Conversation
p-e-w
left a comment
There was a problem hiding this comment.
Sure! I'm a code quality nut myself, and though I don't use Conventional Commits habitually, I am fine with switching to those, and this will certainly make the history easier to read.
| steps: | ||
| - uses: amannn/action-semantic-pull-request@v6 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
There was a problem hiding this comment.
Wait, what does that do? Why is a token needed for this check?
There was a problem hiding this comment.
It needs it to fetch the PR + commits from the github REST API, it's pretty standard.
It's the first example on the repo README, GITHUB_TOKEN is automatically generated for workflows.
There was a problem hiding this comment.
Ok, I wasn't familiar with this part of the GitHub Actions system. I went down a quick rabbit hole and this should indeed be fine even if the action were malicious. Thanks!
Bit of random housekeeping but as the project continues to grow it'd probably be better for everyone to stick to Conventional Commits. We squash all PRs so this just makes sure that the titles conform to the standard and give us a clean git history. Let me know if this is something you'd like to add
Sorry about the accidental PR spam, I misclicked