mermaid/.github/workflows/pr-labeler.yml
Alois Klink a1673d3aca ci(pr-labeler): replace TimonVS/pr-labeler-action
Replace the `TimonVS/pr-labeler-action` with
`release-drafter/release-drafter` as it has an [`autolabeler`][1]
option that can autolabel PRs for us.

This should fix labeling PRs from forks,
see https://github.com/TimonVS/pr-labeler-action/issues/25.

I've kept the `.github/pr-labeler.yml` configuration file, so that
links to it from the https://mermaid.js.org website continue to work.

I've also kept everything in the same
`.github/workflows/pr-labeler.yml` GitHub Actions workflow to make the
`git diff` easier to review, and to keep the GitHub Actions permissions
the same.

[1]: ff929b5ceb/README.md (autolabeler)
2023-09-24 19:18:56 +01:00

32 lines
1.1 KiB
YAML

name: Apply labels to PR
on:
pull_request_target:
# required for pr-labeler to support PRs from forks
# ===================== ⛔ ☢️ 🚫 ⚠️ Warning ⚠️ 🚫 ☢️ ⛔ =======================
# Be very careful what you put in this GitHub Action workflow file to avoid
# malicious PRs from getting access to the Mermaid-js repo.
#
# Please read the following first before reviewing/merging:
# - https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target
# - https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
types: [opened, reopened, synchronize]
permissions:
contents: read
jobs:
pr-labeler:
runs-on: ubuntu-latest
permissions:
contents: read # read permission is required to read config file
pull-requests: write # write permission is required to label PRs
steps:
- name: Label PR
uses: release-drafter/release-drafter@v5
with:
config-name: pr-labeler.yml
disable-autolabeler: false
disable-releaser: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}