chore: import upstream snapshot with attribution
Spell checking / Check Spelling (push) Has been cancelled
Spell checking / Update PR (push) Has been cancelled
Publish Dev Docs Website / build (push) Failing after 1s
Publish Dev Docs Website / deploy (push) Has been skipped
Spell checking / Report (Push) (push) Has been cancelled
Spell checking / Report (PR) (push) Has been cancelled
Spell checking / Check Spelling (push) Has been cancelled
Spell checking / Update PR (push) Has been cancelled
Publish Dev Docs Website / build (push) Failing after 1s
Publish Dev Docs Website / deploy (push) Has been skipped
Spell checking / Report (Push) (push) Has been cancelled
Spell checking / Report (PR) (push) Has been cancelled
This commit is contained in:
@@ -0,0 +1,240 @@
|
||||
name: Automatic Triaging on Issue/PR Creation
|
||||
|
||||
on:
|
||||
issues:
|
||||
types: [opened, reopened]
|
||||
pull_request_target:
|
||||
types: [opened, reopened, synchronize]
|
||||
# Manual trigger: go to Actions → "Automatic Triaging on Issue Creation" → Run workflow.
|
||||
# Enter one or more comma-separated issue numbers (e.g. "1234" or "1234,1235,1236")
|
||||
# to apply AI-generated area labels to existing untriaged issues.
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
issue_numbers:
|
||||
description: 'Comma-separated issue number(s) to label (e.g. 1234 or 1234,1235)'
|
||||
required: true
|
||||
|
||||
permissions:
|
||||
models: read
|
||||
issues: write
|
||||
pull-requests: write
|
||||
|
||||
concurrency:
|
||||
# Each workflow run gets its own concurrency group.
|
||||
# For issue events, group by issue number so a rapid close+reopen only runs once.
|
||||
# For pull request events, group by PR number so rapid updates coalesce.
|
||||
# For manual dispatch (which may cover multiple issues), use the unique run ID.
|
||||
group: ${{ github.event_name == 'issues' && format('{0}-issues-{1}', github.workflow, github.event.issue.number) || github.event_name == 'pull_request_target' && format('{0}-pr-{1}', github.workflow, github.event.pull_request.number) || github.run_id }}
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
label:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Apply area labels with AI
|
||||
uses: actions/github-script@v9
|
||||
env:
|
||||
# actions/github-script does not propagate `github-token` to
|
||||
# process.env. Expose it explicitly so the inline script can
|
||||
# authenticate against the GitHub Models inference endpoint.
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
script: |
|
||||
// When triggered manually, process each supplied issue number in turn.
|
||||
// When triggered by an issue or PR event, use the event's number.
|
||||
let issueNumbers;
|
||||
if (context.eventName === 'workflow_dispatch') {
|
||||
issueNumbers = String(context.payload.inputs.issue_numbers)
|
||||
.split(',')
|
||||
.map(s => parseInt(s.trim(), 10))
|
||||
.filter(n => Number.isFinite(n) && n > 0);
|
||||
} else {
|
||||
issueNumbers = [context.issue.number];
|
||||
}
|
||||
|
||||
if (issueNumbers.length === 0) {
|
||||
console.log('No valid issue numbers to process; skipping.');
|
||||
return;
|
||||
}
|
||||
|
||||
for (const issueNumber of issueNumbers) {
|
||||
console.log(`\n--- Processing item #${issueNumber} ---`);
|
||||
await labelIssue(issueNumber);
|
||||
}
|
||||
|
||||
async function labelIssue(issueNumber) {
|
||||
// Fetch as an issue resource; PRs are represented by issues with a pull_request field.
|
||||
const { data: issue } = await github.rest.issues.get({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
issue_number: issueNumber,
|
||||
});
|
||||
|
||||
const itemType = issue.pull_request ? 'Pull request' : 'Issue';
|
||||
|
||||
// Skip pull requests that already have labels applied.
