From cc26276ed74cf85ce35ed52bc2c9723c0deccbb9 Mon Sep 17 00:00:00 2001 From: Martin Wimpress Date: Thu, 12 Mar 2026 23:08:48 +0000 Subject: [PATCH 1/3] chore(tailor): fit project with community health files Signed-off-by: Martin Wimpress --- .github/FUNDING.yml | 14 +++ .github/ISSUE_TEMPLATE/bug_report.yml | 92 ++++++++++++++ .github/ISSUE_TEMPLATE/config.yml | 8 ++ .github/ISSUE_TEMPLATE/feature_request.yml | 64 ++++++++++ .github/pull_request_template.md | 14 +++ .github/workflows/tailor.yml | 52 ++++++++ .tailor.yml | 133 +++++++++++++++++++++ CODE_OF_CONDUCT.md | 91 ++++++++++++++ CONTRIBUTING.md | 11 ++ SECURITY.md | 17 +++ SUPPORT.md | 34 ++++++ cubic.yaml | 32 +++++ 12 files changed, 562 insertions(+) create mode 100644 .github/FUNDING.yml create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yml create mode 100644 .github/ISSUE_TEMPLATE/config.yml create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yml create mode 100644 .github/pull_request_template.md create mode 100644 .github/workflows/tailor.yml create mode 100644 .tailor.yml create mode 100644 CODE_OF_CONDUCT.md create mode 100644 CONTRIBUTING.md create mode 100644 SECURITY.md create mode 100644 SUPPORT.md create mode 100644 cubic.yaml diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..c843c94 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,14 @@ +# These are supported funding model platforms + +github: flexiondotorg +patreon: # Replace with a single Patreon username +open_collective: # Replace with a single Open Collective username +ko_fi: # Replace with a single Ko-fi username +tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel +community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry +liberapay: # Replace with a single Liberapay username +issuehunt: # Replace with a single IssueHunt username +lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry +polar: # Replace with a single Polar username +buy_me_a_coffee: # Replace with a single Buy Me a Coffee username +custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..8e5d25a --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,92 @@ +name: 🐛 Bug Report +description: Report a bug or issue +labels: ["bug"] +body: + - type: markdown + attributes: + value: | + Please fill out the information below to help us diagnose and fix the issue. + + - type: textarea + id: steps + attributes: + label: Steps to Reproduce + description: Steps to reproduce the behavior + placeholder: | + 1. Run command: `...` + 2. Do something else: `...` + 3. Error occurs + value: | + 1. + 2. + 3. + validations: + required: true + + - type: textarea + id: expected + attributes: + label: Expected Behavior + description: What you expected to happen + placeholder: Describe the expected outcome + validations: + required: true + + - type: textarea + id: actual + attributes: + label: Actual Behavior + description: What actually happened + placeholder: Describe what actually occurred + validations: + required: true + + - type: textarea + id: error-output + attributes: + label: Error Output + description: Full error message or output (if any) + render: shell + placeholder: Paste the complete error message here + validations: + required: false + + - type: input + id: version + attributes: + label: Version + description: The version or commit hash of this project you are using + placeholder: e.g., 1.0.0, latest main branch, commit abc123def + validations: + required: true + + - type: textarea + id: environment + attributes: + label: Environment + description: Any relevant environment details + placeholder: e.g., operating system, runtime version, browser, container + validations: + required: false + + - type: textarea + id: additional-context + attributes: + label: Additional Context + description: Any other context about the problem + placeholder: Add any other relevant information, screenshots, or context + validations: + required: false + + - type: checkboxes + id: terms + attributes: + label: Checklist + description: Please confirm the following + options: + - label: I have searched existing issues to avoid duplicates + required: true + - label: I have provided all the requested information above + required: true + - label: I can reproduce this issue consistently + required: false diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..12d57e1 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +blank_issues_enabled: false +contact_links: + - name: 🛟 Support + url: https://github.com/linuxmatters/ffmpeg-statigo/blob/HEAD/SUPPORT.md + about: Check the support guide before opening an issue. +# - name: Code of Conduct Report +# url: https://yourproject.org/community-report/ +# about: Report a Code of Conduct violation privately to the moderation team. diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000..299ca92 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,64 @@ +name: ✨ Feature Request +description: Suggest a new feature or enhancement +labels: ["enhancement"] +body: + - type: markdown + attributes: + value: | + Please provide details about your idea below. + + - type: textarea + id: problem + attributes: + label: Problem Statement + description: Is your feature request related to a problem? Please describe. + placeholder: A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + validations: + required: true + + - type: textarea + id: solution + attributes: + label: Proposed Solution + description: Describe the solution you'd like + placeholder: A clear and concise description of what you want to happen. + validations: + required: true + + - type: textarea + id: alternatives + attributes: + label: Alternatives Considered + description: Describe alternatives you've considered + placeholder: A clear and concise description of any alternative solutions or features you've considered. + validations: + required: false + + - type: textarea + id: use-case + attributes: + label: Use Case + description: Describe your specific use case + placeholder: How would you use this feature? What workflow would it improve? + validations: + required: true + + - type: textarea + id: additional-context + attributes: + label: Additional Context + description: Add any other context about the feature request + placeholder: Add any other context, screenshots, mockups, or examples about the feature request here. + validations: + required: false + + - type: checkboxes + id: terms + attributes: + label: Checklist + description: Please confirm the following + options: + - label: I have searched existing issues to avoid duplicates + required: true + - label: I have considered if this feature fits the project scope + required: true diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..eda3ba9 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,14 @@ +# Description + + + +Closes # + +## Additional Context + + + +## Checklist + +- [ ] I have performed a self-review of my code +- [ ] I have tested my changes and confirmed there are no regressions diff --git a/.github/workflows/tailor.yml b/.github/workflows/tailor.yml new file mode 100644 index 0000000..d482351 --- /dev/null +++ b/.github/workflows/tailor.yml @@ -0,0 +1,52 @@ +name: Tailor 🪡 +on: + schedule: + - cron: "0 9 * * 1" # Weekly + workflow_dispatch: + +permissions: + contents: write + issues: write + pull-requests: write + actions: write + +jobs: + alter: + runs-on: ubuntu-slim + env: + GH_TOKEN: ${{ secrets.TAILOR_TOKEN || secrets.GITHUB_TOKEN }} + steps: + - uses: actions/checkout@v6 + + - name: Tailor + uses: wimpysworld/tailor@v0 + with: + alter: true + + - name: Create PR + uses: peter-evans/create-pull-request@v8 + with: + branch: tailor-alter + title: "chore: alter tailor swatches" + + update-flake-lock: + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + steps: + - uses: actions/checkout@v6 + + - name: Check for flake.lock + id: check + run: test -f flake.lock && echo "found=true" >> "$GITHUB_OUTPUT" || echo "found=false" >> "$GITHUB_OUTPUT" + + - name: Install Nix + if: steps.check.outputs.found == 'true' + uses: DeterminateSystems/determinate-nix-action@v3 + + - name: Update flake.lock + if: steps.check.outputs.found == 'true' + uses: DeterminateSystems/update-flake-lock@v28 + with: + pr-title: "chore: update flake.lock" diff --git a/.tailor.yml b/.tailor.yml new file mode 100644 index 0000000..0ee7b25 --- /dev/null +++ b/.tailor.yml @@ -0,0 +1,133 @@ +# Initially fitted by tailor on 2026-03-12 +license: GPL-3.0 + +repository: + description: Real FFmpeg bindings for Go. Not a wrapper. Not a CLI tool. The actual libraries 📚 + homepage: https://linuxmatters.sh + has_wiki: false + has_discussions: false + has_projects: false + has_issues: true + allow_merge_commit: false + allow_squash_merge: true + allow_rebase_merge: true + squash_merge_commit_title: COMMIT_OR_PR_TITLE + squash_merge_commit_message: COMMIT_MESSAGES + merge_commit_title: MERGE_MESSAGE + merge_commit_message: PR_TITLE + delete_branch_on_merge: true + allow_update_branch: false + allow_auto_merge: false + web_commit_signoff_required: false + default_workflow_permissions: read + can_approve_pull_request_reviews: false + topics: + - ffmpeg + - go + - go-bindings + - go-library + - go-module + +labels: + - name: bug + color: d20f39 + description: "Something isn't working" + + - name: documentation + color: 04a5e5 + description: Documentation improvement + + - name: duplicate + color: 8839ef + description: Already exists + + - name: enhancement + color: 1e66f5 + description: New feature request + + - name: good first issue + color: 40a02b + description: Good for newcomers + + - name: help wanted + color: 179299 + description: Extra attention needed + + - name: invalid + color: e64553 + description: Not valid or relevant + + - name: question + color: 7287fd + description: Needs more information + + - name: wontfix + color: dc8a78 + description: Will not be worked on + + - name: dependencies + color: fe640b + description: Dependency update + + - name: github_actions + color: ea76cb + description: GitHub Actions update + + - name: hacktoberfest-accepted + color: df8e1d + description: Hacktoberfest contribution + +swatches: + - path: .github/workflows/tailor.yml + alteration: always + + - path: .github/dependabot.yml + alteration: first-fit + + - path: .github/FUNDING.yml + alteration: first-fit + + - path: .github/ISSUE_TEMPLATE/bug_report.yml + alteration: always + + - path: .github/ISSUE_TEMPLATE/feature_request.yml + alteration: always + + - path: .github/ISSUE_TEMPLATE/config.yml + alteration: first-fit + + - path: .github/pull_request_template.md + alteration: always + + - path: SECURITY.md + alteration: always + + - path: CODE_OF_CONDUCT.md + alteration: always + + - path: CONTRIBUTING.md + alteration: always + + - path: SUPPORT.md + alteration: always + + - path: justfile + alteration: first-fit + + - path: flake.nix + alteration: first-fit + + - path: .gitignore + alteration: first-fit + + - path: .envrc + alteration: first-fit + + - path: cubic.yaml + alteration: first-fit + + - path: .tailor.yml + alteration: always + + - path: .github/workflows/tailor-automerge.yml + alteration: triggered diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..123612d --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,91 @@ +# Contributor Covenant 3.0 Code of Conduct + +## Our Pledge + +We pledge to make our community welcoming, safe, and equitable for all. + +We are committed to fostering an environment that respects and promotes the dignity, rights, and contributions of all individuals, regardless of characteristics including race, ethnicity, caste, color, age, physical characteristics, neurodiversity, disability, sex or gender, gender identity or expression, sexual orientation, language, philosophy or religion, national or social origin, socio-economic position, level of education, or other status. The same privileges of participation are extended to everyone who participates in good faith and in accordance with this Covenant. + + +## Encouraged Behaviors + +While acknowledging differences in social norms, we all strive to meet our community's expectations for positive behavior. We also understand that our words and actions may be interpreted differently than we intend based on culture, background, or native language. + +With these considerations in mind, we agree to behave mindfully toward each other and act in ways that center our shared values, including: + +1. Respecting the **purpose of our community**, our activities, and our ways of gathering. +2. Engaging **kindly and honestly** with others. +3. Respecting **different viewpoints** and experiences. +4. **Taking responsibility** for our actions and contributions. +5. Gracefully giving and accepting **constructive feedback**. +6. Committing to **repairing harm** when it occurs. +7. Behaving in other ways that promote and sustain the **well-being of our community**. + + +## Restricted Behaviors + +We agree to restrict the following behaviors in our community. Instances, threats, and promotion of these behaviors are violations of this Code of Conduct. + +1. **Harassment.** Violating explicitly expressed boundaries or engaging in unnecessary personal attention after any clear request to stop. +2. **Character attacks.** Making insulting, demeaning, or pejorative comments directed at a community member or group of people. +3. **Stereotyping or discrimination.** Characterizing anyone’s personality or behavior on the basis of immutable identities or traits. +4. **Sexualization.** Behaving in a way that would generally be considered inappropriately intimate in the context or purpose of the community. +5. **Violating confidentiality**. Sharing or acting on someone's personal or private information without their permission. +6. **Endangerment.** Causing, encouraging, or threatening violence or other harm toward any person or group. +7. Behaving in other ways that **threaten the well-being** of our community. + +### Other Restrictions + +1. **Misleading identity.** Impersonating someone else for any reason, or pretending to be someone else to evade enforcement actions. +2. **Failing to credit sources.** Not properly crediting the sources of content you contribute. +3. **Promotional materials**. Sharing marketing or other commercial content in a way that is outside the norms of the community. +4. **Irresponsible communication.** Failing to responsibly present content which includes, links or describes any other restricted behaviors. + + +## Reporting an Issue + +Tensions can occur between community members even when they are trying their best to collaborate. Not every conflict represents a code of conduct violation, and this Code of Conduct reinforces encouraged behaviors and norms that can help avoid conflicts and minimize harm. + +When an incident does occur, it is important to report it promptly. To report a possible violation, use the contact details available in the project's repository. + +Community Moderators take reports of violations seriously and will make every effort to respond in a timely manner. They will investigate all reports of code of conduct violations, reviewing messages, logs, and recordings, or interviewing witnesses and other participants. Community Moderators will keep investigation and enforcement actions as transparent as possible while prioritizing safety and confidentiality. In order to honor these values, enforcement actions are carried out in private with the involved parties, but communicating to the whole community may be part of a mutually agreed upon resolution. + + +## Addressing and Repairing Harm + +These remedies and repairs are guidelines for this project's code of conduct enforcement process. + +If an investigation by the Community Moderators finds that this Code of Conduct has been violated, the following enforcement ladder may be used to determine how best to repair harm, based on the incident's impact on the individuals involved and the community as a whole. Depending on the severity of a violation, lower rungs on the ladder may be skipped. + +1) Warning + 1) Event: A violation involving a single incident or series of incidents. + 2) Consequence: A private, written warning from the Community Moderators. + 3) Repair: Examples of repair include a private written apology, acknowledgement of responsibility, and seeking clarification on expectations. +2) Temporarily Limited Activities + 1) Event: A repeated incidence of a violation that previously resulted in a warning, or the first incidence of a more serious violation. + 2) Consequence: A private, written warning with a time-limited cooldown period designed to underscore the seriousness of the situation and give the community members involved time to process the incident. The cooldown period may be limited to particular communication channels or interactions with particular community members. + 3) Repair: Examples of repair may include making an apology, using the cooldown period to reflect on actions and impact, and being thoughtful about re-entering community spaces after the period is over. +3) Temporary Suspension + 1) Event: A pattern of repeated violation which the Community Moderators have tried to address with warnings, or a single serious violation. + 2) Consequence: A private written warning with conditions for return from suspension. In general, temporary suspensions give the person being suspended time to reflect upon their behavior and possible corrective actions. + 3) Repair: Examples of repair include respecting the spirit of the suspension, meeting the specified conditions for return, and being thoughtful about how to reintegrate with the community when the suspension is lifted. +4) Permanent Ban + 1) Event: A pattern of repeated code of conduct violations that other steps on the ladder have failed to resolve, or a violation so serious that the Community Moderators determine there is no way to keep the community safe with this person as a member. + 2) Consequence: Access to all community spaces, tools, and communication channels is removed. In general, permanent bans should be rarely used, should have strong reasoning behind them, and should only be resorted to