feat(skills): enhance pr-reference skill with flexible filtering and base branch detection#1095
Merged
katriendg merged 3 commits intomicrosoft:mainfrom Mar 16, 2026
Merged
Conversation
- add support for auto-detecting the default branch - implement merge-base comparison for diffs - allow exclusion of specific file extensions and paths - update list-changed-files scripts to support multiple type filters and exclusions 🔧 - Generated by Copilot
katriendg
approved these changes
Mar 16, 2026
Contributor
katriendg
left a comment
There was a problem hiding this comment.
Thanks Dawid, changes are looking great. I have one comment to change the description and that would be it from my view.
Could not help it and get some testing in. This is looking very good, skill calling the right scripts with some of your changes:
Co-authored-by: Katrien De Graeve <katriendg@users.noreply.github.com>
🤖 - Generated by Copilot
This was referenced Mar 16, 2026
29 tasks
This was referenced Mar 17, 2026
WilliamBerryiii
added a commit
that referenced
this pull request
Mar 19, 2026
…flags (#1106) ## Description This PR closes four Codecov integration gaps identified in #1103 and addresses the root cause behind missing Codecov comments on fork PRs like #1095. The Pester test runner (*pester.config.ps1*) dynamically discovers skill scripts under `.github/skills/**/scripts/`, but the Codecov flag mapping only listed `scripts/**`. Combined with `require_changes: true`, Codecov silently suppressed PR comments when changed files fell outside the mapped paths. This PR expands the pester flag paths, removes the `require_changes` gate, adds per-flag project and patch status targets, fixes a pytest coverage source mismatch, and establishes weekly coverage baselines. ### Codecov Configuration > Root cause: PRs touching only skill scripts received no Codecov comment because the pester flag paths didn't include `.github/skills/**/scripts/**` and `require_changes: true` suppressed comments when no flag-relevant changes were detected. - Expanded **pester flag paths** to include `.github/skills/**/scripts/**`, matching the test runner's dynamic discovery scope - Removed **`require_changes: true`** from the comment section so fork PRs always receive Codecov feedback - Added **pester project status** target (`auto` with `1%` threshold) and flag binding, matching the existing pytest project status - Added **flag-specific patch coverage** for both pester and pytest (`80%` target, `informational: true`) - Previously only the `default` patch target existed, so per-flag patch regressions went unreported ### Pytest Workflow - Changed `--cov=.` to `--cov` in *pytest-tests.yml* so coverage honors each skill's `pyproject.toml` `[tool.coverage.run] source` setting rather than measuring from the working directory root ### Weekly Validation Weekly coverage baselines ensure Codecov has recent data for carryforward flag comparisons. - Added a **Pester Coverage Baseline** job invoking *pester-tests.yml* with `soft-fail: true`, `changed-files-only: false`, and `code-coverage: true` - Added a **Discover Python Projects** job that finds all `pyproject.toml` files and outputs a JSON matrix of project directories - Added a **Pytest Coverage Baseline** matrix job invoking *pytest-tests.yml* per discovered project, establishing weekly baselines ## Related Issue(s) Closes #1103 ## Type of Change Select all that apply: **Code & Documentation:** * [ ] Bug fix (non-breaking change fixing an issue) * [ ] New feature (non-breaking change adding functionality) * [ ] Breaking change (fix or feature causing existing functionality to change) * [ ] Documentation update **Infrastructure & Configuration:** * [x] GitHub Actions workflow * [x] Linting configuration (markdown, PowerShell, etc.) * [ ] Security