 |
VOOZH | about |
|
VOOZH | about |
This page documents all GitHub Actions workflows in the ai-commit repository. It covers the trigger conditions, job steps, and outputs of each workflow. For the broader release process that some of these workflows support (PHAR building, versioning, changelog management), see Build and Release Process. For the code quality tools that several workflows invoke, see Code Quality Tools.
All workflows live under .github/workflows/. They fall into four functional categories:
| Category | Workflows |
|---|---|
| Code Quality | tests.yml, rector.yml, phpstan.yml, php-cs-fixer.yml, lint-md.yml |
| Security | secret-check.yml |
| Release & Maintenance | publish-phar.yml, update-changelog.yml |
| Repository Hygiene | dependabot-auto-merge.yml, stale.yml, label.yml |
The diagram below shows trigger events and their associated workflows:
Workflow Trigger Map
Sources: .github/workflows/tests.yml1-7 .github/workflows/rector.yml1-12 .github/workflows/phpstan.yml1-13 .github/workflows/php-cs-fixer.yml1-7 .github/workflows/secret-check.yml1-7 .github/workflows/lint-md.yml1-7 .github/workflows/label.yml1-13 .github/workflows/dependabot-auto-merge.yml1-10 .github/workflows/stale.yml1-11 .github/workflows/publish-phar.yml1-6 .github/workflows/update-changelog.yml1-7
File: .github/workflows/tests.yml1-54
This is the primary CI workflow. It runs the full test suite across a matrix of operating systems and PHP versions.
Matrix dimensions:
| Axis | Values |
|---|---|
os | ubuntu-latest, windows-latest |
php | 8.2, 8.4 |
dependency-version | prefer-stable |
This produces four parallel jobs per run. The matrix uses fail-fast: false so that a failure on one combination does not cancel the others .github/workflows/tests.yml15-16
Job steps:
The composer test-coverage script produces a Clover XML coverage report at .build/phpunit/clover.xml. That file is then uploaded to Codecov using secrets.CODECOV_TOKEN. The workflow requests write-all permissions .github/workflows/tests.yml8 to support the upload step.
Sources: .github/workflows/tests.yml1-54
File: .github/workflows/rector.yml1-40
Runs Rector in dry-run mode to verify that no pending code modernization rules remain unapplied.
Path filters — the workflow only triggers on pushes that modify:
**.php.github/**.yml / .github/**.yaml*.xml / *.xml.dist.github/workflows/rector.yml6-12
Key step: composer rector-dry-run .github/workflows/rector.yml39
This runs Rector without writing changes. A non-zero exit code fails the workflow. The check runs on PHP 8.2 with the vendor directory cached against composer.lock.
Sources: .github/workflows/rector.yml1-40
File: .github/workflows/phpstan.yml1-41
Runs PHPStan static analysis. Triggers on pushes that modify:
**.php*.neon*.xml / *.xml.dist.github/**.yaml / .github/**.yml.github/workflows/phpstan.yml6-12
Key step: composer phpstan .github/workflows/phpstan.yml40
Runs on PHP 8.2. For details about PHPStan configuration (level, type coverage requirements, cognitive complexity limits), see Code Quality Tools.
Sources: .github/workflows/phpstan.yml1-41
File: .github/workflows/php-cs-fixer.yml1-43
This workflow runs PHP-CS-Fixer and automatically commits any formatting changes back to the branch. It triggers on every push (no path filters).
Job steps:
The two-step dependency install is notable: the main project dependencies are installed first, then friendsofphp/php-cs-fixer is installed into a separate vendor-bin namespace (composer bin php-cs-fixer-config) .github/workflows/php-cs-fixer.yml32-33
stefanzweifel/git-auto-commit-action commits all changed **.php files with the message Fix styling .github/workflows/php-cs-fixer.yml39-43
Sources: .github/workflows/php-cs-fixer.yml1-43
File: .github/workflows/lint-md.yml1-22
Lints Markdown files using the @lint-md/cli npm package. Triggered on push and pull_request.
Key step:
lint-md --config .lintmdrc ./*.md ./.github/ ./resources/docs/
.github/workflows/lint-md.yml22
The tool reads rules from .lintmdrc and checks all .md files at the repo root plus files under .github/ and resources/docs/.
Sources: .github/workflows/lint-md.yml1-22
File: .github/workflows/secret-check.yml1-24
Scans commit history for leaked secrets using TruffleHog. Triggers on push, pull_request, and workflow_dispatch.
Configuration:
trufflesecurity/trufflehog@mainfetch-depth: 0 to scan the full git history .github/workflows/secret-check.yml13-14extra_args: --results=verified,unknown — reports both verified and unverified-but-suspected secrets .github/workflows/secret-check.yml24Sources: .github/workflows/secret-check.yml1-24
File: .github/workflows/publish-phar.yml1-61
Triggered when a GitHub Release of type created is published. Builds the PHAR artifact, uploads it to the release, and commits the binary back to main.
Job steps:
The app:build invocation uses the Laravel Zero box builder to produce a self-contained PHAR .github/workflows/publish-phar.yml38
The final step commits builds/ai-commit (the extension-less copy used for direct download) and CHANGELOG.md to main with the message Bump to <release-name> .github/workflows/publish-phar.yml55-60
For more on the PHAR build process and box.json configuration, see Build and Release Process.
Sources: .github/workflows/publish-phar.yml1-61
File: .github/workflows/update-changelog.yml1-30
Triggered when a GitHub Release of type released is published (distinct from created).
Job steps:
main branchstefanzweifel/changelog-updater-action@v1 — prepends the release notes from github.event.release.body into CHANGELOG.md under the version github.event.release.name .github/workflows/update-changelog.yml18-22stefanzweifel/git-auto-commit-action@v7 — commits CHANGELOG.md with message Update CHANGELOG .github/workflows/update-changelog.yml24-29The CHANGELOG.md template and git-chglog configuration used for generating release notes manually are defined in .chglog/config.yml1-76 and .chglog/CHANGELOG.tpl.md1-63
Sources: .github/workflows/update-changelog.yml1-30
File: .github/workflows/dependabot-auto-merge.yml1-36
Automatically merges Dependabot PRs for semver-minor and semver-patch version bumps. Triggered by pull_request_target events from the dependabot[bot] actor .github/workflows/dependabot-auto-merge.yml14
Auto-merge logic:
| Update type | Action |
|---|---|
version-update:semver-minor | gh pr merge --auto --merge |
version-update:semver-patch | gh pr merge --auto --merge |
version-update:semver-major | No action (requires manual review) |
.github/workflows/dependabot-auto-merge.yml24-35
Required permissions: pull-requests: write, contents: write .github/workflows/dependabot-auto-merge.yml7-9
Sources: .github/workflows/dependabot-auto-merge.yml1-36
File: .github/workflows/stale.yml1-29
Runs daily at 08:30 UTC via cron schedule (30 08 * * *) .github/workflows/stale.yml11
Uses actions/stale@v10 with the following configuration:
| Setting | Value |
|---|---|
stale-issue-label | no-issue-activity |
stale-pr-label | no-pr-activity |
stale-issue-message | Stale issue message |
stale-pr-message | Stale pull request message |
.github/workflows/stale.yml22-28
Required permissions: issues: write, pull-requests: write .github/workflows/stale.yml17-19
Sources: .github/workflows/stale.yml1-29
File: .github/workflows/label.yml1-26
Applies labels to pull requests based on modified file paths, triggered on pull_request events. Uses actions/labeler@v6 with rules defined in .github/labeler.yml .github/workflows/label.yml23-25
Required permissions: contents: read, pull-requests: write .github/workflows/label.yml17-19
Sources: .github/workflows/label.yml1-26
The following diagram maps each workflow to the underlying tool or action it invokes and the resulting output artifact or side effect.
Workflow → Tool → Output
Sources: .github/workflows/tests.yml45-53 .github/workflows/rector.yml35-39 .github/workflows/phpstan.yml36-40 .github/workflows/php-cs-fixer.yml35-43 .github/workflows/secret-check.yml17-24 .github/workflows/lint-md.yml18-22 .github/workflows/dependabot-auto-merge.yml17-35 .github/workflows/stale.yml22-28 .github/workflows/label.yml23-25 .github/workflows/publish-phar.yml37-60 .github/workflows/update-changelog.yml18-29
Several workflows share a common setup pattern. The table below summarizes reusable elements:
| Element | Details |
|---|---|
| PHP setup action | shivammathur/setup-php@v2 |
| Default PHP version | 8.2 (all quality workflows) |
| Composer dependency cache | actions/cache@v5 keyed on composer.lock hash |
| Auto-commit action | stefanzweifel/git-auto-commit-action@v7 |
| Code checkout | actions/checkout@v6 |
| Composer install flags | --no-interaction --prefer-dist --ansi |
The publish-phar.yml workflow additionally uses tools: composer:v2 in the PHP setup step to pin the Composer major version .github/workflows/publish-phar.yml31
Refresh this wiki