From f8fdd6941d1db89d9793ee27f7210abef2a37b00 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 25 Mar 2026 08:46:01 +0000
Subject: [PATCH 1/2] build(deps-dev): update uv-build requirement

Updates the requirements on [uv-build](https://github.com/astral-sh/uv) to permit the latest version.
- [Release notes](https://github.com/astral-sh/uv/releases)
- [Changelog](https://github.com/astral-sh/uv/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/uv/compare/0.10.4...0.11.1)

---
updated-dependencies:
- dependency-name: uv-build
  dependency-version: 0.11.1
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index b1c911b..a1be970 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -51,5 +51,5 @@ dev = ["pytest>=8.0", "pytest-asyncio>=0.24", "ruff>=0.9"]
 module-name = "dataforge"
 
 [build-system]
-requires = ["uv_build>=0.10.4,<0.11.0"]
+requires = ["uv_build>=0.10.4,<0.12.0"]
 build-backend = "uv_build"

From 1c7357942a7b1d86dbd493d1d1489d4cd0e241fc Mon Sep 17 00:00:00 2001
From: Ivan Rener <renerivan@outlook.com>
Date: Wed, 1 Apr 2026 23:56:54 +0200
Subject: [PATCH 2/2] fix: use PR author instead of actor to skip Dependabot
 commitlint

github.actor reflects the last pusher, not the PR author. When a
human rebases a Dependabot branch, actor changes and the skip
no longer matches. Use github.event.pull_request.user.login
which always returns the PR author regardless of who pushed.
---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index f2a53b3..114b4ea 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -14,7 +14,7 @@ jobs:
   commitlint:
     name: Commit lint
     runs-on: ubuntu-latest
-    if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
+    if: github.event_name == 'pull_request' && github.event.pull_request.user.login != 'dependabot[bot]'
     permissions:
       contents: read
       pull-requests: read