mirror of
https://github.com/Stirling-Tools/Stirling-PDF.git
synced 2025-08-26 14:19:24 +00:00
1f9b808881
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 4.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> <li>Prepare release v4.3.0 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/motss"><code>@motss</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li><a href="https://github.com/mouismail"><code>@mouismail</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="08eba0b27e"><code>08eba0b</code></a> Prepare release v4.3.0 (<a href="https://redirect.github.com/actions/checkout/issues/2237">#2237</a>)</li> <li><a href="631c7dc4f8"><code>631c7dc</code></a> Update package dependencies (<a href="https://redirect.github.com/actions/checkout/issues/2236">#2236</a>)</li> <li><a href="8edcb1bdb4"><code>8edcb1b</code></a> Update CODEOWNERS for actions (<a href="https://redirect.github.com/actions/checkout/issues/2224">#2224</a>)</li> <li><a href="09d2acae67"><code>09d2aca</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/2194">#2194</a>)</li> <li><a href="85e6279cec"><code>85e6279</code></a> Adjust positioning of user email note and permissions heading (<a href="https://redirect.github.com/actions/checkout/issues/2044">#2044</a>)</li> <li><a href="009b9ae9e4"><code>009b9ae</code></a> Documentation update - add recommended permissions to Readme (<a href="https://redirect.github.com/actions/checkout/issues/2043">#2043</a>)</li> <li><a href="cbb722410c"><code>cbb7224</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1977">#1977</a>)</li> <li><a href="3b9b8c884f"><code>3b9b8c8</code></a> docs: update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1971">#1971</a>)</li> <li>See full diff in <a href="11bd71901b...08eba0b27e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
229 lines
8.4 KiB
YAML
229 lines
8.4 KiB
YAML
name: AI - PR Title Review
|
||
|
||
on:
|
||
pull_request:
|
||
types: [opened, edited]
|
||
branches: [main]
|
||
|
||
permissions: # required for secure-repo hardening
|
||
contents: read
|
||
|
||
jobs:
|
||
ai-title-review:
|
||
permissions:
|
||
contents: read
|
||
pull-requests: write
|
||
models: read
|
||
|
||
runs-on: ubuntu-latest
|
||
|
||
steps:
|
||
- name: Harden Runner
|
||
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
|
||
with:
|
||
egress-policy: audit
|
||
|
||
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
|
||
with:
|
||
fetch-depth: 0
|
||
|
||
- name: Configure Git to suppress detached HEAD warning
|
||
run: git config --global advice.detachedHead false
|
||
|
||
- name: Setup GitHub App Bot
|
||
if: github.actor != 'dependabot[bot]'
|
||
id: setup-bot
|
||
uses: ./.github/actions/setup-bot
|
||
continue-on-error: true
|
||
with:
|
||
app-id: ${{ secrets.GH_APP_ID }}
|
||
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
|
||
|
||
- name: Check if actor is repo developer
|
||
id: actor
|
||
run: |
|
||
if [[ "${{ github.actor }}" == *"[bot]" ]]; then
|
||
echo "PR opened by a bot – skipping AI title review."
