Lissy93 · Lissy93 · Mar 8, 2026 · Jan 13, 2026 · Mar 8, 2026 · Mar 8, 2026
@@ -0,0 +1,108 @@
+# When a PR is merged into master, this workflow handles versioning:
+# - If code files changed but version wasn't bumped: auto-increments patch version
+# - Creates and pushes a git tag for the new version
+# - The tag then triggers Docker publishing and release drafting
+name: 🔖 Auto Version & Tag
+
+on:
+  pull_request:
+    types: [closed]
+    branches: [master]
+
+concurrency:
+  group: auto-version-and-tag
+  cancel-in-progress: false
+
+permissions:
+  contents: read
+  pull-requests: read
+
+jobs:
+  version-and-tag:
+    if: github.event.pull_request.merged == true
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check PR for code changes and version bump 📂
+        id: check_pr
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const { owner, repo } = context.repo;
+            const pull_number = context.payload.pull_request.number;
+
+            const files = await github.paginate(
+              github.rest.pulls.listFiles, { owner, repo, pull_number }
+            );
+            const codePatterns = [
+              /^src\//, /^services\//, /^public\//, /^Dockerfile$/, /^[^/]+\.js$/,
+            ];
+            const codeChanged = files.some(f =>
+              codePatterns.some(p => p.test(f.filename))
+            );
+            const pkgChanged = files.some(f => f.filename === 'package.json');
+
+            if (!codeChanged && !pkgChanged) {
+              core.info('No code or package.json changes, skipping');
+              core.setOutput('needs_bump', 'false');
+              core.setOutput('needs_tag', 'false');
+              return;
+            }
+
+            let versionBumped = false;
+            if (pkgChanged) {
+              const mergeSha = context.payload.pull_request.merge_commit_sha;
+              const { data: mergeCommit } = await github.rest.git.getCommit({
+                owner, repo, commit_sha: mergeSha,
+              });
+              const parentSha = mergeCommit.parents[0].sha;
+              const getVersion = async (ref) => {
+                const { data } = await github.rest.repos.getContent({
+                  owner, repo, path: 'package.json', ref,
+                });
+                return JSON.parse(Buffer.from(data.content, 'base64').toString()).version;
+              };
+              const [prevVersion, mergeVersion] = await Promise.all([
+                getVersion(parentSha), getVersion(mergeSha),
+              ]);
+              versionBumped = prevVersion !== mergeVersion;
+              core.info(`Version: ${prevVersion} → ${mergeVersion}`);
+            }
+
+            const needsBump = codeChanged && !versionBumped;
+            const needsTag = codeChanged || versionBumped;
+            core.info(`Needs bump: ${needsBump}, Needs tag: ${needsTag}`);
+            core.setOutput('needs_bump', needsBump.toString());
+            core.setOutput('needs_tag', needsTag.toString());
+
+      - name: Checkout repository 🛎️
+        if: steps.check_pr.outputs.needs_tag == 'true'
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.BOT_GITHUB_TOKEN }}
+
+      - name: Configure git identity 👤
+        if: steps.check_pr.outputs.needs_tag == 'true'
+        run: |
+          git config user.name "Liss-Bot"
+          git config user.email "liss-bot@d0h.co"
+
+      - name: Bump patch version ⬆️
+        if: steps.check_pr.outputs.needs_bump == 'true'
+        run: |
+          npm version patch --no-git-tag-version
+          git add package.json
+          git commit -m "⬆️ Bump version to $(node -p "require('./package.json').version")"
+          git push
+
+      - name: Create and push tag 🏷️
+        if: steps.check_pr.outputs.needs_tag == 'true'
+        run: |
+          VERSION=$(node -p "require('./package.json').version")
+          git fetch --tags
+          if git rev-parse "refs/tags/$VERSION" >/dev/null 2>&1; then
+            echo "Tag $VERSION already exists, skipping"
+            exit 0
+          fi
+          git tag -a "$VERSION" -m "Release v$VERSION"
+          git push origin "$VERSION"
@@ -1,7 +1,10 @@
 # Shows changes to any yarn.lock in PR comment
 # Useful for easily understanding dependency changes and consequences
 name: 💡 Show Dependency Changes
-on: [pull_request]
+on:
+  pull_request:
+    paths:
+      - 'yarn.lock'
 jobs:
   check:
     runs-on: ubuntu-latest
@@ -15,3 +18,4 @@ jobs:
           collapsibleThreshold: '25'
           failOnDowngrade: 'false'
           path: 'yarn.lock'
+          updateComment: 'true'
@@ -3,15 +3,7 @@ name: 🐳 Build + Publish Multi-Platform Image
 on:
   workflow_dispatch:
   push:
-    branches: ['master']
-    tags: ['*.*']
-    paths:
-      - '**.js'
-      - 'src/**'
-      - 'public/**'
-      - 'services/**'
-      - '.github/workflows/docker-build-publish.yml'
-      - 'Dockerfile'
+    tags: ['*.*.*']
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -28,26 +20,21 @@ jobs:
   docker:
     runs-on: ubuntu-latest
     permissions: { contents: read, packages: write }
-    if: "!contains(github.event.head_commit.message, '[ci-skip]')"
 
     steps:
     - name: 🛎️ Checkout Repo
-      uses: actions/checkout@v3
-
-    - name: 🔖 Get App Version
-      uses: tyankatsu0105/read-package-version-actions@v1
-      id: package-version
+      uses: actions/checkout@v4
 
