Skip to content

Unpushed commits (local main ahead of origin/main)#3

Merged
StanBarrows merged 7 commits into
mainfrom
feature-dependency-bump
Mar 21, 2026
Merged

Unpushed commits (local main ahead of origin/main)#3
StanBarrows merged 7 commits into
mainfrom
feature-dependency-bump

Conversation

@StanBarrows

Copy link
Copy Markdown
Contributor

Local main was 7 commit(s) ahead of origin/main. Opened from update-opensource-active.sh for review.

Copilot AI review requested due to automatic review settings March 21, 2026 07:19

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds/updates GitHub Actions workflows to automate releases, run PHPStan, and refresh action versions used by existing CI workflows.

Changes:

  • Add a release workflow intended to bump versions and push tags when PRs to main are closed.
  • Add a PHPStan workflow triggered on PHP/composer/phpstan file changes.
  • Update existing workflows to newer action versions (dependency review, auto-commit for Pint fixes).

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
.github/workflows/release.yml New workflow to tag/bump versions on PR close.
.github/workflows/phpstan.yml New workflow to run PHPStan on pushes/PRs affecting PHP-related files.
.github/workflows/fix-php-code-style-issues.yml Bumps git auto-commit action version used after Pint fixes.
.github/workflows/dependency-review.yml Pins checkout and dependency-review-action versions.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +4 to +8
pull_request:
types:
- closed
branches:
- main

Copilot AI Mar 21, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This workflow triggers on any PR close, including PRs closed without merging. Add a guard like if: github.event.pull_request.merged == true (or switch the trigger to push on main) so tags/releases are only created when changes actually land on main.

Copilot uses AI. Check for mistakes.
Comment on lines +18 to +23
- name: Bump version and push tag
uses: anothrNick/github-tag-action@1.75.0
env:
GITHUB_TOKEN: ${{ secrets.MY_GITHUB_TOKEN }}
WITH_V: true
RELEASE_BRANCHES: main

Copilot AI Mar 21, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tagging step uses a custom secret (secrets.MY_GITHUB_TOKEN) and the workflow doesn’t declare permissions: contents: write. This is likely to fail (and secrets aren’t available to pull_request runs from forks). Prefer ${{ secrets.GITHUB_TOKEN }} with explicit permissions: contents: write, and/or run the release workflow on push to main where the token can push tags safely.

Copilot uses AI. Check for mistakes.
@StanBarrows StanBarrows merged commit 78765c6 into main Mar 21, 2026
10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants