GitHub Project Automation Status : Production Ready ✅ Last Updated : 2025-12-17 Version : 2.0.0 (Optimized with progressive disclosure) Dependencies : None (git and gh CLI recommended) Latest Versions : actions/[email protected], actions/[email protected], github/[email protected] --- Quick Start (15 Minutes) 1. Choose Your Framework Select the workflow template that matches your project: Why this matters: - Pre-validated YAML prevents syntax errors - SHA-pinned actions for security - Explicit runner versions (ubuntu-24.04) - All 8 GitHub Actions errors prevented 2. Add Issue Templates Why…

; then\n echo \"❌ Invalid branch name: $BRANCH\"\n echo \"Must follow format: type/description-in-kebab-case\"\n echo \"Examples: feature/add-oauth, fix/login-bug\"\n exit 1\n else\n echo \"✅ Branch name follows conventions\"\n fi\n\n required-labels:\n name: Check Required Labels\n runs-on: ubuntu-24.04\n\n steps:\n - name: Check for labels\n run: |\n # Get PR labels\n LABELS=$(gh pr view ${{ github.event.pull_request.number }} --json labels --jq '.labels[].name' | tr '\\n' ',')\n echo \"PR labels: $LABELS\"\n\n # Check if PR has at least one type label\n if ! echo \"$LABELS\" | grep -qE 'bug|feature|enhancement|documentation|refactor'; then\n echo \"⚠️ PR is missing a type label\"\n echo \"Add one of: bug, feature, enhancement, documentation, refactor\"\n exit 1\n else\n echo \"✅ PR has required labels\"\n fi\n env:\n GH_TOKEN: ${{ github.token }}\n\n conflict-check:\n name: Check for Merge Conflicts\n runs-on: ubuntu-24.04\n\n steps:\n - name: Checkout code\n uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2\n\n - name: Check for conflicts\n run: |\n if [ \"${{ github.event.pull_request.mergeable }}\" = \"false\" ]; then\n echo \"❌ PR has merge conflicts\"\n echo \"Please resolve conflicts before merging\"\n exit 1\n else\n echo \"✅ No merge conflicts detected\"\n fi\n","content_type":"application/yaml; charset=utf-8","language":"yaml","size":4531,"content_sha256":"117a0cf7da27724af09e5aafd63e69e1fbebb6a4430a299f288393285d086aa7"},{"filename":"templates/workflows/release.yml","content":"# Release Automation Workflow\n# Creates GitHub releases and publishes packages\n#\n# Triggers on: version tags (v*)\n# Actions: Create release, publish to npm/PyPI, generate changelog\n\nname: Release\n\non:\n push:\n tags:\n - 'v*' # Trigger on version tags (v1.0.0, v2.1.3, etc.)\n\njobs:\n create-release:\n name: Create GitHub Release\n runs-on: ubuntu-24.04\n permissions:\n contents: write # Required to create releases\n\n steps:\n - name: Checkout code\n uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2\n with:\n fetch-depth: 0 # Fetch all history for changelog\n\n - name: Setup Node.js\n uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0\n with:\n node-version: '20'\n cache: 'npm'\n\n - name: Install dependencies\n run: npm ci\n\n - name: Run tests\n run: npm test\n\n - name: Build production bundle\n run: npm run build\n\n - name: Extract version from tag\n id: version\n run: echo \"VERSION=${GITHUB_REF#refs/tags/v}\" >> $GITHUB_OUTPUT\n\n - name: Generate changelog\n id: changelog\n run: |\n # Get commits since last tag\n LAST_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo \"\")\n if [ -z \"$LAST_TAG\" ]; then\n CHANGELOG=$(git log --pretty=format:\"- %s (%h)\" HEAD)\n else\n CHANGELOG=$(git log --pretty=format:\"- %s (%h)\" $LAST_TAG..HEAD)\n fi\n echo \"CHANGELOG\u003c\u003cEOF\" >> $GITHUB_OUTPUT\n echo \"$CHANGELOG\" >> $GITHUB_OUTPUT\n echo \"EOF\" >> $GITHUB_OUTPUT\n\n - name: Create GitHub Release\n uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8\n with:\n name: Release v${{ steps.version.outputs.VERSION }}\n body: |\n ## What's Changed\n\n ${{ steps.changelog.outputs.CHANGELOG }}\n\n ## Installation\n\n ```bash\n npm install your-package@${{ steps.version.outputs.VERSION }}\n ```\n\n **Full Changelog**: ${{ github.server_url }}/${{ github.repository }}/compare/${{ github.event.before }}...${{ github.sha }}\n files: |\n dist/**/*\n draft: false\n prerelease: false\n\n publish-npm:\n name: Publish to npm\n needs: create-release\n runs-on: ubuntu-24.04\n if: startsWith(github.ref, 'refs/tags/v')\n\n steps:\n - name: Checkout code\n uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2\n\n - name: Setup Node.js\n uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0\n with:\n node-version: '20'\n registry-url: 'https://registry.npmjs.org'\n\n - name: Install dependencies\n run: npm ci\n\n - name: Build\n run: npm run build\n\n - name: Publish to npm\n run: npm publish\n env:\n NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}\n\n # Uncomment if publishing Python package\n # publish-pypi:\n # name: Publish to PyPI\n # needs: create-release\n # runs-on: ubuntu-24.04\n # if: startsWith(github.ref, 'refs/tags/v')\n #\n # steps:\n # - name: Checkout code\n # uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683\n #\n # - name: Setup Python\n # uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b\n # with:\n # python-version: '3.12'\n #\n # - name: Install build tools\n # run: |\n # python -m pip install --upgrade pip\n # pip install build twine\n #\n # - name: Build package\n # run: python -m build\n #\n # - name: Publish to PyPI\n # run: twine upload dist/*\n # env:\n # TWINE_USERNAME: __token__\n # TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}\n","content_type":"application/yaml; charset=utf-8","language":"yaml","size":3884,"content_sha256":"e8e91f5bd9ac6774267e5daad417a1bdf0f1579f14db19417aca7b152424b2b3"},{"filename":"templates/workflows/scheduled-maintenance.yml","content":"# Scheduled Maintenance Workflow\n# Runs periodic tasks on a schedule\n#\n# Triggers on: schedule (cron)\n# Tasks: Dependency updates check, cache cleanup, health checks\n\nname: Scheduled Maintenance\n\non:\n schedule:\n # Run every Sunday at 00:00 UTC\n - cron: '0 0 * * 0'\n workflow_dispatch: # Allow manual triggering\n\njobs:\n dependency-audit:\n name: Security Audit\n runs-on: ubuntu-24.04\n\n steps:\n - name: Checkout code\n uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2\n\n - name: Setup Node.js\n uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0\n with:\n node-version: '20'\n\n - name: Run npm audit\n run: |\n echo \"Running security audit...\"\n npm audit --production || true\n echo \"Audit complete. Check for vulnerabilities above.\"\n\n - name: Check for outdated dependencies\n run: |\n echo \"Checking for outdated dependencies...\"\n npm outdated || true\n\n cache-cleanup:\n name: Clean Old Caches\n runs-on: ubuntu-24.04\n\n steps:\n - name: Checkout code\n uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2\n\n - name: Clean old caches\n run: |\n echo \"Cleaning caches older than 7 days...\"\n gh cache list --limit 100 | while read -r line; do\n CACHE_ID=$(echo $line | awk '{print $1}')\n CACHE_AGE=$(echo $line | awk '{print $NF}')\n\n # Delete if older than 7 days\n if [[ \"$CACHE_AGE\" == *\"days ago\"* ]]; then\n DAYS=$(echo $CACHE_AGE | awk '{print $1}')\n if [ $DAYS -gt 7 ]; then\n echo \"Deleting cache $CACHE_ID (${DAYS} days old)\"\n gh cache delete $CACHE_ID || true\n fi\n fi\n done\n env:\n GH_TOKEN: ${{ github.token }}\n\n health-check:\n name: Health Check\n runs-on: ubuntu-24.04\n\n steps:\n - name: Check production endpoint\n run: |\n echo \"Checking production health...\"\n # Replace with your actual health check endpoint\n curl -f https://your-app.com/health || exit 1\n echo \"✅ Health check passed\"\n\n - name: Check build time\n run: |\n echo \"Testing build performance...\"\n START=$(date +%s)\n # Add your build command here\n # npm run build\n END=$(date +%s)\n DURATION=$((END - START))\n echo \"Build took ${DURATION} seconds\"\n\n if [ $DURATION -gt 300 ]; then\n echo \"⚠️ Build is slow (>${DURATION}s)\"\n fi\n\n report:\n name: Generate Report\n needs: [dependency-audit, cache-cleanup, health-check]\n runs-on: ubuntu-24.04\n if: always()\n\n steps:\n - name: Summary\n run: |\n echo \"=== Weekly Maintenance Report ===\"\n echo \"Date: $(date)\"\n echo \"\"\n echo \"Security Audit: ${{ needs.dependency-audit.result }}\"\n echo \"Cache Cleanup: ${{ needs.cache-cleanup.result }}\"\n echo \"Health Check: ${{ needs.health-check.result }}\"\n echo \"\"\n echo \"Review details in job logs above.\"\n\n # Optionally send notification\n # - name: Send notification\n # if: failure()\n # run: |\n # curl -X POST ${{ secrets.SLACK_WEBHOOK_URL }} \\\n # -H 'Content-Type: application/json' \\\n # -d '{\"text\":\"⚠️ Weekly maintenance job failed!\"}'\n","content_type":"application/yaml; charset=utf-8","language":"yaml","size":3490,"content_sha256":"eb0b7d1dd6df18696a54444f7a8a6e33cc210f2a9f91ec9847443f9e1c3059ee"},{"filename":"templates/workflows/security-codeql.yml","content":"# CodeQL Security Scanning Workflow\n# Prevents Error #13 (CodeQL not running on Dependabot PRs), #15 (compiled language setup)\n#\n# Triggers on: push, pull requests, schedule\n# Scans: JavaScript/TypeScript (add languages as needed)\n# Frequency: Weekly scan on schedule\n\nname: CodeQL Security Scan\n\non:\n push:\n branches: [main, master]\n pull_request:\n branches: [main, master]\n schedule:\n # Run weekly on Sundays at 00:00 UTC\n - cron: '0 0 * * 0'\n\njobs:\n analyze:\n name: Analyze Code\n runs-on: ubuntu-24.04\n permissions:\n actions: read\n contents: read\n security-events: write\n\n strategy:\n fail-fast: false\n matrix:\n # Supported languages: 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'\n language: ['javascript-typescript']\n\n steps:\n - name: Checkout code\n uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2\n\n - name: Initialize CodeQL\n uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4\n with:\n languages: ${{ matrix.language }}\n # Optionally specify additional queries\n # queries: security-extended,security-and-quality\n\n # For compiled languages (Java, C++, C#), add build steps here:\n # - name: Build project\n # run: |\n # ./mvnw clean install # For Java/Maven\n # # OR\n # dotnet build # For C#\n\n - name: Perform CodeQL Analysis\n uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4\n with:\n category: \"/language:${{ matrix.language }}\"\n\n - name: Upload SARIF results\n uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4\n if: always()\n with:\n sarif_file: ../results\n","content_type":"application/yaml; charset=utf-8","language":"yaml","size":1883,"content_sha256":"34df48a62d6302e9107d217df49002970559cf6fcbd6c2a9ea21967f5c1d32d8"},{"filename":"templates/workflows/security-dependency-review.yml","content":"# Dependency Review Workflow\n# Prevents Error #16 (devDependencies ignored)\n#\n# Triggers on: pull_request\n# Reviews: All dependency changes for security vulnerabilities\n# Blocks: PRs with high/critical vulnerabilities\n\nname: Dependency Review\n\non:\n pull_request:\n branches: [main, master]\n\npermissions:\n contents: read\n pull-requests: write\n\njobs:\n dependency-review:\n name: Review Dependencies\n runs-on: ubuntu-24.04\n\n steps:\n - name: Checkout code\n uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2\n\n - name: Dependency Review\n uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4\n with:\n # Fail on: critical, high\n # Warn on: medium, low\n fail-on-severity: high\n allow-licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC\n deny-licenses: GPL-3.0, AGPL-3.0\n comment-summary-in-pr: always\n\n - name: Check for malicious packages\n run: |\n echo \"Checking for known malicious packages...\"\n # Add custom checks if needed\n echo \"✅ No known malicious packages detected\"\n","content_type":"application/yaml; charset=utf-8","language":"yaml","size":1173,"content_sha256":"e6a4e0bdb27499dbe159c32d733f9f455029c9b916b779de4ae61b69ed547261"}],"content_json":{"type":"doc","content":[{"type":"heading","attrs":{"level":1},"content":[{"text":"GitHub Project Automation","type":"text"}]},{"type":"paragraph","content":[{"text":"Status","type":"text","marks":[{"type":"strong"}]},{"text":": Production Ready ✅ ","type":"text"},{"text":"Last Updated","type":"text","marks":[{"type":"strong"}]},{"text":": 2025-12-17 ","type":"text"},{"text":"Version","type":"text","marks":[{"type":"strong"}]},{"text":": 2.0.0 (Optimized with progressive disclosure) ","type":"text"},{"text":"Dependencies","type":"text","marks":[{"type":"strong"}]},{"text":": None (git and gh CLI recommended) ","type":"text"},{"text":"Latest Versions","type":"text","marks":[{"type":"strong"}]},{"text":": actions/[email protected], actions/[email protected], github/[email protected]","type":"text"}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"Quick Start (15 Minutes)","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"1. Choose Your Framework","type":"text"}]},{"type":"paragraph","content":[{"text":"Select the workflow template that matches your project:","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# For React/Vite projects\ncp templates/workflows/ci-react.yml .github/workflows/ci.yml\n\n# For Node.js libraries (matrix testing)\ncp templates/workflows/ci-node.yml .github/workflows/ci.yml\n\n# For Python projects\ncp templates/workflows/ci-python.yml .github/workflows/ci.yml\n\n# For Cloudflare Workers\ncp templates/workflows/ci-cloudflare-workers.yml .github/workflows/deploy.yml\n\n# For basic projects (any framework)\ncp templates/workflows/ci-basic.yml .github/workflows/ci.yml","type":"text"}]},{"type":"paragraph","content":[{"text":"Why this matters:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Pre-validated YAML prevents syntax errors","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"SHA-pinned actions for security","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Explicit runner versions (ubuntu-24.04)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"All 8 GitHub Actions errors prevented","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"2. Add Issue Templates","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Create directory structure\nmkdir -p .github/ISSUE_TEMPLATE\n\n# Copy YAML templates (with validation)\ncp templates/issue-templates/bug_report.yml .github/ISSUE_TEMPLATE/\ncp templates/issue-templates/feature_request.yml .github/ISSUE_TEMPLATE/","type":"text"}]},{"type":"paragraph","content":[{"text":"Why YAML over Markdown:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Required field validation (Error #12 prevented)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Consistent data structure","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Better user experience","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"No incomplete issues","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"3. Enable Security Scanning","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# CodeQL for code analysis\ncp