You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
At the start of meaningful work, determine whether there is an associated GitHub issue for the task.
10
+
11
+
- If the user mentions an issue number or URL, treat that as the associated issue and keep it in mind for summaries, PR notes, release notes, and later status updates.
12
+
- If no issue is mentioned and the work is more than a tiny clarification or one-off command, ask the admin whether they want to create an issue before or alongside the work.
13
+
- If the admin wants an issue created, use the existing `Create GitHub Issue` prompt in `.github/prompts/create-github-issue.prompt.md`.
14
+
- Do not block urgent fixes, small investigations, or explicitly time-sensitive work just because there is no issue yet. Continue the work and ask at the next natural checkpoint.
15
+
16
+
## Issue Association
17
+
18
+
When an issue exists or is created for the work:
19
+
20
+
- Track it as the working associated issue for the current task.
21
+
- Reference the issue in relevant summaries, PR descriptions, fix documentation, feature documentation, and release note entries when appropriate.
22
+
- Prefer durable references such as `Fixes #123`, `Closes #123`, or `Refs #123` when the change directly resolves, completes, or relates to the issue.
23
+
- Do not create duplicate issues. Use the issue creation prompt's duplicate-search workflow before creating a new issue.
24
+
25
+
## When To Suggest Updating Issues
26
+
27
+
Prompt the admin to update the associated issue at natural checkpoints, not on every interaction.
28
+
29
+
Ask whether to update the associated issue when any of these occur:
30
+
31
+
- The implementation is complete or materially changes direction.
32
+
- Important validation results are available.
33
+
- Scope, priority, acceptance criteria, or user impact changes.
34
+
- A blocker, dependency, risk, or follow-up task is discovered.
35
+
- Release notes are being updated or the admin is asked whether to update release notes.
36
+
37
+
Use concise wording such as:
38
+
39
+
> Would you like me to update the associated GitHub issue with the summary, validation, and any follow-ups from this work?
40
+
41
+
If there is no associated issue at one of these checkpoints, ask whether the admin wants to create one using the `Create GitHub Issue` prompt.
42
+
43
+
## What To Put In Issue Updates
44
+
45
+
When the admin approves an issue update, include only useful status information:
46
+
47
+
- What changed.
48
+
- Current validation status and relevant test results.
49
+
- Any unresolved risks, blockers, or follow-ups.
50
+
- Links or references to related PRs, documentation, or release notes when available.
51
+
52
+
Do not post noisy progress comments, implementation chatter, or repeated updates that do not change the issue's useful state.
Copy file name to clipboardExpand all lines: .github/instructions/update_release_notes.instructions.md
+2Lines changed: 2 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -10,6 +10,8 @@ After completing a code change (bug fix, new feature, enhancement, or breaking c
10
10
11
11
**"Would you like me to update the release notes in `docs/explanation/release_notes.md`?"**
12
12
13
+
When asking this, also ask whether the associated GitHub issue should be updated. If there is no associated issue, ask whether the admin wants to create one using `.github/prompts/create-github-issue.prompt.md`.
14
+
13
15
## If the User Confirms Yes
14
16
15
17
Update the release notes file following these guidelines:
Copy file name to clipboardExpand all lines: docs/explanation/release_notes.md
+9Lines changed: 9 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,6 +2,15 @@
2
2
3
3
For feature-focused and fix-focused drill-downs by version, see [Features by Version](/explanation/features/) and [Fixes by Version](/explanation/fixes/).
4
4
5
+
### **(v0.250.006)**
6
+
7
+
#### New Features
8
+
9
+
***Malicious PR Security Review Workflow**
10
+
* Added a static malicious-change review workflow for pull requests into `Development`, with manual dispatch options for custom review ranges and full-file scans.
11
+
* Added a reusable security review prompt and focused functional coverage for dependency pinning policy, hidden Unicode detection, suspicious egress markers, and workflow wiring.
0 commit comments