From b853d9af294114ecd770b5b2faed1474a1434ab8 Mon Sep 17 00:00:00 2001 From: David Nguyen Date: Fri, 3 Jul 2026 17:03:53 +0700 Subject: [PATCH 1/7] refactor: streamline workflow by removing redundant Corepack enable step --- .github/workflows/release.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7991482..a0666b3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,8 +25,8 @@ jobs: - name: Checkout code uses: actions/checkout@v7 - - name: Ensure Yarn cache directory exists - run: mkdir -p ~/Library/Caches/Yarn/v6 + - name: Enable Corepack + run: corepack enable - name: Setup Node.js with Yarn cache uses: actions/setup-node@v6 @@ -34,9 +34,6 @@ jobs: node-version: 24.x cache: "yarn" - - name: Enable Corepack - run: corepack enable - - name: Install dependencies run: yarn install --immutable --mode=skip-build From f1f1791091c6646432eb7e877ba9595702ac25a5 Mon Sep 17 00:00:00 2001 From: David Nguyen Date: Fri, 3 Jul 2026 17:07:28 +0700 Subject: [PATCH 2/7] docs: update PULL_REQUEST_TEMPLATE to clarify issue reference section --- .github/PULL_REQUEST_TEMPLATE.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 9e7704d..d0e19fd 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -2,7 +2,7 @@ -Fixes # + ## Type of Change From 0a1d8d92b39462ba71ac5b9d30213acf253e6c32 Mon Sep 17 00:00:00 2001 From: David Nguyen Date: Fri, 3 Jul 2026 17:13:19 +0700 Subject: [PATCH 3/7] chore: add concurrency settings to workflow files for improved job management --- .github/workflows/ci.yml | 4 ++ .github/workflows/dependabot-auto-merge.yml | 15 +++++- .github/workflows/pr-auto-approve.yml | 56 +++++++++++++++++---- .github/workflows/pr-auto-assign.yml | 15 +++++- .github/workflows/pr-closed.yml | 4 ++ .github/workflows/release.yml | 4 ++ 6 files changed, 84 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ee0bad3..2383d7d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,6 +6,10 @@ on: pull_request: branches: [main] +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + permissions: contents: read diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml index b0b7f61..b5e88fd 100644 --- a/.github/workflows/dependabot-auto-merge.yml +++ b/.github/workflows/dependabot-auto-merge.yml @@ -1,6 +1,10 @@ name: dependabot-auto-merge on: pull_request_target +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + permissions: pull-requests: write contents: write @@ -16,16 +20,23 @@ jobs: with: github-token: "${{ secrets.GITHUB_TOKEN }}" + - name: Verify bot identity + run: | + BOT_LOGIN="$(gh api user --jq .login)" + test "$BOT_LOGIN" = "eplus-bot" + env: + GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} + - name: Auto-merge Dependabot PRs for semver-minor updates if: ${{steps.metadata.outputs.update-type == 'version-update:semver-minor'}} run: gh pr merge --auto --merge "$PR_URL" env: PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Auto-merge Dependabot PRs for semver-patch updates if: ${{steps.metadata.outputs.update-type == 'version-update:semver-patch'}} run: gh pr merge --auto --merge "$PR_URL" env: PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} + GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} diff --git a/.github/workflows/pr-auto-approve.yml b/.github/workflows/pr-auto-approve.yml index f239576..afb866b 100644 --- a/.github/workflows/pr-auto-approve.yml +++ b/.github/workflows/pr-auto-approve.yml @@ -4,6 +4,10 @@ on: workflows: [CI] types: [completed] +concurrency: + group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }} + cancel-in-progress: true + permissions: pull-requests: write issues: write @@ -39,6 +43,12 @@ jobs: HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }} GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} + - name: Wait for pull request checks + run: gh pr checks "$PR_NUMBER" --repo "$GITHUB_REPOSITORY" --watch --interval 10 + env: + PR_NUMBER: ${{steps.pr.outputs.number}} + GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} + - name: Approve pull request run: | APPROVED_FOR_HEAD="$(gh api "repos/$GITHUB_REPOSITORY/pulls/$PR_NUMBER/reviews" \ @@ -61,6 +71,36 @@ jobs: --jq ".