* Automated issue triage workflow
* Bump dependencies
* Fix issue-triage workflow: security, reliability, and testability
Address six review comments on the issue-triage workflow:
1. Change trigger from issues:opened to issues:labeled so the
secret-backed triage flow is only triggered by a maintainer-
controlled signal.
2. Include inputs.issue_number in the concurrency group so
workflow_dispatch runs for the same issue are properly
de-duplicated.
3. Improve team membership error handling to fail closed: verify
the team exists before checking membership, and only treat a
404 as 'not a member' (all other errors fail the job).
4. Use optional chaining (issue.user?.login) for the API-fetched
issue to handle deleted GitHub accounts without crashing.
5. Extract the inline github-script into a testable module at
.github/scripts/check_team_membership.js with 10 tests in
.github/tests/test_check_team_membership.js covering all
code paths (payload/API author resolution, deleted accounts,
team lookup failure, 404 vs non-404 membership errors).
6. Make the spam gate actually stop the job by exiting non-zero
instead of just logging, so future steps cannot accidentally
run for spam issues.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Make issue-triage workflow manually triggered only for initial testing
Remove the 'issues' event trigger, keeping only 'workflow_dispatch' so the
workflow can be tested manually before enabling automatic triggers.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <copilot@github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>