templates/workflows/security-codeql.yml .github/workflows/codeql.yml\n\n# Dependabot for dependency updates\ncp templates/security/dependabot.yml .github/dependabot.yml","type":"text"}]},{"type":"paragraph","content":[{"text":"CRITICAL:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"CodeQL requires specific permissions (security-events: write)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Dependabot has 10 PR limit per ecosystem","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Both must run on Dependabot PRs (Error #13 prevention)","type":"text"}]}]}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"The 5-Step Complete Setup Process","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Step 1: Repository Structure","type":"text"}]},{"type":"paragraph","content":[{"text":"Create the standard GitHub automation directory structure:","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Create all required directories\nmkdir -p .github/{workflows,ISSUE_TEMPLATE}\n\n# Verify structure\ntree .github/\n# .github/\n# ├── workflows/ # GitHub Actions workflows\n# ├── ISSUE_TEMPLATE/ # Issue templates\n# └── dependabot.yml # Dependabot config (root of .github/)","type":"text"}]},{"type":"paragraph","content":[{"text":"Key Points:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"workflows/ is plural","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"ISSUE_TEMPLATE/ is singular (legacy naming)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"dependabot.yml goes in .github/, NOT workflows/","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Step 2: Select Workflow Templates","type":"text"}]},{"type":"paragraph","content":[{"text":"Choose workflows based on your project needs:","type":"text"}]},{"type":"paragraph","content":[{"text":"Continuous Integration (pick ONE):","type":"text","marks":[{"type":"strong"}]}]},{"type":"ordered_list","attrs":{"order":1,"listStyle":"number"},"content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"ci-basic.yml","type":"text","marks":[{"type":"code_inline"}]},{"text":" - Generic test/lint/build (all frameworks)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"ci-node.yml","type":"text","marks":[{"type":"code_inline"}]},{"text":" - Node.js with matrix testing (18, 20, 22)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"ci-python.yml","type":"text","marks":[{"type":"code_inline"}]},{"text":" - Python with matrix testing (3.10, 3.11, 3.12)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"ci-react.yml","type":"text","marks":[{"type":"code_inline"}]},{"text":" - React/TypeScript with type checking","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Deployment (optional):","type":"text","marks":[{"type":"strong"}]},{"text":" 5. ","type":"text"},{"text":"ci-cloudflare-workers.yml","type":"text","marks":[{"type":"code_inline"}]},{"text":" - Deploy to Cloudflare Workers","type":"text"}]},{"type":"paragraph","content":[{"text":"Security (recommended):","type":"text","marks":[{"type":"strong"}]},{"text":" 6. ","type":"text"},{"text":"security-codeql.yml","type":"text","marks":[{"type":"code_inline"}]},{"text":" - Code scanning 7. ","type":"text"},{"text":"dependabot.yml","type":"text","marks":[{"type":"code_inline"}]},{"text":" - Dependency updates","type":"text"}]},{"type":"paragraph","content":[{"text":"Copy selected templates:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Example: React app with security\ncp templates/workflows/ci-react.yml .github/workflows/ci.yml\ncp templates/workflows/security-codeql.yml .github/workflows/codeql.yml\ncp templates/security/dependabot.yml .github/dependabot.yml","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Step 3: Configure Secrets (if deploying)","type":"text"}]},{"type":"paragraph","content":[{"text":"For deployment workflows (Cloudflare, AWS, etc.), add secrets:","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Using gh CLI\ngh secret set CLOUDFLARE_API_TOKEN\n# Paste your token when prompted\n\n# Verify\ngh secret list","type":"text"}]},{"type":"paragraph","content":[{"text":"Critical Syntax:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# ✅ CORRECT\nenv:\n API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}\n\n# ❌ WRONG - Missing double braces\nenv:\n API_TOKEN: $secrets.CLOUDFLARE_API_TOKEN","type":"text"}]},{"type":"paragraph","content":[{"text":"Prevents Error #6 (secrets syntax).","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Step 4: Add Issue/PR Templates","type":"text"}]},{"type":"paragraph","content":[{"text":"Issue templates (YAML format):","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"cp templates/issue-templates/bug_report.yml .github/ISSUE_TEMPLATE/\ncp templates/issue-templates/feature_request.yml .github/ISSUE_TEMPLATE/","type":"text"}]},{"type":"paragraph","content":[{"text":"PR template (Markdown format):","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"cp templates/pr-templates/PULL_REQUEST_TEMPLATE.md .github/","type":"text"}]},{"type":"paragraph","content":[{"text":"Why separate formats:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Issue templates: YAML for validation","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"PR template: Markdown (GitHub limitation)","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Step 5: Customize for Your Project","type":"text"}]},{"type":"paragraph","content":[{"text":"Required customizations:","type":"text","marks":[{"type":"strong"}]}]},{"type":"ordered_list","attrs":{"order":1,"listStyle":"number"},"content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Update usernames/emails:","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# In issue templates\nassignees:\n - secondsky # ← Change to your GitHub username\n\n# In dependabot.yml\nreviewers:\n - \"secondsky\" # ← Change to your username","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Adjust languages (CodeQL):","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# In security-codeql.yml\nmatrix:\n language: ['javascript-typescript'] # ← Add your languages\n # Options: c-cpp, csharp, go, java-kotlin, python, ruby, swift","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Update package manager (Dependabot):","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# In dependabot.yml\n- package-ecosystem: \"npm\" # ← Change if using yarn/pnpm/pip/etc","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Set deployment URL (Cloudflare):","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# In ci-cloudflare-workers.yml\necho \"Worker URL: https://your-worker.your-subdomain.workers.dev\"\n# ← Update with your actual Worker URL","type":"text"}]}]}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"Critical Rules","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Always Do","type":"text"}]},{"type":"paragraph","content":[{"text":"✅ ","type":"text"},{"text":"Pin actions to SHA, not @latest","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# ✅ CORRECT\n- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2\n\n# ❌ WRONG\n- uses: actions/checkout@latest","type":"text"}]},{"type":"paragraph","content":[{"text":"✅ ","type":"text"},{"text":"Use explicit runner versions","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# ✅ CORRECT\nruns-on: ubuntu-24.04 # Locked to specific LTS\n\n# ❌ RISKY\nruns-on: ubuntu-latest # Changes over time","type":"text"}]},{"type":"paragraph","content":[{"text":"✅ ","type":"text"},{"text":"Include secrets in context syntax","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# ✅ CORRECT\n${{ secrets.API_TOKEN }}\n\n# ❌ WRONG\n$secrets.API_TOKEN","type":"text"}]},{"type":"paragraph","content":[{"text":"✅ ","type":"text"},{"text":"Validate YAML before committing","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# Use yamllint or GitHub's workflow validator\nyamllint .github/workflows/*.yml","type":"text"}]},{"type":"paragraph","content":[{"text":"✅ ","type":"text"},{"text":"Test workflows on feature branch first","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"git checkout -b test/github-actions\n# Push and verify CI runs before merging to main","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Never Do","type":"text"}]},{"type":"paragraph","content":[{"text":"❌ ","type":"text"},{"text":"Don't use @latest for action versions","type":"text","marks":[{"type":"strong"}]}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Breaks without warning when actions update","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Security risk (unvetted versions auto-adopted)","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"❌ ","type":"text"},{"text":"Don't hardcode secrets in workflows","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# ❌ NEVER DO THIS\nenv:\n API_TOKEN: \"sk_live_abc123...\" # Secret exposed in repo!","type":"text"}]},{"type":"paragraph","content":[{"text":"❌ ","type":"text"},{"text":"Don't skip build steps for compiled languages (CodeQL)","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":"yaml"},"content":[{"text":"# ❌ WRONG - CodeQL fails for Java without build\n- name: Perform CodeQL Analysis # No .class files to analyze\n\n# ✅ CORRECT - Include build\n- name: Build project\n run: ./mvnw clean install\n- name: Perform CodeQL Analysis # Now has .class files","type":"text"}]},{"type":"paragraph","content":[{"text":"❌ ","type":"text"},{"text":"Don't ignore devDependencies in Dependabot","type":"text","marks":[{"type":"strong"}]}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"DevDependencies run during build, can execute malicious code","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Include both prod and dev dependencies","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"❌ ","type":"text"},{"text":"Don't use single ISSUE_TEMPLATE.md file","type":"text","marks":[{"type":"strong"}]}]},{"type":"code_block","attrs":{"wrap":false,"language":""},"content":[{"text":"# ❌ OLD WAY\n.github/ISSUE_TEMPLATE.md\n\n# ✅ NEW WAY\n.github/ISSUE_TEMPLATE/\n bug_report.yml\n feature_request.yml","type":"text"}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"Known Issues Prevention (Top 5)","type":"text"}]},{"type":"paragraph","content":[{"text":"This skill prevents ","type":"text"},{"text":"18","type":"text","marks":[{"type":"strong"}]},{"text":" documented issues. Here are the top 5 most critical:","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Issue #1: YAML Indentation Errors ⚠️ MOST COMMON","type":"text"}]},{"type":"paragraph","content":[{"text":"Error","type":"text","marks":[{"type":"strong"}]},{"text":": ","type":"text"},{"text":"workflow file is invalid. mapping values are not allowed in this context","type":"text","marks":[{"type":"code_inline"}]},{"text":" ","type":"text"},{"text":"Source","type":"text","marks":[{"type":"strong"}]},{"text":": Stack Overflow (most common GitHub Actions error) ","type":"text"},{"text":"Why It Happens","type":"text","marks":[{"type":"strong"}]},{"text":": Spaces vs tabs, missing spaces after colons, inconsistent indentation ","type":"text"},{"text":"Prevention","type":"text","marks":[{"type":"strong"}]},{"text":": Use skill templates with validated 2-space indentation ","type":"text"},{"text":"Impact","type":"text","marks":[{"type":"strong"}]},{"text":": Workflow fails to parse, CI doesn't run","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Issue #2: Action Version Pinning Issues 🔒 SECURITY","type":"text"}]},{"type":"paragraph","content":[{"text":"Error","type":"text","marks":[{"type":"strong"}]},{"text":": Workflow breaks unexpectedly after action updates ","type":"text"},{"text":"Source","type":"text","marks":[{"type":"strong"}]},{"text":": GitHub Security Best Practices 2025 ","type":"text"},{"text":"Why It Happens","type":"text","marks":[{"type":"strong"}]},{"text":": Using ","type":"text"},{"text":"@latest","type":"text","marks":[{"type":"code_inline"}]},{"text":" or ","type":"text"},{"text":"@v4","type":"text","marks":[{"type":"code_inline"}]},{"text":" instead of specific SHA ","type":"text"},{"text":"Prevention","type":"text","marks":[{"type":"strong"}]},{"text":": All templates pin to SHA with version comment ","type":"text"},{"text":"Impact","type":"text","marks":[{"type":"strong"}]},{"text":": Unexpected breaking changes, security vulnerabilities","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Issue #3: Secrets Not Available 🔑","type":"text"}]},{"type":"paragraph","content":[{"text":"Error","type":"text","marks":[{"type":"strong"}]},{"text":": ","type":"text"},{"text":"Secret not found","type":"text","marks":[{"type":"code_inline"}]},{"text":" or empty variable ","type":"text"},{"text":"Source","type":"text","marks":[{"type":"strong"}]},{"text":": GitHub Actions Debugging Guides ","type":"text"},{"text":"Why It Happens","type":"text","marks":[{"type":"strong"}]},{"text":": Wrong syntax (","type":"text"},{"text":"$secrets.NAME","type":"text","marks":[{"type":"code_inline"}]},{"text":" instead of ","type":"text"},{"text":"${{ secrets.NAME }}","type":"text","marks":[{"type":"code_inline"}]},{"text":") ","type":"text"},{"text":"Prevention","type":"text","marks":[{"type":"strong"}]},{"text":": Templates demonstrate correct context syntax ","type":"text"},{"text":"Impact","type":"text","marks":[{"type":"strong"}]},{"text":": Deployment failures, broken CI/CD pipelines","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Issue #4: CodeQL Not Running on Dependabot PRs 🛡️","type":"text"}]},{"type":"paragraph","content":[{"text":"Error","type":"text","marks":[{"type":"strong"}]},{"text":": Security scans skipped on dependency updates ","type":"text"},{"text":"Source","type":"text","marks":[{"type":"strong"}]},{"text":": GitHub Community Discussion #121836 ","type":"text"},{"text":"Why It Happens","type":"text","marks":[{"type":"strong"}]},{"text":": Default trigger limitations ","type":"text"},{"text":"Prevention","type":"text","marks":[{"type":"strong"}]},{"text":": Templates include ","type":"text"},{"text":"push: branches: [dependabot/**]","type":"text","marks":[{"type":"code_inline"}]},{"text":" ","type":"text"},{"text":"Impact","type":"text","marks":[{"type":"strong"}]},{"text":": Vulnerable dependencies merged without scanning","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Issue #5: Missing Required Fields in Issue Templates 📋","type":"text"}]},{"type":"paragraph","content":[{"text":"Error","type":"text","marks":[{"type":"strong"}]},{"text":": Incomplete issues, missing critical info ","type":"text"},{"text":"Source","type":"text","marks":[{"type":"strong"}]},{"text":": Community Feedback ","type":"text"},{"text":"Why It Happens","type":"text","marks":[{"type":"strong"}]},{"text":": Markdown templates don't validate ","type":"text"},{"text":"Prevention","type":"text","marks":[{"type":"strong"}]},{"text":": YAML