refactor(ci): improve github workflows

[tsinis]

Description

Type of Change

• ✨ New feature (non-breaking change which adds functionality)
• 🛠️ Bug fix (non-breaking change which fixes an issue)
• ❌ Breaking change (fix or feature that would cause existing functionality to change)
• 🧹 Code refactor
• 🧪 Tests
• 📝 Documentation
• ⚙️ CI/CD or GitHub Workflow configuration change
• 📦 Dependencies update

Checks

Please look at the following checklist to ensure that your PR can be accepted quickly:

• Data come from open-source resources with MIT License (if presented).
• New code is documented and the data source is referenced (if presented).
• Existing tests are up to date with these changes.
• New code is fully tested (if presented).

Summary by CodeRabbit

• New Features

  • Enhanced clarity in the Contributor Covenant Code of Conduct with additional phrases.
  • Broadened scope for Dependabot to monitor Dart package dependencies.
  • Conditional execution for publishing workflows based on tag references.

• Bug Fixes

  • Corrected formatting inconsistencies in workflow configurations.

• Chores

  • Updated YAML configurations for better standardization and readability.
  • Added a scheduled job for managing stale issues and pull requests.

• Documentation

  • Improved formatting in contributing guidelines for visual consistency.

[coderabbitai]

📝 Walkthrough

Walkthrough

This pull request encompasses multiple minor modifications across various GitHub workflow and configuration files. The changes primarily involve standardizing string quotation (from single to double quotes), adding newline characters at file endings, and making small configuration adjustments. These updates focus on maintaining consistent formatting and improving workflow configurations without introducing significant functional changes to the repository's CI/CD and contribution processes.

Changes

File	Change Summary
.github/code_of_conduct.md	Added phrases to enhance behavioral standards and clarity
.github/contributing.md	Replaced asterisks with underscores for text emphasis
.github/dependabot.yaml	Added - packages/* to Dart package ecosystem monitoring
.github/workflows/*	Multiple files updated with: - Quotation style changes (single to double quotes) - Added newline characters - Minor configuration tweaks
.github/workflows/verify_package_workflow.yaml	Changed file parameter to files in coverage upload step
.github/workflows/publish_world_countries.yaml	Added job condition if: github.ref_type == 'tag'

Sequence Diagram

sequenceDiagram
    participant Repo as GitHub Repository
    participant Workflows as GitHub Actions
    participant Dependabot
    participant PublishService as Pub.dev

    Repo->>Workflows: Trigger workflows
    Workflows->>Dependabot: Monitor dependencies
    Dependabot-->>Repo: Update dependency suggestions
    Workflows->>PublishService: Publish packages conditionally

Loading

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🔭 Outside diff range comments (4)

.github/workflows/publish_sealed_currencies.yaml (1)

Line range hint 7-17: Consider documenting the workflow structure.

While the changes are consistent and correct, consider adding documentation about the common workflow structure and versioning pattern used across these files.

Add a comment block at the top of each workflow file explaining:

 name: publish_sealed_currencies
+# This workflow publishes the sealed_currencies package to pub.dev when a new version tag is pushed.
+# Tag format: sealed_currencies-v[major].[minor].[patch]
+# The workflow inherits the common publishing configuration from publish_to_pub.yaml
 
 on:
   push:

.github/workflows/backup.yaml (1)

Line range hint 13-14: Consider using major version tag for actions

While pinning to specific versions (v4.2.2) provides stability, using major version tags (v4) would automatically receive security updates while maintaining compatibility.

-        uses: actions/checkout@v4.2.2
+        uses: actions/checkout@v4

.github/workflows/stale.yaml (1)

Line range hint 1-24: LGTM! Well-configured stale issue management

The workflow is well configured with:

• Appropriate timeframes (60 days before stale, 14 days before close)
• Clear and informative messages
• Proper permissions

Consider adding a step to track stale metrics over time using GitHub's REST API. This could help tune the stale/close timeframes based on actual project activity patterns.

Example metrics to track:

• Number of issues/PRs marked as stale
• Resolution rate (closed vs reactivated)
• Average time to resolution

.github/workflows/verify_package_workflow.yaml (1)

Line range hint 109-113: LGTM! Correct parameter name for codecov-action.

The change from file to files aligns with the correct parameter name for codecov-action@v5.1.2.

Consider using a more specific format for the flags parameter to better identify the coverage report in Codecov:

-          flags: ${{ inputs.package_name }}
+          flags: dart_${{ inputs.package_name }}

This helps distinguish between different language implementations if you add more in the future.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c8b2673 and 2d0f209.

