Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions .github/workflows/pr-agent-review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
name: pr-agent-review

on:
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
issue_comment:
types: [created]

permissions:
contents: read
pull-requests: write
issues: write

jobs:
pr_agent_job:
name: PR-Agent (DeepSeek)
runs-on: ubuntu-latest
if: ${{ github.event.sender.type != 'Bot' && secrets.DEEPSEEK_API_KEY != '' }}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Move the secret check out of the job condition

GitHub Actions does not make the secrets context available in jobs.<job_id>.if conditions, so when a PR or comment triggers this workflow GitHub cannot evaluate this expression and the PR-Agent review job never reaches the action step. Gate the step using an environment value or handle the missing secret inside the job instead.

Useful? React with 👍 / 👎.

steps:
- name: PR Agent review
uses: the-pr-agent/pr-agent@main

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Pin PR-Agent to a reviewed release

This workflow runs a third-party action from the moving main branch while handing it DEEPSEEK_API_KEY and a write-capable GitHub token. Any upstream branch update will execute in this repository without review and can either break all PR reviews or expose those credentials, so pin it to a trusted release or commit instead of main.

Useful? React with 👍 / 👎.

env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
DEEPSEEK_API_KEY: ${{ secrets.DEEPSEEK_API_KEY }}
config.model: "deepseek/deepseek-chat"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Choose a supported DeepSeek model before the alias retires

DeepSeek currently marks deepseek-chat for deprecation on July 24, 2026, so this newly added review workflow is set up with a model name that is scheduled to stop being supported shortly after merge. When that alias is retired, PR-Agent review runs using this configuration will start failing even though the API key and action setup are otherwise valid.

Useful? React with 👍 / 👎.

config.fallback_models: '["deepseek/deepseek-chat"]'
pr_reviewer.require_score_review: "false"
pr_reviewer.num_code_suggestions: "4"
20 changes: 20 additions & 0 deletions .github/workflows/qodo-merge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
name: qodo-merge
on:
pull_request:
types: [opened, synchronize, reopened, ready_for_review]

jobs:
qodo-merge:
if: ${{ secrets.QODO_API_KEY != "" }}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Move the secret check out of the job condition

GitHub Actions does not allow referencing the secrets context directly from a job-level if, so this workflow cannot evaluate the condition before starting the Qodo review job. As written, the new Qodo review pass will not run successfully on PR events even when the secret is configured.

Useful? React with 👍 / 👎.

runs-on: ubuntu-latest
permissions:
issues: write
pull-requests: write
contents: read
steps:
- name: Qodo Merge Review
uses: qodo-ai/qodo-merge@main

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Point Qodo review at a published action

When this job reaches the review step, GitHub resolves uses: qodo-ai/qodo-merge@main as an action repository, but Qodo does not publish a GitHub Action at that path. The runner will fail while downloading action metadata before any review can run, so this needs to use the supported Qodo GitHub integration or the correct action repository.

Useful? React with 👍 / 👎.

env:
QODO_API_KEY: ${{ secrets.QODO_API_KEY }}
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
67 changes: 67 additions & 0 deletions .github/workflows/upstream-issues-watch.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
name: upstream-issues-watch

on:
schedule:
# Daily at 08:00 UTC
- cron: "0 8 * * *"
workflow_dispatch:

permissions:
contents: write
issues: read

jobs:
watch:
name: Fetch upstream issues
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# Need history of UPSTREAM_ISSUES.md to know what's new
fetch-depth: 2

- name: Fetch recent issues from upstream
env:
GH_TOKEN: ${{ github.token }}
run: |
# In fork context: fetch from the upstream owner/repo
UPSTREAM="lemonade-sdk/lemon-mlx-engine"
CACHE="UPSTREAM_ISSUES.md"
NOW=$(date -u +"%Y-%m-%dT%H:%M:%SZ")

# Get all open issues from upstream (API max 100 per page)
echo "# Upstream Issues — ${UPSTREAM}" > "${CACHE}.new"
echo "Last checked: ${NOW}" >> "${CACHE}.new"
echo "" >> "${CACHE}.new"

curl -s "https://api.github.com/repos/${UPSTREAM}/issues?state=open&per_page=50&sort=created&direction=desc" \

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Filter the upstream query to help wanted issues

The PR describes this watcher as tracking upstream issues tagged help wanted, but this request fetches every open upstream issue because it never passes a labels=help%20wanted filter to the GitHub Issues API. On repositories with unrelated open issues, the generated cache and new-issue log will be dominated by issues this workflow was not meant to watch.

Useful? React with 👍 / 👎.

| jq -r '.[] | select(.pull_request == null) | "- [#\(.number)](\(.html_url)) — \(.title) (\(.created_at))"' \
>> "${CACHE}.new" 2>/dev/null || echo "_No issues found or API error_" >> "${CACHE}.new"

# Diff against what we had before
if [ -f "$CACHE" ]; then
OLD_COUNT=$(grep -c '^\- \[' "$CACHE" 2>/dev/null || echo 0)
NEW_COUNT=$(grep -c '^\- \[' "${CACHE}.new" 2>/dev/null || echo 0)
echo "Previous issue count: ${OLD_COUNT}, Current: ${NEW_COUNT}"

# Find new issues (lines in .new not in old)
NEW_ISSUES=$(comm -13 <(grep '^\- \[' "$CACHE" 2>/dev/null | sort) <(grep '^\- \[' "${CACHE}.new" | sort) || true)
if [ -n "$NEW_ISSUES" ]; then
echo "New issues since last check:"
echo "$NEW_ISSUES"
fi
fi

mv "${CACHE}.new" "$CACHE"

- name: Commit updated issue list
run: |
if git diff --quiet UPSTREAM_ISSUES.md; then

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Include the untracked cache in the change check

UPSTREAM_ISSUES.md is not tracked in the current tree, and git diff --quiet UPSTREAM_ISSUES.md ignores a newly created untracked file. On the first scheduled or manual run the fetch step creates the cache, this condition exits 0, and the job exits before git add, so the cache is never committed and later runs keep starting from scratch.

Useful? React with 👍 / 👎.

echo "No changes to UPSTREAM_ISSUES.md"
exit 0
fi
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git add UPSTREAM_ISSUES.md
git commit -m "chore: update upstream issue watch [skip ci]"
git push
Loading