     - name: 🗂️ Make Docker Meta
       id: meta
-      uses: docker/metadata-action@v3
+      uses: docker/metadata-action@v5
       with:
         images: |
           ${{ env.DH_IMAGE }}
           ghcr.io/${{ env.GH_IMAGE }}
         tags: |
           type=ref,event=tag
-          type=semver,pattern={{version}},enable=false
+          type=semver,pattern={{major}}.{{minor}}
           type=semver,pattern={{major}}.x
           type=raw,value=latest
         flavor: |
@@ -61,42 +48,31 @@ jobs:
           org.opencontainers.image.licenses=MIT
 
     - name: 🔧 Set up QEMU
-      uses: docker/setup-qemu-action@v1
+      uses: docker/setup-qemu-action@v3
       with:
         platforms: linux/amd64,linux/arm64,linux/arm/v7
 
     - name: 🔧 Set up Docker Buildx
-      uses: docker/setup-buildx-action@v2
-      with:
-        use-buildkit: true
-        buildkit-daemon-opts: "--oci-worker-no-process-sandbox"
-
-    - name: 👀 Inspect builder
-      run: |
-        echo "Name:      ${{ steps.buildx.outputs.name }}"
-        echo "Endpoint:  ${{ steps.buildx.outputs.endpoint }}"
-        echo "Status:    ${{ steps.buildx.outputs.status }}"
-        echo "Flags:     ${{ steps.buildx.outputs.flags }}"
-        echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
+      uses: docker/setup-buildx-action@v3
 
     - name: 🔑 Login to DockerHub
-      uses: docker/login-action@v2
+      uses: docker/login-action@v3
       with:
         username: ${{ secrets.DOCKER_USERNAME }}
         password: ${{ secrets.DOCKER_PASSWORD }}
 
     - name: 🔑 Login to GitHub Container Registry
-      uses: docker/login-action@v2
+      uses: docker/login-action@v3
       with:
         registry: ghcr.io
         username: ${{ github.repository_owner }}
         password: ${{ secrets.GITHUB_TOKEN }}
 
     - name: 🚦 Check Registry Status
-      uses: crazy-max/ghaction-docker-status@v1
+      uses: crazy-max/ghaction-docker-status@v3
 
     - name: ⚒️ Build and push
-      uses: docker/build-push-action@v3
+      uses: docker/build-push-action@v6
       with:
         context: .
         file: ./Dockerfile

@@ -3,8 +3,7 @@ name: 🏗️ Draft New Release
 on:
   push:
     tags:
-      - '^[0-9]+\.[0-9]+\.[0-9]+$'
-      - '**'
+      - '*.*.*'
   workflow_dispatch:
     inputs:
       tag:
@@ -16,21 +15,43 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code 🛎️
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
         with:
-          fetch-depth: 0  # We need all history for generating release notes
+          fetch-depth: 0
+
+      - name: Check if major or minor version changed 🔍
+        id: version_check
+        run: |
+          CURRENT_TAG="${{ github.event.inputs.tag || github.ref_name }}"
+          git fetch --tags
+          PREVIOUS_TAG=$(git tag --sort=-version:refname | grep -v "^${CURRENT_TAG}$" | head -1)
+          if [ -z "$PREVIOUS_TAG" ]; then
+            echo "No previous tag found, creating release"
+            echo "should_release=true" >> $GITHUB_OUTPUT
+            exit 0
+          fi
+          CURRENT_MM=$(echo "$CURRENT_TAG" | sed 's/^v//; s/\([0-9]*\.[0-9]*\)\..*/\1/')
+          PREVIOUS_MM=$(echo "$PREVIOUS_TAG" | sed 's/^v//; s/\([0-9]*\.[0-9]*\)\..*/\1/')
+          if [ "$CURRENT_MM" = "$PREVIOUS_MM" ]; then
+            echo "Patch-only bump ($PREVIOUS_TAG -> $CURRENT_TAG), skipping release"
+            echo "should_release=false" >> $GITHUB_OUTPUT
+          else
+            echo "Major or minor bump ($PREVIOUS_TAG -> $CURRENT_TAG), creating release"
+            echo "should_release=true" >> $GITHUB_OUTPUT
+          fi
 
       - name: Create Draft Release 📝
+        if: steps.version_check.outputs.should_release == 'true' || github.event_name == 'workflow_dispatch'
         id: create_release
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
+        uses: softprops/action-gh-release@v2
         with:
           tag_name: ${{ github.event.inputs.tag || github.ref_name }}
-          release_name: Release ${{ github.event.inputs.tag || github.ref_name }}
+          name: Release ${{ github.event.inputs.tag || github.ref_name }}
           draft: true
           prerelease: false
           generate_release_notes: true
+          token: ${{ secrets.BOT_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
 
       - name: Output new release URL ↗️
-        run: 'echo "Draft release URL: ${{ steps.create_release.outputs.html_url }}"'
+        if: steps.create_release.outputs.url
+        run: 'echo "Draft release URL: ${{ steps.create_release.outputs.url }}"'