Conversation
Enhance the merge conditions to include updates for GitHub Actions while excluding major version NuGet updates to prevent potential breaking changes.
## Summary
Re-syncs this repo's CI/CD and contributor docs to the current
`ptr727/ProjectTemplate` standards.
- **Branch rulesets** split via gh api (already applied out-of-band):
new `Main` ruleset (merge-only, no linear history, status checks
non-strict) + existing ruleset narrowed to `Develop` (squash-only,
linear history, strict).
- **Dependabot**: dual-target every ecosystem (main + develop).
- **merge-bot**: three-job model (enable on opened/reopened, disable on
maintainer-pushed synchronize), App token, branch-aware merge
(`--squash` on develop, `--merge` on main), `cancel-in-progress: false`.
- **codegen**: matrix over `main`/`develop` producing
`codegen-main`/`codegen-develop` PRs, App token, close/reopen dance
removed.
- **build-release**: explicit `target_commitish: ${{ github.sha }}`;
prerelease via `github.ref_name`.
- **All actions SHA-pinned** (`dotnet/nbgv@master` is a documented
exception).
- `AGENTS.md` adopts template sections (Git rules, branching, PR
conventions, review etiquette, workflow YAML conventions).
- `.github/copilot-instructions.md` prepended with Copilot Review
Runbook.
- `README.md` adds Contributing section (branching + repo setup).
Old `WORKFLOW_PAT` secret and `codegen` branch can be deleted after this
lands.
## Test plan
- [ ] CI green on the PR.
- [ ] Squash-merge to develop succeeds under new Develop ruleset.
- [ ] Subsequent develop → main PR routes through merge-commit.
- [ ] Next Dependabot run opens parallel PRs against both branches.
- [ ] Next codegen run opens `codegen-main` → main and `codegen-develop`
→ develop PRs.
Contributor
There was a problem hiding this comment.
Pull request overview
Syncs LanguageTags’ CI/CD workflows and contributor documentation on main to match the current ProjectTemplate standards, aligning with the new develop → main merge-commit release shape and dual-target automation.
Changes:
- Updated CI workflows to SHA-pin actions, enforce consistent shell/step conventions, and adjust build/release behavior (including
target_commitishon GitHub releases). - Reworked automation to support parallel dual-target Dependabot + codegen PRs for
mainanddevelop, and introduced a more robust merge-bot model usingpull_request_target+ App token. - Refreshed contributor-facing docs (branching model, secrets, review runbook) to reflect the new operational contract.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| README.md | Adds a Contributing section documenting branching, secrets, and ruleset expectations. |
| AGENTS.md | Establishes canonical cross-cutting agent/workflow rules and repo process conventions. |
| .github/workflows/test-release-task.yml | Pins actions and hardens shell execution for test/release validation. |
| .github/workflows/test-pull-request.yml | Updates PR test workflow to the new branch/automation model and strengthens status-check step. |
| .github/workflows/run-periodic-codegen-pull-request.yml | Adjusts concurrency and invokes the new dual-target codegen task. |
| .github/workflows/run-codegen-pull-request-task.yml | Implements matrix-based codegen for main/develop using App auth and direct PR creation. |
| .github/workflows/merge-bot-pull-request.yml | Replaces prior merge-bot with a three-job, branch-aware auto-merge/disable model using pull_request_target. |
| .github/workflows/get-version-task.yml | Pins setup/checkout actions and documents the dotnet/nbgv@master pinning exception. |
| .github/workflows/build-release-task.yml | Pins actions and sets target_commitish for correct release tagging. |
| .github/workflows/build-library-task.yml | Gates Release/Debug build config via publish input and pins actions. |
| .github/workflows/build-datebadge-task.yml | Pins BYOB action and updates branch condition for badge publishing. |
| .github/dependabot.yml | Duplicates each ecosystem to open parallel PRs against main and develop. |
| .github/copilot-instructions.md | Adds a Copilot review runbook and points to AGENTS.md as the canonical process doc. |
Addresses Copilot review finding on PR #131: `branches:` under `pull_request` matches the PR's *base* branch, and `codegen-main`/`codegen-develop` are head-only branches by design (never a PR base), so listing them was redundant. Restricts the list to the protected base branches.
One-time back-merge to ingest main's accumulated Dependabot/codegen squash-commits (#120, #123, #125, #127, #128, #129) into develop so the develop → main release PR (#131) can land as a clean merge-commit. From this point forward the new branching model takes effect: develop is forward-only and develop → main uses merge-commit (preserving develop's history on main as the second parent), eliminating the need for back-merges like this one. # Conflicts: # .github/workflows/build-release-task.yml # .github/workflows/merge-bot-pull-request.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
First develop → main release under the new merge-commit shape (Main ruleset, configured 2026-05-12).
Brings to main:
pull_request_targettrigger on merge-bot, all actions SHA-pinned,target_commitishon releases, build config gated oninputs.push, AGENTS.md + Copilot Review Runbook + Contributing section.Merge branch 'main' into developknot (pre-existing) — last back-merge before the forward-only rule kicked in; future releases will not produce these.After this lands, the obsolete
WORKFLOW_PATsecret andcodegenbranch can be deleted.Test plan
publish-release.ymlfires on the merge commit; resulting GitHub release tags the actual main HEAD SHA (verifiestarget_commitishchange).codegen-main→ main andcodegen-develop→ develop.