mirror of
https://github.com/Frooodle/Stirling-PDF.git
synced 2025-11-16 01:21:16 +01:00
e7631cf80c
- **What was changed**
- Added a new `handle-label-commands` job to
`.github/workflows/PR-Demo-Comment-with-react.yml` that processes PR
comments containing label commands and applies label changes to the
associated pull request.
- Introduced an authorization list `label_changer` in
`.github/config/repo_devs.json` to restrict who can manage labels via
comments.
- Implemented parsing of comment commands in the form:
- `add:🏷️:"Label Name"` to add a label.
- `rm:🏷️:"Label Name"` to remove a label.
- The workflow reads `.github/labels.yml` to build a canonical map of
allowed labels (case-insensitive matching, preserves original casing).
- Only labels defined in `.github/labels.yml` can be added; removal
allows best-effort even if the label is not found in the map.
- After successful processing, the original command comment is deleted
to keep the thread clean.
- Uses the existing local action `./.github/actions/setup-bot` to
authenticate as a GitHub App for applying labels.
- Added runner hardening via `step-security/harden-runner@v2.13.1` with
egress audit mode.
- **Why the change was made**
- Streamlines triage by enabling trusted maintainers to manage labels
directly from PR comments without needing full UI interactions.
- Ensures safety and consistency:
- Only **authorized** accounts (from `label_changer`) can execute label
commands.
- Only **known** labels (from `.github/labels.yml`) may be added,
preventing typos and drift.
- Reduces noise by deleting comma
|
||
|---|---|---|
| .. | ||
| actions/setup-bot | ||
| config | ||
| ISSUE_TEMPLATE | ||
| scripts | ||
| workflows | ||
| CODEOWNERS | ||
| dependabot.yml | ||
| labeler-config-srvaroa.yml | ||
| labels.yml | ||
| pull_request_template.md | ||
| release.yml | ||