From 70b16035984381ad69cadacdc3c3aff1898a6719 Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Mon, 23 Feb 2026 15:47:44 +0000 Subject: [PATCH 1/4] feat: implement release-please for automated releases - Configured release-please with manifest-based setup. - Added GitHub Actions for release-please and Dependabot automation. - Grouped Dependabot dependencies and added auto-renaming for production deps. - Updated README with automated release instructions. - Configured docs, chore, ci, and test commits to not trigger releases. Co-authored-by: justlevine <29322304+justlevine@users.noreply.github.com> --- .github/dependabot.yml | 11 +++- .github/workflows/dependabot-automation.yml | 64 +++++++++++++++++++++ .github/workflows/release-please.yml | 20 +++++++ .release-please-manifest.json | 3 + README.md | 11 ++++ release-please-config.json | 59 +++++++++++++++++++ 6 files changed, 167 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/dependabot-automation.yml create mode 100644 .github/workflows/release-please.yml create mode 100644 .release-please-manifest.json create mode 100644 release-please-config.json diff --git a/.github/dependabot.yml b/.github/dependabot.yml index f4a4056..bc51120 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,8 +9,15 @@ updates: semver-minor-days: 7 semver-patch-days: 7 groups: - composer-minor-patch: + production-deps: + dependency-type: 'production' update-types: [minor, patch] + development-deps: + dependency-type: 'development' + update-types: [minor, patch] + commit-message: + prefix: 'chore(deps)' + - package-ecosystem: 'github-actions' directory: '/' schedule: @@ -18,3 +25,5 @@ updates: groups: github-actions-updates: patterns: ['*'] + commit-message: + prefix: 'chore(deps)' diff --git a/.github/workflows/dependabot-automation.yml b/.github/workflows/dependabot-automation.yml new file mode 100644 index 0000000..da13fe7 --- /dev/null +++ b/.github/workflows/dependabot-automation.yml @@ -0,0 +1,64 @@ +name: Dependabot Automation + +on: + pull_request: + types: [opened, synchronized] + +permissions: + pull-requests: write + contents: read + +jobs: + rename-dependabot-pr: + if: github.actor == 'dependabot[bot]' + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Check and rename PR + uses: actions/github-script@v7 + with: + script: | + const { data: pr } = await github.rest.pulls.get({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.issue.number + }); + + const fs = require('fs'); + const composer = JSON.parse(fs.readFileSync('composer.json', 'utf8')); + const prodDeps = Object.keys(composer.require || {}); + + // Dependabot titles usually look like: "chore(deps): bump vendor/package from X to Y" + // or if grouped: "chore(deps): bump the production-deps group with 2 updates" + + if (pr.title.includes('production-deps group')) { + const newTitle = pr.title.replace(/^chore\(deps\):/, 'fix(deps):'); + if (newTitle !== pr.title) { + await github.rest.pulls.update({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.issue.number, + title: newTitle + }); + console.log(`Renamed grouped PR to: ${newTitle}`); + } + } else { + const match = pr.title.match(/bump ([\w\-\.\/]+) from/); + if (match) { + const packageName = match[1]; + if (prodDeps.includes(packageName)) { + const newTitle = pr.title.replace(/^chore\(deps\):/, 'fix(deps):'); + if (newTitle !== pr.title) { + await github.rest.pulls.update({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.issue.number, + title: newTitle + }); + console.log(`Renamed single PR for ${packageName} to: ${newTitle}`); + } + } + } + } diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml new file mode 100644 index 0000000..df992fe --- /dev/null +++ b/.github/workflows/release-please.yml @@ -0,0 +1,20 @@ +name: release-please + +on: + push: + branches: + - main + +permissions: + contents: write + pull-requests: write + +jobs: + release-please: + runs-on: ubuntu-latest + steps: + - uses: googleapis/release-please-action@v4 + with: + # Use manifest-based release + manifest-file: .release-please-manifest.json + config-file: release-please-config.json diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 0000000..466df71 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "0.1.0" +} diff --git a/README.md b/README.md index f57f079..a183419 100644 --- a/README.md +++ b/README.md @@ -101,6 +101,17 @@ Because code quality tooling can make "breaking" ambiguous, we follow [Eslint's Minor releases may increase reported linting errors. For projects without a lockfile, pin the dependency with a tilde(`~`) in `composer.json` to receive patch updates only, e.g. "rtcamp/coding-standards-d": "~1.1.0". +### Automated Releases + +This project uses [release-please](https://github.com/googleapis/release-please) to automate versioning and releases. To trigger a release, use [Conventional Commits](https://www.conventionalcommits.org/): + +- `feat:` for **MINOR** releases (new rules, behavior changes). +- `fix:` for **PATCH** releases (bug fixes). +- `fix(deps):` for production dependency updates. +- Commits with `!