configuration * [ ] DevContainer configuration * [ ] Dependency update **AI Artifacts:** * [ ] Reviewed contribution with `prompt-builder` agent and addressed all feedback * [ ] Copilot instructions (`.github/instructions/*.instructions.md`) * [ ] Copilot prompt (`.github/prompts/*.prompt.md`) * [ ] Copilot agent (`.github/agents/*.agent.md`) * [ ] Copilot skill (`.github/skills/*/SKILL.md`) **Other:** * [ ] Script/automation (`.ps1`, `.sh`, `.py`) * [ ] Other (please describe): ## Testing - Verified the diff contains only intended changes (caught and reverted an unintended `setup-uv` SHA downgrade during review) - Confirmed `actions/checkout` in the new weekly discovery job uses the same pinned SHA (`v4.2.2`) with `persist-credentials: false` - All new weekly jobs use minimal permissions (`contents: read` + `id-token: write` for Codecov OIDC) ## Checklist ### Required Checks * [x] Documentation is updated (if applicable) * [x] Files follow existing naming conventions * [x] Changes are backwards compatible (if applicable) * [ ] Tests added for new functionality (if applicable) ### AI Artifact Contributions * [ ] Used `/prompt-analyze` to review contribution * [ ] Addressed all feedback from `prompt-builder` review * [ ] Verified contribution follows common standards and type-specific requirements ### Required Automated Checks The following validation commands must pass before merging: * [x] Markdown linting: `npm run lint:md` * [x] Spell checking: `npm run spell-check` * [x] Frontmatter validation: `npm run lint:frontmatter` * [x] Skill structure validation: `npm run validate:skills` * [x] Link validation: `npm run lint:md-links` * [x] PowerShell analysis: `npm run lint:ps` Co-authored-by: Katrien De Graeve <katriendg@users.noreply.github.com>
This was referenced Mar 19, 2026
This was referenced Mar 20, 2026
WilliamBerryiii
added a commit
that referenced
this pull request
Mar 20, 2026
🤖 I have created a release *beep* *boop* --- ## [3.2.0](hve-core-v3.1.46...hve-core-v3.2.0) (2026-03-20) ### ✨ Features * add -OutputPath parameter to Validate-MarkdownFrontmatter.ps1 ([#1134](#1134)) ([fdf1bcf](fdf1bcf)), closes [#1006](#1006) * add action version consistency scan workflow ([#1127](#1127)) ([4229df1](4229df1)) * **agent:** MVE Experiment Designer ([#976](#976)) ([70f86ca](70f86ca)) * **agents:** add ADO Backlog Manager orchestrator agent ([#800](#800)) ([fae3987](fae3987)) * **agents:** add meeting analyst agent for transcript analysis using work-iq ([#502](#502)) ([5345b5b](5345b5b)) * **agents:** add quick-reference line to RPI Phase 5 suggestions ([#897](#897)) ([9a90f39](9a90f39)) * **agents:** add RAI Planner, enhance SSSC Planner, and redesign Security Planner ([#979](#979)) ([06f826c](06f826c)) * **agents:** add symmetric cross-system handoff to GitHub Backlog Manager ([#952](#952)) ([ba34a35](ba34a35)) * **agents:** Functional Code Review Agent — pre-PR functional correctness reviewer ([#733](#733)) ([9cf63b7](9cf63b7)) * **build:** add Python extensions and uv 0.10.8 to devcontainer ([#920](#920)) ([9ca0579](9ca0579)) * **build:** add uv ecosystem to Dependabot configuration ([#913](#913)) ([2a4bd39](2a4bd39)) * **build:** enable npm pinning enforcement in dependency scan ([#838](#838)) ([4e9e31f](4e9e31f)) * **build:** migrate attestation actions to v4.1.0 and add SBOM verification docs ([#841](#841)) ([ca1e65b](ca1e65b)) * **collections:** add four new validator checks (orphan, duplicate, companion, coverage) ([#869](#869)) ([1a96b73](1a96b73)) * **devcontainer,security:** add enterprise artifact hub configuration ([#1032](#1032)) ([1d56d25](1d56d25)) * **docs:** add Rust coding standards and guidelines ([#809](#809)) ([d4c4899](d4c4899)) * **extension:** add Microsoft logo icon to VS Code Marketplace listings ([#906](#906)) ([82aca41](82aca41)) * **github:** add declarative label management ([#953](#953)) ([a1a6845](a1a6845)) * **instructions:** add ADO backlog shared infrastructure ([#786](#786)) ([1914078](1914078)) * **instructions:** add ADO backlog sprint planning and capacity tracking ([#788](#788)) ([d6fb77d](d6fb77d)) * **instructions:** add ADO triage workflow and prompt ([#787](#787)) ([cde0190](cde0190)) * **instructions:** add shared story quality conventions and sprint planning ([#803](#803)) ([a2f18e3](a2f18e3)) * **prompts:** add ADO discovery and work item prompts with agent routing ([#790](#790)) ([7e74523](7e74523)) * **prompts:** add security review prompts ([#1118](#1118)) ([ad30967](ad30967)) * **scripts:** add dynamic Python skill discovery for lint/test ([#957](#957)) ([0a90f57](0a90f57)) * **scripts:** add Get-StandardTimestamp utility to CIHelpers module ([#1126](#1126)) ([b273a4b](b273a4b)) * **scripts:** add Python copyright header validation ([#905](#905)) ([67df902](67df902)) * **scripts:** add Python skill support to Validate-SkillStructure ([#903](#903)) ([68479d9](68479d9)) * **scripts:** add workflow npm command scanning to dependency pinning ([#837](#837)) ([6b5ae06](6b5ae06)) * **security:** add basic security reviewer agent with owasp skills ([#1008](#1008)) ([cb1fd05](cb1fd05)) * **security:** add sigstore attestation bundles and fix component-detection action ([#1148](#1148)) ([f79c272](f79c272)) * **skills:** add Atheris fuzz harness with CI workflow integration ([#1102](#1102)) ([d337e1d](d337e1d)) * **skills:** add PowerPoint automation skill with YAML-driven deck generation ([#868](#868)) ([00465cd](00465cd)) * **skills:** convert hve-core-installer agent to self-contained skill ([#846](#846)) ([1d821fb](1d821fb)) * **skills:** enhance pr-reference skill with flexible filtering and base branch detection ([#1095](#1095)) ([26a32ea](26a32ea)) * **workflows:** add devcontainer infrastructure change log workflow ([#899](#899)) ([8aca446](8aca446)) * **workflows:** add milestone auto-close on stable and pre-release publishes ([#834](#834)) ([79362b1](79362b1)) * **workflows:** add ms.date documentation freshness checking ([#969](#969)) ([3ed441c](3ed441c)) * **workflows:** add Python linting CI workflow with Ruff ([#951](#951)) ([f89f0eb](f89f0eb)) * **workflows:** add Python testing CI workflow with pytest and Codecov ([#934](#934)) ([5e8306f](5e8306f)) * **workflows:** add uv and Python package sync to copilot-setup-steps ([#921](#921)) ([45d517d](45d517d)) ### 🐛 Bug Fixes * **build:** override Linguist vendored flag for Python skill files ([#1155](#1155)) ([0eee5b6](0eee5b6)) * **build:** override serialize-javascript to >=7.0.3 for RCE fix ([#876](#876)) ([e49039a](e49039a)) * **build:** resolve Pinned-Dependencies alerts for vsce npm commands in extension workflows ([#782](#782)) ([89dad9d](89dad9d)) * **build:** update undici and yauzl overrides for security audit ([#1030](#1030)) ([2c2f92f](2c2f92f)) * **docs:** add CLI Plugins to install.md navigation surfaces ([#902](#902)) ([79d6595](79d6595)) * **docs:** add sidebar ordering for Design Thinking documentation ([#832](#832)) ([551fddc](551fddc)), closes [#830](#830) * **docs:** graduate design-thinking to preview and correct stale collection references ([#831](#831)) ([5110e35](5110e35)) * **docs:** include project-planning in UX Designer install guidance ([#908](#908)) ([e7aa9bc](e7aa9bc)) * **docs:** remediate writing-style convention violations ([#865](#865)) ([68b04bc](68b04bc)) * **docs:** remove draft content announcement banner ([#825](#825)) ([b45de80](b45de80)) * **docs:** remove unbounded path-to-regexp override breaking SSG ([#1153](#1153)) ([d810018](d810018)) * **docs:** use actual clone paths instead of folder display