Bump senzing-factory/build-resources/.github/workflows/add-labels-to-issue.yaml from 3 to 4

[dependabot]

Bumps senzing-factory/build-resources/.github/workflows/add-labels-to-issue.yaml from 3 to 4.

Release notes

Sourced from senzing-factory/build-resources/.github/workflows/add-labels-to-issue.yaml's releases.

4.0.0

What's Changed

• #260 make shared workflows generic, misc cleanup by @​kernelsam in senzing-factory/build-resources#261

Full Changelog: senzing-factory/build-resources@v3...4.0.0

3.0.31

What's Changed

• Bump super-linter/super-linter from 8.4.0 to 8.5.0 by @​dependabot[bot] in senzing-factory/build-resources#257
• if the PR's REFRESHED_AT matches main's value, it only passes if that… by @​kernelsam in senzing-factory/build-resources#259

Full Changelog: senzing-factory/build-resources@v3...3.0.31

3.0.30

What's Changed

• Bump super-linter/super-linter from 8.3.1 to 8.3.2 by @​dependabot[bot] in senzing-factory/build-resources#254
• Bump actions/download-artifact from 6 to 7 by @​dependabot[bot] in senzing-factory/build-resources#250
• Bump super-linter/super-linter from 8.3.2 to 8.4.0 by @​dependabot[bot] in senzing-factory/build-resources#255
• Bump actions/upload-artifact from 5 to 6 by @​dependabot[bot] in senzing-factory/build-resources#249
• Fix regex for filtering GitHub workflows by @​kernelsam in senzing-factory/build-resources#256

Full Changelog: senzing-factory/build-resources@v3...3.0.30

3.0.29

What's Changed

• Bump super-linter/super-linter from 8.3.0 to 8.3.1 by @​dependabot[bot] in senzing-factory/build-resources#252
• Remove validation for natural language in workflows by @​kernelsam in senzing-factory/build-resources#253

Full Changelog: senzing-factory/build-resources@v3...3.0.29

3.0.28

What's Changed

• Add Markdown formatting guidelines to PR template by @​kernelsam in senzing-factory/build-resources#244
• Enhance PR review instructions for local and GitHub by @​kernelsam in senzing-factory/build-resources#246
• 247 dockter 1 by @​docktermj in senzing-factory/build-resources#248

New Contributors

• @​docktermj made their first contribution in senzing-factory/build-resources#248

Full Changelog: senzing-factory/build-resources@v3...3.0.28

3.0.27

Full Changelog: senzing-factory/build-resources@v3...3.0.27

3.0.26

Full Changelog: senzing-factory/build-resources@v3...3.0.26

... (truncated)

Changelog

Sourced from senzing-factory/build-resources/.github/workflows/add-labels-to-issue.yaml's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, markdownlint, and this project adheres to Semantic Versioning.

[Unreleased]

• Thing 5
• Thing 4

[1.0.1] - yyyy-mm-dd

Added to 1.0.1

• Thing 3

Fixed in 1.0.1

• Thing 2

[1.0.0] - yyyy-mm-dd

Added to 1.0.0

• Thing 2
• Thing 1

Commits

• 52eb86b bump tags to v4, slack channel override, missing claude settings (#262)
• 08fb769 #260 make shared workflows generic, misc cleanup (#261)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Resolves #260
Resolves #262
Resolves #261
Resolves senzing-factory/build-resources#261
Resolves senzing-factory/build-resources#257
Resolves senzing-factory/build-resources#259
Resolves senzing-factory/build-resources#254
Resolves senzing-factory/build-resources#250
Resolves senzing-factory/build-resources#255
Resolves senzing-factory/build-resources#249
Resolves senzing-factory/build-resources#256
Resolves senzing-factory/build-resources#252
Resolves senzing-factory/build-resources#253
Resolves senzing-factory/build-resources#244
Resolves senzing-factory/build-resources#246
Resolves senzing-factory/build-resources#248

[github-actions]

🤖 Claude Code Review

I'll analyze this pull request against the Senzing code review checklist.

Automated Code Review

Code Quality

✅ Code follows style guide

The change is minimal and follows standard YAML formatting conventions. The modification updates a GitHub Actions workflow version reference.

✅ No commented-out code

No commented-out code present.

✅ Meaningful variable names

All variable/field names are clear and follow GitHub Actions conventions.

✅ DRY principle followed

Single version reference update - no code duplication.

✅ Identify Defects

No defects identified. The change is a straightforward version bump from v3 to v4 for a reusable workflow reference at .github/workflows/add-labels-standardized.yaml:18.

Note: Ensure that the v4 version of senzing-factory/build-resources/.github/workflows/add-labels-to-issue.yaml is compatible with the current secrets being passed (ORG_MEMBERSHIP_TOKEN, SENZING_MEMBERS). This should be verified in the upstream workflow's changelog.

✅ Project memory configuration

No .claude/CLAUDE.md file is being modified or would be affected by this workflow version change.

Testing

⚠️ Unit tests for new functions

N/A - This is a GitHub Actions workflow configuration change, not application code. Testing would occur through the workflow execution itself.

⚠️ Integration tests for new endpoints

N/A - No endpoints affected.

⚠️ Edge cases covered

N/A - No logic changes to test.

⚠️ Test coverage > 80%

N/A - Workflow configuration files don't have traditional test coverage metrics.

Documentation

❌ Readme updated if needed

No README update detected. Consider documenting why the workflow version was upgraded (breaking changes, new features, bug fixes in v4).

✅ API docs updated

N/A - No API changes.

✅ Inline comments for complex logic

N/A - Change is self-explanatory.

❌ CHANGELOG.md updated

No CHANGELOG.md update detected in this diff. The version bump from v3 to v4 should be documented, especially if there are breaking changes or new features in the upstream workflow.

✅ Markdown files formatting

N/A - No markdown files modified in this diff.

Security

✅ No hardcoded credentials

No credentials hardcoded. Secrets are properly referenced via GitHub Actions secrets syntax.

✅ Input validation implemented

N/A - Configuration change only.

✅ Proper error handling

N/A - Error handling would be in the referenced workflow.

✅ No sensitive data in logs

The workflow continues to use GitHub secrets appropriately.

✅ No license files

No .lic files or AQAAAD strings present.

---

Summary

Overall Assessment: ✅ APPROVED with recommendations

This is a low-risk change that updates a reusable workflow version. The code quality and security aspects are satisfactory.

Recommendations:

1. Add CHANGELOG entry documenting the workflow version upgrade
2. Verify compatibility with the v4 workflow (check upstream release notes)
3. Consider adding a comment in the workflow file explaining what changed in v4 that necessitated the upgrade

Files Reviewed:

• .github/workflows/add-labels-standardized.yaml:18

---

Automated code review analyzing defects and coding standards

[github-actions]

🤖 Claude Code Review

PR Code Review

Analyzing the pull request diff for upgrading the GitHub workflow version from v3 to v4.

Code Quality

✅ Code follows style guide: The YAML syntax is clean and properly formatted. The change is minimal and follows standard GitHub Actions conventions.

✅ No commented-out code: No commented code present.

✅ Meaningful variable names: N/A - This is a version bump in a workflow reference.

✅ DRY principle followed: N/A - Single line change.

✅ Identify Defects: No bugs, logic errors, or security vulnerabilities detected in this change. This is a straightforward version upgrade of a reusable workflow reference (.github/workflows/add-labels-to-issue.yaml@v3 → @v4).

✅ Project memory considerations: No ./.claude/CLAUDE.md file found in the repository that would affect this review.

Testing

⚠️ Testing considerations:

• This change updates a reusable workflow reference from v3 to v4
• Cannot verify: What changes exist between v3 and v4 of the referenced workflow (.github/workflows/add-labels-to-issue.yaml:18)
• The workflow should be tested by:
  • Triggering an issue creation/update event to verify labels are applied correctly
  • Ensuring the secrets (ORG_MEMBERSHIP_TOKEN, SENZING_MEMBERS) remain compatible with v4
• Recommendation: Verify the v4 workflow changelog in the senzing-factory/build-resources repository

Documentation

❌ CHANGELOG.md not updated: No updates to CHANGELOG.md found in this PR. If this workflow change impacts behavior or introduces new functionality from v4, it should be documented (.github/workflows/add-labels-standardized.yaml:18).

✅ Markdown formatting: No markdown files were modified in this PR.

⚠️ README considerations: If the v3→v4 upgrade introduces breaking changes or new features, the README should document any new workflow behavior.

Security

✅ No hardcoded credentials: Secrets are properly referenced via ${{ secrets.* }}.

✅ Proper secret handling: The secrets ORG_MEMBERSHIP_TOKEN and SENZING_MEMBERS continue to be passed securely (.github/workflows/add-labels-standardized.yaml:16-17).

✅ No sensitive data exposure: No sensitive data in logs or inline values.

✅ No license files: No .lic files or AQAAAD strings detected.

---

Summary

Approval Status: ⚠️ Conditional Approval

This is a straightforward version bump of a reusable GitHub workflow. The change itself is clean and follows best practices. However:

Required Actions:

1. Update CHANGELOG.md to document this workflow version upgrade
2. Verify compatibility of the v4 workflow with current secret configurations
3. Review breaking changes in the v4 workflow from the source repository

Risks:

• Low risk if v4 is backward compatible
• Medium risk if v4 introduces breaking changes to the workflow interface or secret requirements

Recommendation:

Approve after confirming v4 compatibility and updating CHANGELOG.md. Test by creating/updating an issue to verify the label automation still functions correctly.

Automated code review analyzing defects and coding standards