From a83db2c1d3f5eba7f4fdbd4cef8c94eb3b7693dd Mon Sep 17 00:00:00 2001 From: Marcel Eichner Date: Thu, 2 Jan 2025 13:35:42 +0100 Subject: [PATCH] ci(check-pr-title): replace action (#537) --- .github/workflows/check-pr-title.yml | 37 +++++++++++++++++++++------- 1 file changed, 28 insertions(+), 9 deletions(-) diff --git a/.github/workflows/check-pr-title.yml b/.github/workflows/check-pr-title.yml index f3829119..1c2d5959 100644 --- a/.github/workflows/check-pr-title.yml +++ b/.github/workflows/check-pr-title.yml @@ -4,21 +4,40 @@ on: pull_request_target: types: - opened + - reopened - edited - synchronize - - labeled - - unlabeled jobs: lint: runs-on: ubuntu-latest steps: - - uses: aslafy-z/conventional-pr-title-action@v3.2.0 - with: - success-state: Title follows the specification. - failure-state: Title does not follow the specification. - context-name: conventional-pr-title - preset: conventional-changelog-angular@latest - target-url: https://www.conventionalcommits.org + - id: lint + # SEE https://github.com/amannn/action-semantic-pull-request + uses: amannn/action-semantic-pull-request@v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - uses: actions/github-script@v7.0.1 + if: ${{ failure() }} + # do not use user injected variable values directly here as they are + # open to injection attacks + # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions + env: + TITLE: ${{ github.event.pull_request.title }} + ERROR: ${{ steps.lint.outputs.error_message }} + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + # javascript + script: | + const output = `The pull-request title "${{ env.TITLE}}" does not apply to [Conventional Commit Guidelines](https://www.conventionalcommits.org). + \`\`\` + ${{ env.ERROR }} + \`\`\` + 🤖 This comment was automatically created by the "${{github.workflow}}" workflow.`; + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + })