GitHub Actions: Update typisttech/.github to v3
#27
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR updates the GitHub Actions workflows from typisttech/.github v2 to v3, consolidating and modernizing the CI/CD pipeline. The update replaces reusable workflow calls with direct action implementations, removes deprecated workflows, and improves the testing and code quality processes.
Key Changes:
- Replaced reusable workflow references with inline action implementations for better transparency and control
- Consolidated separate audit and formatting workflows (composer-audit/pint/composer-normalize) into unified lint, format, and audit workflows
- Enhanced test workflow with improved coverage reporting and matrix strategy
Reviewed Changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/test.yml | Inlined php-matrix job, simplified dependency matrix, and improved codecov integration with explicit file targeting |
| .github/workflows/release-drafter.yml | Replaced reusable workflow call with direct release-drafter action implementation |
| .github/workflows/pint.yml | Removed (functionality consolidated into format.yml) |
| .github/workflows/lint.yml | Added new workflow calling v3 lint-php reusable workflow |
| .github/workflows/format.yml | Added new workflow calling v3 format-php reusable workflow |
| .github/workflows/dependabot-auto-merge.yml | Updated to v3 of the reusable workflow and fixed permissions structure |
| .github/workflows/composer-normalize.yml | Removed (functionality consolidated into format.yml) |
| .github/workflows/composer-audit.yml | Removed (functionality consolidated into audit.yml) |
| .github/workflows/audit.yml | Added new workflow calling v3 audit-php reusable workflow |
| .github/codecov.yml | Removed path fix configuration |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| php-version: ${{ fromJSON(needs.php-matrix.outputs.versions) }} | ||
| coverage: ['none'] |
There was a problem hiding this comment.
The matrix no longer tests with 'lowest' dependency versions, only the versions specified in php-matrix. This reduces test coverage across different dependency combinations. Consider whether testing only with default/locked dependencies is sufficient, or if lowest dependency testing should be retained to catch compatibility issues.
| - uses: codecov/codecov-action@v5 | ||
| with: | ||
| use_oidc: ${{ !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) }} | ||
| use_oidc: true |
There was a problem hiding this comment.
Setting use_oidc: true unconditionally will fail for pull requests from forks, as they cannot use OIDC tokens. The original conditional logic ${{ !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) }} prevented this issue. This change will cause codecov uploads to fail for forked PRs.
| use_oidc: true | |
| use_oidc: ${{ !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) }} |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| contents: write | ||
| pull-requests: read | ||
| steps: | ||
| - uses: release-drafter/release-drafter@v6 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
| sparse-checkout: composer.json | ||
| sparse-checkout-cone-mode: false | ||
|
|
||
| - uses: typisttech/php-matrix-action@v2 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium test
No description provided.