|
||||
if (issue.pull_request && issue.labels && issue.labels.length > 0) {
|
||||
const existingLabels = issue.labels.map(l => l.name).join(', ');
|
||||
console.log(`${itemType} #${issueNumber} already has labels (${existingLabels}); skipping.`);
|
||||
return;
|
||||
}
|
||||
|
||||
const title = issue.title ?? '';
|
||||
const body = issue.body ?? '';
|
||||
|
||||
if (!title && !body) {
|
||||
console.log(`${itemType} #${issueNumber} has no title or body; skipping.`);
|
||||
return;
|
||||
}
|
||||
|
||||
// Truncation limit for issue body sent to the model. Keeps the
|
||||
// prompt within the model's context window and avoids high token usage.
|
||||
const MAX_BODY_LENGTH = 4000;
|
||||
|
||||
// Upper bound on model response tokens. A JSON array of label strings
|
||||
// is compact; 200 tokens is more than enough for any realistic response.
|
||||
const MAX_TOKENS = 200;
|
||||
|
||||
// All valid Product-* and Area-* labels the agent may choose from.
|
||||
const VALID_LABELS = [
|
||||
'Product-Advanced Paste',
|
||||
'Product-Always On Top',
|
||||
'Product-Awake',
|
||||
'Product-Color Picker',
|
||||
'Product-CommandNotFound',
|
||||
'Product-Command Palette',
|
||||
'Product-CropAndLock',
|
||||
'Product-Environment Variables',
|
||||
'Product-FancyZones',
|
||||
'Product-File Explorer',
|
||||
'Product-File Locksmith',
|
||||
'Product-Find My Mouse',
|
||||
'Product-Grab And Move',
|
||||
'Product-Hosts File Editor',
|
||||
'Product-Image Resizer',
|
||||
'Product-Keyboard Manager',
|
||||
'Product-LightSwitch',
|
||||
'Product-Mouse Highlighter',
|
||||
'Product-Mouse Jump',
|
||||
'Product-Mouse Pointer Crosshairs',
|
||||
'Product-Mouse Utilities',
|
||||
'Product-Mouse Without Borders',
|
||||
'Product-New+',
|
||||
'Product-Peek',
|
||||
'Product-PowerDisplay',
|
||||
'Product-PowerRename',
|
||||
'Product-PowerToys Run',
|
||||
'Product-Quick Accent',
|
||||
'Product-Registry Preview',
|
||||
'Product-Screen Ruler',
|
||||
'Product-Settings',
|
||||
'Product-Shortcut Guide',
|
||||
'Product-Text Extractor',
|
||||
'Product-Workspaces',
|
||||
'Product-ZoomIt',
|
||||
'Area-Setup/Install',
|
||||
'Area-Localization',
|
||||
];
|
||||
|
||||
const systemPrompt = `You are a GitHub triage assistant for the microsoft/PowerToys repository.
|
||||
Your job is to classify issues and pull requests by assigning the correct area label(s).
|
||||
|
||||
Rules:
|
||||
- Only return labels from the following list, exactly as written:
|
||||
${VALID_LABELS.map(l => ` • ${l}`).join('\n')}
|
||||
- Choose only the labels that clearly match the issue content.
|
||||
- If the issue mentions multiple areas, include a label for each one.
|
||||
- If no label fits, return an empty array.
|
||||
- Respond with ONLY a JSON array of label strings, no explanation.
|
||||
Example: ["Product-FancyZones","Product-Settings"]`;
|
||||
|
||||
const userPrompt = `${itemType} title: ${title}
|
||||
|
||||
${itemType} body:
|
||||
${body.slice(0, MAX_BODY_LENGTH)}`;
|
||||
|
||||
// Validate that the token is available before making the API call.
|
||||
const token = process.env.GITHUB_TOKEN;
|
||||
if (!token) {
|
||||
console.log('GITHUB_TOKEN is not set; skipping.');
|
||||
return;
|
||||
}
|
||||
|
||||
// Call the GitHub Models inference endpoint (OpenAI-compatible).
