From 56f0c9de44f88a622cf9a5897dff088fae4776cc Mon Sep 17 00:00:00 2001
From: dacrab <dacrab@users.noreply.github.com>
Date: Sun, 17 May 2026 17:52:32 +0300
Subject: [PATCH] =?UTF-8?q?chore(ci):=20ultra-simplify=20=E2=80=94=20inlin?=
 =?UTF-8?q?e=20ci.yml,=20drop=20sync-lockfile?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Self-contained ci.yml replacing the dacrab/.github-workflows@v1
caller. Two jobs (ci + auto-merge), all action SHAs pinned, ~35-45
lines total.

Drops sync-lockfile.yml — Dependabot's native bun ecosystem support
already updates bun.lock alongside package.json in every PR.
---
 .github/workflows/ci.yml            | 36 +++++++++++++++++++----------
 .github/workflows/sync-lockfile.yml | 18 ---------------
 2 files changed, 24 insertions(+), 30 deletions(-)
 delete mode 100644 .github/workflows/sync-lockfile.yml

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index aaa0765..941a2bf 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -6,8 +6,7 @@ on:
   pull_request:
 
 concurrency:
-  group: >-
-    ${{ github.workflow }}-${{ github.event.pull_request.user.login == 'dependabot[bot]' && 'dependabot-queue' || github.ref }}
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 permissions:
@@ -15,18 +14,31 @@ permissions:
 
 jobs:
   ci:
-    uses: dacrab/.github-workflows/.github/workflows/bun-ci.yml@v1
-    with:
-      node-version: '22'
-      check-cmd: 'bun run ci'
-      test-cmd: ''
-      build-cmd: 'bun run build'
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
+        with:
+          persist-credentials: false
+      - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
+        with:
+          node-version: '22'
+      - uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2
+      - run: bun install --frozen-lockfile
+      - name: Check
+        run: bun run ci
+      - name: Build
+        run: bun run build
 
   auto-merge:
     needs: ci
+    if: github.event.pull_request.user.login == 'dependabot[bot]'
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
     permissions:
-      pull-requests: write
       contents: write
-    uses: dacrab/.github-workflows/.github/workflows/dependabot-auto-merge.yml@v1
-    with:
-      target: minor
+      pull-requests: write
+    steps:
+      - uses: fastify/github-action-merge-dependabot@59fc8817458fac20df8884576cfe69dbb77c9a07 # v3
+        with:
+          target: minor
diff --git a/.github/workflows/sync-lockfile.yml b/.github/workflows/sync-lockfile.yml
deleted file mode 100644
index a54a65a..0000000
--- a/.github/workflows/sync-lockfile.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-name: Sync Lockfile
-
-on:
-  pull_request:
-    paths: [package.json]
-
-permissions:
-  contents: read
-
-jobs:
-  sync:
-    permissions:
-      contents: write
-    uses: dacrab/.github-workflows/.github/workflows/bun-sync-lockfile.yml@v1
-    with:
-      app-client-id: ${{ vars.BOT_APP_CLIENT_ID }}
-    secrets:
-      app_private_key: ${{ secrets.BOT_APP_PRIVATE_KEY }}