Merge branch 'main' into verify-artifact-attestations

Author: shenxianpeng

.commit-check.yml

@@ -7,19 +7,19 @@ checks:
     [optional body]\n
     [optional footer(s)]\n\n
     More details please refer to https://www.conventionalcommits.org"
-    suggest: git commit --amend --no-verify
+    suggest: please check your commit message whether matches above regex
 
   - check: branch
-    regex: ^(bugfix|feature|release|hotfix|task|dependabot)\/.+|(master)|(main)|(HEAD)|(PR-.+)
-    error: "Branches must begin with these types: bugfix/ feature/ release/ hotfix/ task/"
-    suggest: git checkout -b type/branch_name
+    regex: ^(bugfix|feature|release|hotfix|task|chore)\/.+|(master)|(main)|(HEAD)|(PR-.+)
+    error: "Branches must begin with these types: bugfix/ feature/ release/ hotfix/ task/ chore/"
+    suggest: run command `git checkout -b type/branch_name`
 
   - check: author_name
     regex: ^[A-Za-z ,.\'-]+$|.*(\[bot])
     error: The committer name seems invalid
-    suggest: git config user.name "Peter Shen"
+    suggest: run command `git config user.name "Your Name"`
 
   - check: author_email
-    regex: ^\S+@\S+\.\S+$
+    regex: ^.+@.+$
     error: The committer email seems invalid
-    suggest: git config user.email petershen@example.com
+    suggest: run command `git config user.email yourname@example.com`

.github/workflows/commit-check.yml

@@ -8,13 +8,21 @@ on:
 jobs:
   commit-check:
     runs-on: ubuntu-latest
+    permissions:  # use permissions because of use pr-comments
+      contents: read
+      pull-requests: write
     steps:
       - uses: actions/checkout@v4
-      - uses: ./  # self test
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}  # checkout PR HEAD commit
+      - uses: ./ # self test
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # use GITHUB_TOKEN because of use pr-comments
         with:
           message: true
           branch: true
           author-name: true
           author-email: true
           commit-signoff: true
           job-summary: true
+          pr-comments: ${{ github.event_name == 'pull_request' }}

.github/workflows/used-by.yml

@@ -15,13 +15,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: shenxianpeng/used-by@v0.1.2
+      - uses: shenxianpeng/used-by@v0.1.4
         with:
           repo: '${{ github.repository }}'
           update-badge: 'true'
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v7
         with:
           add-paths: "README.md" # the file path to commit
           commit-message: "chore: update used-by badge by github-actions[bot]"

.gitignore

@@ -1 +1,2 @@
 venv/
+.venv/

.pre-commit-config.yaml

@@ -0,0 +1,28 @@
+# https://pre-commit.com/
+ci:
+    autofix_commit_msg: 'ci: auto fixes from pre-commit.com hooks'
+    autoupdate_commit_msg: 'ci: pre-commit autoupdate'
+
+repos:
+-   repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+    -   id: check-yaml
+    -   id: check-toml
+    -   id: end-of-file-fixer
+    -   id: trailing-whitespace
+    -   id: name-tests-test
+    -   id: requirements-txt-fixer
+-   repo: https://github.com/psf/black-pre-commit-mirror
+    rev: 24.10.0
+    hooks:
+      - id: black
+# FIXME: main.py:109: error: Item "None" of "str | None" has no attribute "split"  [union-attr]
+# -   repo: https://github.com/pre-commit/mirrors-mypy
+#     rev: v1.12.0
+#     hooks:
+#     -   id: mypy
+-   repo: https://github.com/codespell-project/codespell
+    rev: v2.3.0
+    hooks:
+    -   id: codespell

README.md

@@ -3,7 +3,7 @@
 [![Main](https://github.com/commit-check/commit-check-action/actions/workflows/main.yaml/badge.svg)](https://github.com/commit-check/commit-check-action/actions/workflows/main.yaml)
 [![Commit Check](https://github.com/commit-check/commit-check-action/actions/workflows/commit-check.yml/badge.svg)](https://github.com/commit-check/commit-check-action/actions/workflows/commit-check.yml)
 ![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/commit-check/commit-check-action)
-[![Used by](https://img.shields.io/static/v1?label=Used%20by&message=18&color=informational&logo=slickpic)](https://github.com/commit-check/commit-check-action/network/dependents)<!-- used by badge -->
+[![Used by](https://img.shields.io/static/v1?label=Used%20by&message=37&color=informational&logo=slickpic)](https://github.com/commit-check/commit-check-action/network/dependents)<!-- used by badge -->
 [![GitHub marketplace](https://img.shields.io/badge/Marketplace-commit--check--action-blue)](https://github.com/marketplace/actions/commit-check-action)
 
