diff --git a/packages/browseros-agent/.github/workflows/audit.yml b/.github/workflows/audit.yml similarity index 98% rename from packages/browseros-agent/.github/workflows/audit.yml rename to .github/workflows/audit.yml index d404d8f2f..292434102 100644 --- a/packages/browseros-agent/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -9,6 +9,9 @@ on: jobs: security-audit: runs-on: ubuntu-latest + defaults: + run: + working-directory: packages/browseros-agent steps: - name: Checkout code diff --git a/packages/browseros-agent/.github/workflows/branch-cleaner.yml b/.github/workflows/branch-cleaner.yml similarity index 100% rename from packages/browseros-agent/.github/workflows/branch-cleaner.yml rename to .github/workflows/branch-cleaner.yml diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index f73d31a2b..3c90ebe50 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -1,11 +1,11 @@ -name: 'CLA Assistant' +name: CLA Assistant + on: issue_comment: types: [created] pull_request_target: types: [opened, closed, synchronize] -# Explicitly configure permissions permissions: actions: write contents: write @@ -13,47 +13,46 @@ permissions: statuses: write jobs: - CLAAssistant: + cla: runs-on: ubuntu-latest + if: | + (github.event_name == 'pull_request_target') || + (github.event_name == 'issue_comment' && github.event.issue.pull_request && + (github.event.comment.body == 'recheck' || + github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA')) steps: - - name: 'CLA Assistant' - if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' + - name: CLA Assistant uses: contributor-assistant/github-action@v2.6.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_SIGNATURES_TOKEN }} with: - # Path where signatures will be stored - path-to-signatures: 'signatures/version1/cla.json' - - # Path to your CLA document - path-to-document: 'https://github.com/browseros-ai/BrowserOS/blob/main/CLA.md' - - # Branch to store signatures (should not be protected) + path-to-signatures: 'cla-signatures.json' + path-to-document: 'https://github.com/${{ github.repository }}/blob/main/CLA.md' branch: 'main' - - # Allowlist for users who don't need to sign (bots, core team members) - allowlist: shadowfax92,felarof99,dependabot[bot],renovate[bot],github-actions[bot] - - # Optional: Custom messages + remote-organization-name: 'browseros-ai' + remote-repository-name: 'cla-signatures' + allowlist: 'shadowfax92,felarof99,bot*,*[bot],dependabot,renovate,github-actions,snyk-bot,imgbot,greenkeeper,semantic-release-bot,allcontributors' + lock-pullrequest-aftermerge: false custom-notsigned-prcomment: | - **CLA Assistant Lite bot** Thank you for your submission! We require contributors to sign our [Contributor License Agreement](https://github.com/browseros-ai/BrowserOS/blob/main/CLA.md) before we can accept your contribution. + Thank you for your contribution! Before we can merge this PR, we need you to sign our [Contributor License Agreement](https://github.com/${{ github.repository }}/blob/main/CLA.md). - By signing the CLA, you confirm that: - - You have read and agree to the AGPL-3.0 license terms - - Your contribution is your original work - - You grant us the rights to use your contribution under the AGPL-3.0 license + **To sign the CLA**, please add a comment to this PR with the following text: - **To sign the CLA, please comment on this PR with:** - `I have read the CLA Document and I hereby sign the CLA` + ``` + I have read the CLA Document and I hereby sign the CLA + ``` + You only need to sign once. After signing, this check will pass automatically. + + --- +
+ Troubleshooting + + - **Already signed but still failing?** Comment `recheck` to trigger a re-verification. + - **Signed with a different email?** Make sure your commit email matches your GitHub account email, or add your commit email to your GitHub account. + +
