chore(deps): bump webbrowser from 1.1.0 to 1.2.0 #38
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Changelog Generate | |
| # pull_request_target runs in the context of the base branch, giving access | |
| # to secrets even for fork PRs. This is safe here because the workflow | |
| # definition comes from the base branch (can't be modified by the fork) and | |
| # we never execute code from the PR — we only read the diff. | |
| on: | |
| pull_request_target: | |
| types: [labeled] | |
| concurrency: ${{ github.workflow }}-${{ github.event.number }} | |
| permissions: | |
| contents: write | |
| pull-requests: write | |
| jobs: | |
| generate: | |
| if: startsWith(github.event.label.name, 'changelog:') | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Determine PR source | |
| id: source | |
| run: | | |
| if [ "${{ github.event.pull_request.head.repo.full_name }}" = "${{ github.repository }}" ]; then | |
| echo "same_repo=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "same_repo=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Validate branch ref | |
| if: steps.source.outputs.same_repo == 'true' | |
| id: ref | |
| env: | |
| HEAD_REF: ${{ github.event.pull_request.head.ref }} | |
| run: | | |
| set -euo pipefail | |
| REF="$HEAD_REF" | |
| if [[ ! "$REF" =~ ^[A-Za-z0-9._/-]+$ ]]; then | |
| echo "Invalid branch ref: $REF" >&2 | |
| exit 1 | |
| fi | |
| echo "ref=$REF" >> "$GITHUB_OUTPUT" | |
| - uses: actions/checkout@v6 | |
| if: steps.source.outputs.same_repo == 'true' | |
| with: | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| fetch-depth: 0 | |
| token: ${{ secrets.GH_PAT }} | |
| - name: Fetch base branch for diff comparison | |
| if: steps.source.outputs.same_repo == 'true' | |
| run: | | |
| git fetch origin "${{ github.base_ref }}" | |
| - name: Configure git credentials for private dependencies | |
| if: steps.source.outputs.same_repo == 'true' | |
| run: git config --global url."https://x-access-token:${{ secrets.GH_PAT }}@github.com/".insteadOf "https://github.com/" | |
| - name: Check for existing changelog | |
| if: steps.source.outputs.same_repo == 'true' | |
| id: existing | |
| run: | | |
| if git diff "origin/${{ github.base_ref }}...HEAD" --name-only | grep -q '^\.changelog/.*\.md$'; then | |
| echo "found=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "found=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Install changelogs | |
| if: steps.source.outputs.same_repo == 'true' && steps.existing.outputs.found == 'false' | |
| run: curl -sSL https://changelogs.sh | sh -s -- changelogs@0.6.2 | |
| - name: Install claude | |
| if: steps.source.outputs.same_repo == 'true' && steps.existing.outputs.found == 'false' | |
| run: npm install -g @anthropic-ai/claude-code | |
| - name: Extract bump level from label | |
| if: steps.source.outputs.same_repo == 'true' && steps.existing.outputs.found == 'false' | |
| id: bump | |
| run: echo "level=${LABEL#changelog:}" >> "$GITHUB_OUTPUT" | |
| env: | |
| LABEL: ${{ github.event.label.name }} | |
| - name: Generate changelog | |
| if: steps.source.outputs.same_repo == 'true' && steps.existing.outputs.found == 'false' | |
| env: | |
| ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} | |
| BUMP_LEVEL: ${{ steps.bump.outputs.level }} | |
| run: | | |
| cat > /tmp/changelog-instructions.md << 'PROMPT' | |
| Generate a changelog entry for this git diff. | |
| Available packages: {packages} | |
| Respond with ONLY a markdown file in this exact format (no explanation, no code fences): | |
| --- | |
| <package-name>: BUMP_LEVEL | |
| --- | |
| Brief description of changes. | |
| Rules: | |
| - Replace <package-name> with actual package names from the list above | |
| - Include ONLY packages that had actual code changes in the frontmatter | |
| - Use "BUMP_LEVEL" as the bump level for all packages. Do not use a higher bump level. | |
| - Keep the summary concise (1-3 sentences) | |
| - Do NOT wrap the output in code fences | |
| Git diff: | |
| {diff} | |
| PROMPT | |
| sed -i "s/BUMP_LEVEL/$BUMP_LEVEL/g" /tmp/changelog-instructions.md | |
| changelogs add --ai "claude -p" --ref "origin/${{ github.base_ref }}" \ | |
| --instructions "$(cat /tmp/changelog-instructions.md)" | |
| - name: Commit and push changelog | |
| if: steps.source.outputs.same_repo == 'true' && steps.existing.outputs.found == 'false' | |
| run: | | |
| set -euo pipefail | |
| git config user.name "github-actions[bot]" | |
| git config user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git add .changelog/ | |
| git commit -m "chore: add changelog" | |
| git push origin "HEAD:${{ steps.ref.outputs.ref }}" | |
| - name: Comment for fork PRs | |
| if: steps.source.outputs.same_repo != 'true' | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| gh pr comment "${{ github.event.number }}" --repo "${{ github.repository }}" --body "Changelog auto-generation is only supported for same-repo branches. For fork PRs, please add a changelog file manually under .changelog/." | |
| - name: Remove label | |
| if: always() | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: gh pr edit ${{ github.event.number }} --repo "${{ github.repository }}" --remove-label "${{ github.event.label.name }}" |