templates with ","type":"text"},{"text":"required: true","type":"text","marks":[{"type":"code_inline"}]},{"text":" validation ","type":"text"},{"text":"Impact","type":"text","marks":[{"type":"strong"}]},{"text":": Can't reproduce bugs, wasted triage time","type":"text"}]},{"type":"paragraph","content":[{"text":"For complete error documentation with all 18 issues","type":"text","marks":[{"type":"strong"}]},{"text":": Load ","type":"text"},{"text":"references/common-errors.md","type":"text","marks":[{"type":"code_inline"}]},{"text":" when debugging GitHub Actions issues or configuring workflows.","type":"text"}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"When to Load References","type":"text"}]},{"type":"paragraph","content":[{"text":"Load reference files when working on specific aspects of GitHub automation:","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Common Errors (","type":"text"},{"text":"references/common-errors.md","type":"text","marks":[{"type":"code_inline"}]},{"text":")","type":"text"}]},{"type":"paragraph","content":[{"text":"Load when:","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Encountering workflow syntax errors","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Debugging failed GitHub Actions runs","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Setting up CodeQL or Dependabot for first time","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Resolving \"Secret not found\" errors","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Understanding why matrix builds fail","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Need detailed solutions for any of the 18 documented errors","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Workflow Patterns (","type":"text"},{"text":"references/workflow-patterns.md","type":"text","marks":[{"type":"code_inline"}]},{"text":")","type":"text"}]},{"type":"paragraph","content":[{"text":"Load when:","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Implementing multi-version testing (Node.js 18/20/22)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Setting up conditional deployments (main vs PR)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Sharing build artifacts between jobs","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Integrating GitHub automation with other skills (cloudflare-worker-base, project-planning)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Optimizing workflow performance","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Need examples of matrix strategies, artifact upload/download","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Configuration Examples (","type":"text"},{"text":"references/configuration-examples.md","type":"text","marks":[{"type":"code_inline"}]},{"text":")","type":"text"}]},{"type":"paragraph","content":[{"text":"Load when:","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Creating dependabot.yml from scratch","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Configuring CodeQL for specific languages","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Setting up GitHub Actions secrets correctly","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Need complete working configuration files","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Understanding branch protection rules","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Creating issue/PR templates with proper validation","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Troubleshooting Guide (","type":"text"},{"text":"references/troubleshooting-guide.md","type":"text","marks":[{"type":"code_inline"}]},{"text":")","type":"text"}]},{"type":"paragraph","content":[{"text":"Load when:","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Workflows not triggering despite pushing code","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"CodeQL reports \"No code found to analyze\"","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Matrix builds all failing with same error","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Dependabot PRs consistently failing CI","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Permissions errors (\"Resource not accessible by integration\")","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Need step-by-step debugging procedures","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Advanced Configurations (","type":"text"},{"text":"references/advanced-configurations.md","type":"text","marks":[{"type":"code_inline"}]},{"text":")","type":"text"}]},{"type":"paragraph","content":[{"text":"Load when:","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Setting up multi-environment deployments (staging/production)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Creating reusable workflows or composite actions","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Optimizing CI/CD pipeline performance","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Implementing advanced matrix strategies","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Using OIDC for cloud authentication (no long-lived secrets)","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Need workflow optimization techniques","type":"text"}]}]}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"Integration with Existing Skills","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"cloudflare-worker-base → Add CI/CD","type":"text"}]},{"type":"paragraph","content":[{"text":"When user creates new Worker project:","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# User: \"Create Cloudflare Worker with CI/CD\"\n\n# This skill runs AFTER cloudflare-worker-base\ncp templates/workflows/ci-cloudflare-workers.yml .github/workflows/deploy.yml\n\n# Configure secrets\ngh secret set CLOUDFLARE_API_TOKEN","type":"text"}]},{"type":"paragraph","content":[{"text":"Result","type":"text","marks":[{"type":"strong"}]},{"text":": New Worker with automated deployment on push to main","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"project-planning → Generate Automation","type":"text"}]},{"type":"paragraph","content":[{"text":"When user uses project-planning skill:","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# User: \"Plan new React app with GitHub automation\"\n\n# project-planning generates IMPLEMENTATION_PHASES.md\n# Then this skill sets up GitHub automation\ncp templates/workflows/ci-react.yml .github/workflows/ci.yml\ncp templates/issue-templates/*.yml .github/ISSUE_TEMPLATE/","type":"text"}]},{"type":"paragraph","content":[{"text":"Result","type":"text","marks":[{"type":"strong"}]},{"text":": Planned project with complete GitHub automation","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"open-source-contributions → Setup Contributor Experience","type":"text"}]},{"type":"paragraph","content":[{"text":"When preparing project for open source:","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# User: \"Prepare repo for open source contributions\"\n\n# open-source-contributions skill handles CONTRIBUTING.md\n# This skill adds issue templates and CODEOWNERS\ncp templates/issue-templates/*.yml .github/ISSUE_TEMPLATE/\ncp templates/misc/CODEOWNERS .github/","type":"text"}]},{"type":"paragraph","content":[{"text":"Result","type":"text","marks":[{"type":"strong"}]},{"text":": Contributor-friendly