将 Dependabot PR 链接发送到 Slack 的工作流程只能手动工作

我做了一个非常基本的工作流程，每当 Dependabot 创建新的漏洞/依赖项更新 PR 时，应该发布一条带有 PR 链接的消息（然后在合并 PR 时更新原始消息）。此操作可以手动触发（尽管没有链接，因为它不是自动生成的），但由于某种原因，当 Dependabot does 创建新 PR 时，它不会将任何内容发布到 Slack 频道。

name: Dependabot PR Notification to Slack

on:
  pull_request:
    types:
    - opened
    branches:
    - 'dependabot/**'
  pull_request_target:
    branches:
      - 'dependabot/**'
  workflow_dispatch:

jobs:
  Slack-PR-Notification:
    name: Slack PR Notification
    runs-on: ubuntu-latest
    steps:
    - name: Slack Notification
      uses: slackapi/[email protected]
      id: slack
      with:
        payload: |
          {
            "text": "New ${{ github.repository}} Dependabot PR Available for Review: ${{ github.event.pull_request.html_url}}"
          }
      env:
        SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
        SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
    - uses: slackapi/[email protected]
      if: ${{ github.event.pull_request.merged }}
      with:
        update-ts: ${{ steps.slack.outputs.ts }}
        payload: |
          {
            "text": "PR has been merged. Thank you!",
            "attachments": [
              {
                "pretext": "Merge complete",
                "color": "28a745",
                "fields": [
                  {
                    "title": "Status",
                    "short": true,
                    "value": "Completed"
                  }
                ]
              }
            ]
          }
      env:
        SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
        SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK

我尝试了一些方法，包括

 if: ${{ github.actor == 'dependabot[bot]' }}

，但许多 Stack Overflow 帖子和其他文档/文章要么使用过时/旧的操作包，要么没有完成我想要做的事情。

https://github.com/ORG/REPO/settings/secrets/dependabot

https://github.com/organizations/ORG/settings/secrets/dependabot

SLACK_WEBHOOK_URL