Skip to content

ci: automate renaming of Snyk PRs to conventional commits (CN-841) #758

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
parker-snyk wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

ci: automate renaming of Snyk PRs to conventional commits (CN-841) #758

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5b77dd0
ci: automate renaming of Snyk PRs to conventional commits
parker-snyk Feb 24, 2026
962b078
docs: add explanatory comments for Snyk PR rename step
parker-snyk Feb 24, 2026
f44c5f0
docs: refine comments to explain 'why' and fix review feedback
parker-snyk Feb 25, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 28 additions & 0 deletions .github/workflows/pr-title-check.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,36 @@ on:
jobs:
pr-title-check:
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: read
steps:
# Snyk automated PRs typically start with '[Snyk]'.
# Our repository requires conventional commits (e.g. 'fix: ...').
# This step renames Snyk PRs so they pass the semantic pull request check,
# making it easier to automatically merge vulnerability fixes.
- name: Rename Snyk PR
if: startsWith(github.event.pull_request.title, '[Snyk]')
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_TITLE: ${{ github.event.pull_request.title }}
run: |
# Conventional commits require a specific format (e.g., 'fix: ...').
# TITLE_NO_PREFIX isolates the core message so we can reformat just the start
# of the title while ensuring technical casing (like CVE IDs or dependency names)
# elsewhere in the string remains intact and accurate.
TITLE_NO_PREFIX=$(echo "$PR_TITLE" | sed -E 's/^\[Snyk\][[:space:]]*//i')

# We only lowercase the first character of the next word to satisfy linter requirements
# for lowercase subjects without losing intentional casing in technical acronyms or identifiers.
FIRST_CHAR=$(echo "${TITLE_NO_PREFIX:0:1}" | tr '[:upper:]' '[:lower:]')
REMAINDER="${TITLE_NO_PREFIX:1}"

NEW_TITLE="fix: snyk $FIRST_CHAR$REMAINDER"
gh pr edit ${{ github.event.pull_request.number }} --title "$NEW_TITLE" --repo ${{ github.repository }}

- name: Check PR Title
if: ${{ !startsWith(github.event.pull_request.title, '[Snyk]') }}
Copy link
Copy Markdown
Contributor

@bgardiner bgardiner Mar 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This means the rest of the semantic PR checking will never happen for '[Snyk]' ... PRs, right? Will something else catch if the stuff after the [Snyk] violates conventional commit spec? Or does it not matter for some reason?

As an aside... have we asked in prod-sec or posted in #snyk-on-snyk-dogfooding if there is a way to change or configure the format of Snyk PRs?

uses: amannn/action-semantic-pull-request@v5
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Expand Down