-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathcliff.toml
More file actions
108 lines (104 loc) · 5.11 KB
/
Copy pathcliff.toml
File metadata and controls
108 lines (104 loc) · 5.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# Version-bump policy. Stable (1.x+): standard semver.
# feat -> minor; breaking -> major.
# Fresh/untagged repos start at v1.0.0 (matches "0.x is the exception" policy).
[bump]
features_always_bump_minor = true
breaking_always_bump_major = true
initial_tag = "v1.0.0"
[changelog]
header = ""
body = """
{% for group, commits in commits | group_by(attribute="group") %}
### {{ group | striptags | trim | upper_first }}
{% for commit in commits %}
- {{ commit.message | upper_first }}\
{% endfor %}
{% endfor %}
"""
trim = true
[git]
conventional_commits = true
filter_unconventional = false
split_commits = false
protect_breaking_commits = false
# Anchored: tag_pattern is a REGEX (unlike git describe's whole-name glob), so
# an unanchored "v[0-9].*" also matches prefixed tags like "yamlenv/v2.0.0"
# (a nested-module or component tag) and poisons the version base — verified
# on git-cliff v2.13.1: with root at v1.1.0 and a yamlenv/v2.0.0 tag present,
# --bumped-version returned "yamlenv/v2.0.1" as the ROOT next version. The
# probe (scripts/test-cliff-bump-semantics.sh, state G) pins this.
tag_pattern = "^v[0-9]"
# Path-level noise filter: a commit whose changed files ALL match these globs
# never appears in the changelog and never drives a version bump (exclusions
# feed --bumped-version, so the release boolean agrees). A commit touching
# both an excluded and a shipped path is still included. Bare patterns are
# root-anchored; `**/` matches at any depth (git-cliff v2.13.1, verified).
#
# This list mirrors the build gate (EXCLUDE_PATTERNS in the central
# release.yaml detect job) so "builds" and "releases" agree on significance.
# Keep it a strict SUBSET of that list: never exclude here a path the build
# gate treats as significant. Inclusion criterion: only paths that commits
# with non-skipped types (feat/fix/sec/chore(deps)) realistically touch
# exclusively — everything else (lint configs, .editorconfig, ...) arrives
# via skip-typed commits (chore(sync):, lint:, ci:) and is filtered by type.
exclude_paths = [
".github/", # CI workflows + pins: never in the artifact
"**/*.md", # docs, incl. fix:-typed README-only edits
"LICENSE",
"alerts.yaml", # README-companion alert rules (docs artifact)
"compose.yaml", # the root-level example compose
"tests/", # smoke tests: exercised at build, never shipped
"**/testdata/",
"**/*_test.go",
"**/*.test.ts",
"**/*.spec.ts",
"**/grafana-dashboard.json", # imported via UI, never in an image
"**/package-lock.json", # lock file maintenance commits
# Repo-metadata dotfiles a fix:-typed commit can plausibly touch alone
# (e.g. "fix: correct docker build context" editing only .dockerignore).
".dockerignore",
".gitignore",
".gitattributes",
".editorconfig",
]
commit_parsers = [
# Order matters: more-specific patterns first.
{ message = "^release:", skip = true },
# devDeps don't ship to consumers — Renovate tags devDep PRs with the
# `devdeps` scope (see cplieger/.github default.json packageRules), which
# cliff skips here so npm devDep updates don't trigger releases.
{ message = "^chore\\(devdeps\\)", skip = true },
# Dependency bumps for runtime / peer / Dockerfile / gomod use the default
# `deps` scope and DO release — base image bumps, runtime lib bumps, etc.
# are real artifact changes. CI-only pin bumps (workflow SHAs, action
# versions) share this commit type but are dropped by exclude_paths above
# (.github/) before parsing ever sees them.
{ message = "^chore\\(deps\\)", group = "<!-- 4 -->Dependencies" },
# Pure-meta commits never warrant a release. `no_increment_regex` is
# documented to skip these but doesn't actually prevent the patch fallback
# (cliff v2.13.1; upstream issue #1570, fixed on main after v2.13.1) —
# `skip = true` remains correct regardless: it also keeps these out of the
# rendered notes, which no_increment_regex does not.
{ message = "^chore", skip = true },
{ message = "^ci", skip = true },
{ message = "^docs", skip = true },
{ message = "^style", skip = true },
{ message = "^test", skip = true },
# `fuzz:` adds fuzz tests — same shape as test:, no runtime impact.
{ message = "^fuzz", skip = true },
# `lint:` is mechanical lint --fix application; doesn't change behavior.
{ message = "^lint", skip = true },
# `debug:` is throw-away debugging code; doesn't warrant a release.
{ message = "^debug", skip = true },
# Auto-generated git merge commit subjects (rebase/merge artifacts).
{ message = "^[Mm]erge ", skip = true },
# Real changes — bump per cliff. The `<!-- N -->` prefixes are sort keys:
# group_by orders sections alphabetically, so without them Dependencies
# renders above Fixed/Security. The template's `striptags` removes the
# prefix at render time. Order: Added, Fixed, Security, Changed, Dependencies.
{ message = "^feat", group = "<!-- 0 -->Added" },
{ message = "^fix", group = "<!-- 1 -->Fixed" },
{ message = "^sec", group = "<!-- 2 -->Security" },
{ message = "^refactor|^perf", group = "<!-- 3 -->Changed" },
{ message = ".*", group = "<!-- 3 -->Changed" },
]