Releases: vypdev/copilot
Releases · vypdev/copilot
v2.0.3 - Debug logs and prompt improvements
v2.0.3 - Debug logs and prompt improvements
- Added debug logs to step-resumed publications
- PR description generation with improved prompt.
- Minor bugfixes on
deployedexecution - Added watermarks
v2.0.2 - Setup bugfixes
Multiple issues with the setup command have been resolved.
v2.0.1 - Bugbot Prompt Fixes
Improved Bugbot. Increased test coverage.
v2.0.1 - Bugbot
v2.0.0 master: Update README badge to reflect new action name 'copilot-githu…
v1.3.1 - Bugbot Autofix
This release includes major enhancements to the BugBot, featuring a new automatic error self-correction mechanism. Test coverage has been increased to improve reliability and maintainability, along with general stability improvements across the product.
v1.3.1 - Bugbot Autofix
This release includes major enhancements to the BugBot, featuring a new automatic error self-correction mechanism. Test coverage has been increased to improve reliability and maintainability, along with general stability improvements across the product.
v1.3.0 - Bugbot
Security
Input validation in Release and Hotfix workflows
- Workflows:
hotfix_workflow.yml,release_workflow.yml - Version input is validated against a semver pattern (
x.y.z) to prevent code injection in thegithub-scriptstep and in commit messages. - Issue input is validated: only integers allowed (e.g.
123or-1). - Length limits:
titlemax 1000 characters,changelogmax 50,000 characters. - Validation runs at the start of the
prepare-version-filesjob; the workflow stops if any check fails.
Path validation in Bugbot comments
- File paths returned by Bugbot findings are validated to prevent path traversal and misuse.
- Invalid paths are filtered out before publishing PR review comments; in those cases only issue comments are published.
Improvements
Bugbot (potential problems detection)
- New input
bugbot-severity: sets the minimum severity level for findings. - New input
bugbot-comment-limit: limits how many findings are published as individual comments on issues and PRs; the rest are summarized. - Refactor of
DetectPotentialProblemsUseCase: simplified flow, context loading, and prompt building. - PR review comments: no review comments are created when there is no valid file/line; only issue comments are added.
Deploy and issue closure
- DeployedActionUseCase: merge results are tracked; the issue is closed only when merges succeed.
- When no release/hotfix branch is configured, logging and result reporting are improved and no merge is attempted.
- When merge fails, the issue is not closed and the outcome is clearly reflected in the logs.
Configuration and branches
- ConfigurationHandler: key configuration values from the previous state are preserved when current values are
undefined. - CheckChangesIssueSizeUseCase: uses development branches when
parentBranchis not defined. - CommitUseCase: now runs
CheckChangesIssueSizeUseCaseandCheckProgressUseCasein the commit flow.
Pull requests and repos
- PullRequestRepository: new
getCurrentReviewersmethod returns all users involved in the review (requested reviewers and those who have already submitted reviews). - SyncSizeAndProgressLabelsFromIssueToPrUseCase: step messages simplified; tests updated so steps no longer include size/progress details.
Other changes
- ConfigurationHandler: payload declared as
constin theupdatemethod for clarity and immutability. - BranchRepository: status value order in type definitions updated for consistency.
- Documentation updated for Bugbot, inputs, and configuration options.