if working through other remedies has failed to change the behavior. + 3) Repair: There is no possible repair in cases of this severity. + +This enforcement ladder is intended as a guideline. It does not limit the ability of Community Managers to use their discretion and judgment, in keeping with the best interests of our community. + + +## Scope + +This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public or other spaces. Examples of representing our community include using an official email address, posting via an official social media account, or acting as an appointed representative at an online or offline event. + + +## Attribution + +This Code of Conduct is adapted from the Contributor Covenant, version 3.0, permanently available at [https://www.contributor-covenant.org/version/3/0/](https://www.contributor-covenant.org/version/3/0/). + +Contributor Covenant is stewarded by the Organization for Ethical Source and licensed under CC BY-SA 4.0. To view a copy of this license, visit [https://creativecommons.org/licenses/by-sa/4.0/](https://creativecommons.org/licenses/by-sa/4.0/) + +For answers to common questions about Contributor Covenant, see the FAQ at [https://www.contributor-covenant.org/faq](https://www.contributor-covenant.org/faq). Translations are provided at [https://www.contributor-covenant.org/translations](https://www.contributor-covenant.org/translations). Additional enforcement and community guideline resources can be found at [https://www.contributor-covenant.org/resources](https://www.contributor-covenant.org/resources). The enforcement ladder was inspired by the work of [Mozilla’s code of conduct team](https://github.com/mozilla/inclusion). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..e668708 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,11 @@ +# Contributing + +Contributions are welcome and appreciated. + +- **Report bugs and request features** in [Issues](../../issues) +- **Submit pull requests** to fix bugs or add new features +- Commit messages must conform to the [Conventional Commits](https://www.conventionalcommits.org/) specification +- **Improve documentation** directly via pull requests +- All contributors are expected to follow the [Code of Conduct](CODE_OF_CONDUCT.md) +- Security issues must be reported privately; see [SECURITY.md](SECURITY.md) +- By contributing, you agree that your contributions will be licensed under the project [licence](LICENSE) diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..199149e --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,17 @@ +# Security Policy + +## Supported Versions + +Only the latest release is supported. Security fixes are released as patch versions. + +## Reporting a Vulnerability + +**Do not open a public issue for security vulnerabilities.** + +[Report vulnerabilities privately](https://github.com/linuxmatters/ffmpeg-statigo/security/advisories/new). Include: + +- Steps to reproduce +- Affected versions +- Potential impact + +This project is maintained on a best-efforts basis. There are no guaranteed response times for security reports. diff --git a/SUPPORT.md b/SUPPORT.md new file mode 100644 index 0000000..e124b64 --- /dev/null +++ b/SUPPORT.md @@ -0,0 +1,34 @@ +# Support + +## Getting Help + +Before opening an issue, check the existing resources: + +- **[README](../../#readme)** for installation, usage, and configuration +- **[Open issues](../../issues)** for known bugs and planned features +- **[Closed issues](../../issues?q=is%3Aissue+is%3Aclosed)** for previously resolved problems +- **[Discussions](../../discussions)** for questions and community help, if enabled + +## Reporting Bugs + +Use the [bug report template](../../issues/new?template=bug_report.yml) and include: + +- Steps to reproduce +- Expected and actual behaviour +- Version and environment details + +To fix a bug yourself, see [CONTRIBUTING.md](CONTRIBUTING.md). + +## Requesting Features + +Use the [feature request template](../../issues/new?template=feature_request.yml) and describe: + +- The problem you are trying to solve +- Your proposed solution +- Your specific use case + +## What to Expect + +- This project is maintained on a best-efforts basis. +- There are no guaranteed response times or support SLAs. +- Security issues should be reported privately per [SECURITY.md](SECURITY.md). diff --git a/cubic.yaml b/cubic.yaml new file mode 100644 index 0000000..755be4f --- /dev/null +++ b/cubic.yaml @@ -0,0 +1,32 @@ +# yaml-language-server: $schema=https://cubic.dev/schema/cubic-repository-config.schema.json +version: 1 + +reviews: + enabled: true + sensitivity: medium + incremental_commits: true + check_drafts: false + architecture_diagrams: false + resolve_threads_when_addressed: true + custom_instructions: "" + ignore: + files: + - "dist/**" + - "build/**" + pr_titles: + - "wip:*" + pr_labels: + - "wontfix" + head_branches: [] + base_branches: [] + custom_rules: [] + +pr_descriptions: + cubic_review_link: false + generate: false + instructions: "" + +issues: + fix_commits_to_pr: false + fix_with_cubic_buttons: false + pr_comment_fixes: false From f35983c4bc6b2875568a22c93b3d44d461ed7552 Mon Sep 17 00:00:00 2001 From: Martin Wimpress Date: Thu, 12 Mar 2026 23:15:05 +0000 Subject: [PATCH 2/3] chore: update dependabot to run monthly Signed-off-by: Martin Wimpress --- .github/dependabot.yml | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 174aaf7..bf61145 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,14 +1,22 @@ -# See the documentation for all configuration options: -# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file - version: 2 updates: - - package-ecosystem: "github-actions" - directory: "/" + - package-ecosystem: github-actions + directory: / schedule: - interval: "weekly" + interval: monthly + groups: + github-actions: + patterns: + - "*" - - package-ecosystem: "gomod" - directory: "/" + - package-ecosystem: gomod + directory: / schedule: - interval: "weekly" + interval: weekly + groups: + gomod: + patterns: + - "*" + commit-message: + prefix: "deps" + include: "scope" From ec6a9eacadc6652f92e5e387069ef490a27f2410 Mon Sep 17 00:00:00 2001 From: Martin Wimpress Date: Thu, 12 Mar 2026 23:17:45 +0000 Subject: [PATCH 3/3] ci(tailor): enable automerge Signed-off-by: Martin Wimpress --- .github/workflows/tailor-automerge.yml | 76 ++++++++++++++++++++++++++ .tailor.yml | 2 +- 2 files changed, 77 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/tailor-automerge.yml diff --git a/.github/workflows/tailor-automerge.yml b/.github/workflows/tailor-automerge.yml new file mode 100644 index 0000000..41a30ce --- /dev/null +++ b/.github/workflows/tailor-automerge.yml @@ -0,0 +1,76 @@ +name: Tailor automerge 🤖 + +on: + pull_request: + workflow_dispatch: + +permissions: + contents: write + pull-requests: write + +jobs: + automerge: + runs-on: ubuntu-slim + if: github.event_name == 'pull_request' + steps: + - name: Fetch Dependabot metadata + if: github.event.pull_request.user.login == 'dependabot[bot]' + id: metadata + uses: dependabot/fetch-metadata@v2 + with: + github-token: "${{ secrets.GITHUB_TOKEN }}" + skip-commit-verification: true + + - name: Automerge GitHub Actions updates + if: >- + github.event.pull_request.user.login == 'dependabot[bot]' + && steps.metadata.outputs.package-ecosystem == 'github_actions' + run: gh pr merge --auto --squash "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Automerge patch and minor dependency updates + if: >- + github.event.pull_request.user.login == 'dependabot[bot]' + && steps.metadata.outputs.package-ecosystem != 'github_actions' + && ( + steps.metadata.outputs.update-type == 'version-update:semver-patch' + || steps.metadata.outputs.update-type == 'version-update:semver-minor' + ) + run: gh pr merge --auto --squash "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Automerge flake.lock update + if: >- + github.event.pull_request.user.login == 'github-actions[bot]' + && startsWith(github.event.pull_request.head.ref, 'update_flake_lock') + run: gh pr merge --auto --squash "$PR_URL" + env: + PR_URL: ${{ github.event.pull_request.html_url }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + automerge-existing: + runs-on: ubuntu-slim + if: github.event_name == 'workflow_dispatch' + steps: + - name: Merge open Dependabot PRs + run: | + gh pr list --repo "$GITHUB_REPOSITORY" \ + --author "app/dependabot" \ + --state open \ + --json number,url \ + --jq '.[].url' | + while read -r pr_url; do + echo "::group::Merging $pr_url" + if gh pr merge --squash "$pr_url"; then + echo "Merged $pr_url" + else + echo "::warning::Failed to merge $pr_url" + fi + echo "::endgroup::" + done + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.tailor.yml b/.tailor.yml index 0ee7b25..8a85cf9 100644 --- a/.tailor.yml +++ b/.tailor.yml @@ -17,7 +17,7 @@ repository: merge_commit_message: PR_TITLE delete_branch_on_merge: true allow_update_branch: false - allow_auto_merge: false + allow_auto_merge: true web_commit_signoff_required: false default_workflow_permissions: read can_approve_pull_request_reviews: false