|
||||
const response = await fetch(
|
||||
'https://models.inference.ai.azure.com/chat/completions',
|
||||
{
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Authorization': `Bearer ${token}`,
|
||||
'Content-Type': 'application/json',
|
||||
},
|
||||
body: JSON.stringify({
|
||||
model: 'gpt-4o-mini',
|
||||
messages: [
|
||||
{ role: 'system', content: systemPrompt },
|
||||
{ role: 'user', content: userPrompt },
|
||||
],
|
||||
max_tokens: MAX_TOKENS,
|
||||
// temperature: 0 ensures deterministic, consistent label
|
||||
// classification across similar issues.
|
||||
temperature: 0,
|
||||
}),
|
||||
}
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
const errorBody = await response.text();
|
||||
console.log(`GitHub Models API error: ${response.status} ${response.statusText} — ${errorBody}`);
|
||||
return;
|
||||
}
|
||||
|
||||
const data = await response.json();
|
||||
const text = data.choices?.[0]?.message?.content?.trim() ?? '';
|
||||
console.log(`Model response: ${text}`);
|
||||
|
||||
let suggested;
|
||||
try {
|
||||
suggested = JSON.parse(text);
|
||||
} catch {
|
||||
console.log('Could not parse model response as JSON; skipping.');
|
||||
return;
|
||||
}
|
||||
|
||||
if (!Array.isArray(suggested) || suggested.length === 0) {
|
||||
console.log('No labels suggested by the model.');
|
||||
return;
|
||||
}
|
||||
|
||||
// Only apply labels that are in the allow-list.
|
||||
const validSet = new Set(VALID_LABELS);
|
||||
const toApply = [...new Set(suggested.filter(l => validSet.has(l)))];
|
||||
|
||||
if (toApply.length === 0) {
|
||||
console.log('Model returned no valid labels.');
|
||||
return;
|
||||
}
|
||||
|
||||
try {
|
||||
await github.rest.issues.addLabels({
|
||||
owner: context.repo.owner,
|
||||
repo: context.repo.repo,
|
||||
issue_number: issueNumber,
|
||||
labels: toApply,
|
||||
});
|
||||
console.log(`${itemType} #${issueNumber}: added labels: ${toApply.join(', ')}`);
|
||||
} catch (error) {
|
||||
// Some contexts (for example, restricted integrations) can deny
|
||||
// label writes even when workflow permissions request write scope.
|
||||
// Skip without failing the entire triage workflow.
|
||||
const status = error?.status;
|
||||
const message = error?.message ?? String(error);
|
||||
if (status === 403 && message.includes('Resource not accessible by integration')) {
|
||||
console.log(`${itemType} #${issueNumber}: skipping label write due to restricted token context (403).`);
|
||||
return;
|
||||
}
|
||||
|
||||
throw error;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,19 @@
|
||||
name: Automatic New Issue Deduplication
|
||||
on:
|
||||
issues:
|
||||
types: [opened, reopened]
|
||||
permissions:
|
||||
models: read
|
||||
issues: write
|
||||
concurrency:
|
||||
group: ${{ github.workflow }}-${{ github.event.issue.number }}
|
||||
cancel-in-progress: true
|
||||
jobs:
|
||||
deduplicate:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Run Deduplicate Action
|
||||
uses: pelikhan/action-genai-issue-dedup@v0
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
label_as_duplicate: true
|
||||
@@ -0,0 +1,26 @@
|
||||
# Dependency Review Action
|
||||
#
|
||||
# This Action will scan dependency manifest files that change as part of a Pull Request,
|
||||
# surfacing known-vulnerable versions of the packages declared or updated in the PR.
|
||||
# Once installed, if the workflow run is marked as required,
|
||||
# PRs introducing known-vulnerable packages will be blocked from merging.
|
||||
#
|
||||
# As recommended by Microsoft's security guidelines (https://docs.opensource.microsoft.com/security/tsg/actions/#requirements-for-security-hardening-your-own-github-actions),
