A complete guide to use dependabot with semantic-release and @vercel/ncc for GitHub Actions

npm add -D semantic-release @semantic-release/exec @semantic-release/git

"scripts": {
    "package": "ncc build --source-map"
  }

"release": {
    "branches": "main",
    "plugins": [
      "@semantic-release/commit-analyzer",
      "@semantic-release/release-notes-generator",
      "@semantic-release/npm",
      "@semantic-release/github",
      ["@semantic-release/exec", {
        "prepare": "npm run package"
      }],
      [
        "@semantic-release/git",
        {
          "assets": [
            "dist",
            "package.json",
            "package-lock.json"
          ],
          "message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
        }
      ]
    ]
  }

version: 2
updates:
  - package-ecosystem: npm
    directory: "/"
    schedule:
      interval: daily
    commit-message:
      prefix: fix
      prefix-development: chore
      include: scope

minApprovals:
  NONE: 0
requiredLabels:
  - dependencies
updateBranch: true
mergeMethod: rebase

error: GH006: Protected branch update failed for refs/heads/main.
error: 2 of 2 required status checks are expected.

- uses: actions/checkout@v2
        with:
          # Make sure the release step uses its own credentials.
          persist-credentials: false
      - run: |
          npm ci
          npm run all
      - name: Run semantic-release
        # This process will run `ncc`, commit files, push a Git commit, and release to GitHub and npmjs.
        run: |
          npx semantic-release
        env:
          GITHUB_TOKEN: ${{ secrets.PAT_TO_PUSH }}
          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}