feat: add issue automation workflow and script

[roshankumar0036singh]

Pull Requests Review Criteria

Caution

PRs that fail to meet these review standards will be automatically flagged and may be rejected by maintainers.

• Filled out this PR template properly
• Did not commit directly to main
• Limited commits (max 3–4 unless permitted by Admin/Mentors)
• Added comments in complex parts of code

Closes:
closes #1072

Describe the add-ons or changes you've made 📃

I have implemented a comprehensive GitHub Issue Automation system to streamline contribution management.

Key Features:

1. Auto-Assignment: Automatically assigns issues to creators if they select "Yes" in the issue form.
2. /assign Command: Allows contributors to claim issues by commenting /assign.
3. Deadline Enforcement: A daily schedule checks assigned issues and manages timeouts based on priority:
   • High: 3 days
   • Medium: 6 days
   • Low: 8 days
   • Includes warning messages 24h before timeout.
4. Assignment Limits: Prevents users from hoarding more than 2 issues at a time.

Files Added:

• .github/workflows/issue-automation.yml: Defines triggers (issues, comments, schedule).
• .github/scripts/issue-automation.js: Contains the logic for assignment and deadline checks.

Screenshots 📷

The logic has been verified using a local test harness to mock GitHub events. The workflow requires issues: write permissions which have been added.

[vercel]

@roshankumar0036singh is attempting to deploy a commit to the avdheshvarshney's projects Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions]

Thank you for submitting your pull request! We'll review it as soon as possible. For further communication, join our discord server https://discord.gg/tSqtvHUJzE.

[roshankumar0036singh]

@Avdhesh-Varshney plz review it i couldnt test the functionality so just tested it locally by creating test file and mimicing the github triggers

[Avdhesh-Varshney]

Great work. Need to check whether we can process the github project using this workflow. https://github.com/orgs/Code-A2Z/projects/1

[Avdhesh-Varshney]

Check able to check the priority from OS - TASK TRACKER (view) project?

And also check is it possible to set start date and end date of the issue, according to How much time should be allocated to this issue? question in issue template.

Feel free to modify the issue template to update setup this workflow.

[roshankumar0036singh]

@Avdhesh-Varshney check now i have tried to use the os tracker but we need to test it one time as i cant test it locally

[Avdhesh-Varshney]

@roshankumar0036singh Your earlier contribution was awesome. Please keep the same consistency.
I've reviewed these updated changes. These all are written using AI and you have not gone through github project tracker at once.

Focus on quality contribution not on quantity. Please atleast read & review your code on your own first.
Later, I'll review and test the workflow.

[roshankumar0036singh]

@Avdhesh-Varshney i worked on it but currently it is using the github token which normally cant wrtie to the organisation level project we might need to use pat

[Avdhesh-Varshney]

@roshankumar0036singh pat? - personal token?

If personal token, do you say We need to write it hard-coded in workflow? or need to setup in settings?

[roshankumar0036singh]

@Avdhesh-Varshney need to setup as a New repository secret in settings and whatever name you used for it give me that name

[roshankumar0036singh]

token is encrypted in GitHub's secret storage ,It's never visible in logs or code

[Avdhesh-Varshney]

CODE_A2Z_ORG_FINE_GRAINED_PAT_FOR_ASSIGN_WORKFLOW

[roshankumar0036singh]

@Avdhesh-Varshney need this scopes for pat project , read and write and did you added it as a Repository Secret

[Avdhesh-Varshney]

Addedas repository secret.
But wait confirming with project read and write permissions

[roshankumar0036singh]

@Avdhesh-Varshney check now there was slight issue this code formating issue if from earlier commit made to the code-a2z repo not by my commit

[Avdhesh-Varshney]

@roshankumar0036singh Yes that was due to some earlier commits.
Leave that workflow check for this PR.

[Avdhesh-Varshney]

@roshankumar0036singh I'll review and merge the PR by tomorrow night.