|
||||
# 3rd-party actions should be pinned to a specific commit hash to prevent supply chain attacks.
|
||||
# This update aligns with best practices; 1st/2nd-party actions is not required hash pinning.
|
||||
#
|
||||
# Source repository: https://github.com/actions/dependency-review-action
|
||||
name: 'Dependency Review'
|
||||
on: [pull_request]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
dependency-review:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: 'Checkout Repository'
|
||||
uses: actions/checkout@v7
|
||||
- name: 'Dependency Review'
|
||||
uses: actions/dependency-review-action@v5
|
||||
@@ -0,0 +1,38 @@
|
||||
name: Manual Batch Issue Deduplication
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
issue_numbers:
|
||||
description: "JSON array of issue numbers to deduplicate (e.g. [101,102,103])"
|
||||
required: true
|
||||
since:
|
||||
description: "Only compare against issues created after this date (ISO 8601, e.g. 2019-05-05T00:00:00Z)"
|
||||
required: false
|
||||
default: "2019-05-05T00:00:00Z"
|
||||
label_as_duplicate:
|
||||
description: "Apply duplicate label if duplicates are found (true/false)"
|
||||
required: false
|
||||
default: "true"
|
||||
|
||||
permissions:
|
||||
models: read
|
||||
issues: write
|
||||
|
||||
jobs:
|
||||
deduplicate:
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
matrix:
|
||||
issue: ${{ fromJson(github.event.inputs.issue_numbers) }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v7
|
||||
|
||||
- name: Run GenAI Issue Deduplicator
|
||||
uses: pelikhan/action-genai-issue-dedup@v0
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_issue: ${{ matrix.issue }}
|
||||
label_as_duplicate: ${{ github.event.inputs.label_as_duplicate }}
|
||||
|
||||
@@ -0,0 +1,89 @@
|
||||
name: Store submission on release
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
permissions:
|
||||
id-token: write
|
||||
|
||||
jobs:
|
||||
|
||||
microsoft_store:
|
||||
name: Publish Microsoft Store
|
||||
environment: store
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: BODGY - Set up Gnome Keyring for future Cert Auth
|
||||
run: |-
|
||||
sudo apt-get update && sudo apt-get install -y gnome-keyring
|
||||
export $(dbus-launch --sh-syntax)
|
||||
export $(echo 'anypass_just_to_unlock' | gnome-keyring-daemon --unlock)
|
||||
export $(echo 'anypass_just_to_unlock' | gnome-keyring-daemon --start --components=gpg,pkcs11,secrets,ssh)
|
||||
|
||||
- name: Log in to Azure
|
||||
uses: azure/login@v3
|
||||
with:
|
||||
client-id: ${{ secrets.AZURE_CLIENT_ID }}
|
||||
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
|
||||
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
|
||||
enable-AzPSSession: true
|
||||
|
||||
- name: Get latest URL from public releases
|
||||
id: releaseVars
|
||||
run: |
|
||||
release=$(curl https://api.github.com/repos/Microsoft/PowerToys/releases | jq '[.[]|select(.name | contains("Release"))][0]')
|
||||
assets=$(jq -n "$release" | jq '.assets')
|
||||
powerToysSetup=$(jq -n "$assets" | jq '[.[]|select(.name | contains("PowerToysUserSetup"))]')
|
||||
echo powerToysInstallerX64Url=$(jq -n "$powerToysSetup" | jq -r '[.[]|select(.name | contains("x64"))][0].browser_download_url') >> $GITHUB_OUTPUT
|
||||
echo powerToysInstallerArm64Url=$(jq -n "$powerToysSetup" | jq -r '[.[]|select(.name | contains("arm64"))][0].browser_download_url') >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Setup .NET 9.0
|
||||
uses: actions/setup-dotnet@v5
|
||||
with:
|
||||
dotnet-version: '9.0.x'
|
