Build: Don't run CI push workflows for dependabot branches

Without this change, dependabot PRs run double checks - one set for the `push`
part and one for the `pull_request` part.

Closes gh-5353

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index e0680cf2c8a2a5570a68fe929cd275a2901ff9df..d2cb93885d35cd7a53412ae131bd54216297e845 100644 (file)
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -1,8 +1,9 @@
 name: "Code scanning - action"
 
 on:
-  push:
   pull_request:
+  push:
+    branches-ignore: "dependabot/**"
   schedule:
     - cron: '0 4 * * 6'
 
@@ -30,7 +31,7 @@ jobs:
     # the head of the pull request instead of the merge commit.
     - run: git checkout HEAD^2
       if: ${{ github.event_name == 'pull_request' }}
-      
+
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.21.5

diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml
index 241cd36bbdfd60f426079db92f1d1e1a49662889..eb88597cb5b151858a603abc7df06b3ca0711928 100644 (file)
--- a/.github/workflows/node.js.yml
+++ b/.github/workflows/node.js.yml
@@ -1,6 +1,9 @@
 name: CI
 
-on: [push, pull_request]
+on:
+  pull_request:
+  push:
+    branches-ignore: "dependabot/**"
 
 permissions:
   contents: read # to fetch code (actions/checkout)