` or `BREAKING CHANGE:` in the footer for **MAJOR** releases. + +Releases are automatically managed via a "Release PR". Merging this PR will tag the release, create a GitHub Release, and update the `CHANGELOG.md`. + > [!IMPORTANT] > These guidelines apply to most PHPCS ruleset libraries, including those we use in this project. > diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 0000000..4d386c2 --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,59 @@ +{ + "packages": { + ".": { + "release-type": "php", + "changelog-path": "CHANGELOG.md", + "bump-minor-pre-major": true, + "bump-patch-for-minor-pre-major": false, + "include-v-in-tag": true, + "changelog-sections": [ + { + "type": "feat", + "section": "Features" + }, + { + "type": "fix", + "section": "Bug Fixes" + }, + { + "type": "deps", + "section": "Dependencies" + }, + { + "type": "perf", + "section": "Performance Improvements" + }, + { + "type": "docs", + "section": "Documentation", + "hidden": true + }, + { + "type": "chore", + "section": "Miscellaneous", + "hidden": true + }, + { + "type": "refactor", + "section": "Code Refactoring", + "hidden": true + }, + { + "type": "style", + "section": "Styles", + "hidden": true + }, + { + "type": "test", + "section": "Tests", + "hidden": true + }, + { + "type": "ci", + "section": "Continuous Integration", + "hidden": true + } + ] + } + } +} From 2ec1b5734ce8c075ac080c170716ae5dcecc24a1 Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Mon, 23 Feb 2026 16:38:20 +0000 Subject: [PATCH 2/4] feat: implement release-please for automated releases - Configured release-please with manifest-based setup for PHP. - Added GitHub Actions workflow for release-please. - Updated Dependabot to use fix(deps) for production dependency updates. - Updated README with automated release instructions and tips. Co-authored-by: justlevine <29322304+justlevine@users.noreply.github.com> --- .github/dependabot.yml | 33 ++++------- .github/workflows/dependabot-automation.yml | 64 --------------------- README.md | 6 +- release-please-config.json | 53 +---------------- 4 files changed, 17 insertions(+), 139 deletions(-) delete mode 100644 .github/workflows/dependabot-automation.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index bc51120..38abe1c 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,29 +1,20 @@ version: 2 updates: - - package-ecosystem: 'composer' - directory: '/' + - package-ecosystem: "composer" + directory: "/" schedule: - interval: 'weekly' - cooldown: - semver-major-days: 30 - semver-minor-days: 7 - semver-patch-days: 7 + interval: "weekly" groups: - production-deps: - dependency-type: 'production' - update-types: [minor, patch] - development-deps: - dependency-type: 'development' - update-types: [minor, patch] + production-dependencies: + dependency-type: "production" + development-dependencies: + dependency-type: "development" commit-message: - prefix: 'chore(deps)' + prefix: "fix(deps)" - - package-ecosystem: 'github-actions' - directory: '/' + - package-ecosystem: "github-actions" + directory: "/" schedule: - interval: 'weekly' - groups: - github-actions-updates: - patterns: ['*'] + interval: "weekly" commit-message: - prefix: 'chore(deps)' + prefix: "chore(deps)" diff --git a/.github/workflows/dependabot-automation.yml b/.github/workflows/dependabot-automation.yml deleted file mode 100644 index da13fe7..0000000 --- a/.github/workflows/dependabot-automation.yml +++ /dev/null @@ -1,64 +0,0 @@ -name: Dependabot Automation - -on: - pull_request: - types: [opened, synchronized] - -permissions: - pull-requests: write - contents: read - -jobs: - rename-dependabot-pr: - if: github.actor == 'dependabot[bot]' - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Check and rename PR - uses: actions/github-script@v7 - with: - script: | - const { data: pr } = await github.rest.pulls.get({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: context.issue.number - }); - - const fs = require('fs'); - const composer = JSON.parse(fs.readFileSync('composer.json', 'utf8')); - const prodDeps = Object.keys(composer.require || {}); - - // Dependabot titles usually look like: "chore(deps): bump vendor/package from X to Y" - // or if grouped: "chore(deps): bump the production-deps group with 2 updates" - - if (pr.title.includes('production-deps group')) { - const newTitle = pr.title.replace(/^chore\(deps\):/, 'fix(deps):'); - if (newTitle !