||||
|
||||
- uses: microsoft/setup-msstore-cli@v1
|
||||
|
||||
- name: Fetch Store Credential
|
||||
uses: azure/cli@v3
|
||||
with:
|
||||
azcliversion: latest
|
||||
inlineScript: |-
|
||||
az keyvault secret download --vault-name ${{ secrets.AZURE_KEYVAULT_NAME }} -n ${{ secrets.AZURE_AUTH_CERT_NAME }} -f cert.pfx.b64
|
||||
base64 -d < cert.pfx.b64 > cert.pfx
|
||||
|
||||
- name: Configure Store Credentials
|
||||
run: |-
|
||||
msstore reconfigure -cfp cert.pfx -c ${{ secrets.AZURE_CLIENT_ID }} -t ${{ secrets.AZURE_TENANT_ID }} -s ${{ secrets.SELLER_ID }}
|
||||
|
||||
- name: Update draft submission
|
||||
run: |-
|
||||
msstore submission update ${{ secrets.PRODUCT_ID }} '{
|
||||
"packages":[
|
||||
{
|
||||
"packageUrl":"${{ steps.releaseVars.outputs.powerToysInstallerX64Url }}",
|
||||
"languages":["zh-hans", "zh-hant", "en", "cs", "nl", "fr", "pt", "pt-br", "de", "hu", "it", "ja", "ko", "pl", "ru", "es", "tr"],
|
||||
"architectures":["X64"],
|
||||
"installerParameters":"/quiet /norestart",
|
||||
"isSilentInstall":true
|
||||
},
|
||||
{
|
||||
"packageUrl":"${{ steps.releaseVars.outputs.powerToysInstallerArm64Url }}",
|
||||
"languages":["zh-hans", "zh-hant", "en", "cs", "nl", "fr", "pt", "pt-br", "de", "hu", "it", "ja", "ko", "pl", "ru", "es", "tr"],
|
||||
"architectures":["Arm64"],
|
||||
"installerParameters":"/quiet /norestart",
|
||||
"isSilentInstall":true
|
||||
}
|
||||
]
|
||||
}'
|
||||
|
||||
- name: Publish Submission
|
||||
run: |-
|
||||
msstore submission publish ${{ secrets.PRODUCT_ID }}
|
||||
|
||||
- name: Clean up auth certificate
|
||||
if: always()
|
||||
run: |-
|
||||
rm -f cert.pfx cert.pfx.b64
|
||||
@@ -0,0 +1,38 @@
|
||||
name: WinGet submission on release
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
jobs:
|
||||
winget:
|
||||
name: Publish winget package
|
||||
|
||||
# winget-create is only supported on Windows
|
||||
runs-on: windows-latest
|
||||
|
||||
# winget-create will read the following environment variable to access the GitHub token needed for submitting a PR
|
||||
# See https://aka.ms/winget-create-token
|
||||
env:
|
||||
WINGET_CREATE_GITHUB_TOKEN: ${{ secrets.PT_WINGET }}
|
||||
|
||||
# Only submit stable releases
|
||||
if: ${{ !github.event.release.prerelease }}
|
||||
steps:
|
||||
- name: Submit Microsoft.PowerToys package to Windows Package Manager Community Repository
|
||||
run: |
|
||||
# Get installer info from GitHub release event
|
||||
$assets = '${{ toJSON(github.event.release.assets) }}' | ConvertFrom-Json
|
||||
$x64UserInstallerUrl = $assets | Where-Object -Property name -match 'PowerToysUserSetup.*x64' | Select -ExpandProperty browser_download_url
|
||||
$x64MachineInstallerUrl = $assets | Where-Object -Property name -match 'PowerToysSetup.*x64' | Select -ExpandProperty browser_download_url
|
||||
$arm64UserInstallerUrl = $assets | Where-Object -Property name -match 'PowerToysUserSetup.*arm64' | Select -ExpandProperty browser_download_url
|
||||
$arm64MachineInstallerUrl = $assets | Where-Object -Property name -match 'PowerToysSetup.*arm64' | Select -ExpandProperty browser_download_url
|
||||
$packageVersion = (${{ toJSON(github.event.release.tag_name) }}).Trim('v')
|
||||
|
||||
# Update package using wingetcreate
|
||||
curl.exe -JLO https://aka.ms/wingetcreate/latest
|
||||
.\wingetcreate.exe update Microsoft.PowerToys `
|
||||
--version $packageVersion `
|
||||
--urls "$x64UserInstallerUrl|user" "$x64MachineInstallerUrl|machine" "$arm64UserInstallerUrl|user" "$arm64MachineInstallerUrl|machine" `
