Conversation
…r dynamic site metadata and Twitter card information.
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
There was a problem hiding this comment.
Pull request overview
This PR updates the portfolio’s configurability and automation by adding author/Twitter env-driven metadata, improving CI and release workflows, and adding contributor/security documentation.
Changes:
- Add
AUTHOR_NAMEandTWITTER_HANDLEconfiguration and use them in Next.js metadata/SEO. - Improve GitHub Actions: add build to CI checks, add Dependabot for Actions, and revamp release version decisioning via a script.
- Add
CONTRIBUTING.mdandSECURITY.md, plus README updates.
Reviewed changes
Copilot reviewed 12 out of 13 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
src/lib/config.ts |
Exports new env-driven identity fields (AUTHOR_NAME, TWITTER_HANDLE). |
src/app/layout.tsx |
Uses new config values in Next.js metadata author and Twitter fields. |
package.json |
Bumps package version to 2.2.0. |
package-lock.json |
Aligns lockfile version metadata with 2.2.0. |
README.md |
Updates workflow badge labeling and documents new env vars / contributing link. |
.env.example |
Adds example values for AUTHOR_NAME and TWITTER_HANDLE. |
.github/workflows/check.yml |
Renames workflow and adds a build step to CI. |
.github/workflows/release.yml |
Uses new release-decision script and updated conditions/outputs. |
.github/scripts/decide-release-version.sh |
New script to decide whether to bump and what version to release. |
.github/dependabot.yml |
Adds monthly Dependabot updates for GitHub Actions. |
.github/workflows/osv-scanner.yml |
Removes the OSV-Scanner workflow. |
CONTRIBUTING.md |
Adds contributor setup and PR guidelines. |
SECURITY.md |
Adds security reporting/disclosure guidance. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| run: | | ||
| npm version patch -m "Bump version to %s [skip ci]" | ||
| echo "new_version=$(node -p "require('./package.json').version")" >> $GITHUB_OUTPUT | ||
| echo "new_version=$(node -p "require('./package.json').version")" >> "$GITHUB_OUTPUT" |
There was a problem hiding this comment.
The echo command is incorrectly quoted: echo "new_version=$(node -p "require('./package.json').version")" ... will break the shell string and fail to write new_version to $GITHUB_OUTPUT. Use proper quoting/escaping (e.g., single quotes around the Node expression or escape the inner quotes) so the step reliably sets the output for later steps.
| echo "new_version=$(node -p "require('./package.json').version")" >> "$GITHUB_OUTPUT" | |
| echo "new_version=$(node -p 'require(\"./package.json\").version')" >> "$GITHUB_OUTPUT" |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 32 out of 34 changed files in this pull request and generated 7 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| /** Unwrap <![CDATA[...]]> if present, otherwise trim. */ | ||
| function stripCDATA(s: string): string { | ||
| const m = s.match(/^<!\[CDATA\[([\s\S]*?)\]\]>$/) | ||
| return m ? m[1].trim() : s.trim() | ||
| } | ||
|
|
||
| const obj = field as Record<string, unknown> | ||
| return ( | ||
| (obj.__cdata as string) || | ||
| (obj['#text'] as string) || | ||
| (obj.text as string) || | ||
| (obj.term as string) || | ||
| (obj.label as string) || | ||
| (obj._ as string) || | ||
| (obj.value as string) || | ||
| (Object.values(obj).find((v) => typeof v === 'string') as string) || | ||
| '' | ||
| /** Return the text content of the first matching element. */ | ||
| function tagText(xml: string, tag: string): string { | ||
| const m = xml.match( | ||
| new RegExp(`<${tag}(?:\\s[^>]*)?>([\\s\\S]*?)<\\/${tag}>`, 'i'), | ||
| ) | ||
| return m ? stripCDATA(m[1]) : '' |
There was a problem hiding this comment.
The new RSS parsing uses regex/string extraction, but it does not decode XML entities (e.g. &, ") in tag text. This will cause titles/categories containing escaped entities to render incorrectly in the UI. Consider decoding XML entities after extraction (or switching back to a real XML parser) to preserve correct text output.
This pull request introduces several improvements and refinements across the codebase, focusing on developer experience, maintainability, and modernization. Key updates include enhanced documentation, workflow improvements, dependency upgrades, and environment variable handling.
Documentation and Developer Experience
CONTRIBUTING.mdguide to clarify setup, contribution workflow, and commit standards.README.mdwith clearer stack, environment variable explanations, and contribution instructions. [1] [2]Environment and Configuration
AUTHOR_NAME,TWITTER_HANDLE) to.env.examplefor improved site metadata and SEO.src/app/layout.tsxto use the new environment variables for authorship and Open Graph fields. [1] [2] [3]CI/CD and Automation
check.yml, and renamed the workflow for clarity. [1] [2] [3]decide-release-version.sh) and improved logic inrelease.ymlto automate and validate semantic versioning for releases. [1] [2]Dependencies and Tooling
engines/typefields inpackage.jsonfor Node 20+ and ESM support. [1] [2]Styling and Code Quality
.site-shelllayout classes. [1] [2]src/app/error.tsx(removed unused imports/effect).These changes collectively modernize the project, improve developer onboarding, and ensure smoother CI/CD operations.