Improve the migration file template for `rails generate tanshuku:install` #733

	# https://github.com/dependabot/fetch-metadata
	name: Dependabot Auto-labeling

	on: pull_request_target

	permissions:
	pull-requests: write

	jobs:
	dependabot-autolabeling:
	timeout-minutes: 5
	runs-on: ubuntu-latest
	if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }}
	steps:
	- uses: actions/checkout@v4

	# https://github.com/ruby/setup-ruby
	- name: Setup Ruby
	uses: ruby/setup-ruby@v1
	with:
	ruby-version: "3.4"
	bundler-cache: true

	- name: Generate token
	id: generate_token
	uses: getsentry/action-github-app-token@v3
	with:
	app_id: "${{ secrets.KG8M_BOT_APP_ID }}"
	private_key: "${{ secrets.KG8M_BOT_PRIVATE_KEY }}"

	- name: Fetch Dependabot metadata
	id: dependabot-metadata
	uses: dependabot/fetch-metadata@v2

	- name: Add the "dev-dependencies" label if the updated dependency is for development
	env:
	PR_URL: ${{ github.event.pull_request.html_url }}

	# Use my GitHub app’s temporary token because the default `GITHUB_TOKEN` prevents other workflows from being
	# triggered on a pull request creation.
	# cf. https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow
	GH_TOKEN: "${{ steps.generate_token.outputs.token }}"

	run: \|
	if bundle exec ruby -r ./tools/reverse_dependencies -e "exit '${{ steps.dependabot-metadata.outputs.dependency-names }}'.split(/,\s*/).any? { \|dep\| ReverseDependencies.tanshuku_depends_on?(dep) }"; then
	echo "Updated dependencies are for production."
	else
	gh pr edit "${PR_URL}" --add-label "dev-dependencies"
	fi

Provide feedback