From a824acd5d788363224e40cf68000249a7ce66d53 Mon Sep 17 00:00:00 2001 From: Jon Janego Date: Thu, 25 Jan 2024 13:49:10 -0600 Subject: [PATCH 1/2] Create stale.yaml --- .github/workflows/stale.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .github/workflows/stale.yaml diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml new file mode 100644 index 000000000..ca4807ea9 --- /dev/null +++ b/.github/workflows/stale.yaml @@ -0,0 +1,23 @@ +name: Close stale PRs + +on: + schedule: + - cron: "00 0 * * *" # runs at 00:00 daily + +jobs: + stale: + runs-on: ubuntu-latest + steps: + - uses: actions/stale@v9.0.0 + name: Clean up stale PRs + with: + repo-token: ${{ secrets.STALE_BOT }} + stale-pr-message: "👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the `Keep` label to hold stale off permanently, or do nothing. If you do nothing, this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details." + stale-pr-label: "Stale" + exempt-pr-labels: "Keep" # a "Keep" label will keep the PR from being closed as stale + days-before-pr-stale: 180 # when the PR is considered stale + days-before-pr-close: 15 # when the PR is closed by the bot, + days-before-issue-stale: -1 # prevents issues from being tagged by the bot + days-before-issue-close: -1 # prevents issues from being closed by the bot + exempt-assignees: 'advanced-security-dependency-graph' + ascending: true From 56991330a377404e054c44006ce29ab7f8f4f47d Mon Sep 17 00:00:00 2001 From: Jon Janego Date: Fri, 26 Jan 2024 09:15:48 -0600 Subject: [PATCH 2/2] Update stale.yaml assigning explicit permissions --- .github/workflows/stale.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index ca4807ea9..87e860a97 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -1,5 +1,8 @@ name: Close stale PRs +permissions: + pull-requests: write + on: schedule: - cron: "00 0 * * *" # runs at 00:00 daily @@ -11,7 +14,6 @@ jobs: - uses: actions/stale@v9.0.0 name: Clean up stale PRs with: - repo-token: ${{ secrets.STALE_BOT }} stale-pr-message: "👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the `Keep` label to hold stale off permanently, or do nothing. If you do nothing, this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details." stale-pr-label: "Stale" exempt-pr-labels: "Keep" # a "Keep" label will keep the PR from being closed as stale