names in multi-root workspace settings ([#984](#984)) ([5dbab82](5dbab82)) * **instructions:** replace black with ruff in uv-projects ([#898](#898)) ([b0c06d9](b0c06d9)) * **scripts:** cover .github/ skill files in copyright header validation ([#1055](#1055)) ([#1098](#1098)) ([27fbd33](27fbd33)) * **scripts:** eliminate phantom git changes from plugin generation ([#1035](#1035)) ([e49a1b5](e49a1b5)) * **scripts:** enable JSON log output for lint:version-consistency ([#1033](#1033)) ([52b0885](52b0885)) * **security:** calculate compliance score from total scanned dependencies ([#930](#930)) ([c112c3d](c112c3d)) * **skills:** add AST validation and namespace restriction for content-extra.py ([#1027](#1027)) ([c50c7a3](c50c7a3)) * **skills:** add depth limits to recursive PowerPoint processing functions ([#1028](#1028)) ([bf08994](bf08994)) * **skills:** harden XML parsing and blob writes in powerpoint extract ([#1053](#1053)) ([89d24b1](89d24b1)) * **skills:** resolve ruff lint and format violations in powerpoint skill ([#1048](#1048)) ([17bbe7a](17bbe7a)) * **workflows:** add uv.lock dependencies submission have fork-skip condition ([#1109](#1109)) ([dec56ac](dec56ac)) * **workflows:** automate weekly SHA staleness check with issue creation ([#975](#975)) ([1ea4caa](1ea4caa)) * **workflows:** close Codecov integration gaps for Pester and pytest flags ([#1106](#1106)) ([cca29b7](cca29b7)) * **workflows:** propagate uv sync errors in copilot-setup-steps ([#961](#961)) ([df88d7c](df88d7c)) * **workflows:** resolve release-please skip cascade and Python project discovery ([#1043](#1043)) ([79993e2](79993e2)) * **workflows:** scan only commit subjects for breaking change detection ([#1157](#1157)) ([a38a657](a38a657)) ### 📚 Documentation * clarify HVE Core Extension vs Installer messaging across documentation ([#965](#965)) ([0fceb8f](0fceb8f)) * **docs:** add ADO integration user documentation ([#935](#935)) ([ec89302](ec89302)) * **docs:** add Project Planning agent documentation ([#936](#936)) ([3a3a0fd](3a3a0fd)) * **onboarding:** overhaul marketplace onboarding and documentation site ([#982](#982)) ([4309e10](4309e10)) ### ♻️ Refactoring * **build:** merge code-review collection into coding-standards ([#863](#863)) ([8027e7b](8027e7b)) * **workflows:** rename release pipeline workflows and add marketplace automation triggers ([#829](#829)) ([b6397f4](b6397f4)) ### 🔧 Maintenance * **build:** add clean:logs npm script ([#1122](#1122)) ([f85fe02](f85fe02)), closes [#988](#988) * **build:** add JSON reporter for cspell ([#1123](#1123)) ([6d59f67](6d59f67)) * **ci:** add multi-arch support to copilot-setup-steps binary downloads ([#955](#955)) ([8d0c706](8d0c706)) * **deps-dev:** bump cspell from 9.6.4 to 9.7.0 in the npm-dependencies group ([#839](#839)) ([3fa16ff](3fa16ff)) * **deps:** bump actions/dependency-review-action from 4.8.3 to 4.9.0 in the github-actions group across 1 directory ([#942](#942)) ([1a9b858](1a9b858)) * **deps:** bump cairosvg from 2.8.2 to 2.9.0 in /.github/skills/experimental/powerpoint ([#1025](#1025)) ([f4deda7](f4deda7)) * **deps:** bump dompurify from 3.3.1 to 3.3.2 in /docs/docusaurus ([#924](#924)) ([d2060d6](d2060d6)) * **deps:** bump svgo from 3.3.2 to 3.3.3 in /docs/docusaurus ([#880](#880)) ([6dc2406](6dc2406)) * **deps:** bump the github-actions group across 1 directory with 4 updates ([#1100](#1100)) ([2290dc0](2290dc0)) * **deps:** bump the github-actions group with 6 updates ([#840](#840)) ([f57bc01](f57bc01)) * **docs:** correct New-MsDateReport table rendering and refresh stale docs ([#1114](#1114)) ([c2b806f](c2b806f)) * **settings:** remove orphaned Checkov config and stale gitignore entries ([#870](#870)) ([98fcd74](98fcd74)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: hve-core-release-please[bot] <254602402+hve-core-release-please[bot]@users.noreply.github.com> Co-authored-by: Bill Berry <wberry@microsoft.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
