diff --git a/.github/linters/.jscpd.json b/.github/linters/.jscpd.json index 225b930..b67b860 100644 --- a/.github/linters/.jscpd.json +++ b/.github/linters/.jscpd.json @@ -1,7 +1,5 @@ { "threshold": 25, - "ignore": [ - "test*" - ], + "ignore": ["test*"], "absolute": true -} \ No newline at end of file +} diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index e708456..5044773 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,5 +1,6 @@ # Pull Request - ## Proposed Changes + ## Readiness Checklist diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index 782cddd..784eb7d 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -1,6 +1,6 @@ --- -name-template: 'v$RESOLVED_VERSION' -tag-template: 'v$RESOLVED_VERSION' +name-template: "v$RESOLVED_VERSION" +tag-template: "v$RESOLVED_VERSION" template: | # Changelog $CHANGES @@ -8,61 +8,61 @@ template: | See details of [all code changes](https://github.com/github/automatic-contrib-prs/compare/$PREVIOUS_TAG...v$RESOLVED_VERSION) since previous release categories: - - title: '🚀 Features' + - title: "🚀 Features" labels: - - 'feature' - - 'enhancement' - - title: '🐛 Bug Fixes' + - "feature" + - "enhancement" + - title: "🐛 Bug Fixes" labels: - - 'fix' - - 'bugfix' - - 'bug' - - title: '🧰 Maintenance' + - "fix" + - "bugfix" + - "bug" + - title: "🧰 Maintenance" labels: - - 'infrastructure' - - 'automation' - - 'documentation' - - 'dependencies' - - 'maintenance' - - 'revert' - - title: '🏎 Performance' - label: 'performance' -change-template: '- $TITLE @$AUTHOR (#$NUMBER)' + - "infrastructure" + - "automation" + - "documentation" + - "dependencies" + - "maintenance" + - "revert" + - title: "🏎 Performance" + label: "performance" +change-template: "- $TITLE @$AUTHOR (#$NUMBER)" version-resolver: major: labels: - - 'breaking' + - "breaking" minor: labels: - - 'enhancement' - - 'fix' + - "enhancement" + - "fix" patch: labels: - - 'documentation' - - 'maintenance' + - "documentation" + - "maintenance" default: patch autolabeler: - - label: 'automation' + - label: "automation" title: - - '/^(build|ci|perf|refactor|test).*/i' - - label: 'enhancement' + - "/^(build|ci|perf|refactor|test).*/i" + - label: "enhancement" title: - - '/^(style).*/i' - - label: 'documentation' + - "/^(style).*/i" + - label: "documentation" title: - - '/^(docs).*/i' - - label: 'feature' + - "/^(docs).*/i" + - label: "feature" title: - - '/^(feat).*/i' - - label: 'fix' + - "/^(feat).*/i" + - label: "fix" title: - - '/^(fix).*/i' - - label: 'infrastructure' + - "/^(fix).*/i" + - label: "infrastructure" title: - - '/^(infrastructure).*/i' - - label: 'maintenance' + - "/^(infrastructure).*/i" + - label: "maintenance" title: - - '/^(chore|maintenance).*/i' - - label: 'revert' + - "/^(chore|maintenance).*/i" + - label: "revert" title: - - '/^(revert).*/i' + - "/^(revert).*/i" diff --git a/.github/workflows/auto-labeler.yml b/.github/workflows/auto-labeler.yml index 7ee1928..9fe305e 100644 --- a/.github/workflows/auto-labeler.yml +++ b/.github/workflows/auto-labeler.yml @@ -4,7 +4,7 @@ name: Auto Labeler on: # pull_request_target event is required for autolabeler to support all PRs including forks pull_request_target: - types: [ opened, reopened, edited, synchronize ] + types: [opened, reopened, edited, synchronize] permissions: contents: read diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 91a6fbe..defd9ff 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -3,9 +3,9 @@ name: Docker Image CI on: push: - branches: [ main ] + branches: [main] pull_request: - branches: [ main ] + branches: [main] permissions: contents: read diff --git a/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml index 1a6f357..7fb238c 100644 --- a/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -4,7 +4,7 @@ name: "Lint PR Title" on: pull_request_target: - types: [ opened, edited, edited, synchronize ] + types: [opened, edited, edited, synchronize] permissions: contents: read diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml index df53aa7..200fcf3 100644 --- a/.github/workflows/python-ci.yml +++ b/.github/workflows/python-ci.yml @@ -3,9 +3,9 @@ name: Python package on: push: - branches: [ main ] + branches: [main] pull_request: - branches: [ main ] + branches: [main] permissions: contents: read @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: ['3.10', '3.11', '3.12'] + python-version: ["3.10", "3.11", "3.12"] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c5bbe11..3d1efc9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,8 +4,8 @@ name: Release on: workflow_dispatch: pull_request_target: - types: [ closed ] - branches: [ main ] + types: [closed] + branches: [main] permissions: contents: read diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 219cb62..281794e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -9,9 +9,9 @@ on: # To guarantee Maintained check is occasionally updated. See # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained schedule: - - cron: '29 11 * * 6' + - cron: "29 11 * * 6" push: - branches: [ main ] + branches: [main] permissions: read-all diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 54800bd..5fc6090 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -1,7 +1,7 @@ -name: 'Close stale issues' +name: "Close stale issues" on: schedule: - - cron: '30 1 * * *' + - cron: "30 1 * * *" permissions: contents: read jobs: @@ -13,8 +13,8 @@ jobs: steps: - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9 with: - stale-issue-message: 'This issue is stale because it has been open 21 days with no activity. Remove stale label or comment or this will be closed in 14 days.' - close-issue-message: 'This issue was closed because it has been stalled for 35 days with no activity.' + stale-issue-message: "This issue is stale because it has been open 21 days with no activity. Remove stale label or comment or this will be closed in 14 days." + close-issue-message: "This issue was closed because it has been stalled for 35 days with no activity." days-before-stale: 21 days-before-close: 14 days-before-pr-close: -1 diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml index 7cbc47d..de4402a 100644 --- a/.github/workflows/super-linter.yml +++ b/.github/workflows/super-linter.yml @@ -3,7 +3,7 @@ name: Lint Code Base on: pull_request: - branches: [ main ] + branches: [main] permissions: contents: read diff --git a/.vscode/launch.json b/.vscode/launch.json index 504ff51..f76feb6 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -1,12 +1,12 @@ { - "version": "0.2.0", - "configurations": [ - { - "name": "Python: Current File", - "type": "python", - "request": "launch", - "program": "${file}", - "console": "integratedTerminal" - } - ] + "version": "0.2.0", + "configurations": [ + { + "name": "Python: Current File", + "type": "python", + "request": "launch", + "program": "${file}", + "console": "integratedTerminal" + } + ] } diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 32b2d68..a678f97 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,5 +1,7 @@ # Contributor Covenant Code of Conduct + + ## Our Pledge We as members, contributors, and leaders pledge to make participation in our @@ -17,23 +19,23 @@ diverse, inclusive, and healthy community. Examples of behavior that contributes to a positive environment for our community include: -* Demonstrating empathy and kindness toward other people -* Being respectful of differing opinions, viewpoints, and experiences -* Giving and gracefully accepting constructive feedback -* Accepting responsibility and apologizing to those affected by our mistakes, +- Demonstrating empathy and kindness toward other people +- Being respectful of differing opinions, viewpoints, and experiences +- Giving and gracefully accepting constructive feedback +- Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience -* Focusing on what is best not just for us as individuals, but for the +- Focusing on what is best not just for us as individuals, but for the overall community Examples of unacceptable behavior include: -* The use of sexualized language or imagery, and sexual attention or +- The use of sexualized language or imagery, and sexual attention or advances of any kind -* Trolling, insulting or derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or email +- Trolling, insulting or derogatory comments, and personal or political attacks +- Public or private harassment +- Publishing others' private information, such as a physical or email address, without their explicit permission -* Other conduct which could reasonably be considered inappropriate in a +- Other conduct which could reasonably be considered inappropriate in a professional setting ## Enforcement Responsibilities @@ -106,7 +108,7 @@ Violating these terms may lead to a permanent ban. ### 4. Permanent Ban **Community Impact**: Demonstrating a pattern of violation of community -standards, including sustained inappropriate behavior, harassment of an +standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals. **Consequence**: A permanent ban from any sort of public interaction within @@ -126,4 +128,5 @@ enforcement ladder](https://github.com/mozilla/diversity). For answers to common questions about this code of conduct, see the FAQ at [https://www.contributor-covenant.org/faq](https://www.contributor-covenant.org/faq). Translations are available at [https://www.contributor-covenant.org/translations](https://www.contributor-covenant.org/translations). + diff --git a/CONTRIBUTING-template.md b/CONTRIBUTING-template.md index 45ef072..bb894c9 100644 --- a/CONTRIBUTING-template.md +++ b/CONTRIBUTING-template.md @@ -1,5 +1,6 @@ + # Contributing to Project-Name First off, thanks for taking the time to contribute! :heart: @@ -7,6 +8,7 @@ First off, thanks for taking the time to contribute! :heart: All types of contributions are encouraged and valued. See the [Table of Contents](#table-of-contents) for different ways to help and details about how this project handles them. Please make sure to read the relevant section before making your contribution. It will make it a lot easier for us project owners and smooth out the experience for all involved. The team looks forward to your contributions. :tada: + ## Table of Contents - [I Have a Question](#i-have-a-question) @@ -35,6 +37,7 @@ We will then take care of the issue as soon as possible. ## Reporting Bugs + ### Before Submitting a Bug Report A good bug report shouldn't leave others needing to chase you up for more information. Therefore, we ask you to investigate carefully, collect information and describe the issue in detail in your report. Please complete the following steps in advance to help us fix any potential bug as fast as possible. @@ -50,13 +53,14 @@ A good bug report shouldn't leave others needing to chase you up for more inform - Can you reliably reproduce the issue? And can you also reproduce it with older versions? + ### How Do I Submit a Good Bug Report? We use GitHub issues to track bugs and errors. If you run into an issue with the project: - Open an [Issue](https://github.com/github/Project-Name/issues/new). (Since we can't be sure at this point whether it is a bug or not, we ask you not to talk about a bug yet and not to label the issue.) - Explain the behavior you would expect and the actual behavior. -- Please provide as much context as possible and describe the *reproduction steps* that someone else can follow to recreate the issue on their own. This usually includes your code. For good bug reports you should isolate the problem and create a reduced test case. +- Please provide as much context as possible and describe the _reproduction steps_ that someone else can follow to recreate the issue on their own. This usually includes your code. For good bug reports you should isolate the problem and create a reduced test case. - Provide the information you collected in the previous section. Once it's filed: @@ -70,6 +74,7 @@ Once it's filed: This section guides you through submitting an enhancement suggestion for Project-Name, **including completely new features and minor improvements to existing functionality**. Following these guidelines will help maintainers and the community to understand your suggestion and find related suggestions. + ### Before Submitting an Enhancement - Make sure that you are using the latest version. @@ -78,6 +83,7 @@ This section guides you through submitting an enhancement suggestion for Project - Find out whether your idea fits with the scope and aims of the project. It's up to you to make a strong case to convince the project's developers of the merits of this feature or to develop the feature yourself and contribute it to the project. + ### How Do I Submit a Good Enhancement Suggestion? Enhancement suggestions are tracked as [GitHub issues](https://github.com/github/Project-Name/issues). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index ee7c9d9..1d40f8b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,5 +1,6 @@ + # Contributing to automatic-contrib-prs First off, thanks for taking the time to contribute! :heart: @@ -7,6 +8,7 @@ First off, thanks for taking the time to contribute! :heart: All types of contributions are encouraged and valued. See the [Table of Contents](#table-of-contents) for different ways to help and details about how this project handles them. Please make sure to read the relevant section before making your contribution. It will make it a lot easier for us project owners and smooth out the experience for all involved. The team looks forward to your contributions. :tada: + ## Table of Contents - [I Have a Question](#i-have-a-question) @@ -36,6 +38,7 @@ We will then take care of the issue as soon as possible. ## Reporting Bugs + ### Before Submitting a Bug Report A good bug report shouldn't leave others needing to chase you up for more information. Therefore, we ask you to investigate carefully, collect information and describe the issue in detail in your report. Please complete the following steps in advance to help us fix any potential bug as fast as possible. @@ -51,6 +54,7 @@ A good bug report shouldn't leave others needing to chase you up for more inform - Can you reliably reproduce the issue? And can you also reproduce it with older versions? + ### How Do I Submit a Good Bug Report? Please submit a bug report using our [GitHub Issues