chore: optimize dependabot.yml configuration#74
Merged
Merged
Conversation
Aggiunta Licenza MIT
Aggiornato README.md
Release v1.2.0
Fix: Risolto problema dei link (mailto:) negli indirizzi email censurati che rimanevano anche dopo l'export del file bonificato.
Aggiunta icona applicazione e script per build automatico per le release
Fix: stable cross-platform build and versioning
Fix: UnicodeDecodeError on Windows build (forced utf-8 encoding)
Fix: generazione dinamica .ico per Windows e aggiornamento asset icona
Fix: rimozione finta trasparenza dall'icona
Fix: vera trasparenza assoluta per l'icona
Fix: applicata icona personalizzata anche alla finestra About
…ura differita e fix icone child windows
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from 6.10.0 to 6.20.0. - [Release notes](https://github.com/pyinstaller/pyinstaller/releases) - [Changelog](https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst) - [Commits](pyinstaller/pyinstaller@v6.10.0...v6.20.0) --- updated-dependencies: - dependency-name: pyinstaller dependency-version: 6.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [mypy](https://github.com/python/mypy) from 1.8.0 to 1.20.2. - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](python/mypy@v1.8.0...v1.20.2) --- updated-dependencies: - dependency-name: mypy dependency-version: 1.20.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps)(deps): bump spacy from 3.7.2 to 3.8.14 Bumps [spacy](https://github.com/explosion/spaCy) from 3.7.2 to 3.8.14. - [Release notes](https://github.com/explosion/spaCy/releases) - [Commits](explosion/spaCy@v3.7.2...release-v3.8.14) --- updated-dependencies: - dependency-name: spacy dependency-version: 3.8.14 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps)(deps): bump spacy from 3.7.2 to 3.8.14 Bumps [spacy](https://github.com/explosion/spaCy) from 3.7.2 to 3.8.14. - [Release notes](https://github.com/explosion/spaCy/releases) - [Commits](explosion/spaCy@v3.7.2...release-v3.8.14) --- updated-dependencies: - dependency-name: spacy dependency-version: 3.8.14 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: 0verwrite <31691645+overwrite00@users.noreply.github.com>
…lows (#62) - test_build.yml: read contents, read actions (testing only) - release.yml: write contents, read actions (for creating releases) Fixes CodeQL alerts about missing workflow permissions. Follows GitHub security best practices: explicit permissions limit GITHUB_TOKEN scope to what's necessary for each workflow.
- Automatically approves PRs created by the maintainer (overwrite00) - Removes need for repository admin bypass in ruleset - Maintains security while enabling smooth workflow - Approval is traceable and can be disabled if needed
GitHub Actions cannot approve pull requests due to platform limitations. The bypass admin in ruleset is the appropriate solution for solo maintainers. Revert PR #63.
The 'reviewers' property is not supported in Dependabot v2.0. Removed to fix schema validation warnings in VS Code.
This reverts commit 0fdad6b.
The 'reviewers' property is not supported in Dependabot v2.0. Removed to fix schema validation warnings in VS Code. This aligns with Dependabot v2 supported properties: - schedule, labels, commit-message, allow, ignore - open-pull-requests-limit, etc. But NOT: reviewers (use assignees instead if needed)
Kept the fix from develop (removed unsupported reviewers property) instead of the reverted version from main.
Removed redundant version support table. Only the latest version receives security updates, so listing old versions was unnecessary. Replaced with concise statement that clearly communicates the policy.
Removed redundant version support table. Only the latest version receives security updates, so listing old versions was unnecessary. Replaced with concise statement that clearly communicates the policy.
Remove redundant 'push' trigger that caused duplicate test runs. Tests now run only on pull_request events to avoid waste. - Before: Tests ran on both push AND pull_request (duplicate) - After: Tests run only on pull_request to main - Manual trigger (workflow_dispatch) still available Reduces CI/CD noise and resources while maintaining coverage.
* docs: simplify security support section in SECURITY.md Removed redundant version support table. Only the latest version receives security updates, so listing old versions was unnecessary. Replaced with concise statement that clearly communicates the policy. * ci: optimize test_build workflow triggers Remove redundant 'push' trigger that caused duplicate test runs. Tests now run only on pull_request events to avoid waste. - Before: Tests ran on both push AND pull_request (duplicate) - After: Tests run only on pull_request to main - Manual trigger (workflow_dispatch) still available Reduces CI/CD noise and resources while maintaining coverage.
- Update dependabot.yml to use universal label schema (lang:python, type:ci, scope:*) - Update project-automation.yml with centralized PROJECT_ID and GH_PROJECT_TOKEN - Centralize automation configuration for all repositories
- Include 'reopened' event type for issues (consistent with PR behavior) - Allows automation to trigger when issues are reopened
The workflow had a critical syntax error: attempting to use a GitHub Actions context variable directly as a bash conditional. Fixed by storing the variable value first, then comparing it as a string.
Error was: if ${{ github.event.pull_request.merged }}; then
Fixed to: PR_MERGED="${{ github.event.pull_request.merged }}" && if [ "$PR_MERGED" = "true" ]; then
This syntax error prevented the workflow from running entirely.
- Request @overwrite00 as reviewer on opened/reopened PRs - Works alongside automatic assignment to streamline PR review process
- Remove redundant 'allow: dependency-type: all' block - Add groups to consolidate updates (minor-and-patch + development-updates) - Limit major version ignore to development dependencies only - Keep GitHub Actions free of major-version ignore (CI/CD security-critical)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Optimizes the Dependabot configuration to reduce noise and improve security handling.
allow: dependency-type: allblockgroupsto consolidate updates (minor-and-patch + development-updates)