chore: add Husky pre-commit hooks and auto-merge workflow#130
Conversation
- Install Husky + lint-staged for pre-commit formatting - Add auto-merge workflow for owner PRs that pass CI - Auto-merge dependabot PRs after CI passes - External contributors' PRs still require owner review (CODEOWNERS) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Replace peter-evans action with gh CLI which doesn't need pull-request-number input and works directly with PR events. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 09ac09a67f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| runs-on: ubuntu-latest | ||
| if: >- | ||
| github.event.pull_request.user.login == 'tomymaritano' || | ||
| github.event.workflow_run.head_repository.owner.login == 'tomymaritano' |
There was a problem hiding this comment.
Gate owner auto-merge to PR-based workflow runs
This condition matches owner workflow_run events from normal branch pushes as well as PRs, and CI is configured to run on push to main/develop in .github/workflows/ci.yml. For those push-triggered completions there is no pull request in the event payload, but the job still calls peter-evans/enable-pull-request-automerge@v3 without a pull-request-number, so the auto-merge job will fail/no-op on regular owner pushes instead of only handling PRs. Add a guard for PR-originated workflow runs (for example checking github.event.workflow_run.event == 'pull_request' or workflow_run.pull_requests presence) before invoking the action.
Useful? React with 👍 / 👎.
Husky hooks: - commit-msg: validate conventional commits with commitlint - pre-push: run tests + typecheck before pushing CI improvements (Tier 1 - Speed): - Shared setup job with cached node_modules - Cancel in-progress runs on new pushes - Turborepo-ready with env vars CI improvements (Tier 2 - Quality): - Test coverage collection and artifact upload - Bundle size tracking reported in PR summary - PR size labels (XS/S/M/L/XL) - Auto-label PRs by changed packages CI improvements (Tier 3 - Security): - npm audit check for high severity vulnerabilities - License compatibility check (blocks GPL-3.0/AGPL/SSPL) - CodeQL static analysis (weekly + on PR) - Commitlint on PR titles Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
plugin-api is browser code without @types/node, so process.env causes typecheck failures. The debug log is low-cost and harmless in production. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
Summary
Setup required
After merging, enable branch protection on
develop:developlint,test,typecheckTest plan
🤖 Generated with Claude Code