repository","type":"text"}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"Dependencies","type":"text"}]},{"type":"paragraph","content":[{"text":"Required","type":"text","marks":[{"type":"strong"}]},{"text":":","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Git","type":"text","marks":[{"type":"strong"}]},{"text":" 2.0+ - Version control","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"GitHub CLI (gh)","type":"text","marks":[{"type":"strong"}]},{"text":" 2.0+ - Secret management, PR creation (optional but recommended)","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"strong"}]},{"text":":","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"yamllint","type":"text","marks":[{"type":"strong"}]},{"text":" 1.20+ - YAML validation before commit","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"act","type":"text","marks":[{"type":"strong"}]},{"text":" (local GitHub Actions runner) - Test workflows locally","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Install gh CLI","type":"text","marks":[{"type":"strong"}]},{"text":":","type":"text"}]},{"type":"code_block","attrs":{"wrap":false,"language":"bash"},"content":[{"text":"# macOS\nbrew install gh\n\n# Ubuntu\nsudo apt install gh\n\n# Verify\ngh --version","type":"text"}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"Official Documentation","type":"text"}]},{"type":"bullet_list","content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"GitHub Actions","type":"text","marks":[{"type":"strong"}]},{"text":": https://docs.github.com/en/actions","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Workflow Syntax","type":"text","marks":[{"type":"strong"}]},{"text":": https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"CodeQL","type":"text","marks":[{"type":"strong"}]},{"text":": https://codeql.github.com/docs/","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Dependabot","type":"text","marks":[{"type":"strong"}]},{"text":": https://docs.github.com/en/code-security/dependabot","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Issue Templates","type":"text","marks":[{"type":"strong"}]},{"text":": https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Context7 Library ID","type":"text","marks":[{"type":"strong"}]},{"text":": Search for ","type":"text"},{"text":"/websites/github","type":"text","marks":[{"type":"code_inline"}]},{"text":" or ","type":"text"},{"text":"/github/","type":"text","marks":[{"type":"code_inline"}]},{"text":" in Context7 MCP","type":"text"}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"Complete Setup Checklist","type":"text"}]},{"type":"paragraph","content":[{"text":"Use this checklist to verify your GitHub automation setup:","type":"text"}]},{"type":"paragraph","content":[{"text":"Workflows:","type":"text","marks":[{"type":"strong"}]}]},{"type":"checkbox_list","attrs":{"id":null},"content":[{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Created ","type":"text"},{"text":".github/workflows/","type":"text","marks":[{"type":"code_inline"}]},{"text":" directory","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Copied appropriate CI workflow template","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Updated usernames in workflow files","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Configured secrets (if deploying)","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"SHA-pinned all actions (not @latest)","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Explicit runner version (ubuntu-24.04)","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Workflow triggers match branches (main/master)","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Issue Templates:","type":"text","marks":[{"type":"strong"}]}]},{"type":"checkbox_list","attrs":{"id":null},"content":[{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Created ","type":"text"},{"text":".github/ISSUE_TEMPLATE/","type":"text","marks":[{"type":"code_inline"}]},{"text":" directory","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Copied bug_report.yml","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Copied feature_request.yml","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Updated assignees to your GitHub username","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"YAML templates use ","type":"text"},{"text":"required: true","type":"text","marks":[{"type":"code_inline"}]},{"text":" for critical fields","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"PR Template:","type":"text","marks":[{"type":"strong"}]}]},{"type":"checkbox_list","attrs":{"id":null},"content":[{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Copied PULL_REQUEST_TEMPLATE.md to ","type":"text"},{"text":".github/","type":"text","marks":[{"type":"code_inline"}]}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Customized checklist for your project needs","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Security:","type":"text","marks":[{"type":"strong"}]}]},{"type":"checkbox_list","attrs":{"id":null},"content":[{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Copied security-codeql.yml","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Added correct languages to CodeQL matrix","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Set ","type":"text"},{"text":"security-events: write","type":"text","marks":[{"type":"code_inline"}]},{"text":" permission","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Copied dependabot.yml","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Updated package-ecosystem (npm/pip/etc.)","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Set reviewers in dependabot.yml","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Testing:","type":"text","marks":[{"type":"strong"}]}]},{"type":"checkbox_list","attrs":{"id":null},"content":[{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Pushed to feature branch first (not main)","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Verified CI runs successfully","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Checked Actions tab for any errors","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Validated YAML syntax locally","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Tested secret access (if applicable)","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Documentation:","type":"text","marks":[{"type":"strong"}]}]},{"type":"checkbox_list","attrs":{"id":null},"content":[{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Added badge to README.md (optional)","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Documented required secrets in README","type":"text"}]}]},{"type":"checkbox_item","attrs":{"checked":false},"content":[{"type":"paragraph","content":[{"text":"Updated CONTRIBUTING.md (if open source)","type":"text"}]}]}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"paragraph","content":[{"text":"Questions? Issues?","type":"text","marks":[{"type":"strong"}]}]},{"type":"ordered_list","attrs":{"order":1,"listStyle":"number"},"content":[{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Check ","type":"text"},{"text":"references/common-errors.md","type":"text","marks":[{"type":"code_inline"}]},{"text":" for all 18 errors","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Verify workflow YAML is valid: ","type":"text"},{"text":"yamllint .github/workflows/*.yml","type":"text","marks":[{"type":"code_inline"}]}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Check GitHub Actions tab for detailed error messages","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Review official docs: https://docs.github.com/en/actions","type":"text"}]}]},{"type":"list_item","content":[{"type":"paragraph","content":[{"text":"Ensure secrets are configured: ","type":"text"},{"text":"gh secret list","type":"text","marks":[{"type":"code_inline"}]}]}]}]},{"type":"hr","attrs":{"markup":"---"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"Last Updated","type":"text","marks":[{"type":"strong"}]},{"text":": 2025-12-17 ","type":"text"},{"text":"Version","type":"text","marks":[{"type":"strong"}]},{"text":": 2.0.0 (Optimized with progressive disclosure) ","type":"text"},{"text":"Status","type":"text","marks":[{"type":"strong"}]},{"text":": Production Ready","type":"text"}]}]},"metadata":{"date":"2026-06-05","name":"github-project-automation","author":"@skillopedia","source":{"stars":162,"repo_name":"claude-skills","origin_url":"https://github.com/secondsky/claude-skills/blob/HEAD/plugins/github-project-automation/skills/github-project-automation/SKILL.md","repo_owner":"secondsky","body_sha256":"54fb50d5e5724fce118a1ddcaa9b835ce7a11460ebb49b5421ddddece3fdc4a3","cluster_key":"dd8f830249f77eb910414e31414e1b6d73c49c6746f295c4f987b88dba398487","clean_bundle":{"format":"clean-skill-bundle-v1","source":"secondsky/claude-skills/plugins/github-project-automation/skills/github-project-automation/SKILL.md","attachments":[{"id":"afedaad6-37a2-532a-8af4-75c03ecae93a","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/afedaad6-37a2-532a-8af4-75c03ecae93a/attachment.txt","path":"assets/example-template.txt","size":416,"sha256":"3f725c80d70847fd8272bf1400515ba753f12f98f3b294d09e50b54b4c1b024a","contentType":"text/plain; charset=utf-8"},{"id":"98fde093-b76e-5a9f-b3ac-89eba8b08f1b","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/98fde093-b76e-5a9f-b3ac-89eba8b08f1b/attachment.md","path":"references/advanced-configurations.md","size":9500,"sha256":"532a563d7dcb5b8d42686104de451a9fd92d63cd89394fbce50a84912d111c82","contentType":"text/markdown; charset=utf-8"},{"id":"289fe763-6a47-5f33-a045-299e56a471bf","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/289fe763-6a47-5f33-a045-299e56a471bf/attachment.md","path":"references/common-errors.md","size":15593,"sha256":"70b1938715b73939d359face1913ed1f69064593f126e1da415b9949189b6a10","contentType":"text/markdown; charset=utf-8"},{"id":"c76abc91-58f8-5415-864d-23a445e42a90","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/c76abc91-58f8-5415-864d-23a445e42a90/attachment.md","path":"references/configuration-examples.md","size":11870,"sha256":"fb1dc9062e2b327d8643bdd451482e9955675c25e0b6a222040b861c31267f58","contentType":"text/markdown; charset=utf-8"},{"id":"9adff603-9c23-589c-839b-a66420a1f193","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/9adff603-9c23-589c-839b-a66420a1f193/attachment.md","path":"references/troubleshooting-guide.md","size":11042,"sha256":"d5b81a65079ec74c0e3c31f723fa9b4e1d15deee58cdebaa9a0ccad1c1fa4acb","contentType":"text/markdown; charset=utf-8"},{"id":"2cf15ea9-3cc0-59d8-8287-ac8971fb13ba","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/2cf15ea9-3cc0-59d8-8287-ac8971fb13ba/attachment.md","path":"references/workflow-patterns.md","size":11172,"sha256":"c9106a3a9368b78cd8daea163ecaf2e8500f2dd49e1faed43e89133739ee7dfc","contentType":"text/markdown; charset=utf-8"},{"id":"78e61663-550f-53dd-a211-32d3cb640800","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/78e61663-550f-53dd-a211-32d3cb640800/attachment.sh","path":"scripts/generate-codeowners.sh","size":4194,"sha256":"1e9942549694ad35fa0c7bcfacf28d90b4d162472576758f4b7c3c8ec2172c2c","contentType":"application/x-sh; charset=utf-8"},{"id":"eecf59ed-b5dd-54dc-9a8d-89256f5028ee","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/eecf59ed-b5dd-54dc-9a8d-89256f5028ee/attachment.sh","path":"scripts/setup-github-project.sh","size":6116,"sha256":"b18d671a093a7311b96b3965657bb90c8515ea8d4b752c122decbec6359e3d88","contentType":"application/x-sh; charset=utf-8"},{"id":"bd386d2b-746d-5046-ae0b-3013ae006913","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/bd386d2b-746d-5046-ae0b-3013ae006913/attachment.sh","path":"scripts/sync-templates.sh","size":4820,"sha256":"a16fcc345049eb90d800e9ad001f5e272d18b0711280e770b627a312ca7c4e91","contentType":"application/x-sh; charset=utf-8"},{"id":"6c78b254-6937-519b-841d-dd1bbf7c4053","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/6c78b254-6937-519b-841d-dd1bbf7c4053/attachment.sh","path":"scripts/validate-workflows.sh","size":5055,"sha256":"ba7ab7326e1cb52faab55ec5c2973e2fe81e3699c7d0f8941d752b8279f4d6ce","contentType":"application/x-sh; charset=utf-8"},{"id":"51b3230d-eb0e-5022-a396-912508f762e1","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/51b3230d-eb0e-5022-a396-912508f762e1/attachment.yml","path":"templates/issue-templates/bug_report.yml","size":3304,"sha256":"e2db4c38dc6c0fd06f2023ef52f36bb954950c14f3bcf350d7a1e8178d14115c","contentType":"application/yaml; charset=utf-8"},{"id":"261ea472-129a-57f5-8d2c-21025840b9cb","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/261ea472-129a-57f5-8d2c-21025840b9cb/attachment.yml","path":"templates/issue-templates/config.yml","size":568,"sha256":"6766d10c3cfc4693ea43a42f67964b32ea4e35a3de29e13f255ddc9e5488e033","contentType":"application/yaml; charset=utf-8"},{"id":"e769237f-b839-5ae9-b245-f5b449eec66e","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/e769237f-b839-5ae9-b245-f5b449eec66e/attachment.yml","path":"templates/issue-templates/documentation.yml","size":2552,"sha256":"eb9bd570d4826fc361be8874b7c4d9c36fa68fa2b1fdb4d30c8cf92a05279eb6","contentType":"application/yaml; charset=utf-8"},{"id":"e067e628-e644-5510-a5f9-a7c1ec9a59bb","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/e067e628-e644-5510-a5f9-a7c1ec9a59bb/attachment.yml","path":"templates/issue-templates/feature_request.yml","size":2911,"sha256":"218a3e47c10f996290a3dbb03ad8fadab09a0a0f3c9743c7b5d82f719ffd2512","contentType":"application/yaml; charset=utf-8"},{"id":"c85c78e3-abae-5f78-af4b-3699298efd85","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/c85c78e3-abae-5f78-af4b-3699298efd85/attachment","path":"templates/misc/CODEOWNERS","size":1711,"sha256":"8cbc40008e7aca3be35a015475a5bb074bd72799cf53bd6b6fc7a1dc55041c83","contentType":"text/plain; charset=utf-8"},{"id":"04313f7b-ca86-5590-8466-f2b1f7c3b97a","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/04313f7b-ca86-5590-8466-f2b1f7c3b97a/attachment.yml","path":"templates/misc/FUNDING.yml","size":803,"sha256":"a130c9ca4ebc22f17cb99d986dec1991d5c7b483918b77c5e1f453c91e45c144","contentType":"application/yaml; charset=utf-8"},{"id":"c850b753-feb9-59c5-8c60-9bfa0748e24a","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/c850b753-feb9-59c5-8c60-9bfa0748e24a/attachment.md","path":"templates/pr-templates/PULL_REQUEST_TEMPLATE.md","size":1925,"sha256":"b40d24e2f9b5ee17910390e67736ad80a8864a992e860726c14077c57993eac3","contentType":"text/markdown; charset=utf-8"},{"id":"6f243b64-e2dc-5fd4-8620-8351e6500f82","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/6f243b64-e2dc-5fd4-8620-8351e6500f82/attachment.md","path":"templates/pr-templates/bugfix.md","size":1439,"sha256":"e7c24b467d22a64063535eb947c2b2eeb74a83b270c0e0435d8b490d8a511e62","contentType":"text/markdown; charset=utf-8"},{"id":"e9dbddb7-0cee-5259-a865-5db406ae11d9","