From 53b082fc3b08ae860b9b05b5c6e6fa4e01609068 Mon Sep 17 00:00:00 2001 From: Matthias Linhuber Date: Fri, 6 Mar 2026 11:00:49 +0100 Subject: [PATCH 1/3] Add auto-assign PR author workflow Automatically assigns the PR author as assignee when a PR is opened, reopened, or marked ready for review. Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/auto-assign.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .github/workflows/auto-assign.yml diff --git a/.github/workflows/auto-assign.yml b/.github/workflows/auto-assign.yml new file mode 100644 index 0000000..02f3c03 --- /dev/null +++ b/.github/workflows/auto-assign.yml @@ -0,0 +1,23 @@ +name: Auto Assign PR Author + +on: + pull_request: + types: [opened, reopened, ready_for_review] + +jobs: + auto-assign: + runs-on: ubuntu-latest + permissions: + pull-requests: write + steps: + - name: Auto assign PR author + uses: actions/github-script@v7 + with: + script: | + await github.rest.issues.addAssignees({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.issue.number, + assignees: [context.payload.pull_request.user.login] + }); + From 770f35cbf850913139ed3fb837dee9401618f877 Mon Sep 17 00:00:00 2001 From: Matthias Linhuber Date: Fri, 6 Mar 2026 13:37:49 +0100 Subject: [PATCH 2/3] chore: update GitHub org references from ls1intum to EduIDE Update repository and bug tracker URLs in package.json to reflect the migration of the scorpio repo to the EduIDE GitHub organization. Co-Authored-By: Claude Sonnet 4.6 --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 93c35d4..0884985 100644 --- a/package.json +++ b/package.json @@ -7,11 +7,11 @@ "Other" ], "bugs": { - "url": "https://github.com/ls1intum/scorpio/issues" + "url": "https://github.com/EduIDE/scorpio/issues" }, "repository": { "type": "git", - "url": "https://github.com/ls1intum/scorpio.git" + "url": "https://github.com/EduIDE/scorpio.git" }, "publisher": "tum-aet", "main": "./dist/extension.js", From ee22301ec875d20dfd2bbec98fd4d59781613bf5 Mon Sep 17 00:00:00 2001 From: Matthias Linhuber Date: Fri, 6 Mar 2026 13:41:42 +0100 Subject: [PATCH 3/3] fix: add explicit permissions to GitHub Actions workflows Add minimal permissions following the principle of least privilege to resolve CodeQL actions/missing-workflow-permissions alerts: - build.yml: contents: read - package.yml: contents: read - release.yml: contents: read for package job, contents: write for release job Co-Authored-By: Claude Sonnet 4.6 --- .github/workflows/build.yml | 3 +++ .github/workflows/package.yml | 3 +++ .github/workflows/release.yml | 4 ++++ 3 files changed, 10 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c5066bf..dfd6709 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,6 +2,9 @@ name: Build on: pull_request: +permissions: + contents: read + jobs: build: name: Build diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml index 507b291..8e4eb1a 100644 --- a/.github/workflows/package.yml +++ b/.github/workflows/package.yml @@ -14,6 +14,9 @@ on: branches: - main +permissions: + contents: read + jobs: package: name: Package diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 10db638..4efdbb8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,6 +8,8 @@ on: jobs: package: name: Package + permissions: + contents: read uses: ./.github/workflows/package.yml secrets: inherit with: @@ -17,6 +19,8 @@ jobs: name: Release runs-on: ubuntu-latest needs: package + permissions: + contents: write environment: prod steps: # Check out current repository