custom-pr-sign-comment: 'I have read the CLA Document and I hereby sign the CLA' - custom-allsigned-prcomment: | - **CLA Assistant Lite bot** โœ… All contributors have signed the CLA. Thank you for helping make BrowserOS better! - - # Lock PR after merge to prevent signature tampering - lock-pullrequest-aftermerge: true - - # Custom commit messages - create-file-commit-message: 'docs: Create CLA signatures file' - signed-commit-message: 'docs: $contributorName signed the CLA in $owner/$repo#$pullRequestNo' + All contributors have signed the CLA. Thank you! diff --git a/packages/browseros-agent/.github/workflows/claude.yml b/.github/workflows/claude.yml similarity index 76% rename from packages/browseros-agent/.github/workflows/claude.yml rename to .github/workflows/claude.yml index 60997d57b..4eaf3ce8c 100644 --- a/packages/browseros-agent/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -22,11 +22,11 @@ jobs: (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) runs-on: ubuntu-latest permissions: - contents: write # Can push branches and create commits - pull-requests: write # Can create and update PRs + contents: write + pull-requests: write issues: read id-token: write - actions: read # Required for Claude to read CI results on PRs + actions: read steps: - name: Checkout repository uses: actions/checkout@v6 @@ -38,11 +38,5 @@ jobs: uses: anthropics/claude-code-action@v1 with: claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} - - # This is an optional setting that allows Claude to read CI results on PRs additional_permissions: | actions: read - - # Allow all tools - branch protection rules at repo level prevent direct pushes to main/master - # Omitting --allowedTools means all tools are available by default - diff --git a/packages/browseros-agent/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml similarity index 81% rename from packages/browseros-agent/.github/workflows/code-quality.yml rename to .github/workflows/code-quality.yml index 8bcf870ed..7903c061c 100644 --- a/packages/browseros-agent/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -4,11 +4,16 @@ on: pull_request: branches: - main + paths: + - 'packages/browseros-agent/**' jobs: biome: name: runner / Biome runs-on: ubuntu-latest + defaults: + run: + working-directory: packages/browseros-agent permissions: contents: read steps: @@ -28,6 +33,9 @@ jobs: typecheck: name: runner / Typecheck runs-on: ubuntu-latest + defaults: + run: + working-directory: packages/browseros-agent permissions: contents: read steps: diff --git a/packages/browseros-agent/.github/workflows/pr-title.yml b/.github/workflows/pr-title.yml similarity index 78% rename from packages/browseros-agent/.github/workflows/pr-title.yml rename to .github/workflows/pr-title.yml index 19cd1fcdd..d6fa9f18b 100644 --- a/packages/browseros-agent/.github/workflows/pr-title.yml +++ b/.github/workflows/pr-title.yml @@ -5,9 +5,9 @@ on: types: [opened, synchronize, reopened, edited] permissions: - pull-requests: write # Read PR details and add labels - issues: write # Labels are managed via issues API - contents: read # Read repository content + pull-requests: write + issues: write + contents: read jobs: validate-pr-title: diff --git a/packages/browseros-agent/.github/workflows/release-agent-sdk.yml b/.github/workflows/release-agent-sdk.yml similarity index 84% rename from packages/browseros-agent/.github/workflows/release-agent-sdk.yml rename to .github/workflows/release-agent-sdk.yml index 36b3b1f80..06275ac05 100644 --- a/packages/browseros-agent/.github/workflows/release-agent-sdk.yml +++ b/.github/workflows/release-agent-sdk.