chore: merge release/0.2.0 back into dev to retrigger prepare release#35
Merged
chore: merge release/0.2.0 back into dev to retrigger prepare release#35
Conversation
- Introduced CI workflow for pull request and push events on dev, main, and release branches. - Added CodeQL analysis workflow for security scanning. - Implemented post-release workflow to sync dev with main after merges. - Created prepare-release workflow for validating and preparing release branches. - Established release workflow for finalizing, building, testing, and publishing releases. - Added scorecard and security scan workflows for ongoing security assessments. - Included a composite action to set up the CI environment with Python, uv, and optional tools. Refs: #6
Refs: #6
feat: add CI/release workflow placeholders and setup-env composite action Refs: #6
Prepare CHANGELOG.md structure for version 0.2.0. Release date TBD (set during finalization).
## Description Sync main into release 0.2.0 ## Type of Change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [x] Documentation update - [x] Refactoring (no functional changes) - [ ] Test updates ## Changes Made - Sync documentation (CHANGELOG, README, issues and PRs) - Sync CI placeholders ## Testing - [x] Tests pass locally (`npm run test:all`) ## Checklist - [ ] My code follows the project's style guidelines - [ ] I have performed a self-review of my code - [ ] I have commented my code, particularly in hard-to-understand areas - [x] I have updated the documentation accordingly (README.md, CONTRIBUTE.md, etc.) - [x] I have updated the CHANGELOG.md in the `[Unreleased]` section - [x] My changes generate no new warnings or errors - [ ] I have added tests that prove my fix is effective or that my feature works - [x] New and existing unit tests pass locally with my changes - [x] Any dependent changes have been merged and published ## Additional Notes Refs: #22
# Conflicts: # .github/actions/setup-env/action.yml # .github/workflows/ci.yml # .github/workflows/codeql.yml # .github/workflows/post-release.yml # .github/workflows/prepare-release.yml # .github/workflows/release.yml # .github/workflows/scorecard.yml # CHANGELOG.md # docs/issues/issue-10.md # docs/pull-requests/pr-16.md # docs/pull-requests/pr-20.md
## Description Sync main into release 0.2.0 ## Type of Change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [x] Documentation update - [x] Refactoring (no functional changes) - [ ] Test updates ## Changes Made - Sync documentation (CHANGELOG, README, issues and PRs) - Sync CI placeholders ## Testing - [x] Tests pass locally (`npm run test:all`) ## Checklist - [ ] My code follows the project's style guidelines - [ ] I have performed a self-review of my code - [ ] I have commented my code, particularly in hard-to-understand areas - [x] I have updated the documentation accordingly (README.md, CONTRIBUTE.md, etc.) - [x] I have updated the CHANGELOG.md in the `[Unreleased]` section - [x] My changes generate no new warnings or errors - [ ] I have added tests that prove my fix is effective or that my feature works - [x] New and existing unit tests pass locally with my changes - [x] Any dependent changes have been merged and published ## Additional Notes Refs: #22
The function signature defaulted syncSubIssues to false while action.yml defaults sync-sub-issues to true. Although the caller always passes the value explicitly (no runtime impact), the mismatch could cause incorrect behavior if the function were ever called without the argument. Refs: #26
…lure (#25) Move try/catch inside the batch loop so that: - Schema errors ("doesn't exist on type") break immediately - Transient errors warn per-batch and continue to the next - Successfully fetched relationships are preserved instead of being discarded on a later batch failure Add tests for multi-batch partial-result and schema-error-break scenarios.
## Summary - Fixes the `syncSubIssues` parameter default in `syncIssuesToMarkdown` from `false` to `true`, matching the `action.yml` `sync-sub-issues` input default - Update README with full build pipeline ## Test plan - [x] No runtime impact (caller always passes the value explicitly) - [x] `npm run prepare` rebuilds cleanly - [x] Existing tests pass (`npm test`) Refs: #26
…ailure ## Summary - Moves `try/catch` inside the batch loop in `fetchIssueRelationships` so each batch is handled independently - Schema errors (`"doesn't exist on type"`) `break` immediately (API unavailable, no point continuing) - Transient errors `warn` per-batch and `continue` to the next, preserving already-fetched relationships - Exports `GRAPHQL_BATCH_SIZE` for testability - Adds two new tests: multi-batch partial results on transient error, and schema-error break with partial results ## Test plan - [x] All 95 existing unit tests pass - [x] New partial-result tests cover both transient-error and schema-error scenarios - [x] `npm run prepare` rebuilds cleanly - [x] CI passes Refs: #25
## Summary - Clarifies the weekly CodeQL schedule comment in `.github/workflows/codeql.yml` - Makes explicit that the scheduled run re-scans with updated CodeQL rules/engines even when repository code has not changed - Removes ambiguity noted in PR #22 review discussion ## Test plan - [x] Confirm only workflow comments changed (no runtime workflow logic changes) - [x] Validate YAML remains syntactically valid - [x] Verify wording addresses reviewer question about schedule purpose Refs: #29
## Description Fix release workflow validation failure in dry-run mode by allowing the reusable integration test workflow to request required read scopes. ## Type of Change - [x] `fix` -- Bug fix - [ ] `ci` -- CI/CD pipeline changes ### Modifiers - [ ] Breaking change (`!`) -- This change breaks backward compatibility ## Changes Made - Added job-level permissions to `integration-test` in `.github/workflows/release.yml` - Granted only minimum required scopes: `contents: read`, `issues: read`, `pull-requests: read` ## Changelog Entry No changelog needed (workflow permission fix only). ## Testing - [x] Tests pass locally (`npm test`) - [x] Manual testing performed (describe below) ### Manual Testing Details - Verified workflow schema error cause against reusable workflow requested permissions. - Confirmed caller now explicitly allows required read scopes. ## Checklist - [x] My code follows the project's style guidelines - [x] I have performed a self-review of my code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have updated the documentation accordingly - [ ] I have updated `CHANGELOG.md` in the `[Unreleased]` section (and pasted the entry above) - [x] My changes generate no new warnings or errors - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes - [ ] Any dependent changes have been merged and published ## Additional Notes Scoped permissions are set only on the reusable workflow caller job to preserve least privilege. Refs: #31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
release/0.2.0back intodevto realign branches after fixing issue Release 0.2.0 failed — automatic rollback #34 (immutable release errors).prepare releaseworkflow from a clean state after the permissions/workflow fix.Test plan
dev.prepare releaseworkflow triggers after merge.Refs: #34