== pr.title) { - await github.rest.pulls.update({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: context.issue.number, - title: newTitle - }); - console.log(`Renamed grouped PR to: ${newTitle}`); - } - } else { - const match = pr.title.match(/bump ([\w\-\.\/]+) from/); - if (match) { - const packageName = match[1]; - if (prodDeps.includes(packageName)) { - const newTitle = pr.title.replace(/^chore\(deps\):/, 'fix(deps):'); - if (newTitle !== pr.title) { - await github.rest.pulls.update({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: context.issue.number, - title: newTitle - }); - console.log(`Renamed single PR for ${packageName} to: ${newTitle}`); - } - } - } - } diff --git a/README.md b/README.md index a183419..f8ede31 100644 --- a/README.md +++ b/README.md @@ -106,12 +106,14 @@ Minor releases may increase reported linting errors. For projects without a lock This project uses [release-please](https://github.com/googleapis/release-please) to automate versioning and releases. To trigger a release, use [Conventional Commits](https://www.conventionalcommits.org/): - `feat:` for **MINOR** releases (new rules, behavior changes). -- `fix:` for **PATCH** releases (bug fixes). -- `fix(deps):` for production dependency updates. +- `fix:` for **PATCH** releases (bug fixes, dependency updates). - Commits with `!` or `BREAKING CHANGE:` in the footer for **MAJOR** releases. Releases are automatically managed via a "Release PR". Merging this PR will tag the release, create a GitHub Release, and update the `CHANGELOG.md`. +> [!TIP] +> Dependabot is configured to use the `fix(deps):` prefix for all updates to ensure production dependency changes trigger a release. For development-only updates, you can manually change the PR title to `chore(deps):` before merging if a version bump is not desired. + > [!IMPORTANT] > These guidelines apply to most PHPCS ruleset libraries, including those we use in this project. > diff --git a/release-please-config.json b/release-please-config.json index 4d386c2..8f970fb 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -2,58 +2,7 @@ "packages": { ".": { "release-type": "php", - "changelog-path": "CHANGELOG.md", - "bump-minor-pre-major": true, - "bump-patch-for-minor-pre-major": false, - "include-v-in-tag": true, - "changelog-sections": [ - { - "type": "feat", - "section": "Features" - }, - { - "type": "fix", - "section": "Bug Fixes" - }, - { - "type": "deps", - "section": "Dependencies" - }, - { - "type": "perf", - "section": "Performance Improvements" - }, - { - "type": "docs", - "section": "Documentation", - "hidden": true - }, - { - "type": "chore", - "section": "Miscellaneous", - "hidden": true - }, - { - "type": "refactor", - "section": "Code Refactoring", - "hidden": true - }, - { - "type": "style", - "section": "Styles", - "hidden": true - }, - { - "type": "test", - "section": "Tests", - "hidden": true - }, - { - "type": "ci", - "section": "Continuous Integration", - "hidden": true - } - ] + "bump-minor-pre-major": true } } } From aa746d2905c78448fd9233b4567aeb1c951e7326 Mon Sep 17 00:00:00 2001 From: Dovid Levine Date: Mon, 23 Feb 2026 20:34:33 +0200 Subject: [PATCH 3/4] chore: cleanup --- .github/dependabot.yml | 20 ++++++++++---------- .github/workflows/test.yml | 8 ++++---- .release-please-manifest.json | 2 +- LICENSE.md | 12 +++--------- README.md | 4 ++-- release-please-config.json | 12 ++++++------ 6 files changed, 26 insertions(+), 32 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 38abe1c..c4a3535 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,20 +1,20 @@ version: 2 updates: - - package-ecosystem: "composer" - directory: "/" + - package-ecosystem: 'composer' + directory: '/' schedule: - interval: "weekly" + interval: 'weekly' groups: production-dependencies: - dependency-type: "production" + dependency-type: 'production' development-dependencies: - dependency-type: "development" + dependency-type: 'development' commit-message: - prefix: "fix(deps)" + prefix: 'fix(deps)' - - package-ecosystem: "github-actions" - directory: "/" + - package-ecosystem: 'github-actions' + directory: '/' schedule: - interval: "weekly" + interval: 'weekly' commit-message: - prefix: "chore(deps)" + prefix: 'chore(deps)' diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3f839e7..f702340 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -33,8 +33,8 @@ jobs: - name: Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: - show-progress: ${{ runner.debug == '1' && 'true' || 'false' }} - persist-credentials: false + show-progress: ${{ runner.debug == '1' && 'true' || 'false' }} + persist-credentials: false - name: Setup PHP uses: shivammathur/setup-php@ec406be512d7077f68eed36e63f4d91bc006edc4 # v2.35.4 @@ -61,5 +61,5 @@ jobs: - name: Validate the WordPress rulesets uses: phpcsstandards/xmllint-validate@0fd9c4a9046055f621fca4bbdccb8eab1fd59fdc # v1.0.1 with: - pattern: "./*/ruleset.xml" - xsd-file: "vendor/squizlabs/php_codesniffer/phpcs.xsd" + pattern: './*/ruleset.xml' + xsd-file: 'vendor/squizlabs/php_codesniffer/phpcs.xsd' diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 466df71..f2ecd08 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "0.1.0" + ".": "0.1.0" } diff --git a/LICENSE.md b/LICENSE.md index 51ae63a..5db7082 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -2,7 +2,7 @@ Version 2, June 1991 - Copyright (C) 1989, 1991 Free Software Foundation, Inc. + Copyright (C) 1989, 1991 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies @@ -96,17 +96,14 @@ portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: - **a)** You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. - **b)** You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. - **c)** If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement @@ -143,12 +140,10 @@ the scope of this License. under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: - **a)** Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, - **b)** Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable @@ -156,7 +151,6 @@ copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, - **c)** Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the @@ -330,7 +324,7 @@ when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome - to redistribute it under certain conditions; type `show c' + to redistribute it under certain conditions; type `show c' for details. The hypothetical commands \`show w' and \`show c' should show the @@ -345,7 +339,7 @@ if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' - (which makes passes at compilers) written + (which makes passes at compilers) written by James Hacker. signature of Moe Ghoul, 1 April 1989 diff --git a/README.md b/README.md index f8ede31..8ea62f9 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,7 @@ Consistent coding standards reduce bugs, prevent common mistakes, and lower tech - [`rtCamp`](rtCamp/ruleset.xml): the full superset with all of the sniffs in the project. - 🎯 **Use this by default** and customize as needed, unless you have a particular reason to use or compose the others. + 🎯 **Use this by default** and customize as needed, unless you have a particular reason to use or compose the others. - [`rtCamp-Minimum`](./rtCamp-Minimum/ruleset.xml): Essential sniffs for enterprise-ready code. All rtCamp code should pass this. @@ -45,7 +45,7 @@ Consistent coding standards reduce bugs, prevent common mistakes, and lower tech - [`rtCamp-Extra`](./rtCamp-Extra/ruleset.xml): `rtCamp-Basic` plus additional quality-focused sniffs for internal projects that prioritize higher standards without `rtCamp-Strict`'s rigidity. -- [`rtCamp-Strict`](./rtCamp-Strict/ruleset.xml): `rtCamp-Basic` plus stricter functional sniffs for maximum quality and maintainability. This is recommended for public plugins and themes, or any project where you want to ensure the highest standards of code quality. +- [`rtCamp-Strict`](./rtCamp-Strict/ruleset.xml): `rtCamp-Basic` plus stricter functional sniffs for maximum quality and maintainability. This is recommended for public plugins and themes, or any project where you want to ensure the highest standards of code quality. - [`rtCamp-Docs`](./rtCamp-Docs/ruleset.xml): Doc-block and comment sniffs to ensure clear, well-documented code. This is recommended for any project where you want to ensure that your code is well-documented and easy to understand - by developers and AI agents alike. diff --git a/release-please-config.json b/release-please-config.json index 8f970fb..2342e5d 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -1,8 +1,8 @@ { - "packages": { - ".": { - "release-type": "php", - "bump-minor-pre-major": true - } - } + "packages": { + ".": { + "release-type": "php", + "bump-minor-pre-major": true + } + } } From 57fe6f9a28b7b7e6958bc14a7deb5126be91d176 Mon Sep 17 00:00:00 2001 From: Dovid Levine Date: Mon, 23 Feb 2026 20:36:06 +0200 Subject: [PATCH 4/4] ci: pin action --- .github/workflows/release-please.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index df992fe..af3b172 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -13,7 +13,7 @@ jobs: release-please: runs-on: ubuntu-latest steps: - - uses: googleapis/release-please-action@v4 + - uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 #v4.4.0 with: # Use manifest-based release manifest-file: .release-please-manifest.json