[] | select(.user.login == \"eplus-bot\" and (.body | contains(\"$COMMENT_MARKER\"))) | .id" \ | tail -n 1)" + REFRESH_COUNT="1" + if [ -n "$COMMENT_ID" ]; then + OLD_REFRESH_COUNT="$(gh api "repos/$GITHUB_REPOSITORY/issues/comments/$COMMENT_ID" \ + --jq '.body' \ + | sed -n 's/^Approval refresh: #\([0-9][0-9]*\)$/\1/p' \ + | tail -n 1)" + + if [ -n "$OLD_REFRESH_COUNT" ]; then + REFRESH_COUNT="$((OLD_REFRESH_COUNT + 1))" + else + REFRESH_COUNT="2" + fi + fi + + APPROVAL_COMMENT="$(cat <" - APPROVAL_COMMENT: | - - - ![CI passed](https://img.shields.io/badge/CI-passed-brightgreen) - - Approved by @eplus-bot after CI passed. - - Updated: ${{ github.event.workflow_run.updated_at }} - Run attempt: #${{ github.event.workflow_run.run_attempt }} - - CI run: ${{ github.event.workflow_run.html_url }} + CI_UPDATED_AT: ${{ github.event.workflow_run.updated_at }} + CI_RUN_ATTEMPT: ${{ github.event.workflow_run.run_attempt }} + CI_RUN_URL: ${{ github.event.workflow_run.html_url }} + APPROVAL_RUN_NUMBER: ${{ github.run_number }} + APPROVAL_RUN_ATTEMPT: ${{ github.run_attempt }} GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} diff --git a/.github/workflows/pr-auto-assign.yml b/.github/workflows/pr-auto-assign.yml index 68051d8..eb4e647 100644 --- a/.github/workflows/pr-auto-assign.yml +++ b/.github/workflows/pr-auto-assign.yml @@ -1,8 +1,12 @@ name: pr-auto-assign on: - pull_request: + pull_request_target: types: [opened] +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + permissions: issues: write pull-requests: write @@ -11,7 +15,12 @@ jobs: assign: runs-on: ubuntu-latest steps: + - name: Skip Dependabot pull requests + if: ${{github.actor == 'dependabot[bot]'}} + run: echo "Dependabot pull requests are handled by dependabot-auto-merge." + - name: Verify bot identity + if: ${{github.actor != 'dependabot[bot]'}} run: | BOT_LOGIN="$(gh api user --jq .login)" test "$BOT_LOGIN" = "eplus-bot" @@ -19,6 +28,7 @@ jobs: GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Upsert welcome comment + if: ${{github.actor != 'dependabot[bot]'}} run: | COMMENT_ID="$(gh api "repos/$GITHUB_REPOSITORY/issues/$PR_NUMBER/comments" \ --paginate \ @@ -48,6 +58,7 @@ jobs: GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Add pull request labels + if: ${{github.actor != 'dependabot[bot]'}} run: | add_label() { local name="$1" @@ -96,6 +107,7 @@ jobs: GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Assign PR author + if: ${{github.actor != 'dependabot[bot]'}} run: gh pr edit "$PR_NUMBER" --add-assignee "$PR_AUTHOR" --repo "$GITHUB_REPOSITORY" env: PR_NUMBER: ${{github.event.pull_request.number}} @@ -103,6 +115,7 @@ jobs: GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Request eplus-bot review + if: ${{github.actor != 'dependabot[bot]'}} run: gh pr edit "$PR_NUMBER" --add-reviewer eplus-bot --repo "$GITHUB_REPOSITORY" env: PR_NUMBER: ${{github.event.pull_request.number}} diff --git a/.github/workflows/pr-closed.yml b/.github/workflows/pr-closed.yml index 783dab7..d0b2bcb 100644 --- a/.github/workflows/pr-closed.yml +++ b/.github/workflows/pr-closed.yml @@ -5,6 +5,10 @@ on: types: - closed +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + permissions: contents: read pull-requests: write diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a0666b3..9d676fd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,6 +7,10 @@ on: tags: - "[0-9]+.[0-9]+.[0-9]+" +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: build-and-release: name: Build and Release From 5063428acbdec0752510e631397baadafb528a0a Mon Sep 17 00:00:00 2001 From: David Nguyen Date: Fri, 3 Jul 2026 18:06:22 +0700 Subject: [PATCH 4/7] fix: prevent auto-approve workflow self-blocking --- .github/workflows/pr-auto-approve.yml | 54 ++++++++++++++++++--------- 1 file changed, 37 insertions(+), 17 deletions(-) diff --git a/.github/workflows/pr-auto-approve.yml b/.github/workflows/pr-auto-approve.yml index afb866b..21bfdf0 100644 --- a/.github/workflows/pr-auto-approve.yml +++ b/.github/workflows/pr-auto-approve.yml @@ -44,9 +44,32 @@ jobs: GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Wait for pull request checks - run: gh pr checks "$PR_NUMBER" --repo "$GITHUB_REPOSITORY" --watch --interval 10 + run: | + for attempt in {1..60}; do + CHECKS="$(gh pr checks "$PR_NUMBER" \ + --repo "$GITHUB_REPOSITORY" \ + --json bucket,name,workflow)" + + FAILING_COUNT="$(jq '[.[] | select(.workflow != env.APPROVAL_WORKFLOW and (.bucket == "fail" or .bucket == "cancel"))] | length' <<<"$CHECKS")" + if [ "$FAILING_COUNT" -gt 0 ]; then + jq -r '.