|
||
echo "is_repo_dev=false" >> $GITHUB_OUTPUT
|
||
exit 0
|
||
fi
|
||
if [ ! -f .github/config/repo_devs.json ]; then
|
||
echo "Error: .github/config/repo_devs.json not found" >&2
|
||
exit 1
|
||
fi
|
||
# Validate JSON and extract repo_devs
|
||
REPO_DEVS=$(jq -r '.repo_devs[]' .github/config/repo_devs.json 2>/dev/null || { echo "Error: Invalid JSON in repo_devs.json" >&2; exit 1; })
|
||
# Convert developer list into Bash array
|
||
mapfile -t DEVS_ARRAY <<< "$REPO_DEVS"
|
||
if [[ " ${DEVS_ARRAY[*]} " == *" ${{ github.actor }} "* ]]; then
|
||
echo "is_repo_dev=true" >> $GITHUB_OUTPUT
|
||
else
|
||
echo "is_repo_dev=false" >> $GITHUB_OUTPUT
|
||
fi
|
||
|
||
- name: Get PR diff
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
id: get_diff
|
||
run: |
|
||
git fetch origin ${{ github.base_ref }}
|
||
git diff origin/${{ github.base_ref }}...HEAD | head -n 10000 | grep -vP '[\x00-\x08\x0B\x0C\x0E-\x1F\x7F\x{202E}\x{200B}]' > pr.diff
|
||
echo "diff<<EOF" >> $GITHUB_OUTPUT
|
||
cat pr.diff >> $GITHUB_OUTPUT
|
||
echo "EOF" >> $GITHUB_OUTPUT
|
||
|
||
- name: Check and sanitize PR title
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
id: sanitize_pr_title
|
||
env:
|
||
PR_TITLE_RAW: ${{ github.event.pull_request.title }}
|
||
run: |
|
||
# Sanitize PR title: max 72 characters, only printable characters
|
||
PR_TITLE=$(echo "$PR_TITLE_RAW" | tr -d '\n\r' | head -c 72 | sed 's/[^[:print:]]//g')
|
||
if [[ ${#PR_TITLE} -lt 5 ]]; then
|
||
echo "PR title is too short. Must be at least 5 characters." >&2
|
||
fi
|
||
echo "pr_title=$PR_TITLE" >> $GITHUB_OUTPUT
|
||
|
||
- name: AI PR Title Analysis
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
id: ai-title-analysis
|
||
uses: actions/ai-inference@0cbed4a10641c75090de5968e66d70eb4660f751 # v1.2.7
|
||
with:
|
||
model: openai/gpt-4o
|
||
system-prompt-file: ".github/config/system-prompt.txt"
|
||
prompt: |
|
||
Based on the following input data:
|
||
|
||
{
|
||
"diff": "${{ steps.get_diff.outputs.diff }}",
|
||
"pr_title": "${{ steps.sanitize_pr_title.outputs.pr_title }}"
|
||
}
|
||
|
||
Respond ONLY with valid JSON in the format:
|
||
{
|
||
"improved_rating": <0-10>,
|
||
"improved_ai_title_rating": <0-10>,
|
||
"improved_title": "<ai generated title>"
|
||
}
|
||
|
||
- name: Validate and set SCRIPT_OUTPUT
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
run: |
|
||
cat <<EOF > ai_response.json
|
||
${{ steps.ai-title-analysis.outputs.response }}
|
||
EOF
|
||
|
||
# Validate JSON structure
|
||
jq -e '
|
||
(keys | sort) == ["improved_ai_title_rating", "improved_rating", "improved_title"] and
|
||
(.improved_rating | type == "number" and . >= 0 and . <= 10) and
|
||
(.improved_ai_title_rating | type == "number" and . >= 0 and . <= 10) and
|
||
(.improved_title | type == "string")
|
||
' ai_response.json
|
||
if [ $? -ne 0 ]; then
|
||
echo "Invalid AI response format" >&2
|
||
cat ai_response.json >&2
|
||
exit 1
|
||
fi
|
||
# Parse JSON fields
|
||
IMPROVED_RATING=$(jq -r '.improved_rating' ai_response.json)
|
||
IMPROVED_TITLE=$(jq -r '.improved_title' ai_response.json)
|
||
# Limit comment length to 1000 characters
|
||
COMMENT=$(cat <<EOF
|
||
## 🤖 AI PR Title Suggestion
|