[roshankumar0036singh]

@Avdhesh-Varshney what do you think does it need changes

[Copilot]

Pull request overview

This PR implements a comprehensive GitHub Issue Automation system to streamline contribution management by handling automatic issue assignment, enforcing deadlines, and integrating with GitHub Projects. The implementation addresses the requirements specified in issue #1072 for automated assignment workflows.

Changes:

• Added .github/workflows/issue-automation.yml workflow that triggers on issue events, comments, and daily schedule to manage issue assignments
• Added .github/scripts/issue-automation.js script containing the core automation logic for auto-assignment, /assign command handling, deadline enforcement with warnings, and assignment limit validation
• Implemented integration with GitHub Projects V2 to sync issue status changes

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 19 comments.

File	Description
.github/workflows/issue-automation.yml	Defines the workflow triggers (issue events, comments, daily cron), permissions, and executes the automation script with proper PAT authentication for project operations
.github/scripts/issue-automation.js	Contains the complete automation logic including helper functions for assignment/unassignment, deadline calculation with priority-based timelines (3/6/8 days), warning notifications, and project synchronization

[Copilot]

The assignment limit check may include issues from the current issue being processed. When a user creates an issue and selects "Yes" to work on it, the check counts existing assigned issues but doesn't account for the fact that this assignment is about to happen.

If a user already has exactly 2 issues assigned and creates a new issue wanting to work on it, they should be allowed (since the new issue hasn't been assigned yet). However, the current logic correctly handles this by checking >= MAX_ASSIGNED_ISSUES which means they need 2 or more already assigned before being blocked.

This is actually correct as-is, but consider adding a comment to clarify this behavior for future maintainers.

Suggested change

	});
	});
	// NOTE: This counts only issues that are already assigned to the user.
	// The "current" issue being processed is not yet assigned when this
	// function is called, so using ">=" here correctly enforces the
	// MAX_ASSIGNED_ISSUES limit without double-counting the current issue.

[Copilot]

The PAT validation step only warns but doesn't fail the workflow, which could lead to confusing failures later. If the PAT is required for project syncing but not available, the workflow will continue and fail during the script execution with potentially unclear error messages.

Consider either:

1. Making this a hard failure if project syncing is critical
2. Passing a flag to the script to skip project syncing when the PAT is unavailable
3. Adding more graceful degradation in the script when project operations fail

The current approach may work but could be improved for better user experience.

Suggested change

	echo "::warning::CODE_A2Z_ORG_FINE_GRAINED_PAT_FOR_ASSIGN_WORKFLOW secret not configured"
	echo "::warning::Project sync will fail. Please add the secret in repository settings."
	echo "::error::CODE_A2Z_ORG_FINE_GRAINED_PAT_FOR_ASSIGN_WORKFLOW secret not configured."
	echo "::error::Project sync requires this secret. Please add it in the repository settings and re-run the workflow."
	exit 1

[Copilot]

Potential performance issue: fetching all events for every assigned issue during scheduled runs. For issues with many events (comments, label changes, etc.), this could become slow and hit rate limits.

Consider optimizing by:

1. Using the since parameter to only fetch recent events
2. Caching assignment dates in issue labels or project fields
3. Implementing pagination limits to prevent excessive API calls

This is especially important as the project grows and accumulates more issues.

Suggested change

	const events = await github.paginate(github.rest.issues.listEvents, {
	owner,
	repo,
	issue_number: issue.number
	// Limit fetched events to a recent window to avoid scanning full history
	const sinceDate = new Date(now);
	sinceDate.setDate(sinceDate.getDate() - (PRIORITY_DEADLINES.LOW + 1));
	const events = await github.paginate(github.rest.issues.listEvents, {
	owner,
	repo,
	issue_number: issue.number,
	per_page: 50,
	since: sinceDate.toISOString()

[Copilot]

Potential API rate limit issue: when fetching issues from the fallback repo search, each issue requires an additional API call to get full details including node_id. For repositories with many assigned issues, this could quickly consume the GitHub API rate limit (5000 requests/hour for authenticated requests).

