[Sync] Update project files from source repository (d43a344) #43
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mrz1836
added
automated-sync
github-actions
bot
added
size/XL
|
There was a problem hiding this comment.
Pull Request Overview
This PR implements comprehensive fork PR handling and security improvements across GitHub Actions workflows. The main purpose is to safely handle pull requests from forked repositories while protecting repository secrets and maintaining secure CI/CD operations.
Key Changes:
- Added fork PR detection logic across multiple workflows with proper null handling for deleted forks
- Implemented security restrictions that skip jobs requiring secrets (security scans, test coverage uploads) for fork PRs
- Enhanced audit logging and commit source tracking in the label sync workflow
- Updated CodeQL action versions from v4.31.1 to v4.31.2
Reviewed Changes
Copilot reviewed 16 out of 16 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/sync-labels.yml |
Added security documentation, commit source logging, and enhanced label validation with reserved name checks |
.github/workflows/pull-request-management.yml |
Added same-repo PR detection job and conditional execution based on fork status |
.github/workflows/pull-request-management-fork.yml |
New workflow specifically for handling fork PRs with restricted permissions |
.github/workflows/fortress.yml |
Added fork detection and conditional job execution to skip secret-dependent jobs for fork PRs |
.github/workflows/fortress-setup-config.yml |
Added fork PR detection outputs and summary messaging |
.github/workflows/auto-merge-on-approval.yml |
Added fork PR skip logic and improved error handling for auto-merge operations |
.github/actions/load-env/action.yml |
Added environment variable validation for security |
.github/.env.base |
Updated tool versions and added fork PR configuration options |
.github/labels.yml |
Added new "fork-pr" label definition |
| Multiple fortress completion workflows | Added fork PR status handling in reporting |
| CodeQL and Scorecard workflows | Version bumps for CodeQL action |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
github-actions
bot
deleted the
chore/sync-files-bsv-blockchain-20251101-135131-d43a344
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What Changed
Directory Synchronization Details
The following directories were synchronized:
.vscode→.vscode.github/tech-conventions→.github/tech-conventions.github/ISSUE_TEMPLATE→.github/ISSUE_TEMPLATE.github/workflows→.github/workflows.github/actions→.github/actionsPerformance Metrics
Why It Was Necessary
This synchronization ensures the target repository stays up-to-date with the latest changes from the configured source repository. The sync operation identifies and applies only the necessary file changes while maintaining consistency across repositories.
Testing Performed
Impact / Risk