.event.pull_request.user.login != 'dependabot[bot]'
         with:
           tool: committed
-      # Dependabot's auto-generated commit subjects/bodies exceed committed's
-      # 50/72 limits; its PRs are squash-merged with a maintainer-set subject,
-      # so skip the lint for the bot. The job still runs and succeeds, keeping
-      # the required "commitlint" check green (a skipped required check blocks).
+      # Dependabot's auto-generated subjects/bodies exceed committed's 50/72
+      # limits, so skip the lint for bot-authored PRs (squash-merged with a
+      # maintainer subject anyway). Guard on the PR *author*, not github.actor:
+      # a human re-trigger (e.g. `gh pr update-branch`) changes the actor but
+      # not the author, so an actor guard would wrongly lint the bot's commits.
+      # `--no-merge-commit` ignores `update-branch` merge commits. The job still
+      # runs and succeeds, keeping the required "commitlint" check green.
       - name: Check Conventional Commits (committed)
-        if: github.actor != 'dependabot[bot]'
-        run: committed "${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}"
+        if: github.event.pull_request.user.login != 'dependabot[bot]'
+        run: committed --no-merge-commit "${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}"
 
   # Phase-1 fast gate. `just check` runs `cargo check` workspace-wide
   # (no codegen, no link) — with the GHA-backed sccache wired in via