chore: Add GitHub Actions for AI-powered issue and PR management#3886
Conversation
This commit introduces five new GitHub Actions workflows to automate and improve the management of issues and pull requests using AI: * **`models_dedupe.yml`**: Detects and flags duplicate issues. * **`models_completeness.yml`**: Checks new issues for completeness (e.g., reproduction steps, version info) and requests missing information. * **`models_quality.yml`**: Identifies and labels potential spam or low-quality contributions in new issues and pull requests. * **`models_onboarding.yml`**: Periodically runs an AI resolver on issues and pull requests. * **`models_resolver.yml`**: Welcomes first-time contributors with a friendly message and directs them to contribution guidelines.
There was a problem hiding this comment.
Pull request overview
This PR introduces five new GitHub Actions workflows to automate issue and pull request management using AI-powered tools. The workflows are adapted from a GitHub blog article and require configuration tuning for production use.
Key Changes:
- Adds AI-powered duplicate issue detection, issue completeness checking, and quality/spam filtering
- Implements automated welcome messages for first-time contributors
- Sets up periodic AI-based issue/PR resolution
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 11 comments.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/models_resolver.yml |
Welcomes first-time contributors with AI-generated messages |
.github/workflows/models_quality.yml |
Detects spam or low-quality issues/PRs and applies labels |
.github/workflows/models_onboarding.yml |
Runs continuous AI resolver on a weekly schedule |
.github/workflows/models_dedupe.yml |
Detects and flags duplicate issues using AI |
.github/workflows/models_completeness.yml |
Checks new issues for completeness and requests missing info |
Critical Security Concerns: Multiple workflows contain script injection and prompt injection vulnerabilities where unsanitized AI outputs and user inputs are directly interpolated into scripts. Additionally, the actions/ai-inference@v1 action and models: read permission may not exist in standard GitHub Actions and require verification before deployment.
DaneEvans
left a comment
There was a problem hiding this comment.
Lets see how they play.
I'm sure we'll want to change some thingsr
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3886 +/- ##
=====================================
Coverage 0.53% 0.53%
=====================================
Files 392 392
Lines 22940 22940
Branches 2894 2894
=====================================
Hits 122 122
Misses 22797 22797
Partials 21 21 ☔ View full report in Codecov by Sentry. |
This commit introduces five new GitHub Actions workflows to automate and improve the management of issues and pull requests using AI:
models_dedupe.yml: Detects and flags duplicate issues.models_completeness.yml: Checks new issues for completeness (e.g., reproduction steps, version info) and requests missing information.models_quality.yml: Identifies and labels potential spam or low-quality contributions in new issues and pull requests.models_onboarding.yml: Periodically runs an AI resolver on issues and pull requests.models_resolver.yml: Welcomes first-time contributors with a friendly message and directs them to contribution guidelines.These are directly copied from the article: https://github.blog/open-source/maintainers/how-github-models-can-help-open-source-maintainers-focus-on-what-matters/ and therefore may need some tuning to get working appropriately.