[] | select(.workflow != env.APPROVAL_WORKFLOW and (.bucket == "fail" or .bucket == "cancel")) | "::error::\(.workflow): \(.name) failed"' <<<"$CHECKS" + exit 1 + fi + + PENDING_COUNT="$(jq '[.[] | select(.workflow != env.APPROVAL_WORKFLOW and .bucket == "pending")] | length' <<<"$CHECKS")" + if [ "$PENDING_COUNT" -eq 0 ]; then + exit 0 + fi + + echo "Waiting for $PENDING_COUNT pull request check(s) before approving (attempt $attempt/60)." + sleep 10 + done + + echo "::error::Timed out waiting for pull request checks to finish." + exit 1 env: PR_NUMBER: ${{steps.pr.outputs.number}} + APPROVAL_WORKFLOW: ${{github.workflow}} GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Approve pull request @@ -85,22 +108,19 @@ jobs: fi fi - APPROVAL_COMMENT="$(cat < Date: Fri, 3 Jul 2026 18:17:58 +0700 Subject: [PATCH 5/7] fix: prevent auto-approve workflow self-blocking --- .github/workflows/pr-auto-approve.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pr-auto-approve.yml b/.github/workflows/pr-auto-approve.yml index 21bfdf0..88f6089 100644 --- a/.github/workflows/pr-auto-approve.yml +++ b/.github/workflows/pr-auto-approve.yml @@ -80,11 +80,15 @@ jobs: | tail -n 1)" if [ -z "$APPROVED_FOR_HEAD" ]; then - gh pr review --approve "$PR_NUMBER" --repo "$GITHUB_REPOSITORY" + gh pr review --approve "$PR_NUMBER" --repo "$GITHUB_REPOSITORY" --body "$APPROVAL_REVIEW_BODY" fi env: PR_NUMBER: ${{steps.pr.outputs.number}} HEAD_SHA: ${{ github.event.workflow_run.head_sha }} + APPROVAL_REVIEW_BODY: | + Approved by @eplus-bot after all pull request checks passed. + + CI run: ${{ github.event.workflow_run.html_url }} GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Upsert CI approval comment From 7f043a78689cb00d2685f25ef0f616d7f1e60226 Mon Sep 17 00:00:00 2001 From: David Nguyen Date: Fri, 3 Jul 2026 18:42:14 +0700 Subject: [PATCH 6/7] Revert "Merge branch 'main' into dev" This reverts commit 48330a7d3d0f808300112bf77f94bc160db1bd8e, reversing changes made to f8cad61f73d9b5cdbeab0fc71358cbdc348fb05a. --- .github/workflows/pr-auto-approve.yml | 54 +++++++++++++++++-------- entrypoints/popup/components/Toggle.tsx | 1 - 2 files changed, 37 insertions(+), 18 deletions(-) diff --git a/.github/workflows/pr-auto-approve.yml b/.github/workflows/pr-auto-approve.yml index aac2146..88f6089 100644 --- a/.github/workflows/pr-auto-approve.yml +++ b/.github/workflows/pr-auto-approve.yml @@ -44,9 +44,32 @@ jobs: GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Wait for pull request checks - run: gh pr checks "$PR_NUMBER" --repo "$GITHUB_REPOSITORY" --watch --interval 10 + run: | + for attempt in {1..60}; do + CHECKS="$(gh pr checks "$PR_NUMBER" \ + --repo "$GITHUB_REPOSITORY" \ + --json bucket,name,workflow)" + + FAILING_COUNT="$(jq '[.[] | select(.workflow != env.APPROVAL_WORKFLOW and (.bucket == "fail" or .bucket == "cancel"))] | length' <<<"$CHECKS")" + if [ "$FAILING_COUNT" -gt 0 ]; then + jq -r '.[] | select(.workflow != env.APPROVAL_WORKFLOW and (.bucket == "fail" or .bucket == "cancel")) | "::error::\(.workflow): \(.name) failed"' <<<"$CHECKS" + exit 1 + fi + + PENDING_COUNT="$(jq '[.[] | select(.workflow != env.APPROVAL_WORKFLOW and .bucket == "pending")] | length' <<<"$CHECKS")" + if [ "$PENDING_COUNT" -eq 0 ]; then + exit 0 + fi + + echo "Waiting for $PENDING_COUNT pull request check(s) before approving (attempt $attempt/60)." + sleep 10 + done + + echo "::error::Timed out waiting for pull request checks to finish." + exit 1 env: PR_NUMBER: ${{steps.pr.outputs.number}} + APPROVAL_WORKFLOW: ${{github.workflow}} GH_TOKEN: ${{secrets.EPLUS_BOT_TOKEN}} - name: Approve pull request @@ -89,22 +112,19 @@ jobs: fi fi - APPROVAL_COMMENT="$(cat < Date: Fri, 3 Jul 2026 18:46:07 +0700 Subject: [PATCH 7/7] fix: restore Toggle documentation comment --- entrypoints/popup/components/Toggle.tsx | 1 + 1 file changed, 1 insertion(+) diff --git a/entrypoints/popup/components/Toggle.tsx b/entrypoints/popup/components/Toggle.tsx index 14c4a51..c521b10 100644 --- a/entrypoints/popup/components/Toggle.tsx +++ b/entrypoints/popup/components/Toggle.tsx @@ -7,6 +7,7 @@ export interface ToggleProps { description?: string; } +/** Labeled switch row used by popup settings. */ export default function Toggle({ enabled, onChange,