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/e9dbddb7-0cee-5259-a865-5db406ae11d9/attachment.md","path":"templates/pr-templates/feature.md","size":1747,"sha256":"d77a8f91813106eb9ffbafdcdd3c8196abebb8bc0a366acf888c7bcaaf00a044","contentType":"text/markdown; charset=utf-8"},{"id":"8e5bdad1-9dda-52b8-87f0-26181e7c2496","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/8e5bdad1-9dda-52b8-87f0-26181e7c2496/attachment.md","path":"templates/security/SECURITY.md","size":3525,"sha256":"958b0e8c98ade1135086991869109896d8cc1498f7ea44a8d7b7241fc2003cfa","contentType":"text/markdown; charset=utf-8"},{"id":"8f65e883-a27a-51bf-9733-08fc1ee6fd58","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/8f65e883-a27a-51bf-9733-08fc1ee6fd58/attachment.yml","path":"templates/security/codeql-config.yml","size":1458,"sha256":"6edc9c351d424f97ae505737f8879389037a61625a15997d16c1468ce4b04f8a","contentType":"application/yaml; charset=utf-8"},{"id":"b29dc79c-c716-5c8a-8e56-335c12e636a3","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/b29dc79c-c716-5c8a-8e56-335c12e636a3/attachment.yml","path":"templates/security/dependabot.yml","size":1710,"sha256":"8d360bfedbe1ba6c9c39ab69badbb5054f364efaefe9a81727779ce3ed6fb907","contentType":"application/yaml; charset=utf-8"},{"id":"47f0c999-f4a6-51b8-9e5e-929197b1f5bb","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/47f0c999-f4a6-51b8-9e5e-929197b1f5bb/attachment.yml","path":"templates/workflows/cd-production.yml","size":2442,"sha256":"285808daff6c536985068605ebc68055a68f1da0dc69a50062f441067f222b6a","contentType":"application/yaml; charset=utf-8"},{"id":"ed60f80f-38c5-5860-90f9-69506436d574","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/ed60f80f-38c5-5860-90f9-69506436d574/attachment.yml","path":"templates/workflows/ci-basic.yml","size":1159,"sha256":"c0cb5dafcab9d9e2a2b753b8fbb259ec01be856b17c1f62d20f8b91caf6ffa08","contentType":"application/yaml; charset=utf-8"},{"id":"c321d633-36af-5031-91e4-38acd81a187b","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/c321d633-36af-5031-91e4-38acd81a187b/attachment.yml","path":"templates/workflows/ci-cloudflare-workers.yml","size":1926,"sha256":"ff5a7db871f4dbd7f03a8416fef67fbd539e4deea77986af9954efbf7fade897","contentType":"application/yaml; charset=utf-8"},{"id":"d8fb7f68-ee8c-5f48-b28a-bbb10e303af9","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/d8fb7f68-ee8c-5f48-b28a-bbb10e303af9/attachment.yml","path":"templates/workflows/ci-matrix.yml","size":1537,"sha256":"10d6123e40387fdcb537ca147775d05972864a4edaaa73a1e4b55a8e7224f244","contentType":"application/yaml; charset=utf-8"},{"id":"74e95473-8cc8-5b87-98ad-0f1f53f1e111","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/74e95473-8cc8-5b87-98ad-0f1f53f1e111/attachment.yml","path":"templates/workflows/ci-node.yml","size":1359,"sha256":"bc9f5687445272475ef21bb267610049d50b4734ff404515f71f91ccc4668bcb","contentType":"application/yaml; charset=utf-8"},{"id":"b5a41509-d6e6-5936-8ea4-9ac3202bc74e","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/b5a41509-d6e6-5936-8ea4-9ac3202bc74e/attachment.yml","path":"templates/workflows/ci-python.yml","size":1569,"sha256":"c0fda6d55297608a30b58d147fce2214a24bd17aafa45dfe8e80b0131d1fbaf3","contentType":"application/yaml; charset=utf-8"},{"id":"7eaaa629-fe72-58b8-87ea-3bb4e8fe3fdb","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/7eaaa629-fe72-58b8-87ea-3bb4e8fe3fdb/attachment.yml","path":"templates/workflows/ci-react.yml","size":2392,"sha256":"0f0802195068cd0d861e58eecd13e7cb2af0f1774ab086202aed821e193f37a9","contentType":"application/yaml; charset=utf-8"},{"id":"b139a0e7-1f07-50bc-8465-3025d2684ab0","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/b139a0e7-1f07-50bc-8465-3025d2684ab0/attachment.yml","path":"templates/workflows/pr-checks.yml","size":4531,"sha256":"117a0cf7da27724af09e5aafd63e69e1fbebb6a4430a299f288393285d086aa7","contentType":"application/yaml; charset=utf-8"},{"id":"775ef69e-8d71-58ad-a8ea-31e8c5863f4d","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/775ef69e-8d71-58ad-a8ea-31e8c5863f4d/attachment.yml","path":"templates/workflows/release.yml","size":3884,"sha256":"e8e91f5bd9ac6774267e5daad417a1bdf0f1579f14db19417aca7b152424b2b3","contentType":"application/yaml; charset=utf-8"},{"id":"308ed6d3-d03a-5ea2-9c22-79a5d3bcff52","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/308ed6d3-d03a-5ea2-9c22-79a5d3bcff52/attachment.yml","path":"templates/workflows/scheduled-maintenance.yml","size":3490,"sha256":"eb0b7d1dd6df18696a54444f7a8a6e33cc210f2a9f91ec9847443f9e1c3059ee","contentType":"application/yaml; charset=utf-8"},{"id":"778340ff-eba8-57ca-bf4b-7536499bc119","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/778340ff-eba8-57ca-bf4b-7536499bc119/attachment.yml","path":"templates/workflows/security-codeql.yml","size":1883,"sha256":"34df48a62d6302e9107d217df49002970559cf6fcbd6c2a9ea21967f5c1d32d8","contentType":"application/yaml; charset=utf-8"},{"id":"3f7fa27f-a4b8-5c95-9b98-7cc4d7833692","key":"uploads/10433ee7-ad12-4ae0-b34e-97553e46c6c8/3f7fa27f-a4b8-5c95-9b98-7cc4d7833692/attachment.yml","path":"templates/workflows/security-dependency-review.yml","size":1173,"sha256":"e6a4e0bdb27499dbe159c32d733f9f455029c9b916b779de4ae61b69ed547261","contentType":"application/yaml; charset=utf-8"}],"bundle_sha256":"56e48fc77645e0915aa7de5e67da65470a4ab82e40eaecd1653e418f377583f5","attachment_count":34,"text_attachments":33,"attachment_storage":"skillopedia-attachments-v1","binary_attachments":1,"excluded_attachments":[]},"cluster_size":1,"skill_md_path":"plugins/github-project-automation/skills/github-project-automation/SKILL.md","import_metadata":{"date":"2026-06-05","author":"@skillopedia","version":"v1","category":"security","category_label":"Security"},"exact_dupes_collapsed_into_this":0},"license":"MIT","version":"v1","category":"security","metadata":{"version":"2.0.0","keywords":["github actions","github workflow","ci/cd","issue templates","pull request templates","dependabot","codeql","security scanning","yaml syntax","github automation","repository setup","workflow templates","github actions matrix","secrets management","branch protection","codeowners","github projects","continuous integration","continuous deployment","workflow syntax error","action version pinning","runner version","github context","yaml indentation error"],"complexity":"8/10","last_verified":"2025-12-17T00:00:00.000Z","token_savings":"~75%","errors_prevented":18,"optimization_date":"2025-12-17T00:00:00.000Z"},"import_tag":"clean-skills-v1","description":"GitHub repository automation (CI/CD, issue templates, Dependabot, CodeQL). Use for project setup, Actions workflows, security scanning, or encountering YAML syntax, workflow configuration, template structure errors."}},"renderedAt":1782979436898}

GitHub Project Automation Status : Production Ready ✅ Last Updated : 2025-12-17 Version : 2.0.0 (Optimized with progressive disclosure) Dependencies : None (git and gh CLI recommended) Latest Versions : actions/[email protected], actions/[email protected], github/[email protected] --- Quick Start (15 Minutes) 1. Choose Your Framework Select the workflow template that matches your project: Why this matters: - Pre-validated YAML prevents syntax errors - SHA-pinned actions for security - Explicit runner versions (ubuntu-24.04) - All 8 GitHub Actions errors prevented 2. Add Issue Templates Why…