Skip to content

This pull request introduces stricter validation for GitHub issue titles to ensure they are meaningful, not placeholders, and meet minimum requirements. It also adds comprehensive unit tests for the new validation logic and updates documentation to reflect these changes. Additionally, a new GitHub Actions workflow is added for generating SLSA provenance files for improved supply chain security. #978

New issue
New issue
Closed
Closed
This pull request introduces stricter validation for GitHub issue titles to ensure they are meaningful, not placeholders, and meet minimum requirements. It also adds comprehensive unit tests for the new validation logic and updates documentation to reflect these changes. Additionally, a new GitHub Actions workflow is added for generating SLSA provenance files for improved supply chain security.#978
@JaclynCodes

Description

@JaclynCodes
JaclynCodes
opened on Aug 26, 2025

This pull request introduces stricter validation for GitHub issue titles to ensure they are meaningful, not placeholders, and meet minimum requirements. It also adds comprehensive unit tests for the new validation logic and updates documentation to reflect these changes. Additionally, a new GitHub Actions workflow is added for generating SLSA provenance files for improved supply chain security.

Issue Title Validation Improvements:

  • Added a new function RequiredMeaningfulTitle in pkg/github/server.go that enforces issue titles to be at least 3 characters long, contain at least one letter or number, and not be common placeholders (e.g., "Title", "TODO", "test"). ([pkg/github/server.goR91-R148](diffhunk://#diff-b6e388e2a018b4bc415a18e7dd986e6b7730931af9d26c37ba4be38988e421edR91-R148))
  • Updated the issue creation logic in pkg/github/issues.go to use RequiredMeaningfulTitle instead of the previous generic required parameter check. ([pkg/github/issues.goL804-R804](diffhunk://#diff-eab3158a062b4de104a63ca60b07d2db607535afac21cc90b136af8496e6681aL804-R804))
  • Enhanced the API documentation in README.md to specify the new requirements for the title parameter when creating issues. ([README.mdL536-R536](diffhunk://#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5L536-R536))

Testing Enhancements:

  • Added extensive unit tests for RequiredMeaningfulTitle in pkg/github/server_test.go, covering valid, invalid, and edge-case titles. ([pkg/github/server_test.goR563-R683](diffhunk://#diff-014ce2a5e97b449dbaacef3a9a5b1cb9bd0e7a863b095ef29117af2a1d3bdf85R563-R683))
  • Expanded integration tests in pkg/github/issues_test.go to verify error messages for invalid titles during issue creation. ([pkg/github/issues_test.goR684-R740](diffhunk://#diff-2e611e3b483afedad4fd22bdbefada38ac15d4d752b7d71e22b454e8e3800b5eR684-R740))

Supply Chain Security:

  • Introduced a new workflow file .github/workflows/generator-generic-ossf-slsa3-publish.yml to generate SLSA provenance files, supporting supply chain security best practices. ([.github/workflows/generator-generic-ossf-slsa3-publish.ymlR1-R66](diffhunk://#diff-98bd42f3b5e076be27172aad3387298cbca7505451064fb47b3a5c384bd0ca40R1-R66))

Originally posted by @JaclynCodes in #977 (comment)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions