chore(changelog): set up git-cliff for a generated CHANGELOG.md#66
Conversation
Realizes the documented direction that the root CHANGELOG.md is tool-generated, not hand-maintained. - cliff.toml: maps the project's conventional-commit dialect (feat/fix/security/compat/perf/refactor/docs/test/style/chore) to changelog groups; keeps non-conventional history visible; skips dependency and release-chore noise; SemVer tag pattern (no "v" prefix, matches 2.7.0 / 2.7.0-RC1). - .github/workflows/changelog.yml: regenerates CHANGELOG.md via git-cliff on each published release and on manual dispatch, then commits it back ([skip ci]). New workflow only; existing CI is untouched. CHANGELOG.md is intentionally NOT committed here — it is produced by the workflow so it can never drift from the commit history. Curated narrative notes remain authoritative in docs/changelog.270.txt.
|
Warning Rate limit exceeded
You’ve run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (2)
WalkthroughThis PR introduces automated changelog generation infrastructure. A ChangesAutomated Changelog Generation
🎯 2 (Simple) | ⏱️ ~12 minutes 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
Sets up automated changelog generation via git-cliff, configured to map XOOPS conventional-commit types to changelog groups and run on releases or manual dispatch.
Changes:
- Add
cliff.tomlmapping commit types (feat/fix/security/compat/etc.) to changelog sections, skippingchore(deps)/chore(release)noise. - Add
.github/workflows/changelog.ymlto regenerateCHANGELOG.mdviaorhun/git-cliff-action@v4on published releases and manual dispatch, committing back with[skip ci].
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| cliff.toml | git-cliff configuration with commit parsers, template, and SemVer tag pattern |
| .github/workflows/changelog.yml | GitHub Actions workflow to generate and commit CHANGELOG.md |
SonarQube flagged the mutable @v4 tags as supply-chain-sensitive. The workflow has contents: write and pushes commits back, so a hijacked tag could push arbitrary content or exfiltrate the token. Pin both actions to the commit SHA the tag currently resolves to, with the tag kept in a trailing comment for readability/updates: - actions/checkout -> 34e1148 (# v4) - orhun/git-cliff-action -> f50e115 (# v4.8.0)
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #66 +/- ##
=========================================
Coverage 18.13% 18.13%
Complexity 7854 7854
=========================================
Files 666 666
Lines 43208 43208
=========================================
Hits 7837 7837
Misses 35371 35371 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
| - name: Commit CHANGELOG.md if changed | ||
| run: | | ||
| if git diff --quiet -- CHANGELOG.md; then | ||
| echo "CHANGELOG.md unchanged — nothing to commit." | ||
| exit 0 | ||
| fi | ||
| git config user.name "xoops-ci" | ||
| git config user.email "ci@xoops.org" | ||
| git add CHANGELOG.md | ||
| git commit -m "docs(changelog): regenerate CHANGELOG.md [skip ci]" | ||
| git push |
| env: | ||
| OUTPUT: CHANGELOG.md |
…anch Addresses PR XOOPS#66 review: - Copilot (valid): on release: published, checkout lands on the tag in detached HEAD, so the regenerated CHANGELOG.md cannot be pushed back. Check out the default branch explicitly and push with an explicit HEAD:<default_branch> refspec. - Copilot (not applied — verified incorrect): claimed OUTPUT must be a `with:` input. orhun/git-cliff-action@v4.8.0 action.yml has no `output` input; run.sh reads OUTPUT as an env var (OUTPUT=${OUTPUT:="git-cliff/CHANGELOG.md"}). Keeping env: OUTPUT is correct; added a comment so it is not re-flagged. - Added a `test -s CHANGELOG.md` guard so the job fails loudly if generation ever writes elsewhere (the real risk behind that comment).
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/changelog.yml:
- Around line 17-19: The concurrency group currently uses "group: changelog-${{
github.ref }}" which can differ between tag and manual-dispatch refs and leave a
small race window during the commit-and-push step; change the workflow
concurrency configuration by replacing "group: changelog-${{ github.ref }}" with
a fixed group name like "group: changelog" to serialize all changelog jobs, or
deliberately accept the rare race by keeping the current group but be aware that
"cancel-in-progress: true" does not eliminate the non-fast-forward push window
and failed jobs may occur; update the concurrency block (the lines containing
group: changelog-${{ github.ref }} and cancel-in-progress: true) accordingly.
In `@cliff.toml`:
- Line 27: Remove the unnecessary trim_start_matches filter from the version
template: replace {{ version | trim_start_matches(pat="v") }} with just {{
version }} since the tag pattern already excludes a leading "v" (the expression
{{ version | trim_start_matches(pat="v") }} is the unique symbol to change).
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
Run ID: effd9207-67a6-4bd9-9ae2-419cbb77d699
📒 Files selected for processing (2)
.github/workflows/changelog.ymlcliff.toml
CodeRabbit review on XOOPS#66 (both trivial, both valid): - concurrency group is now fixed ("changelog") instead of keyed by github.ref, so release-tag and manual-dispatch runs (which all push the default branch) are serialized and cannot race on push. - remove trim_start_matches(pat="v") in cliff.toml: the tag pattern already excludes a "v" prefix, so the filter was dead. OUTPUT stays an env var (verified: orhun/git-cliff-action@v4.8.0 has no `output` input; run.sh reads $OUTPUT) — already documented in a comment.
| # Fixed group (not keyed by ref): release-tag and manual-dispatch runs | ||
| # both push the default branch, so serialize them to avoid a push race. | ||
| group: changelog | ||
| cancel-in-progress: true |
Copilot review on XOOPS#66 (valid): cancel-in-progress: true contradicts the "serialize" intent — it kills an in-flight run when a new one enters the group, so a release firing mid-dispatch would lose that run's CHANGELOG.md push. Set cancel-in-progress: false so runs queue and each completes its generate-and-push.
|
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
Summary
Realizes the documented project direction that the root
CHANGELOG.mdis tool-generated, not hand-maintained — without creating a drift-prone hand-copied duplicate ofdocs/changelog.270.txt.cliff.toml— maps the project's conventional-commit dialect (feat/fix/security/compat/perf/refactor/docs/test/style/chore) to changelog groups. Keeps non-conventional history visible (grouped as Other) rather than silently dropping it. Skipschore(deps)/chore(release)noise. SemVer tag pattern with novprefix (matches2.7.0,2.7.0-RC1)..github/workflows/changelog.yml— regeneratesCHANGELOG.mdviagit-cliffon each published release and on manual dispatch, then commits it back with[skip ci]. A new workflow only;ci.yml/sonarcloud.ymlare untouched.CHANGELOG.mdis intentionally not committed in this PR — it is produced by the workflow so it can never drift from the commit history (hand-writing it would defeat the purpose). Curated narrative release notes remain authoritative indocs/changelog.270.txtanddocs/lang_diff.txt.Notes / caveats
CHANGELOG.mdoutput could not be rendered/verified locally.cliff.tomlis valid TOML and the workflow is valid YAML; first real generation happens via workflow_dispatch after merge (recommended as the immediate smoke test) or on the next release.2.7.0) exist. Tagging releases is what produces versioned sections.Test plan
CHANGELOG.mdis generated, grouped sensibly, and committed back with[skip ci]2.7.0) and confirm a versioned section is produced on the next runSummary by CodeRabbit
New Features
Chores