From e48fc001ffb5db5d2fa63b90c1622fadffb07057 Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Thu, 4 Dec 2025 14:08:43 +0100 Subject: [PATCH 01/12] ci: Configure semver bumper to explicitly use HEAD as the target tag in the release workflow. --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 22a703f..f102aa7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -35,6 +35,7 @@ jobs: with: configuration: "configuration.json" mode: "COMMIT" + toTag: "HEAD" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From b86cdf03b605e19b343977468724eda44fda8bea Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 14:39:40 +0100 Subject: [PATCH 02/12] docs: add REUSE status badge to README --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 295d730..76bf67e 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Pull Request Semver Bumper +[![REUSE status](https://api.reuse.software/badge/github.com/SAP/pull-request-semver-bumper)](https://api.reuse.software/info/github.com/SAP/pull-request-semver-bumper) + ## About this project This repository contains a suite of **Composite GitHub Actions** designed to automate semantic version bumping for various project types (Python, Maven, NPM, etc.) within Pull Requests. From 5e0407bca854a9e9cf2423d233ba893fa0e969f0 Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 14:41:03 +0100 Subject: [PATCH 03/12] chore: rename action from "Version Bumping Action" to "pull request semver bumper" --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 626b75b..7f3c7d6 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: "Version Bumping Action" +name: "pull request semver bumper" description: "Automated semantic version bumping for Maven, NPM, Python, and generic projects." branding: icon: "git-merge" From c00d6e0743ae80cd44401485c241e15f5250db05 Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 16:18:25 +0100 Subject: [PATCH 04/12] chore: Rename action from "pull request semver bumper" to "Version Bumping Action". --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 7f3c7d6..626b75b 100644 --- a/action.yml +++ b/action.yml @@ -1,4 +1,4 @@ -name: "pull request semver bumper" +name: "Version Bumping Action" description: "Automated semantic version bumping for Maven, NPM, Python, and generic projects." branding: icon: "git-merge" From 6d8d0696334a4eaea3691adf82b799794e3f76cb Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 16:22:22 +0100 Subject: [PATCH 05/12] feat: add GitHub issue templates for bug reports and feature requests. --- .github/ISSUE_TEMPLATE/bug_report.yml | 50 ++++++++++++++++++++++ .github/ISSUE_TEMPLATE/config.yml | 8 ++++ .github/ISSUE_TEMPLATE/feature_request.yml | 38 ++++++++++++++++ 3 files changed, 96 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yml create mode 100644 .github/ISSUE_TEMPLATE/config.yml create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yml diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..a67dbdc --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,50 @@ +name: Bug Report +description: Create a report to help us improve +title: "[Bug]: " +labels: ["bug"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + - type: textarea + id: description + attributes: + label: Describe the bug + description: A clear and concise description of what the bug is. + placeholder: I expected X to happen, but Y happened instead. + validations: + required: true + - type: textarea + id: to-reproduce + attributes: + label: To Reproduce + description: Steps to reproduce the behavior. + placeholder: | + 1. Go to '...' + 2. Click on '....' + 3. Scroll down to '....' + 4. See error + validations: + required: true + - type: textarea + id: expected-behavior + attributes: + label: Expected behavior + description: A clear and concise description of what you expected to happen. + validations: + required: true + - type: textarea + id: screenshots + attributes: + label: Screenshots + description: If applicable, add screenshots to help explain your problem. + validations: + required: false + - type: textarea + id: context + attributes: + label: Additional context + description: Add any other context about the problem here. + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..6870a2e --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +blank_issues_enabled: false +contact_links: + - name: Security Policy + url: https://github.com/SAP/pull-request-semver-bumper/security/policy + about: Please do not report security vulnerabilities in public issues. + - name: Ask a question + url: https://github.com/SAP/pull-request-semver-bumper/discussions/new?category=q-a + about: Ask a question or get help with using the project. diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000..0d74c46 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,38 @@ +name: Feature Request +description: Suggest an idea for this project +title: "[Feature]: " +labels: ["enhancement"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to suggest a new feature! + - type: textarea + id: problem + attributes: + label: Is your feature request related to a problem? Please describe. + description: A clear and concise description of what the problem is. + placeholder: I'm always frustrated when [...] + validations: + required: true + - type: textarea + id: solution + attributes: + label: Describe the solution you'd like + description: A clear and concise description of what you want to happen. + validations: + required: true + - type: textarea + id: alternatives + attributes: + label: Describe alternatives you've considered + description: A clear and concise description of any alternative solutions or features you've considered. + validations: + required: false + - type: textarea + id: context + attributes: + label: Additional context + description: Add any other context or screenshots about the feature request here. + validations: + required: false From 339f48eb7aafbdfb3e65a189f6f65040406f3bea Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 16:34:42 +0100 Subject: [PATCH 06/12] chore: Add configuration.json to REUSE ignore list. --- REUSE.toml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/REUSE.toml b/REUSE.toml index 7596f70..4b6f59e 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -13,7 +13,8 @@ path = [ "CONTRIBUTING.md", ".gitignore", ".husky/**", - "package-lock.json" + "package-lock.json", + "configuration.json" ] precedence = "aggregate" SPDX-FileCopyrightText = "2025 SAP SE or an SAP affiliate company and pull-request-semver-bumper contributors" From fb2ede95468d0f3926f4f1aa50db914c2cbd9dde Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 16:47:33 +0100 Subject: [PATCH 07/12] docs: update project links in README for consistency --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 76bf67e..24216ab 100644 --- a/README.md +++ b/README.md @@ -106,10 +106,10 @@ For detailed documentation on specific ecosystem behaviors, click the links abov ## Support, Feedback, Contributing -This project is open to feature requests/suggestions, bug reports etc. via [GitHub issues](https://github.com/SAP//issues). Contribution and feedback are encouraged and always welcome. For more information about how to contribute, the project structure, as well as additional contribution information, see our [Contribution Guidelines](CONTRIBUTING.md). +This project is open to feature requests/suggestions, bug reports etc. via [GitHub issues](https://github.com/SAP/pull-request-semver-bumper/issues). Contribution and feedback are encouraged and always welcome. For more information about how to contribute, the project structure, as well as additional contribution information, see our [Contribution Guidelines](CONTRIBUTING.md). ## Security / Disclosure -If you find any bug that may be a security problem, please follow our instructions at [in our security policy](https://github.com/SAP//security/policy) on how to report it. Please do not create GitHub issues for security-related doubts or problems. +If you find any bug that may be a security problem, please follow our instructions at [in our security policy](https://github.com/SAP/pull-request-semver-bumper/security/policy) on how to report it. Please do not create GitHub issues for security-related doubts or problems. ## Code of Conduct From 79e78af057e24abbb3100f7c5a096c108020109c Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 16:59:12 +0100 Subject: [PATCH 08/12] feat: Add `merge_group` trigger and refine `if` conditions for pull request specific steps in build workflow. --- .github/workflows/build-and-test.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 60c4c42..8cfa3e8 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -8,6 +8,7 @@ on: - opened - synchronize - reopened + merge_group: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} @@ -46,7 +47,7 @@ jobs: run: npm run build - name: Commit build artifacts (same-repo PRs only) - if: github.event.pull_request.head.repo.full_name == github.repository + if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository uses: EndBug/add-and-commit@v9 with: add: "." @@ -55,7 +56,7 @@ jobs: push: true - name: Fail if dist is dirty (Forked PRs only) - if: github.event.pull_request.head.repo.full_name != github.repository + if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository working-directory: .github/actions/core run: | if [[ -n $(git status --porcelain dist) ]]; then From e2053ecc65e42291111b270006e870fad21cb5a4 Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 17:00:37 +0100 Subject: [PATCH 09/12] chore: Add `CHANGELOG.md` to REUSE ignore list --- REUSE.toml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/REUSE.toml b/REUSE.toml index 4b6f59e..0ea9507 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -14,7 +14,8 @@ path = [ ".gitignore", ".husky/**", "package-lock.json", - "configuration.json" + "configuration.json", + "CHANGELOG.md" ] precedence = "aggregate" SPDX-FileCopyrightText = "2025 SAP SE or an SAP affiliate company and pull-request-semver-bumper contributors" From 2cbd2b51734c78c426a314931f86e372301c9351 Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 17:14:26 +0100 Subject: [PATCH 10/12] docs: Update README examples to use `v1` tag for the version bumping action. --- .github/actions/version-bumping/maven/README.md | 2 +- .github/actions/version-bumping/npm/README.md | 2 +- .github/actions/version-bumping/python/README.md | 2 +- .github/actions/version-bumping/version-file/README.md | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/actions/version-bumping/maven/README.md b/.github/actions/version-bumping/maven/README.md index f71e7b4..9931981 100644 --- a/.github/actions/version-bumping/maven/README.md +++ b/.github/actions/version-bumping/maven/README.md @@ -58,7 +58,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Bump Maven Version - uses: sap/pull-request-semver-bumper@main + uses: sap/pull-request-semver-bumper@v1 env: NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} diff --git a/.github/actions/version-bumping/npm/README.md b/.github/actions/version-bumping/npm/README.md index ecd0d8d..132eb5c 100644 --- a/.github/actions/version-bumping/npm/README.md +++ b/.github/actions/version-bumping/npm/README.md @@ -49,7 +49,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Bump NPM Version - uses: sap/pull-request-semver-bumper@main + uses: sap/pull-request-semver-bumper@v1 with: type: npm token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/actions/version-bumping/python/README.md b/.github/actions/version-bumping/python/README.md index 50483e7..5498997 100644 --- a/.github/actions/version-bumping/python/README.md +++ b/.github/actions/version-bumping/python/README.md @@ -55,7 +55,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Bump Python Version - uses: sap/pull-request-semver-bumper@main + uses: sap/pull-request-semver-bumper@v1 with: type: python token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/actions/version-bumping/version-file/README.md b/.github/actions/version-bumping/version-file/README.md index b34056e..3c61123 100644 --- a/.github/actions/version-bumping/version-file/README.md +++ b/.github/actions/version-bumping/version-file/README.md @@ -52,7 +52,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Bump Version File - uses: sap/pull-request-semver-bumper@main + uses: sap/pull-request-semver-bumper@v1 with: type: version-file token: ${{ secrets.GITHUB_TOKEN }} From f4d205281126b7eb6ea8198f61fce194e555d1e1 Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 17:15:31 +0100 Subject: [PATCH 11/12] Remove `merge_group` trigger and redundant `pull_request` event checks. --- .github/workflows/build-and-test.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 8cfa3e8..60c4c42 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -8,7 +8,6 @@ on: - opened - synchronize - reopened - merge_group: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} @@ -47,7 +46,7 @@ jobs: run: npm run build - name: Commit build artifacts (same-repo PRs only) - if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository + if: github.event.pull_request.head.repo.full_name == github.repository uses: EndBug/add-and-commit@v9 with: add: "." @@ -56,7 +55,7 @@ jobs: push: true - name: Fail if dist is dirty (Forked PRs only) - if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository + if: github.event.pull_request.head.repo.full_name != github.repository working-directory: .github/actions/core run: | if [[ -n $(git status --porcelain dist) ]]; then From c36ace3f9bc687533f3649893e4f1025597acef3 Mon Sep 17 00:00:00 2001 From: Yuanxun Gu Date: Fri, 5 Dec 2025 17:17:59 +0100 Subject: [PATCH 12/12] refactor: Remove `merge_group` trigger and simplify pull request condition checks in build workflow --- .github/workflows/build-and-test.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 8cfa3e8..60c4c42 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -8,7 +8,6 @@ on: - opened - synchronize - reopened - merge_group: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} @@ -47,7 +46,7 @@ jobs: run: npm run build - name: Commit build artifacts (same-repo PRs only) - if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository + if: github.event.pull_request.head.repo.full_name == github.repository uses: EndBug/add-and-commit@v9 with: add: "." @@ -56,7 +55,7 @@ jobs: push: true - name: Fail if dist is dirty (Forked PRs only) - if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository + if: github.event.pull_request.head.repo.full_name != github.repository working-directory: .github/actions/core run: | if [[ -n $(git status --porcelain dist) ]]; then