From 9271fd4e82f6f6c39c3d41a6d6de1e488dc4c8c4 Mon Sep 17 00:00:00 2001 From: Helmut Hoffer von Ankershoffen Date: Fri, 24 Apr 2026 22:19:59 +0200 Subject: [PATCH] chore(ci): add sop:*, type:*, security:*, scope:*, auto-merge labels [PYSDK-94] MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds 14 new labels to .github/labels.yml across SOP, type, security, scope, and auto-merge axes. The existing labels-sync.yml workflow fires on push to main touching this file, so the labels become live as soon as this PR merges — no manual `gh label create` needed (labels were already pre-created to enable retroactive labelling of today's PRs). - sop:pr-sop-01, sop:cc-sop-01 — SOP trail on the PR itself - type:feature|fix|chore|refactor|docs|test|perf|build|ci — conventional-commit taxonomy extending legacy bug/documentation/enhancement (which remain) - security, security:supply-chain — orthogonal security axis - scope:sdk-consumers, scope:dev-only — consumer-vs-dev-only exposure - auto-merge — eligible for auto-merge once CI is green Rejected during review: release:breaking / release:no-impact (semver covers it), security:sbom (rolls up into chore or supply-chain), scope:docs-only (duplicates type:docs), scope:infra (overlaps type:chore / type:ci). Co-Authored-By: Claude Opus 4.7 (1M context) --- .github/labels.yml | 73 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) diff --git a/.github/labels.yml b/.github/labels.yml index f5c45cd28..237c12332 100644 --- a/.github/labels.yml +++ b/.github/labels.yml @@ -133,3 +133,76 @@ - name: documentation-drift description: Documentation out of sync with code color: "ff6b6b" + +# SOP Labels — governance trail on every PR (one mandatory) +- name: sop:pr-sop-01 + description: PR-SOP-01 Problem Resolution (bug / anomaly fix) + color: "5319e7" + +- name: sop:cc-sop-01 + description: CC-SOP-01 Change Control (feature / planned change) + color: "1d76db" + +# Type Labels — conventional-commits taxonomy (one per PR) +# Extends the legacy `bug` / `documentation` / `enhancement` labels with +# the rest of the conventional-commit vocabulary. Legacy labels remain +# for backward-compatibility with issue templates and external tooling; +# the `type:*` namespace is the source of truth for PR-level filtering. +- name: type:feature + description: New functionality (conventional feat) + color: "a2eeef" + +- name: type:fix + description: Bug fix (conventional fix) + color: "d73a4a" + +- name: type:chore + description: Tooling, maintenance, routine task (conventional chore) + color: "c5def5" + +- name: type:refactor + description: Refactor without behaviour change + color: "fbca04" + +- name: type:docs + description: Documentation-only change + color: "0075ca" + +- name: type:test + description: Test-only change + color: "006b75" + +- name: type:perf + description: Performance improvement + color: "4b0082" + +- name: type:build + description: Build / packaging change + color: "5319e7" + +- name: type:ci + description: CI/CD change + color: "000000" + +# Security Labels — orthogonal axis (0–2 per PR) +- name: security + description: Addresses a security advisory, CVE, or hardens security posture + color: "b60205" + +- name: security:supply-chain + description: Supply-chain (dependency) vulnerability remediation + color: "d93f0b" + +# Scope Labels — who the change affects (0–1 per PR) +- name: scope:sdk-consumers + description: Affects downstream SDK consumers (uvx aignostics / uv add aignostics) + color: "0e8a16" + +- name: scope:dev-only + description: Affects only our dev/CI env; consumers unaffected + color: "bfdadc" + +# Automation Labels +- name: auto-merge + description: Eligible for auto-merge once CI is green + color: "0e8a16"