🧹 chore: Improvements to GitHub Workflows

[gaby]

Description

• Merge autolabeler into release-drafter
• Use commit hashes for Github Actions using go run github.com/mashiike/actionspin/cmd/actionspin@latest
• Improve ignore-path rules across actions
• Add autolabeler for main and v2 branch.

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)

• .github/release-drafter.yml is excluded by !**/*.yml

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Added a new actionspin Makefile target and updated the betteralign target from version v0.7.2 to v0.8.0. Both changes are contained within the Makefile build configuration.

Changes

Cohort / File(s)	Description
Makefile build targets Makefile	Added .PHONY declaration and new actionspin target invoking actionspin@latest; updated betteralign target version from v0.7.2 to v0.8.0

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

• Straightforward version bump and new target addition with no logic dependencies or side effects

Suggested labels

🧹 Updates

Suggested reviewers

• sixcolors
• efectn

Poem

🐰 Hop, hop—the tools now spin anew,
betteralign leaps to v0.8's debut,
Makefile targets dance in the night,
Each .PHONY promise shining bright! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is incomplete compared to the template, missing required sections like 'Changes introduced' checklist items, 'Type of change' selection, and comprehensive checklist items for documentation and testing.	Fill out the 'Changes introduced' section with relevant checklist items, select appropriate 'Type of change' options, and complete the 'Checklist' section with relevant validation steps.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title mentions 'Improvements to GitHub Workflows' which aligns with the changes in the Makefile (updating tool versions and adding new workflow-related targets), though it lacks specificity about the actual changes.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.11%. Comparing base (9892282) to head (2e8502d).
⚠️ Report is 7 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3857   +/-   ##
=======================================
  Coverage   92.11%   92.11%           
=======================================
  Files         115      115           
  Lines        9776     9776           
=======================================
  Hits         9005     9005           
  Misses        490      490           
  Partials      281      281           

Flag	Coverage Δ
unittests	92.11% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Autolabeler never tags PRs targeting main/v2

The new autolabeler rules intend to apply v3/v2 based on the branch a PR targets, but the configuration uses the branch matcher ('/main/', '/v2/'). branch matches the PR head branch (e.g. feature/xyz), not the base branch. As a result almost no pull request will receive the v3 label, yet include-labels at the top only publishes releases for PRs carrying that label, so release notes will now be empty unless labels are added manually. Swap these matchers to base-branch (or similar) or add a dedicated workflow trigger so PRs are correctly labeled.

Useful? React with 👍 / 👎.

[gaby]

Hmmm

[Copilot]

Pull Request Overview

This PR enhances GitHub Actions security and workflow efficiency by pinning action versions to commit SHAs and consolidating labeling configuration. The changes improve security posture by preventing supply chain attacks through mutable version tags, while also streamlining the labeling system.

• Pins all GitHub Actions to specific commit SHAs with version comments for security and reproducibility
• Consolidates labeling configuration from separate files into release-drafter.yml's autolabeler feature
• Optimizes workflow triggers using paths-ignore instead of explicit paths for better maintainability

Reviewed Changes

Copilot reviewed 15 out of 15 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
.github/workflows/vulncheck.yml	Pins actions/checkout and actions/setup-go to commit SHAs
.github/workflows/v3-label-automation.yml	Pins actions/add-to-project and actions/github-script to commit SHAs
.github/workflows/test.yml	Pins actions/checkout, actions/setup-go, and codecov/codecov-action to commit SHAs
.github/workflows/sync-docs.yml	Pins actions/checkout and actions/setup-node to commit SHAs; updates Node.js version format
.github/workflows/spell-check.yml	Pins actions with major version upgrade to cspell-action v8 and updates codespell-project
.github/workflows/release-drafter.yml	Pins release-drafter action to commit SHA
.github/workflows/modernize.yml	Pins actions and refactors path filtering to use paths-ignore
.github/workflows/markdown.yml	Pins actions and adds explicit path filtering for markdown files
.github/workflows/manual-dependabot.yml	Pins actions/checkout to commit SHA
.github/workflows/linter.yml	Pins actions with major version upgrade to golangci-lint-action v9
.github/workflows/codeql-analysis.yml	Pins github/codeql-action to commit SHA with specific version
.github/workflows/benchmark.yml	Pins multiple actions and refactors path filtering to use paths-ignore
.github/workflows/auto-labeler.yml	Removes standalone auto-labeler workflow (functionality moved to release-drafter)
.github/release-drafter.yml	Adds autolabeler configuration, removes redundant version labels, improves template text
.github/labeler.yml	Removes standalone labeler configuration (replaced by autolabeler in release-drafter.yml)