This directory contains GitHub-specific configuration files, workflows, and scripts for the GitPlus repository.
.github/
βββ docs/ # Documentation for workflows and processes
β βββ branch-protection-setup.md # Branch protection configuration guide
β βββ workflow-configuration.md # Comprehensive workflow configuration guide
βββ ISSUE_TEMPLATE/ # GitHub issue templates
β βββ bug_report.md # Bug report template
β βββ feature_request.md # Feature request template
βββ scripts/ # Reusable workflow scripts
β βββ generate-merge-prompt.sh # Creates AI merge decision prompts
β βββ generate-todo-list.sh # Generates TODO lists for rejected PRs
βββ workflows/ # GitHub Actions workflows
βββ ci.yml # Continuous Integration pipeline
βββ claude-code-review.yml # Automated Claude code reviews
βββ claude.yml # Interactive Claude assistance
βββ dependencies.yml # Dependency update automation
βββ merge-decision.yml # AI-powered merge decisions
βββ pr-checks.yml # Pull request validation
βββ publish.yml # NPM package publishing
βββ release-please-post.yml # Post-release automation
βββ release-please.yml # Automated release management
βββ release.yml # Release publishing workflow
claude-code-review.yml: Automatic comprehensive code reviews using Claude AImerge-decision.yml: AI-powered merge decisions with TODO list generationci.yml: Multi-platform testing and validationpr-checks.yml: Pull request validation and compatibility testing
release-please.yml: Automated version bumps and changelog generationrelease-please-post.yml: Post-release package.json synchronizationpublish.yml: NPM package publishing with propagation checkingrelease.yml: GitHub release creation
dependencies.yml: Automated dependency updatesclaude.yml: Interactive Claude assistance on issues and PRs
Creates structured prompts for AI merge decisions with proper context injection.
Usage:
.github/scripts/generate-merge-prompt.shGenerates actionable TODO lists for rejected PRs based on rejection reasons and critical issues.
Usage:
.github/scripts/generate-todo-list.sh "$REASON" "$CRITICAL_ISSUES"Comprehensive guide for configuring and customizing GitPlus workflows including:
- Adaptive polling parameters
- Performance optimization
- Security configuration
- Troubleshooting guide
Instructions for setting up repository branch protection rules that work with GitPlus automation.
All workflows implement security best practices:
- Minimal permissions: Each workflow uses least-privilege access
- Input validation: All user inputs are validated with regex patterns
- Safe contexts: No direct execution of user-controlled content
- Token scoping: Proper GitHub token usage with explicit permissions
- Pull Requests:
claude-code-review.yml,merge-decision.yml,ci.yml,pr-checks.yml - Releases:
release-please.yml,publish.yml,release.yml - Schedules:
dependencies.yml(weekly) - Manual:
merge-decision.yml(workflow_dispatch for debugging) - Issues/Comments:
claude.yml(interactive assistance)
Configure these secrets in your repository settings:
secrets:
CLAUDE_CODE_OAUTH_TOKEN # Claude AI integration token
NPM_TOKEN # NPM publishing token (for releases)
# GITHUB_TOKEN is automatically providedKey metrics to monitor:
- Claude review success rate
- Auto-merge success rate
- Workflow execution times
- False rejection rates
See docs/workflow-configuration.md for detailed monitoring setup.
When modifying workflows:
- Test locally: Use the test suite in
tests/workflows/ - Validate syntax: Ensure YAML is properly formatted
- Security review: Follow security guidelines in documentation
- Documentation: Update this README and workflow-configuration.md
For workflow improvements:
- Test changes thoroughly with dry-run capabilities
- Maintain backward compatibility
- Update documentation
- Consider security implications
- Use the GitPlus ship command for consistent commits
This configuration enables fully automated, AI-powered development workflows while maintaining security and reliability.