From 9065906448b02392733e897e19064b93d7ea9553 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 12 Aug 2025 11:29:13 +0100 Subject: [PATCH 1/3] Add Copilot instructions for release PRs --- .github/copilot-instructions.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 7dfd363e78..237888994b 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -1,5 +1,25 @@ # CodeQL Action - Copilot Instructions +## Generated code + The CodeQL Action is written in TypeScript and compiled to JavaScript. Both the TypeScript sources and the **generated** JavaScript code are contained in this repository. The TypeScript sources are contained in the `src` directory and the JavaScript code is contained in the `lib` directory. A GitHub Actions workflow checks that the JavaScript code in `lib` is up-to-date. Therefore, you should not review any changes to the contents of the `lib` folder and it is expected that the JavaScript code in `lib` closely mirrors the TypeScript code it is generated from. GitHub Actions workflows in the `.github/workflows` directory whose filenames start with two underscores (e.g. `__all-platform-bundle.yml`) are automatically generated using the `pr-checks/sync.sh` script from template files in the `pr-checks/checks` directory. Therefore, you do not need to review files in the `.github/workflows` directory that starts with two underscores. However, you should review changes to the `pr-checks` directory as well as workflows in the `.github/workflows` directory that do not start with underscores. + +## Release process + +- Do not review PRs that match any of the following release-PR patterns: + - PR title starts with the exact prefix: `Merge main into releases/v` + - Equivalent regex: `^Merge main into releases\/v` + - OR head (source) branch matches the update-branch pattern: + - Regex: `^update-v[0-9]+(?:\.[0-9]+)*(?:-[a-f0-9]+)?` (e.g. `update-v3.29.9-cc722e476`) + - OR base (target) branch matches a release branch: + - Regex: `^releases\/v` (e.g. `releases/v3`) + +- In PRs that match the release-PR patterns above: + - Review only the following files: + - `CHANGELOG.md` + - `package.json` + - Do not review other files in those PRs (these are considered mechanically generated updates). + +- If a PR matches the release-PR patterns but includes changes outside the two files above, do not attempt a full review of the generated changes — treat non-`CHANGELOG.md`/`package.json` edits as not requiring review. From 1813a6cc1c6ae12ea213ff5a1264919d2a0f458b Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 12 Aug 2025 11:48:05 +0100 Subject: [PATCH 2/3] Fix typo --- .github/copilot-instructions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 237888994b..872f9537fc 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -4,7 +4,7 @@ The CodeQL Action is written in TypeScript and compiled to JavaScript. Both the TypeScript sources and the **generated** JavaScript code are contained in this repository. The TypeScript sources are contained in the `src` directory and the JavaScript code is contained in the `lib` directory. A GitHub Actions workflow checks that the JavaScript code in `lib` is up-to-date. Therefore, you should not review any changes to the contents of the `lib` folder and it is expected that the JavaScript code in `lib` closely mirrors the TypeScript code it is generated from. -GitHub Actions workflows in the `.github/workflows` directory whose filenames start with two underscores (e.g. `__all-platform-bundle.yml`) are automatically generated using the `pr-checks/sync.sh` script from template files in the `pr-checks/checks` directory. Therefore, you do not need to review files in the `.github/workflows` directory that starts with two underscores. However, you should review changes to the `pr-checks` directory as well as workflows in the `.github/workflows` directory that do not start with underscores. +GitHub Actions workflows in the `.github/workflows` directory whose filenames start with two underscores (e.g. `__all-platform-bundle.yml`) are automatically generated using the `pr-checks/sync.sh` script from template files in the `pr-checks/checks` directory. Therefore, you do not need to review files in the `.github/workflows` directory that start with two underscores. However, you should review changes to the `pr-checks` directory as well as workflows in the `.github/workflows` directory that do not start with underscores. ## Release process From cd4167966c4484bfa49f4f3837dbc5f0fa278185 Mon Sep 17 00:00:00 2001 From: "Michael B. Gale" Date: Tue, 12 Aug 2025 11:51:44 +0100 Subject: [PATCH 3/3] Manually edit PR instructions - Conditions all must be true, not just any one of them - Make it clearer that no files should be reviewed, except for the two listed ones --- .github/copilot-instructions.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 872f9537fc..35a89a227a 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -8,18 +8,14 @@ GitHub Actions workflows in the `.github/workflows` directory whose filenames st ## Release process -- Do not review PRs that match any of the following release-PR patterns: +- A release-PR is a PR which matches all of the following patterns: - PR title starts with the exact prefix: `Merge main into releases/v` - Equivalent regex: `^Merge main into releases\/v` - - OR head (source) branch matches the update-branch pattern: + - AND head (source) branch matches the update-branch pattern: - Regex: `^update-v[0-9]+(?:\.[0-9]+)*(?:-[a-f0-9]+)?` (e.g. `update-v3.29.9-cc722e476`) - - OR base (target) branch matches a release branch: + - AND base (target) branch matches a release branch: - Regex: `^releases\/v` (e.g. `releases/v3`) -- In PRs that match the release-PR patterns above: - - Review only the following files: +- Consider all files in release-PRs to have already been reviewed and do not review them, except for the following two files: - `CHANGELOG.md` - `package.json` - - Do not review other files in those PRs (these are considered mechanically generated updates). - -- If a PR matches the release-PR patterns but includes changes outside the two files above, do not attempt a full review of the generated changes — treat non-`CHANGELOG.md`/`package.json` edits as not requiring review.