template](https://github.com/github/automatic-contrib-prs/issues/new?template=bug_report.yml). @@ -60,6 +64,7 @@ Please submit a bug report using our [GitHub Issues template](https://github.com This section guides you through submitting an enhancement suggestion for automatic-contrib-prs, **including completely new features and minor improvements to existing functionality**. Following these guidelines will help maintainers and the community to understand your suggestion and find related suggestions. + ### Before Submitting an Enhancement - Make sure that you are using the latest version. @@ -68,6 +73,7 @@ This section guides you through submitting an enhancement suggestion for automat - Find out whether your idea fits with the scope and aims of the project. It's up to you to make a strong case to convince the project's developers of the merits of this feature or to develop the feature yourself and contribute it to the project. + ### How Do I Submit a Good Enhancement Suggestion? Please submit an enhancement suggestion using our [GitHub Issues template](https://github.com/github/automatic-contrib-prs/issues/new?template=feature_request.yml). @@ -80,4 +86,4 @@ We are using [Conventional Commits](https://www.conventionalcommits.org/en/v1.0. Releases are automated if a pull request is labelled with our [SemVer related labels](.github/release-drafter.yml) or with the `vuln` or `release` labels. -You can also manually initiate a release you can do so through the GitHub Actions UI. If you have permissions to do so, you can navigate to the [Actions tab](https://github.com/github/automatic-contrib-prs/actions/workflows/release.yml) and select the `Run workflow` button. This will allow you to select the branch to release from and the version to release. +You can also manually initiate a release you can do so through the GitHub Actions UI. If you have permissions to do so, you can navigate to the [Actions tab](https://github.com/github/automatic-contrib-prs/actions/workflows/release.yml) and select the `Run workflow` button. This will allow you to select the branch to release from and the version to release. diff --git a/README.md b/README.md index 8fbd457..b33f80d 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,7 @@ It is desirable, for example, for all Open Source and InnerSource projects to ha 1. Create a repository to host this GitHub Action or select an existing repository. 1. Create the env values from the sample workflow below (GH_TOKEN, GH_ACTOR, PR_TITLE, PR_BODY, and ORGANIZATION) with your information as repository secrets. More info on creating secrets can be found [here](https://docs.github.com/en/actions/security-guides/encrypted-secrets). -Note: Your GitHub token will need to have read/write access to all the repositories in the `repos.json` file. + Note: Your GitHub token will need to have read/write access to all the repositories in the `repos.json` file. 1. Copy the below example workflow to your repository and put it in the `.github/workflows/` directory with the file extension `.yml` (ie. `.github/workflows/auto-contrib-file.yml`) ### Configuration @@ -45,26 +45,26 @@ This action can be configured to authenticate with GitHub App Installation or Pe ##### GitHub App Installation -| field | required | default | description | -|-------------------------------|----------|---------|-------------| -| `GH_APP_ID` | True | `""` | GitHub Application ID. See [documentation](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app) for more details. | -| `GH_APP_INSTALLATION_ID` | True | `""` | GitHub Application Installation ID. See [documentation](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app) for more details. | -| `GH_APP_PRIVATE_KEY` | True | `""` | GitHub Application Private Key. See [documentation](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app) for more details. | +| field | required | default | description | +| ------------------------ | -------- | ------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `GH_APP_ID` | True | `""` | GitHub Application ID. See [documentation](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app) for more details. | +| `GH_APP_INSTALLATION_ID` | True | `""` | GitHub Application Installation ID. See [documentation](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app) for more details. | +| `GH_APP_PRIVATE_KEY` | True | `""` | GitHub Application Private Key. See [documentation](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/about-authentication-with-a-github-app) for more details. | ##### Personal Access Token (PAT) -| field | required | default | description | -|-------------------------------|----------|---------|-------------| -| `GH_TOKEN` | True | `""` | The GitHub Token used to scan the repository. Must have read access to all repository you are interested in