-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathconfig.yml.example
More file actions
181 lines (166 loc) · 4.53 KB
/
config.yml.example
File metadata and controls
181 lines (166 loc) · 4.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
# Temper Configuration
# Organization to monitor
organization: pulseengine
# Bot mention name (without [bot] suffix - e.g., "temper" for @temper[bot])
bot_name: temper
# Users authorized to trigger commands (if empty, any org member can trigger)
allowed_command_users:
- avrabe
# Target settings for repositories
settings:
merge:
allow_merge_commit: false
allow_squash_merge: false
allow_rebase_merge: true
delete_branch_on_merge: true
# Forked repositories can use slightly looser merge settings
forks:
merge:
allow_merge_commit: true
allow_squash_merge: true
allow_rebase_merge: true
delete_branch_on_merge: true
# Branch protection rules (applied to the repository default branch)
branch_protection:
default:
required_status_checks:
strict: true
contexts: ['ci', 'lint', 'test']
enforce_admins: true
required_pull_request_reviews:
required_approving_review_count: 1
dismiss_stale_reviews: true
require_code_owner_reviews: true
require_last_push_approval: true
required_linear_history: true
required_conversation_resolution: true
restrictions: null
allow_force_pushes: false
allow_deletions: false
require_signed_commits: true
fork_overrides:
# Loosened defaults for forked repositories
enforce_admins: false
required_status_checks: null
required_pull_request_reviews: null
required_linear_history: false
required_conversation_resolution: false
allow_force_pushes: true
allow_deletions: true
require_signed_commits: false
# Standard issue labels
issue_labels:
- name: "bug"
color: "d73a4a"
description: "Something isn't working"
- name: "enhancement"
color: "a2eeef"
description: "New feature or request"
- name: "documentation"
color: "0075ca"
description: "Improvements or additions to documentation"
- name: "good first issue"
color: "7057ff"
description: "Good for newcomers"
- name: "help wanted"
color: "008672"
description: "Extra attention is needed"
- name: "question"
color: "d876e3"
description: "Further information is requested"
- name: "dependencies"
color: "0366d6"
description: "Dependency updates"
- name: "automation"
color: "0e8a16"
description: "Automation updates"
# Pull request rules
pull_request_rules:
required_approving_reviews: 1
require_code_owner_reviews: true
dismiss_stale_reviews: true
require_last_push_approval: true
required_status_checks:
- "ci"
- "lint"
- "test"
# Signed commit merge strategy
signed_commit_strategy:
allow_merge_commits_for_signed: true
temporary_rule_timeout: 3600000 # 1 hour in milliseconds
admin_users:
- "avrabe"
# List of branches where this applies
protected_branches:
- "main"
- "master"
- "production"
# CI attestation requirements
ci_attestation:
required_for_main_branch: true
required_checks:
- "security-scan"
- "vulnerability-check"
- "license-compliance"
attestation_format: "sigstore"
# Dependabot configuration
dependabot:
version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "daily"
time: "09:00"
timezone: "UTC"
open-pull-requests-limit: 10
target-branch: "main"
reviewers:
- "avrabe"
assignees:
- "avrabe"
labels:
- "dependencies"
- "automation"
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
day: "monday"
time: "09:00"
timezone: "UTC"
# Configuration change strategy
change_strategy:
use_pull_requests: true
pr_title: "[Bot] Repository Configuration Update"
pr_body: "This PR updates repository configuration to match organization standards."
pr_reviewers:
- "avrabe"
pr_labels:
- "automation"
- "configuration"
require_approval: true
auto_merge: false
# Issue/PR templates to apply
templates:
pull_request: .github/PULL_REQUEST_TEMPLATE.md
issue: .github/ISSUE_TEMPLATE/
# CODEOWNERS file to apply
codeowners: .github/CODEOWNERS
# AI-powered PR review (requires a local OpenAI-compatible endpoint)
ai_review:
enabled: false
endpoint: ""
model: ""
max_diff_size: 12000
max_tokens: 2000
temperature: 0.3
timeout: 120000
allow_remote_endpoint: false
system_prompt: |
You are a thorough code reviewer. Analyze the PR diff and provide:
1. Summary of changes
2. Potential bugs or issues
3. Security concerns
4. Suggestions for improvement
5. Overall assessment