Merge changes

.github/workflows/ai-security-check-for-pr.yml

@@ -0,0 +1,46 @@
+name: AI Security Check for Pull Requests
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  ai_security_check_for_pull_requests:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v2
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: 16
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Finding security and privacy code vulnerabilities
+        id: ai_security_check
+        uses: obetomuniz/[email protected]
+        env:
+          GH_TOKEN: ${{ secrets.GH_TOKEN }}
+          GH_REPOSITORY: ${{ github.repository }}
+          GH_EVENT_PULL_REQUEST_NUMBER: ${{ github.event.number }}
+          OPENAI_TOKEN: ${{ secrets.OCO_OPENAI_API_KEY }}
+
+      - name: Comment on pull request
+        uses: actions/github-script@v6
+        env:
+          PR_COMMENT: ${{ steps.ai_security_check.outputs.pr_comment }}
+        with:
+          github-token: ${{ secrets.GH_TOKEN }}
+          script: |
+            const prComment = process.env.PR_COMMENT || "No security or privacy issues found.";
+            const { data } = await github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: prComment
+            });

.github/workflows/md_links.yml

@@ -1,15 +1,14 @@
-
 name: Check Links
 
 on:
-    push:
+  push:
 
 jobs:
-    markdown-link-check:
-        name: Check markdown files
-        runs-on: ubuntu-latest
-        steps:
-        - uses: actions/checkout@v2
-
-        - name: Markdown links check
-          uses: ruzickap/action-my-markdown-link-checker@v1
+  markdown-link-check:
+    name: Check markdown files
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Markdown links check
+        uses: ruzickap/action-my-markdown-link-checker@v1.1.0

.github/workflows/md_lint.yml

@@ -3,9 +3,9 @@ name: Lint MarkDown
 on: [push]
 
 jobs:
-    markdownlint:
-        runs-on: ubuntu-latest
-        steps:
-            - uses: "articulate/actions-markdownlint@v1"
-              with:
-                    config: "markdownlint.json"
+  markdownlint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: "articulate/actions-markdownlint@v1.1.0"
+        with:
+          config: "markdownlint.json"

.github/workflows/openai-pr-description.yml

@@ -0,0 +1,22 @@
+name: OpenAI PR Description Generator
+
+on:
+  pull_request:
+    types:
+      - opened
+      - synchronize
+
+permissions:
+  pull-requests: write
+  contents: read
+
+jobs:
+  pull-request:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: Ant0wan/[email protected]
+        with:
+          api-key: ${{ secrets.OCO_OPENAI_API_KEY }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/openai-pr-reviewer.yml

@@ -0,0 +1,29 @@
+name: Code Review
+
+permissions:
+  contents: read
+  pull-requests: write
+
+on:
+  pull_request:
+  pull_request_review_comment:
+    types: [created]
+
+concurrency:
+  group: ${{ github.repository }}-${{ github.event.number || github.head_ref ||
+    github.sha }}-${{ github.workflow }}-${{ github.event_name ==
+    'pull_request_review_comment' && 'pr_comment' || 'pr' }}
+  cancel-in-progress: ${{ github.event_name != 'pull_request_review_comment' }}
+
+jobs:
+  review:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: fluxninja/openai-pr-reviewer@latest
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          OPENAI_API_KEY: ${{ secrets.OCO_OPENAI_API_KEY }}
+        with:
+          debug: false
+          review_simple_changes: false
+          review_comment_lgtm: false