Mirrors/Stirling-PDF
Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2025-11-16 01:21:16 +01:00
Code Issues Packages Projects Releases Wiki Activity
e7631cf80c
Stirling-PDF/.github/workflows
History
Ludy e7631cf80c
ci(workflows): add PR comment–driven label management with authorized users (#4650) 
- **What was changed**
- Added a new `handle-label-commands` job to
`.github/workflows/PR-Demo-Comment-with-react.yml` that processes PR
comments containing label commands and applies label changes to the
associated pull request.
- Introduced an authorization list `label_changer` in
`.github/config/repo_devs.json` to restrict who can manage labels via
comments.
  - Implemented parsing of comment commands in the form:
    - `add:🏷️:"Label Name"` to add a label.
    - `rm:🏷️:"Label Name"` to remove a label.
- The workflow reads `.github/labels.yml` to build a canonical map of
allowed labels (case-insensitive matching, preserves original casing).
- Only labels defined in `.github/labels.yml` can be added; removal
allows best-effort even if the label is not found in the map.
- After successful processing, the original command comment is deleted
to keep the thread clean.
- Uses the existing local action `./.github/actions/setup-bot` to
authenticate as a GitHub App for applying labels.
- Added runner hardening via `step-security/harden-runner@v2.13.1` with
egress audit mode.

- **Why the change was made**
- Streamlines triage by enabling trusted maintainers to manage labels
directly from PR comments without needing full UI interactions.
  - Ensures safety and consistency:
- Only **authorized** accounts (from `label_changer`) can execute label
commands.
- Only **known** labels (from `.github/labels.yml`) may be added,
preventing typos and drift.
  - Reduces noise by deleting comma
2025-10-29 23:31:25 +00:00
..
ai_pr_title_review.yml build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 (#4538) 2025-09-28 21:22:40 +01:00
auto-labelerV2.yml ci: restrict workflow to main branch PRs (#4677) 2025-10-16 22:39:07 +01:00
build.yml build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#4745) 2025-10-27 19:37:42 +00:00
check_properties.yml ci: restrict workflow to main branch PRs (#4677) 2025-10-16 22:39:07 +01:00
codeql.yml-disabled Bump: Harden Runner from v2.10.2 to v2.10.3 (#2686) 2025-01-13 22:26:05 +00:00
dependency-review.yml build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 (#4538) 2025-09-28 21:22:40 +01:00
licenses-update.yml build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#4745) 2025-10-27 19:37:42 +00:00
manage-label.yml build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 (#4538) 2025-09-28 21:22:40 +01:00
multiOSReleases.yml build(deps): bump softprops/action-gh-release from 2.3.4 to 2.4.1 (#4676) 2025-10-29 19:40:34 +00:00
PR-Demo-cleanup.yml build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 (#4538) 2025-09-28 21:22:40 +01:00
PR-Demo-Comment-with-react.yml ci(workflows): add PR comment–driven label management with authorized users (#4650) 2025-10-29 23:31:25 +00:00
pre_commit.yml fix(ci): 🛡️ mitigate CVE-2025-8869 by enforcing wheels-only pip installs and upgrading pinned dependencies (#4598) 2025-10-04 12:50:37 +01:00
push-docker.yml build(deps): bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#4717) 2025-10-21 13:39:31 +01:00
releaseArtifacts.yml build(deps): bump softprops/action-gh-release from 2.3.4 to 2.4.1 (#4676) 2025-10-29 19:40:34 +00:00
scorecards.yml build(deps): bump github/codeql-action from 4.30.9 to 4.31.0 (#4743) 2025-10-29 19:40:09 +00:00
stale.yml build(deps): bump actions/stale from 10.0.0 to 10.1.0 (#4603) 2025-10-06 10:47:53 +01:00
swagger.yml build(deps): bump gradle/actions from 4.4.4 to 5.0.0 (#4605) 2025-10-06 10:47:14 +01:00
sync_files.yml fix(ci): 🛡️ mitigate CVE-2025-8869 by enforcing wheels-only pip installs and upgrading pinned dependencies (#4598) 2025-10-04 12:50:37 +01:00
testdriver.yml build(deps): bump actions/setup-node from 5.0.0 to 6.0.0 (#4716) 2025-10-21 13:39:53 +01:00