||
|
||
**PR-Title Rating**: $IMPROVED_RATING/10
|
||
|
||
### ⬇️ Suggested Title (copy & paste):
|
||
|
||
\`\`\`
|
||
$IMPROVED_TITLE
|
||
\`\`\`
|
||
|
||
---
|
||
*Generated by GitHub Models AI*
|
||
EOF
|
||
)
|
||
echo "$COMMENT" > /tmp/ai-title-comment.md
|
||
# Log input and output to the GitHub Step Summary
|
||
echo "### 🤖 AI PR Title Analysis" >> $GITHUB_STEP_SUMMARY
|
||
echo "### Input PR Title" >> $GITHUB_STEP_SUMMARY
|
||
echo '```bash' >> $GITHUB_STEP_SUMMARY
|
||
echo "${{ steps.sanitize_pr_title.outputs.pr_title }}" >> $GITHUB_STEP_SUMMARY
|
||
echo '```' >> $GITHUB_STEP_SUMMARY
|
||
echo '### AI Response (raw JSON)' >> $GITHUB_STEP_SUMMARY
|
||
echo '```json' >> $GITHUB_STEP_SUMMARY
|
||
cat ai_response.json >> $GITHUB_STEP_SUMMARY
|
||
echo '```' >> $GITHUB_STEP_SUMMARY
|
||
|
||
- name: Post comment on PR if needed
|
||
if: steps.actor.outputs.is_repo_dev == 'true'
|
||
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
|
||
continue-on-error: true
|
||
with:
|
||
github-token: ${{ steps.setup-bot.outputs.token }}
|
||
script: |
|
||
const fs = require('fs');
|
||
const body = fs.readFileSync('/tmp/ai-title-comment.md', 'utf8');
|
||
const { GITHUB_REPOSITORY } = process.env;
|
||
const [owner, repo] = GITHUB_REPOSITORY.split('/');
|
||
const issue_number = context.issue.number;
|
||
|
||
const ratingMatch = body.match(/\*\*PR-Title Rating\*\*: (\d+)\/10/);
|
||
const rating = ratingMatch ? parseInt(ratingMatch[1], 10) : null;
|
||
|
||
const expectedActor = "${{ steps.setup-bot.outputs.app-slug }}[bot]";
|
||
const comments = await github.rest.issues.listComments({ owner, repo, issue_number });
|
||
|
||
const existing = comments.data.find(c =>
|
||
c.user?.login === expectedActor &&
|
||
c.body.includes("## 🤖 AI PR Title Suggestion")
|
||
);
|
||
|
||
if (rating === null) {
|
||
console.log("No rating found in AI response – skipping.");
|
||
return;
|
||
}
|
||
|
||
if (rating <= 5) {
|
||
if (existing) {
|
||
await github.rest.issues.updateComment({
|
||
owner, repo,
|
||
comment_id: existing.id,
|
||
body
|
||
});
|
||
console.log("Updated existing suggestion comment.");
|
||
} else {
|
||
await github.rest.issues.createComment({
|
||
owner, repo, issue_number,
|
||
body
|
||
});
|
||
console.log("Created new suggestion comment.");
|
||
}
|
||
} else {
|
||
const praise = `## 🤖 AI PR Title Suggestion\n\nGreat job! The current PR title is clear and well-structured.\n\n✅ No suggestions needed.\n\n---\n*Generated by GitHub Models AI*`;
|
||
|
||
if (existing) {
|
||
await github.rest.issues.updateComment({
|
||
owner, repo,
|
||
comment_id: existing.id,
|
||
body: praise
|
||
});
|
||
console.log("Replaced suggestion with praise.");
|
||
} else {
|
||
console.log("Rating > 5 and no existing comment – skipping comment.");
|
||
}
|
||
}
|
||
|
||
- name: is not repo dev
|
||
if: steps.actor.outputs.is_repo_dev != 'true'
|
||
run: |
|
||
exit 0 # Skip the AI title review for non-repo developers
|
||
|
||
- name: Clean up
|
||
if: always()
|
||
run: |
|
||
rm -f pr.diff ai_response.json /tmp/ai-title-comment.md
|
||
echo "Cleaned up temporary files."
|
||
continue-on-error: true # Ensure cleanup runs even if previous steps fail
|