STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11279 commits 87 branches 0 tags 160 MiB
Commit graph

417 commits

Author SHA1 Message Date
Kynan Ware
b2348f8386
Merge pull request #11316 from cli/babakks/automate-spam-issue-detection 
Automate spam issue detection
 2025-07-21 17:49:12 -06:00
Andy Feller
aa955e1fe6
Update .github/workflows/scripts/spam-detection/generate-sys-prompt.sh 2025-07-21 15:56:11 -04:00
Andy Feller
0c105aff8a Use gh go templating for user prompt 
`gh` has Go templating support built in, so let's use it.
 2025-07-21 15:51:48 -04:00
Andy Feller
f7448c10e6 Update eval script comments 2025-07-21 15:26:35 -04:00
Andy Feller
03cc1d8311 Remove unnecessary file for heredoc 2025-07-21 15:21:01 -04:00
Andy Feller
8610d8ba8a First pass to optimize and improve 2025-07-21 15:01:22 -04:00
Andy Feller
4da24b8a0c Limit permissions of govulncheck workflow 2025-07-21 08:44:58 -04:00
Andy Feller
bd6b862b63 Incorporate govulncheck into workflows 2025-07-18 17:03:39 -04:00
Andy Feller
db24646e70 Run Lint and Tests on push to trunk branch 
This change causes the "Lint" and "Unit and Integration Tests" workflows to only run on `push` events on the default branch (`trunk`).

This should avoid running redundant set of jobs on pull requests.
 2025-07-17 15:18:31 -04:00
Andy Feller
08303d91e6
Merge pull request #11299 from cli/kw/feature-request-comment 
Add automated feature request response workflow
 2025-07-17 14:20:10 -04:00
Kynan Ware
e35a974892
Update .github/workflows/feature-request-comment.yml 2025-07-17 12:11:30 -06:00
Kynan Ware
f06c46de95 Potential fix for code scanning alert no. 169: Workflow does not contain permissions 
Co-Authored-By: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2025-07-17 11:02:20 -06:00
Babak K. Shandiz
8a235ecbef
ci: echo spam detection result 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-16 22:41:26 +01:00
Babak K. Shandiz
6a5fbdd44f
ci: add models: read permission 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-16 22:31:31 +01:00
Babak K. Shandiz
1779103a04
ci: correct sed usage to remove Markdown front matter 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-16 21:57:33 +01:00
Babak K. Shandiz
9aae4a525d
docs: fix typo in script docs 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-16 21:54:02 +01:00
Babak K. Shandiz
7996a6cdb9
ci: fix potentially confusing typo in system prompt 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-16 21:53:44 +01:00
Babak K. Shandiz
1447400c0a
ci: use issue.html_url instead of issue.url 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-16 21:46:36 +01:00
Babak K. Shandiz
e90336a331
ci: remove unused env vars 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-16 21:20:12 +01:00
Babak K. Shandiz
43e1634816
ci: add spam issue detection workflow 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-16 21:02:56 +01:00
Babak K. Shandiz
c7c68920d8
ci: add spam issue detection scripts 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-16 21:02:53 +01:00
Kynan Ware
7a691e4c44 feat(comment): add automated feature request response 2025-07-14 15:14:48 -06:00
dependabot[bot]
fe8884f351
chore(deps): bump advanced-security/filter-sarif from 1.0.0 to 1.0.1 
Bumps [advanced-security/filter-sarif](https://github.com/advanced-security/filter-sarif) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/advanced-security/filter-sarif/releases)
- [Commits](bc96d9fb93...f3b8118a93)