|
||||
--submit
|
||||
@@ -0,0 +1,67 @@
|
||||
# Builds the Dev Docs website from doc/devdocs with docmd and publishes it to GitHub Pages.
|
||||
#
|
||||
# The generated site is uploaded as a Pages artifact and deployed directly. It is never
|
||||
# committed to the repo, so doc/devdocs-website/site stays untracked (see .gitignore).
|
||||
#
|
||||
# Requires GitHub Pages to be enabled with "Source: GitHub Actions" under the repository
|
||||
# Settings -> Pages.
|
||||
name: Publish Dev Docs Website
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'doc/devdocs/**'
|
||||
- 'doc/devdocs-website/**'
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pages: write
|
||||
id-token: write
|
||||
|
||||
# Allow only one Pages deployment at a time and let an in-progress deploy finish.
|
||||
concurrency:
|
||||
group: pages
|
||||
cancel-in-progress: false
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v7
|
||||
with:
|
||||
# Full history so docmd's git plugin can resolve per-page "last updated" dates.
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Setup Node.js
|
||||
uses: actions/setup-node@v6
|
||||
with:
|
||||
node-version: latest
|
||||
|
||||
- name: Build static site with docmd
|
||||
working-directory: doc/devdocs-website
|
||||
# docmd is pinned in package.json; dependencies are installed fresh each run.
|
||||
run: |
|
||||
npm install
|
||||
npm run build
|
||||
|
||||
- name: Upload Pages artifact
|
||||
uses: actions/upload-pages-artifact@v5
|
||||
with:
|
||||
path: doc/devdocs-website/site
|
||||
# v4+ excludes dotfiles by default; keep docmd's generated .nojekyll.
|
||||
include-hidden-files: true
|
||||
|
||||
deploy:
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
environment:
|
||||
name: github-pages
|
||||
url: ${{ steps.deployment.outputs.page_url }}
|
||||
steps:
|
||||
- name: Deploy to GitHub Pages
|
||||
id: deployment
|
||||
uses: actions/deploy-pages@v5
|
||||
@@ -0,0 +1,197 @@
|
||||
# spelling.yml is blocked per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p
|
||||
name: Spell checking
|
||||
|
||||
# Comment management is handled through a secondary job, for details see:
|
||||
# https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Restricted-Permissions
|
||||
#
|
||||
# `jobs.comment-push` runs when a push is made to a repository and the `jobs.spelling` job needs to make a comment
|
||||
# (in odd cases, it might actually run just to collapse a comment, but that's fairly rare)
|
||||
# it needs `contents: write` in order to add a comment.
|
||||
#
|
||||
# `jobs.comment-pr` runs when a pull_request is made to a repository and the `jobs.spelling` job needs to make a comment
|
||||
# or collapse a comment (in the case where it had previously made a comment and now no longer needs to show a comment)
|
||||
# it needs `pull-requests: write` in order to manipulate those comments.
|
||||
|
||||
# Updating pull request branches is managed via comment handling.
|
||||
# For details, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-expect-list
|
||||
#
|
||||
# These elements work together to make it happen:
|
||||
#
|
||||
# `on.issue_comment`
|
||||
# This event listens to comments by users asking to update the metadata.
|
||||
#
|
||||
# `jobs.update`
|
||||
# This job runs in response to an issue_comment and will push a new commit
|
||||
# to update the spelling metadata.
|
||||
#
|
||||
# `with.experimental_apply_changes_via_bot`
|
||||
# Tells the action to support and generate messages that enable it
|
||||
# to make a commit to update the spelling metadata.
|
||||
#
|
||||
# `with.ssh_key`
|
||||
# In order to trigger workflows when the commit is made, you can provide a
|
||||
# secret (typically, a write-enabled github deploy key).
|
||||
#
|
||||
# For background, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-with-deploy-key
|
||||
|
||||
# SARIF reporting
|
||||
#
|
||||
# Access to SARIF reports is generally restricted (by GitHub) to members of the repository.
|
||||
#
|
||||
# Requires enabling `security-events: write`
|
||||
# and configuring the action with `use_sarif: 1`
|
||||
#
|
||||
# For information on the feature, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-SARIF-output
|
||||
|
||||
# Minimal workflow structure:
|
||||
#
|
||||
# on:
|
||||
# push:
|
||||
# ...
|
||||
# pull_request_target:
|
||||
# ...
|
||||
# jobs:
|
||||
# # you only want the spelling job, all others should be omitted
|
||||
# spelling:
|
||||
# # remove `security-events: write` and `use_sarif: 1`
|
||||
# # remove `experimental_apply_changes_via_bot: 1`
|
||||
# ... otherwise, adjust the `with:` as you wish
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "**"
|
||||
tags-ignore:
|
||||
- "**"
|
||||
pull_request_target:
|
||||
branches:
|
||||
- "**"
|
||||
types:
|
||||
- "opened"
|
||||
- "reopened"
|
||||
- "synchronize"
|
||||
issue_comment:
|
||||
types:
|
||||
- "created"
|
||||
|
||||
permissions: {}
|
||||
|
||||
jobs:
|
||||
spelling:
|
||||
name: Check Spelling
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: read
|
||||
actions: read
|
||||
security-events: write
|
||||
outputs:
|
||||
followup: ${{ steps.spelling.outputs.followup }}
|
||||
runs-on: ubuntu-latest
|
||||
if: ${{ (contains(github.event_name, 'pull_request') && github.event.pull_request.state == 'open') || github.event_name == 'push' }}
|
||||
concurrency:
|
||||
group: spelling-${{ github.event.pull_request.number || github.ref }}
|
||||
# note: If you use only_check_changed_files, you do not want cancel-in-progress
|
||||
cancel-in-progress: true
|
||||
steps:
|
||||
- name: check-spelling
|
||||
id: spelling
|
||||
uses: check-spelling/check-spelling@cfb6f7e75bbfc89c71eaa30366d0c166f1bd9c8c # v0.0.26
|
||||
with:
|
||||
config: .github/actions/spell-check
|
||||
suppress_push_for_open_pull_request: ${{ github.actor != 'dependabot[bot]' && 1 }}
|
||||
checkout: true
|
||||
check_file_names: 1
|
||||
spell_check_this: microsoft/PowerToys@main
|
||||
post_comment: 0
|
||||
use_magic_file: 1
|
||||
report-timing: 1
|
||||