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest defaults: run: - working-directory: packages/agent-sdk + working-directory: packages/browseros-agent/packages/agent-sdk steps: - uses: actions/checkout@v6 @@ -23,7 +23,7 @@ jobs: - name: Install dependencies run: bun ci - working-directory: . + working-directory: packages/browseros-agent - name: Build run: bun run build diff --git a/packages/browseros-agent/.github/workflows/test.yml b/.github/workflows/test.yml similarity index 64% rename from packages/browseros-agent/.github/workflows/test.yml rename to .github/workflows/test.yml index b5266643d..310ba191f 100644 --- a/packages/browseros-agent/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -7,18 +7,21 @@ jobs: name: Run Tests runs-on: macos-latest timeout-minutes: 10 + defaults: + run: + working-directory: packages/browseros-agent steps: - - name: ๐Ÿ“ฅ Checkout code + - name: Checkout code uses: actions/checkout@v6 - - name: ๐Ÿงฐ Setup Bun + - name: Setup Bun uses: oven-sh/setup-bun@v2 - - name: ๐Ÿ“ฆ Install dependencies + - name: Install dependencies run: bun ci - - name: ๐Ÿงช Run all tests + - name: Run all tests run: bun test:all env: PUPPETEER_EXECUTABLE_PATH: /Applications/Google Chrome.app/Contents/MacOS/Google Chrome diff --git a/packages/browseros-agent/.github/dependabot.yml b/packages/browseros-agent/.github/dependabot.yml deleted file mode 100644 index 06f37ffe4..000000000 --- a/packages/browseros-agent/.github/dependabot.yml +++ /dev/null @@ -1,41 +0,0 @@ -version: 2 -updates: - - package-ecosystem: bun - directory: / - schedule: - interval: weekly - day: 'sunday' - time: '02:00' - timezone: Europe/Berlin - open-pull-requests-limit: 10 - groups: - dependencies: - applies-to: security-updates - dependency-type: production - exclude-patterns: - - 'puppeteer*' - patterns: - - '*' - dev-dependencies: - applies-to: security-updates - dependency-type: development - exclude-patterns: - - 'puppeteer*' - patterns: - - '*' - puppeteer: - patterns: - - 'puppeteer*' - - package-ecosystem: github-actions - directory: / - schedule: - interval: weekly - day: 'sunday' - time: '04:00' - timezone: Europe/Berlin - open-pull-requests-limit: 10 - groups: - all: - applies-to: security-updates - patterns: - - '*' diff --git a/packages/browseros-agent/.github/workflows/cla.yml b/packages/browseros-agent/.github/workflows/cla.yml deleted file mode 100644 index d92ce0cda..000000000 --- a/packages/browseros-agent/.github/workflows/cla.yml +++ /dev/null @@ -1,58 +0,0 @@ -name: CLA Assistant - -on: - issue_comment: - types: [created] - pull_request_target: - types: [opened, closed, synchronize] - -permissions: - actions: write - contents: write - pull-requests: write - statuses: write - -jobs: - cla: - runs-on: ubuntu-latest - if: | - (github.event_name == 'pull_request_target') || - (github.event_name == 'issue_comment' && github.event.issue.pull_request && - (github.event.comment.body == 'recheck' || - github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA')) - steps: - - name: CLA Assistant - uses: contributor-assistant/github-action@v2.6.1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_SIGNATURES_TOKEN }} - with: - path-to-signatures: 'cla-signatures.json' - path-to-document: 'https://github.com/${{ github.repository }}/blob/main/CLA.md' - branch: 'main' - remote-organization-name: 'browseros-ai' - remote-repository-name: 'cla-signatures' - allowlist: 'bot*,*[bot],dependabot,renovate,github-actions,snyk-bot,imgbot,greenkeeper,semantic-release-bot,allcontributors' - lock-pullrequest-aftermerge: false - custom-notsigned-prcomment: | - Thank you for your contribution! Before we can merge this PR, we need you to sign our [Contributor License Agreement](https://github.com/${{ github.repository }}/blob/main/CLA.md). - - **To sign the CLA**, please add a comment to this PR with the following text: - - ``` - I have read the CLA Document and I hereby sign the CLA - ``` - - You only need to sign once. After signing, this check will pass automatically. - - --- -
- Troubleshooting - - - **Already signed but still failing?** Comment `recheck` to trigger a re-verification. - - **Signed with a different email?** Make sure your commit email matches your GitHub account email, or add your commit email to your GitHub account. - -
- custom-pr-sign-comment: 'I have read the CLA Document and I hereby sign the CLA' - custom-allsigned-prcomment: | - All contributors have signed the CLA. Thank you!