📒 Files selected for processing (14)

• .github/code_of_conduct.md (2 hunks)
• .github/contributing.md (1 hunks)
• .github/dependabot.yaml (1 hunks)
• .github/workflows/backup.yaml (1 hunks)
• .github/workflows/config/auto-assign.yaml (1 hunks)
• .github/workflows/publish_sealed_countries.yaml (2 hunks)
• .github/workflows/publish_sealed_currencies.yaml (2 hunks)
• .github/workflows/publish_sealed_languages.yaml (2 hunks)
• .github/workflows/publish_to_pub.yaml (1 hunks)
• .github/workflows/publish_world_countries.yaml (1 hunks)
• .github/workflows/publish_world_flags.yaml (1 hunks)
• .github/workflows/pull_request.yaml (1 hunks)
• .github/workflows/stale.yaml (1 hunks)
• .github/workflows/verify_package_workflow.yaml (1 hunks)

🧰 Additional context used

🪛 LanguageTool

.github/code_of_conduct.md

[style] ~32-~32: Try using a synonym here to strengthen your wording.
Context: ...ind - Trolling, insulting or derogatory comments, and personal or political attacks - Pu...

(COMMENT_REMARK)

🔇 Additional comments (13)

.github/workflows/publish_world_flags.yaml (1)

6-7: LGTM! Tag pattern follows best practices

The tag pattern is well-structured and specific, following the format world_flags-v[0-9]+.[0-9]+.[0-9]+*. This ensures proper versioning control.

.github/workflows/publish_sealed_languages.yaml (3)

Line range hint 11-11: Remove redundant condition

Similar to the previous workflow, the condition if: github.ref_type == 'tag' is redundant and can be removed.

---

6-7: LGTM! Consistent tag pattern

The tag pattern follows the same structured format as other workflows, maintaining consistency across the repository.

---

Line range hint 12-12: Verify reusable workflow existence

The workflow uses a reusable workflow from ./.github/workflows/publish_to_pub.yaml. Let's verify its existence and accessibility.

✅ Verification successful

Reusable workflow exists and is properly configured

The verification confirms that:

• The workflow file .github/workflows/publish_to_pub.yaml exists
• It's properly configured as a reusable workflow (contains workflow_call: declaration)

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Verify the existence of the reusable workflow
if [ -f .github/workflows/publish_to_pub.yaml ]; then
    echo "Reusable workflow exists"
    # Check if it's properly configured as a reusable workflow
    grep -l "workflow_call:" .github/workflows/publish_to_pub.yaml
else
    echo "Error: Reusable workflow not found"
    exit 1
fi

Length of output: 210

.github/workflows/publish_sealed_countries.yaml (2)

7-7: LGTM! Tag pattern follows YAML best practices.

The change to double quotes for the tag pattern is appropriate, as it's the preferred style in YAML for strings containing special characters.

---

Line range hint 11-17: Verify the reusable workflow implementation.

The workflow configuration looks good with proper conditional execution and permissions. Let's verify the referenced reusable workflow.

✅ Verification successful

Reusable workflow implementation verified and found to be well-structured

The reusable workflow publish_to_pub.yaml is properly implemented with:

• Required inputs for package_name and tag
• Comprehensive version checks across pubspec.yaml and CHANGELOG.md
• Proper security measures with conditional execution based on repository owner
• Consistent usage across multiple package workflows:
  • sealed_countries
  • sealed_languages
  • world_countries
  • world_flags
  • sealed_currencies

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the reusable workflow and its usage
# Check if the reusable workflow exists and examine its content
if [ -f .github/workflows/publish_to_pub.yaml ]; then
    echo "Reusable workflow found. Content:"
    cat .github/workflows/publish_to_pub.yaml
else
    echo "Warning: Referenced workflow .github/workflows/publish_to_pub.yaml not found"
fi

# Check for consistent usage across other workflow files
echo "Checking usage patterns across workflows:"
rg "uses: \\./.github/workflows/publish_to_pub.yaml" .github/workflows/

Length of output: 3347

.github/workflows/publish_world_countries.yaml (1)

7-7: LGTM! Consistent with other workflows.

The changes maintain consistency with other workflow files:

• Double quotes for tag pattern
• Proper conditional execution for tags

Also applies to: 11-11

.github/workflows/backup.yaml (1)

Line range hint 19-24: LGTM! Secure configuration for GitLab mirroring

The workflow is well configured with:

• Appropriate timeout limits
• Secure secret handling for SSH key
• Specific version pinning for the mirroring action

.github/workflows/stale.yaml (1)

24-25: LGTM! Secure token usage

Properly uses GITHUB_TOKEN secret for authentication.

.github/workflows/pull_request.yaml (1)

30-30: LGTM! Quote standardization change.

The change from single to double quotes is consistent with the standardization effort and doesn't affect functionality.

.github/workflows/publish_to_pub.yaml (1)

76-77: LGTM! Quote standardization changes.

The changes from single to double quotes maintain consistency and don't affect the publishing workflow's functionality.

.github/contributing.md (1)

43-43: LGTM! Markdown emphasis standardization.

The changes from asterisks to underscores for emphasis maintain Markdown compatibility while standardizing the emphasis style across documentation.

Also applies to: 48-48

.github/code_of_conduct.md (1)

20-25: LGTM! Improved clarity and completeness of the Code of Conduct.

The changes enhance the document by:

• Adding important context about learning from mistakes
• Clarifying the requirement for explicit permission regarding private information
• Improving formatting consistency

Also applies to: 30-36, 109-110