Consider batching these requests or exploring alternative approaches such as:

1. Using GraphQL to fetch all required fields in a single query
2. Implementing retry logic with exponential backoff
3. Adding rate limit monitoring and warnings

Suggested change

	// Fetch full issue details to get node_id
	issues = await Promise.all(searchResults.map(async (issue) => {
	const fullIssue = await github.rest.issues.get({
	owner,
	repo,
	issue_number: issue.number
	});
	return fullIssue.data;
	}));
	// Use search results directly to avoid per-issue API calls
	issues = searchResults;

[Copilot]

The regex pattern for detecting "Would you like to work on this issue?" may be fragile. It requires a specific format with ### followed by line breaks and "Yes". If the issue template formatting changes, or if users manually edit the issue body, this could break.

Consider making the pattern more flexible:

1. Allow for varying amounts of whitespace and line breaks
2. Consider case-insensitive matching for "yes" (already done with the i flag)
3. Match the pattern anywhere in the body rather than requiring exact formatting
4. Add logging when the pattern doesn't match to help with debugging

Example: /Would you like to work on this issue\?[\s\S]*?Yes/i would be more lenient while still accurate.

Suggested change

	const wantsToWork = /### Would you like to work on this issue\?\s*[\r\n]+\s*Yes/i.test(body);
	const wantsToWorkPattern = /Would you like to work on this issue\?[\s\S]*?\bYes\b/i;
	const wantsToWork = wantsToWorkPattern.test(body);
	if (!wantsToWork) {
	console.log(
	`Issue #${issue.number}: "Would you like to work on this issue?" pattern not detected in body.`
	);
	}

[Copilot]

Missing label management according to the requirements. When an issue is assigned via the /assign command, the workflow should:

1. Remove the up-for-grabs label (if present)
2. Add the Status: Assigned label

This ensures proper issue status tracking and helps contributors identify available issues. Consider adding label update operations after the assignment and before syncing to the project.

[Copilot]

The warning detection logic may not be robust enough. It checks for bot comments containing both the assignee mention and "deadline is approaching", but this could fail if:

1. The warning message format changes slightly in future updates
2. Multiple workflow runs create slightly different messages
3. The bot comment gets edited

Consider storing warning state more reliably, such as:

1. Adding a label like "deadline-warning-sent" when a warning is sent
2. Checking for comments created by this specific workflow within the last 24-48 hours
3. Using a more flexible pattern match that accounts for message variations

[Copilot]

Potential issue: the search query and GraphQL fetch may inadvertently include pull requests. GitHub's search API and issue events can return both issues and pull requests. While the current code filters for is:issue, the GraphQL query in the project fetch uses ... on Issue which is correct, but the fallback search could still have edge cases.

Consider adding explicit filtering to ensure pull requests are excluded from deadline enforcement, such as checking issue.pull_request field and skipping if it exists. This prevents accidentally unassigning contributors who have submitted PRs.

[Copilot]

The warning time calculation has a potential issue. Using setHours() to subtract 24 hours might cause unexpected behavior around daylight saving time changes or when the deadline happens to be at midnight.

For example, if the deadline is at 00:00:00 and you subtract 24 hours using setHours(-24), this might not work as expected. Consider using setTime() with milliseconds instead:

warningDate.setTime(deadline.getTime() - (WARNING_HOURS_BEFORE_DEADLINE * 60 * 60 * 1000));

This ensures accurate time arithmetic regardless of DST or hour-of-day edge cases.

Suggested change

	warningDate.setHours(deadline.getHours() - WARNING_HOURS_BEFORE_DEADLINE);
	warningDate.setTime(deadline.getTime() - WARNING_HOURS_BEFORE_DEADLINE * 60 * 60 * 1000);

[Avdhesh-Varshney]

@roshankumar0036singh If you are online, Please do a small change to not rely on issue labels. Remove everything related to issue labels.

And in this copilot review, if you found anything useful, Please do.

By the time of merging this PR, You can pick any other task 👍