scanning. | +| field | required | default | description | +| ---------- | -------- | ------- | --------------------------------------------------------------------------------------------------------------------- | +| `GH_TOKEN` | True | `""` | The GitHub Token used to scan the repository. Must have read access to all repository you are interested in scanning. | #### Other Configuration Options -| field | required | default | description | -|-----------------------|----------|---------|-------------| -| `GH_ENTERPRISE_URL` | False | "" | The `GH_ENTERPRISE_URL` is used to connect to an enterprise server instance of GitHub. github.com users should not enter anything here. | -| `PR_TITLE` | False | "Enable Dependabot" | The title of the issue or pull request that will be created if dependabot could be enabled. | -| `PR_BODY` | False | **Pull Request:** "Dependabot could be enabled for this repository. Please enable it by merging this pull request so that we can keep our dependencies up to date and secure." **Issue:** "Please update the repository to include a Dependabot configuration file. This will ensure our dependencies remain updated and secure.Follow the guidelines in [creating Dependabot configuration files](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file) to set it up properly.Here's an example of the code:" | The body of the issue or pull request that will be created if dependabot could be enabled. | -| `REPOS_JSON_LOCATION` | False | "Create dependabot.yaml" | The commit message for the pull request that will be created if dependabot could be enabled. | +| field | required | default | description | +| --------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------- | +| `GH_ENTERPRISE_URL` | False | "" | The `GH_ENTERPRISE_URL` is used to connect to an enterprise server instance of GitHub. github.com users should not enter anything here. | +| `PR_TITLE` | False | "Enable Dependabot" | The title of the issue or pull request that will be created if dependabot could be enabled. | +| `PR_BODY` | False | **Pull Request:** "Dependabot could be enabled for this repository. Please enable it by merging this pull request so that we can keep our dependencies up to date and secure." **Issue:** "Please update the repository to include a Dependabot configuration file. This will ensure our dependencies remain updated and secure.Follow the guidelines in [creating Dependabot configuration files](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file) to set it up properly.Here's an example of the code:" | The body of the issue or pull request that will be created if dependabot could be enabled. | +| `REPOS_JSON_LOCATION` | False | "Create dependabot.yaml" | The commit message for the pull request that will be created if dependabot could be enabled. | ### Example workflow @@ -86,24 +86,24 @@ jobs: pull-requests: write steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Find OSS repository in organization - uses: docker://ghcr.io/zkoppert/innersource-crawler:v1 - env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} - ORGANIZATION: ${{ secrets.ORGANIZATION }} - TOPIC: open-source - - - name: Open pull requests in OSS repository that are missing contrib files - uses: docker://ghcr.io/github/automatic-contrib-prs:v2 - env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} - ORGANIZATION: ${{ secrets.ORGANIZATION }} - GH_ACTOR: ${{ secrets.GH_ACTOR }} - PR_TITLE: ${{ secrets.PR_TITLE }} - PR_BODY: ${{ secrets.PR_BODY }} + - name: Checkout code + uses: actions/checkout@v4 + + - name: Find OSS repository in organization + uses: docker://ghcr.io/zkoppert/innersource-crawler:v1 + env: + GH_TOKEN: ${{ secrets.GH_TOKEN }} + ORGANIZATION: ${{ secrets.ORGANIZATION }} + TOPIC: open-source + + - name: Open pull requests in OSS repository that are missing contrib files + uses: docker://ghcr.io/github/automatic-contrib-prs:v2 + env: + GH_TOKEN: ${{ secrets.GH_TOKEN }} + ORGANIZATION: ${{ secrets.ORGANIZATION }} + GH_ACTOR: ${{ secrets.GH_ACTOR }} + PR_TITLE: ${{ secrets.PR_TITLE }} + PR_BODY: ${{ secrets.PR_BODY }} ``` ## Scaling for large organizations diff --git a/action.yml b/action.yml index 49cd54f..e368a3b 100644 --- a/action.yml +++ b/action.yml @@ -1,10 +1,10 @@ --- -name: 'Automatic Contrib PRs' -author: 'github' -description: 'A GitHub Action that opens adds CONTRIBUTING.md file in repositories that dont have them.' +name: "Automatic Contrib PRs" +author: "github" +description: "A GitHub Action that opens adds CONTRIBUTING.md file in repositories that dont have them." runs: - using: 'docker' - image: 'docker://ghcr.io/github/automatic-contrib-prs:v2' + using: "docker" + image: "docker://ghcr.io/github/automatic-contrib-prs:v2" branding: - icon: 'book' - color: 'black' + icon: "book" + color: "black"