warnings: bad-regex,binary-file,deprecated-feature,ignored-expect-variant,large-file,limited-references,no-newline-at-eof,noisy-file,non-alpha-in-dictionary,token-is-substring,unexpected-line-ending,whitespace-in-dictionary,minified-file,unsupported-configuration,no-files-to-check,unclosed-block-ignore-begin,unclosed-block-ignore-end
|
||||
experimental_apply_changes_via_bot: 1
|
||||
use_sarif: 1
|
||||
check_extra_dictionaries: ""
|
||||
dictionary_source_prefixes: >
|
||||
{
|
||||
"cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20241114/dictionaries/"
|
||||
}
|
||||
extra_dictionaries: |
|
||||
cspell:software-terms/softwareTerms.txt
|
||||
cspell:cpp/stdlib-c.txt
|
||||
cspell:cpp/stdlib-cpp.txt
|
||||
cspell:filetypes/filetypes.txt
|
||||
cspell:php/php.txt
|
||||
cspell:dart/dart.txt
|
||||
cspell:dotnet/dotnet.txt
|
||||
cspell:powershell/powershell.txt
|
||||
cspell:csharp/csharp.txt
|
||||
cspell:python/python/python-lib.txt
|
||||
cspell:node/node.txt
|
||||
cspell:golang/go.txt
|
||||
cspell:npm/npm.txt
|
||||
cspell:fullstack/fullstack.txt
|
||||
cspell:css/css.txt
|
||||
cspell:java/java.txt
|
||||
cspell:typescript/typescript.txt
|
||||
cspell:html/html.txt
|
||||
cspell:r/r.txt
|
||||
cspell:aws/aws.txt
|
||||
cspell:cpp/compiler-msvc.txt
|
||||
cspell:python/common/extra.txt
|
||||
cspell:scala/scala.txt
|
||||
ignored: ignored-expect-variant
|
||||
|
||||
comment-push:
|
||||
name: Report (Push)
|
||||
# If your workflow isn't running on push, you can remove this job
|
||||
runs-on: ubuntu-slim
|
||||
needs: spelling
|
||||
permissions:
|
||||
actions: read
|
||||
contents: write
|
||||
if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push'
|
||||
steps:
|
||||
- name: comment
|
||||
uses: check-spelling/check-spelling@cfb6f7e75bbfc89c71eaa30366d0c166f1bd9c8c # v0.0.26
|
||||
with:
|
||||
task: ${{ needs.spelling.outputs.followup }}
|
||||
|
||||
comment-pr:
|
||||
name: Report (PR)
|
||||
# If you workflow isn't running on pull_request*, you can remove this job
|
||||
runs-on: ubuntu-slim
|
||||
needs: spelling
|
||||
permissions:
|
||||
actions: read
|
||||
pull-requests: write
|
||||
if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request')
|
||||
steps:
|
||||
- name: comment
|
||||
uses: check-spelling/check-spelling@cfb6f7e75bbfc89c71eaa30366d0c166f1bd9c8c # v0.0.26
|
||||
with:
|
||||
task: ${{ needs.spelling.outputs.followup }}
|
||||
experimental_apply_changes_via_bot: ${{ github.repository_owner != 'microsoft' && 1 }}
|
||||
|
||||
update:
|
||||
name: Update PR
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
actions: read
|
||||
runs-on: ubuntu-slim
|
||||
if: ${{
|
||||
github.repository_owner != 'microsoft' &&
|
||||
github.event_name == 'issue_comment' &&
|
||||
github.event.issue.pull_request &&
|
||||
contains(github.event.comment.body, '@check-spelling-bot') &&
|
||||
contains(github.event.comment.body, 'apply') &&
|
||||
contains(github.event.comment.body, 'https://')
|
||||
}}
|
||||
concurrency:
|
||||
group: spelling-update-${{ github.event.issue.number }}
|
||||
cancel-in-progress: false
|
||||
steps:
|
||||
- name: apply spelling updates
|
||||
uses: check-spelling/check-spelling@cfb6f7e75bbfc89c71eaa30366d0c166f1bd9c8c # v0.0.26
|
||||
with:
|
||||
experimental_apply_changes_via_bot: ${{ github.repository_owner != 'microsoft' && 1 }}
|
||||
checkout: true
|
||||
ssh_key: "${{ secrets.CHECK_SPELLING }}"
|
||||
@@ -0,0 +1,35 @@
|
||||
# NOTE: This workflow depends on .github/scripts/telemetry-pr-check.js for telemetry detection and PR comments.
|
||||
# Keep this workflow and script behavior in sync when making changes.
|
||||
name: Telemetry PR Check
|
||||
|
||||
on:
|
||||
pull_request_target:
|
||||
types: [opened, reopened, synchronize, ready_for_review]
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
pr_number:
|
||||
description: "Pull Request Number to test against"
|
||||
required: true
|
||||
type: string
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
|
||||
concurrency:
|
||||
group: telemetry-pr-check-${{ github.event.pull_request.number }}
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
detect-telemetry-events:
|
||||
if: ${{ github.event.pull_request.draft == false }}
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v7
|
||||
|
||||
- name: Detect telemetry event changes and comment PR
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
run: node .github/scripts/telemetry-pr-check.js
|
||||
Reference in New Issue
Block a user