Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 54 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
name: Bug Report
description: Report an Issue or Bug with the Package
title: "[Bug]: "
labels: [ "bug" ]
body:
- type: markdown
attributes:
value: "|
We're sorry to hear you have a problem. Can you help us solve it by providing the following details."
Comment on lines +8 to +9

Copilot AI Mar 20, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The issue template YAML is invalid: value is started as a quoted string ("|) and the following line is not indented under it. GitHub will likely fail to load this template. Use YAML block scalar syntax (value: |) and indent the markdown content under value.

Suggested change
value: "|
We're sorry to hear you have a problem. Can you help us solve it by providing the following details."
value: |
We're sorry to hear you have a problem. Can you help us solve it by providing the following details.

Copilot uses AI. Check for mistakes.
- type: textarea
id: what-happened
attributes:
label: What happened?
description: What did you expect to happen?
placeholder: "I cannot currently do X thing because when I do, it breaks X thing."
validations:
required: true
- type: input
id: package-version
attributes:
label: Package Version
description: What version of our Package are you running? Please be as specific as possible
placeholder: "12.0"
value: "12.0"
validations:
required: true
- type: input
id: php-version
attributes:
label: PHP Version
description: What version of PHP are you running? Please be as specific as possible
placeholder: "8.4.0"
value: "8.4.0"
validations:
required: true
- type: input
id: laravel-version
attributes:
label: Laravel Version
description: What version of Laravel are you running? Please be as specific as possible
placeholder: "12.0.0"
value: "12.0.0"
validations:
required: true
- type: dropdown
id: operating-systems
attributes:
label: Which operating systems does with happen with?

Copilot AI Mar 20, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo/grammar in the label: "Which operating systems does with happen with?" should be corrected (e.g., "Which operating systems does this happen on?") for clarity in the issue template UI.

Suggested change
label: Which operating systems does with happen with?
label: Which operating systems does this happen on?

Copilot uses AI. Check for mistakes.
description: You may select more than one.
multiple: true
options:
- macOS
- Windows
- Linux
12 changes: 12 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
name: Question or Feature
description: Open a Question or Feature Request
title: "[Feature]: "
labels: ["feature"]
body:
- type: textarea
id: question-feature
attributes:
label: Question or Feature?
description: Enter a Question or Feature Request
validations:
required: true
38 changes: 38 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
ignore:
- dependency-name: "*"
update-types: [ "version-update:semver-major" ]
groups:
minor-and-patch:
update-types: [ "minor", "patch" ]

- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "daily"
allow:
- dependency-type: "direct"
ignore:
- dependency-name: "*"
update-types: [ "version-update:semver-major" ]
groups:
minor-and-patch:
update-types: [ "minor", "patch" ]

Comment on lines +14 to +26

Copilot AI Mar 20, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The Dependabot config enables the npm ecosystem for directory: "/", but this repository doesn't contain a package.json/lockfile in the root. This will cause Dependabot runs to error/no-op and generate noise. Either remove the npm entry or add the appropriate Node manifest files if npm dependencies are intended.

Suggested change
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "daily"
allow:
- dependency-type: "direct"
ignore:
- dependency-name: "*"
update-types: [ "version-update:semver-major" ]
groups:
minor-and-patch:
update-types: [ "minor", "patch" ]

Copilot uses AI. Check for mistakes.
- package-ecosystem: "composer"
directory: "/"
schedule:
interval: "daily"
allow:
- dependency-type: "direct"
ignore:
- dependency-name: "*"
update-types: [ "version-update:semver-major" ]
groups:
minor-and-patch:
update-types: [ "minor", "patch" ]
32 changes: 32 additions & 0 deletions .github/workflows/dependabot-auto-merge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: dependabot-auto-merge
on: pull_request_target

permissions:
pull-requests: write
contents: write

jobs:
dependabot:
runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }}
steps:

- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v2.5.0
with:
github-token: "${{ secrets.GITHUB_TOKEN }}"

- name: Auto-merge Dependabot PRs for semver-minor updates
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-minor'}}
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

- name: Auto-merge Dependabot PRs for semver-patch updates
if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}}
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
20 changes: 20 additions & 0 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
# Dependency Review Action
#
# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
#
# Source repository: https://github.com/actions/dependency-review-action
# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
name: 'Dependency Review'
on: [pull_request]

permissions:
contents: read

jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v6

Copilot AI Mar 20, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This workflow uses actions/checkout@v6, while the other workflows in this repo use actions/checkout@v4. To reduce the chance of CI breakage and keep versions consistent, consider pinning to the same major version as the rest of the repo (or verify that @v6 is available and intended).

Suggested change
uses: actions/checkout@v6
uses: actions/checkout@v4

Copilot uses AI. Check for mistakes.
- name: 'Dependency Review'
uses: actions/dependency-review-action@v4
55 changes: 55 additions & 0 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
# Contributing

Contributions are **welcome** and will be fully **credited**.

Please read and understand the contribution guide before creating an issue or pull request.

## Etiquette

This project is open source, and as such, the maintainers give their free time to build and maintain the source code
held within. They make the code freely available in the hope that it will be of use to other developers. It would be
extremely unfair for them to suffer abuse or anger for their hard work.

Please be considerate towards maintainers when raising issues or presenting pull requests. Let's show the
world that developers are civilized and selfless people.

It's the duty of the maintainer to ensure that all submissions to the project are of sufficient
quality to benefit the project. Many developers have different skillsets, strengths, and weaknesses. Respect the maintainer's decision, and do not be upset or abusive if your submission is not used.

## Viability

When requesting or submitting new features, first consider whether it might be useful to others. Open
source projects are used by many developers, who may have entirely different needs to your own. Think about
whether or not your feature is likely to be used by other users of the project.

## Procedure

Before filing an issue:

- Attempt to replicate the problem, to ensure that it wasn't a coincidental incident.
- Check to make sure your feature suggestion isn't already present within the project.
- Check the pull requests tab to ensure that the bug doesn't have a fix in progress.
- Check the pull requests tab to ensure that the feature isn't already in progress.

Before submitting a pull request:

- Check the codebase to ensure that your feature doesn't already exist.
- Check the pull requests to ensure that another person hasn't already submitted the feature or fix.

## Requirements

If the project maintainer has any additional requirements, you will find them listed here.

- **[PSR-2 Coding Standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md)** - The easiest way to apply the conventions is to install [PHP Code Sniffer](https://pear.php.net/package/PHP_CodeSniffer).

- **Add tests!** - Your patch won't be accepted if it doesn't have tests.
Comment on lines +43 to +45

Copilot AI Mar 20, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The contributing guide requires PSR-2 and points contributors to PHP_CodeSniffer, but this repo’s CI runs composer lint which executes Laravel Pint (vendor/bin/pint --test) with the laravel preset. Update the guide to match the actual formatting/linting toolchain (Pint) so contributors follow the same rules as CI.

Copilot uses AI. Check for mistakes.

- **Document any change in behaviour** - Make sure the `README.md` and any other relevant documentation are kept up-to-date.

- **Consider our release cycle** - We try to follow [SemVer v2.0.0](https://semver.org/). Randomly breaking public APIs is not an option.

- **One pull request per feature** - If you want to do more than one thing, send multiple pull requests.

- **Send coherent history** - Make sure each individual commit in your pull request is meaningful. If you had to make multiple intermediate commits while developing, please [squash them](https://www.git-scm.com/book/en/v2/Git-Tools-Rewriting-History#Changing-Multiple-Commit-Messages) before submitting.

**Happy coding**!
3 changes: 3 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# Security Policy

If you discover any security related issues, please email info@codebar.ch instead of using the issue tracker.
Loading
Loading