GitHub Action
Nissuer
Make issues non-issues quicker
A GitHub Action for tried and tired maintainers. This action is meant to help maintainers of open-source projects by automating some of the more tedious/repetitive tasks that come with the job.
nissuer comes with a default configuration, but you can override certain behaviors. Below is a list of features and the corresponding inputs.
- nissuer can hide "+1", "same issue", etc. comments on issues (partially based on Refined GitHub). It won't hide comments from the repo organization members.
- nissuer can also update the hidden comment with a note from the maintainers, explaining to the user why the comment was hidden. This is used for education purposes, so hopefully the user will be more considerate in the future.
Input | Description | Default Value |
---|---|---|
comment-add-explainer |
Add an explainer to a comment that was marked as off-topic. | true |
comment-unhelpful-weight |
If an issue comment is below this rate, it will be marked as off-topic and hidden. | 0.3 |
- nissuer can close/comment/label/lock issues that do not have a valid reproduction URL
- nissuer validates the returned status code of a reproduction URL (for example a private GitHub repository will not be considered valid)
Input | Description | Default Value |
---|---|---|
reproduction-comment |
Either a string or a path to a .md file inside the repository. | .github/invalid-reproduction.md |
reproduction-hosts |
Comma-separated list of hostnames allowed for reproductions. | github.com |
reproduction-blocklist |
Comma-separated list of regular expression string that are not allowed for reproductions. (Eg.: "github.com/.*/fork-of-non-reproduction"') | |
reproduction-invalid-label |
Label to apply to issues without a valid reproduction. | invalid-reproduction |
reproduction-issue-labels |
Comma-separated list of issue labels. If configured, only verify reproduction URLs of issues with one of these labels present. A comma at the end will handle issues without any label as non-valid. | |
reproduction-link-section |
A regular expression string with "(.*)" matching a valid URL in the issue body. The result is trimmed. | ### Link to reproduction(.*)### To reproduce |
- nissuer can label issues based on the content of an issue. Add a select input, and nissuer will add a label based on the selection.
- nissuer can comment on issues based on labels on behalf of a maintainer. Avoid having to repeat yourself by writing up a comment for common cases
Input | Description | Default Value |
---|---|---|
label-comments |
Autocomment on issues based on the added label. It should be a JSON object, where the key is a label, and the value is a file path or a comment text. | {"invalid reproduction": ".github/invalid-reproduction.md"} |
label-area-prefix |
Only look for these labels when autolabeling based on the user selection. | area: |
label-area-section |
A regular expression string with "(.*)" matching a section in the issue body to look for user-selected areas. The result is trimmed. Labeling is skipped if this is not configured |
- nissuer can detect if an issue about a potential vulnerability might have been opened publicly by accident and notify the maintainer about it.
- nissuer can also delete the issue automatically and send you all the details via a webhook. This can help avoid staying up late at night to fix a vulnerability that was not disclosed responsibly.
Input | Description | Default Value |
---|---|---|
webhook-url |
Webhook URL to send notifications to. | |
webhook-secret |
Secret to use for the webhook. It will be part of the JSON body of the request as secret . |
|
delete-vulnerability-report |
Delete the vulnerability report after sending it to the webhook. | false |
Here is a minimal setup of nissuer. Add a workflow (eg. .github/workflows/nissuer.yml
):
name: Triage via nissuer
on:
issues:
types: [opened, labeled]
issue_comment:
types: [created]
permissions:
issues: write
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
issue-validator:
runs-on: ubuntu-latest
steps:
- name: Nissuer
uses: balazsorban44/[email protected]
Add a comment file (by default we look for .github/invalid-reproduction.md
):
NOTE: Developers are coming to your project with all sorts of backgrounds/skill levels or understanding of the open-source world. Show empathy while using this action. 💚 We recommend adding comments that not only dismiss unhelpful issues/comments, but educate the user on how to be more helpful in the future.
Thanks for opening an issue!
Unfortunately, we can't help you without a reproduction URL.
It was closed automatically, but feel free to reopen it once you have a reproduction URL.
A good example of a comment is in the Next.js repository.