diff --git a/.github/dependabot.yml b/.github/dependabot.yml index eb3afb2..b542ced 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -11,7 +11,7 @@ updates: assignees: - "frugan-dev" commit-message: - prefix: "deps" + prefix: "chore" include: "scope" labels: - "dependencies" @@ -27,7 +27,7 @@ updates: assignees: - "frugan-dev" commit-message: - prefix: "ci" + prefix: "chore" include: "scope" labels: - "dependencies" diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml index eb64135..303757a 100644 --- a/.github/workflows/auto-merge.yml +++ b/.github/workflows/auto-merge.yml @@ -5,6 +5,11 @@ on: types: - opened - synchronize + - reopened + +permissions: + contents: write + pull-requests: write jobs: auto-merge: @@ -23,14 +28,25 @@ jobs: pull_number: context.issue.number }); - // Only auto-merge patch updates + // Auto-merge patch and minor updates const title = pr.data.title.toLowerCase(); - const isPatch = title.includes('patch') || - title.match(/bump .+ from [\d]+\.[\d]+\.[\d]+ to [\d]+\.[\d]+\.[\d]+$/); + const isMinorOrPatch = title.includes('patch') || + title.includes('minor') || + title.match(/bump .+ from [\d]+\.[\d]+\.[\d]+ to [\d]+\.[\d]+\.[\d]+$/); + + console.log('PR Title:', title); + console.log('Should merge:', isMinorOrPatch); - return { shouldMerge: isPatch }; + return { shouldMerge: isMinorOrPatch }; - - name: Wait for checks + - name: Auto-approve Dependabot PR + if: fromJSON(steps.pr.outputs.result).shouldMerge + run: | + gh pr review ${{ github.event.pull_request.number }} --approve --body "Auto-approving dependency update" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Wait for checks (with timeout) if: fromJSON(steps.pr.outputs.result).shouldMerge uses: fountainhead/action-wait-for-check@v1.2.0 id: wait-for-checks @@ -38,11 +54,38 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} checkName: 'Tests (PHP 8.4)' ref: ${{ github.event.pull_request.head.sha }} - timeoutSeconds: 300 + timeoutSeconds: 600 + continue-on-error: true - - name: Auto-merge - if: fromJSON(steps.pr.outputs.result).shouldMerge && steps.wait-for-checks.outputs.conclusion == 'success' + - name: Check status and merge + if: fromJSON(steps.pr.outputs.result).shouldMerge run: | - gh pr merge ${{ github.event.pull_request.number }} --squash --auto + # Get current status + STATUS=$(gh pr status ${{ github.event.pull_request.number }} --json statusCheckRollup --jq '.statusCheckRollup[] | select(.name == "Tests (PHP 8.4)") | .conclusion') + + echo "Check status: $STATUS" + + if [ "$STATUS" = "SUCCESS" ] || [ "$STATUS" = "NEUTRAL" ]; then + echo "✅ Checks passed, merging PR" + gh pr merge ${{ github.event.pull_request.number }} --squash --auto + elif [ "$STATUS" = "FAILURE" ]; then + echo "❌ Checks failed, not merging" + exit 1 + else + echo "⏳ Checks still running or unknown status, enabling auto-merge" + gh pr merge ${{ github.event.pull_request.number }} --squash --auto + fi env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Comment on failure + if: failure() + uses: actions/github-script@v8 + with: + script: | + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: '🤖 Auto-merge failed. Please check the CI status and merge manually if appropriate.' + }); \ No newline at end of file diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index a0ba97a..bff0e35 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -80,15 +80,17 @@ jobs: - name: Upload coverage to Codecov if: matrix.php == '8.4' + continue-on-error: true uses: codecov/codecov-action@v5 with: token: ${{ secrets.CODECOV_TOKEN }} files: ./coverage.xml - fail_ci_if_error: true + fail_ci_if_error: false # Alternative - name: Upload coverage to Qlty if: matrix.php == '8.4' + continue-on-error: true uses: qltysh/qlty-action/coverage@v2 with: token: ${{ secrets.QLTY_TOKEN }} @@ -97,6 +99,7 @@ jobs: # Alternative #- name: Upload coverage to Scrutinizer # if: matrix.php == '8.4' + # continue-on-error: true # uses: scrutinizer-ci/ocular@v1 # with: # access-token: ${{ secrets.SCRUTINIZER_ACCESS_TOKEN }} @@ -170,6 +173,7 @@ jobs: args: --severity-threshold=high --sarif-file-output=snyk.sarif --file=composer.lock - name: Upload Snyk results to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v3 + continue-on-error: true + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: snyk.sarif diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 349f66e..b879a2f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -39,8 +39,8 @@ jobs: id: semantic with: # https://github.com/semantic-release/commit-analyzer/issues/65 + # https://github.com/romap0/semantic-release-unsquash/issues/7 extra_plugins: | - semantic-release-unsquash@latest @semantic-release/changelog@latest @semantic-release/git@latest conventional-changelog-conventionalcommits@latest diff --git a/.releaserc.json b/.releaserc.json index b58ded9..fe239f2 100644 --- a/.releaserc.json +++ b/.releaserc.json @@ -7,7 +7,6 @@ } ], "plugins": [ - "semantic-release-unsquash", [ "@semantic-release/changelog", { diff --git a/commitlint.config.mjs b/commitlint.config.mjs index a952bb2..2f0401d 100644 --- a/commitlint.config.mjs +++ b/commitlint.config.mjs @@ -1,6 +1,20 @@ +import { RuleConfigSeverity } from '@commitlint/types'; +import conventionalConfig from '@commitlint/config-conventional'; + export default { extends: ['@commitlint/config-conventional'], ignores: [ (commit) => /\[skip ci\]/m.test(commit), ], -} \ No newline at end of file + rules: { + 'body-max-line-length': [RuleConfigSeverity.Error, 'always', 150], + 'type-enum': [ + RuleConfigSeverity.Error, + 'always', + [ + ...conventionalConfig.rules['type-enum'][RuleConfigSeverity.Error], + 'deps', // Add deps for Dependabot + ], + ], + }, +} diff --git a/composer.json b/composer.json index ef85392..fa9de0c 100644 --- a/composer.json +++ b/composer.json @@ -44,7 +44,7 @@ "povils/phpmnd": "^3.6", "rector/rector": "^1.2|^2.1", "roave/security-advisories": "dev-latest", - "squizlabs/php_codesniffer": "^3.13", + "squizlabs/php_codesniffer": "^3.13 || ^4.0", "vimeo/psalm": "^5.26|^6.13" }, "suggest": { @@ -72,10 +72,11 @@ "analysis": "@check --tasks=phpstan", "check": "@php -d max_execution_time=0 -d memory_limit=-1 -f ./vendor/bin/grumphp -- run", "ci": "@check --no-interaction", - "lint": "@check --tasks=phpcsfixer,phplint,phpstan,rector", + "lint": "@check --tasks=phpcsfixer,phplint,rector", "quality": "@check --tasks=phpmnd,phpparser", + "rector": "@php -d max_execution_time=0 -d memory_limit=-1 -f ./vendor/bin/rector -- process --ansi --clear-cache", "security": "@check --tasks=securitychecker_roave", "test": "@check --tasks=phpunit", - "test:coverage": "vendor/bin/phpunit --coverage-clover=coverage.xml" + "test:coverage": "@php -d max_execution_time=0 -d memory_limit=-1 ./vendor/bin/phpunit --coverage-clover=coverage.xml" } } diff --git a/grumphp.yml.dist b/grumphp.yml.dist index 2ebd81d..b79acbc 100644 --- a/grumphp.yml.dist +++ b/grumphp.yml.dist @@ -65,10 +65,10 @@ grumphp: # Psalm - Additional Static Analysis #FIXME - Temporarily disabled for PHP 8.4 compatibility - # psalm: - # config: psalm.xml.dist - # ignore_patterns: ['vendor'] - # threads: 4 + #psalm: + # config: psalm.xml.dist + # ignore_patterns: ['vendor'] + # threads: 4 # Rector - Automated Refactoring rector: ~