feat(skills): enhance pr-reference skill with flexible filtering and base branch detection
Description
Enhanced the
pr-referenceskill with four new capabilities: automatic default branch detection, merge-base comparison, multi-type file filtering, and extension/path exclusion. All changes are mirrored across bash and PowerShell implementations with comprehensive Pester test coverage (95.9% line coverage for the package).Changes
generate.sh/generate.ps1:--merge-base/-MergeBaseflag for three-way comparison viagit merge-baseinstead of direct diff--base-branch auto/-BaseBranch autoto detect the remote default branch viagit symbolic-ref refs/remotes/origin/HEADwithorigin/mainfallback--exclude-ext/-ExcludeExtfor comma-separated file extension exclusion from diffs using git pathspec negation--exclude-path/-ExcludePathfor comma-separated path prefix exclusion from diffslist-changed-files.sh/list-changed-files.ps1:--type/-Typevalues (e.g.,--type added,modified,renamed)--exclude-type/-ExcludeTypefor inverse type filtering with mutual exclusion validationshared.psm1:Resolve-DefaultBranchhelper for auto-detecting the remote default branchBuild-PathspecExclusionshelper for constructing git pathspec negation arrays from extensions and pathsSKILL.md:Pester Tests:
-MergeBase,-BaseBranch auto,-ExcludeExt,-ExcludePath, combined flags-Type,-ExcludeType, mutual exclusion, invalid type validationResolve-DefaultBranch(success + fallback) andBuild-PathspecExclusions(extensions, paths, combined, edge cases)Related Issue(s)
Closes #1011
Type of Change
Select all that apply:
Code & Documentation:
Infrastructure & Configuration:
AI Artifacts:
prompt-builderagent and addressed all feedback.github/instructions/*.instructions.md).github/prompts/*.prompt.md).github/agents/*.agent.md).github/skills/*/SKILL.md)Other:
.ps1,.sh,.py)Sample Prompts (for AI Artifact Contributions)
User Request:
Execution Flow:
generate.ps1as the appropriate scriptscripts/generate.ps1 -BaseBranch auto -MergeBase -ExcludeExt yml,yamlgit symbolic-ref refs/remotes/origin/HEAD*.ymland*.yamlfiles via pathspec negation.copilot-tracking/pr/pr-reference.xmlOutput Artifacts:
.copilot-tracking/pr/pr-reference.xml— structured XML with commit history and filtered diffSuccess Indicators:
Testing
Pester Tests
All 155 non-integration tests passed with 0 failures:
{ "Timestamp": "2026-03-16T13:12:12.4376485+00:00", "Result": "Passed", "TotalCount": 180, "PassedCount": 155, "FailedCount": 0, "SkippedCount": 0, "Duration": "00:02:57.4373385", "CoveragePercent": 4.71 }(25 integration-tagged tests excluded per default Pester filter configuration.)
Code Coverage (pr-reference package)
Coverage computed from JaCoCo report for the pr-reference scripts package:
shellcheck
Both bash scripts pass with zero warnings:
PSScriptAnalyzer
All PowerShell scripts pass with zero violations:
Skill Structure Validation
Plugin Generation & Validation
Manual Testing
Checklist
Required Checks
AI Artifact Contributions
/prompt-analyzeto review contributionprompt-builderreviewRequired Automated Checks
The following validation commands must pass before merging:
npm run lint:mdnpm run spell-checknpm run lint:frontmatternpm run validate:skillsnpm run lint:md-linksnpm run lint:psnpm run plugin:generateSecurity Considerations
Additional Notes
--no-md-diff/-ExcludeMarkdownDiffflag is preserved for backward compatibility. The new--exclude-ext mdachieves the same result.CoveragePercent: 4.71in the Pester summary is the overall project coverage. The pr-reference package-specific coverage is 95.9% as shown in the JaCoCo breakdown above.