feat: add stale bot and release notification workflows (#42)

abhizipstack · claude · web-flow · commit cd931ab19c2b · 2026-04-08T16:30:43.000+05:30
* feat: add stale bot and release notification workflows Stale bot: - Runs daily, marks issues/PRs as stale after 60 days of inactivity - Auto-closes after 7 more days if no activity - Exempts pinned, security, and bug labels - Uses existing 'stale' label (created in PR #15) Release notification: - Posts to Slack when a GitHub release is published - Requires SLACK_WEBHOOK_URL secret (skips if not configured) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address Greptile review — JSON injection, close-pr-message, exempt labels - Fix JSON injection in Slack payload — build message in run step to avoid malformed JSON from release names with quotes - Add close-pr-message for stale PRs — contributors get context - Add bug to exempt-pr-labels — match issue exemptions Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: pass release event data via env to prevent script injection Use env variables instead of direct ${{ }} interpolation in run block to prevent shell injection from release names with metacharacters. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
diff --git a/.github/workflows/release-notification.yml b/.github/workflows/release-notification.yml
@@ -0,0 +1,29 @@
+name: Release Notification
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  notify:
+    runs-on: ubuntu-latest
+    if: ${{ secrets.SLACK_WEBHOOK_URL != '' }}
+    steps:
+      - name: Build Slack message
+        id: message
+        env:
+          TAG: ${{ github.event.release.tag_name }}
+          RELEASE_NAME: ${{ github.event.release.name }}
+          URL: ${{ github.event.release.html_url }}
+        run: |
+          echo "text=🚀 *Visitran ${TAG}* released! ${RELEASE_NAME} <${URL}|View Release Notes>" >> "$GITHUB_OUTPUT"
+
+      - name: Post to Slack
+        uses: slackapi/slack-github-action@v2.1.0
+        with:
+          webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
+          webhook-type: incoming-webhook
+          payload: |
+            {
+              "text": "${{ steps.message.outputs.text }}"
+            }
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
@@ -0,0 +1,39 @@
+name: Stale Issues and PRs
+
+on:
+  schedule:
+    - cron: "0 0 * * *" # Daily midnight UTC
+  workflow_dispatch:
+
+permissions:
+  issues: write
+  pull-requests: write
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v9
+        with:
+          stale-issue-message: >
+            This issue has been automatically marked as stale due to
+            inactivity. It will be closed in 7 days if no further
+            activity occurs. If this issue is still relevant, please
+            comment to keep it open.
+          stale-pr-message: >
+            This pull request has been automatically marked as stale
+            due to inactivity. It will be closed in 7 days if no
+            further activity occurs.
+          close-issue-message: >
+            This issue was closed because it has been inactive for
+            too long. Feel free to reopen if it is still relevant.
+          close-pr-message: >
+            This pull request was closed because it has been inactive
+            for too long. Feel free to reopen if it is still relevant.
+          stale-issue-label: "stale"
+          stale-pr-label: "stale"
+          days-before-stale: 60
+          days-before-close: 7
+          exempt-issue-labels: "pinned,security,bug"
+          exempt-pr-labels: "pinned,security,bug"
+          exempt-all-milestones: true