---
updated-dependencies:
- dependency-name: advanced-security/filter-sarif
  dependency-version: 1.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-14 17:30:21 +00:00
Kynan Ware
030bf8a68f Improve CodeQL workflow with SARIF filtering 
Adds SARIF filtering for Go analysis to exclude third-party code from results and updates the workflow to upload filtered SARIF files. This enhances the accuracy of security reports by ignoring irrelevant files.
 2025-07-11 13:39:20 -06:00
Babak K. Shandiz
b97a1a0113
ci: quote map entry value 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-10 17:00:38 +01:00
Babak K. Shandiz
ebba64f1f5
ci: automate closing stale issues 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-07-10 16:53:02 +01:00
William Martin
268b11efc9 Ensure go directive is always .0 version 
This is because go mod tidy will always add the final minor version so
we might as well handle it in the script ahead of time.
 2025-07-09 17:12:11 +02:00
William Martin
9f18c7dbe9 Add setup-go to bump-go 
Ideally, this will ensure that we have an up to date version when we run
go mod tidy.
 2025-07-06 07:04:14 +02:00
William Martin
00cb1efe83 Ensure go mod tidy is run in bump-go 
This is because go mod tidy seems to add minor version to the go mod
directive when it is missing.
 2025-07-05 13:17:00 +02:00
William Martin
e29723d0f3 Inject token into bump-go workflow 2025-07-05 12:07:53 +02:00
William Martin
12b9865a90 Ensure bump go script has git user configured 2025-07-04 14:41:22 +02:00
William Martin
c58a88a217
Merge pull request #11189 from cli/wm/automate-go-bump 
Add workflow to automate go version bumping
 2025-07-01 12:21:01 +02:00
William Martin
12aeb1fed2 Add workflow to automate go version bumping 2025-07-01 12:10:22 +02:00
Kynan Ware
8a5302ec6e Remove unused GH_TOKEN env variable from workflow 
The GH_TOKEN environment variable was set but not used in the pr-vars-dispatch step. This commit removes it for clarity and to avoid confusion.
 2025-06-30 10:55:10 -06:00
Kynan Ware
45c8c827c5
Add workflow_dispatch support to PR Help Wanted check (#11179) 
* Add workflow_dispatch support to PR Help Wanted check

This update allows the PR Help Wanted workflow to be triggered manually via workflow_dispatch with a specified PR URL. It adds logic to fetch PR details using the GitHub CLI for manual runs and unifies variable handling for both event types.

* Update workflow to use PR number instead of URL

Changed the workflow_dispatch input from 'pr_url' to 'pr_number' and updated the script to construct the PR URL from the number.

* Move help-wanted check for draft PRs into script

* Don't prefix URL with `#`

* Invert draft checking logic

Inverting this logic because anything other than "false" means we should skip it.

* Move PR draft status check to shell script

The logic for checking if a pull request is a draft has been moved from the GitHub Actions workflow YAML to the check-help-wanted.sh script. This simplifies the workflow file and centralizes the draft status check within the script.
 2025-06-30 12:51:54 -04:00
Andy Feller
728e973a20 Ensure automation uses pinned go-licenses version 2025-06-23 13:22:27 -04:00
Andy Feller
11e8a8127d Use make for license generation and checks 2025-06-20 16:53:11 -04:00
Andy Feller
98ea250ede Merge branch 'trunk' into andyfeller/9422-license-compliance 2025-06-20 16:23:00 -04:00
Kynan Ware
50e4a4ad15 Fix step order for CodeQL workflow 2025-06-17 08:41:14 -06:00
William Martin
86c251154e
Merge pull request #11121 from cli/11101-use-golangci-lint-version-2 
Bump golangci-lint to v2
 2025-06-17 11:43:14 +02:00
Andy Feller
14c2673d27 Merge branch 'trunk' into andyfeller/9422-license-compliance 2025-06-16 15:27:28 -04:00
Kynan Ware
9e161cda4e
Apply suggestion from @Copilot 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-06-16 13:20:20 -06:00
Kynan Ware
fa3402f783 Improve help wanted check skipping logic 2025-06-16 13:11:37 -06:00
William Martin
8e5ed00ad7
Merge pull request #11133 from cli/wm/execute-gh 
Ensure gh executes in workflow check script
 2025-06-16 21:02:50 +02:00
William Martin
31b3dc1ba6 Ensure gh executes in workflow check script 2025-06-16 20:46:24 +02:00
Kynan Ware
2609b4e283
Merge branch 'trunk' into kw/fix-file-not-found-in-help-wanted-workflow-2 2025-06-16 11:59:31 -06:00
Kynan Ware
7d1b5d2ce0 Fix repo checkout in help-wanted check 2025-06-16 11:47:48 -06:00
Andy Feller
8532997a4b
Merge pull request #11127 from cli/andyfeller/11126-ghas-ignore-3rd-party-source 
Exclude 3rd party license compliance content from GHAS scanning
 2025-06-16 13:45:42 -04:00
Andy Feller
c7b1afd293 Fixes #11126 
These changes will cause GitHub Advanced Security to ignore the auto-generated content around 3rd party dependencies used by `cli/cli` from static code analysis and secret scanning.

For more information:

- https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning
- https://docs.github.com/en/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/excluding-folders-and-files-from-secret-scanning
 2025-06-16 13:36:37 -04:00
Andy Feller
f652fd76dc
Merge pull request #11125 from cli/kw/fix-file-not-found-in-help-wanted-workflow 
Fix script path for help-wanted check
 2025-06-16 13:14:18 -04:00