 A Github Action for checking commit message formatting, branch naming, committer name, email, commit signoff and more.
@@ -23,17 +23,24 @@ on:
 jobs:
   commit-check:
     runs-on: ubuntu-latest
+    permissions:  # use permissions because of use pr-comments
+      contents: read
+      pull-requests: write
     steps:
       - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}  # checkout PR HEAD commit
       - uses: commit-check/commit-check-action@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # use GITHUB_TOKEN because of use pr-comments
         with:
           message: true
           branch: true
           author-name: true
           author-email: true
           commit-signoff: true
-          dry-run: true
           job-summary: true
+          pr-comments: ${{ github.event_name == 'pull_request' }}
 ```
 
 ## Optional Inputs
@@ -47,7 +54,7 @@ jobs:
 ### `branch`
 
 - **Description**: check git branch naming convention.
-  - By default follow bitbucket [branching model](https://support.atlassian.com/bitbucket-cloud/docs/configure-a-projects-branching-model/).
+  - By default follow bitbucket [conventional branch](https://conventional-branch.github.io/).
 - Default: 'true'
 
 ### `author-name`
@@ -72,22 +79,41 @@ jobs:
 
 ### `job-summary`
 
-- **Description**: display job summary to a workflow run
+- **Description**: display job summary to the workflow run
 - Default: 'true'
 
+### `pr-comments`
+
+- **Description**: post results to the pull request comments
+- Default: 'true'
+
+> [!IMPORTANT]
+> This is a experimental feature
+> use it you need to set `GITHUB_TOKEN` in the GitHub Action.
+
 Note: the default rule of above inputs is following [this configuration](https://github.com/commit-check/commit-check/blob/main/.commit-check.yml), if you want to customize just add your `.commit-check.yml` config file under your repository root directory.
 
 ## GitHub Action job summary
 
-By default, commit-check-action results are shown on the job summary page of the workflow. 
+By default, commit-check-action results are shown on the job summary page of the workflow.
 
 ### Success job summary
 
-![Success job summary](https://github.com/commit-check/.github/blob/main/screenshot/success-summary.png)
+![Success job summary](https://github.com/commit-check/.github/blob/main/screenshot/success-job-summary.png)
 
 ### Failure job summary
 
-![Failure job summary](https://github.com/commit-check/.github/blob/main/screenshot/failure-summary.png)
+![Failure job summary](https://github.com/commit-check/.github/blob/main/screenshot/failure-job-summary.png)
+
+## GitHub Pull Request comments
+
+### Success pull request comment
+
+![Success pull request comment](https://github.com/commit-check/.github/blob/main/screenshot/success-pr-comments.png)
+
+### Failure pull request comment
+
+![Failure pull request comment](https://github.com/commit-check/.github/blob/main/screenshot/failure-pr-comments.png)
 
 ## Badging your repository
 

action.yml

@@ -30,13 +30,17 @@ inputs:
     required: false
     default: false
   job-summary:
-    description: add a job summary
+    description: display job summary to the workflow run
+    required: false
+    default: true
+  pr-comments:
+    description: post results to the pull request comments
     required: false
     default: true
 runs:
   using: "composite"
   steps:
-    - name: Install action dependencies
+    - name: Install dependencies and run commit-check
       shell: bash
       run: |
         if [[ "$RUNNER_OS" == "Linux" ]]; then
@@ -51,11 +55,9 @@ runs:
 
         # Install artifact
         python3 -m pip install commit_check-*.whl
-      env:
-        GH_TOKEN: ${{ github.token }}
-    - name: Run commit-check
-      shell: bash
-      run: python3 ${{ github.action_path }}/main.py
+        python3 -m venv venv
+        source venv/bin/activate
+        python3 "$GITHUB_ACTION_PATH/main.py"
       env:
         MESSAGE: ${{ inputs.message }}
         BRANCH: ${{ inputs.branch }}
@@ -64,3 +66,4 @@ runs:
         COMMIT_SIGNOFF: ${{ inputs.commit-signoff }}
         DRY_RUN: ${{ inputs.dry-run }}
         JOB_SUMMARY: ${{ inputs.job-summary }}
+        PR_COMMENTS: ${{ inputs.pr-comments }}