Skip to content

feat: Add release notification workflow#1457

Merged
charlesvien merged 2 commits intomainfrom
04-02-add_release_notification_workflow
Apr 2, 2026
Merged

feat: Add release notification workflow#1457
charlesvien merged 2 commits intomainfrom
04-02-add_release_notification_workflow

Conversation

@charlesvien
Copy link
Copy Markdown
Member

@charlesvien charlesvien commented Apr 2, 2026
edited
Loading

Problem

No automated way to notify the Discord community when a new app release is published.

This will play nicely when we have proper release changelogs as well.

Changes

  1. Add code-discord-release.yml workflow triggered on GitHub release publish
  2. Use SethCohen/github-releases-to-discord action to post release notes
  3. Requires DISCORD_RELEASE_WEBHOOK_URL repo secret

How did you test this?

I tested the webhook and set the secret, but not this action.

@charlesvien Graphite App
Copy link
Copy Markdown
Member Author

charlesvien commented Apr 2, 2026
edited
Loading

This stack of pull requests is managed by Graphite. Learn more about stacking.

@charlesvien charlesvien changed the title Add release notification workflow feat: Add release notification workflow Apr 2, 2026
github-advanced-security[bot]
github-advanced-security bot found potential problems Apr 2, 2026
View reviewed changes
.github/workflows/code-discord-release.yml Fixed
Comment on lines +9 to +13
runs-on: ubuntu-latest
steps:
- uses: SethCohen/github-releases-to-discord@v1.15.1
with:
webhook_url: ${{ secrets.DISCORD_RELEASE_WEBHOOK_URL }}

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI about 12 hours ago

In general, the fix is to explicitly declare permissions for the workflow/job so that the GITHUB_TOKEN has the least privilege required. Since this workflow only posts to Discord using a secret and does not need to modify repository contents, a minimal permissions block granting contents: read (or even permissions: {} if no GitHub API access is needed) is appropriate.

The best minimally invasive fix is to add a permissions block to the notify job in .github/workflows/code-discord-release.yml. Place it under runs-on: ubuntu-latest and above steps:. To keep functionality unchanged but explicit, set contents: read, which is sufficient for most actions that might need to read basic repository metadata yet prevents unintended write operations. No imports or additional methods are needed; this is purely a YAML configuration change within the existing workflow.

Suggested changeset 1
.github/workflows/code-discord-release.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/code-discord-release.yml b/.github/workflows/code-discord-release.yml
--- a/.github/workflows/code-discord-release.yml
+++ b/.github/workflows/code-discord-release.yml
@@ -7,6 +7,8 @@
 jobs:
   notify:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     steps:
       - uses: SethCohen/github-releases-to-discord@v1.15.1
         with:
EOF
@@ -7,6 +7,8 @@
jobs:
notify:
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: SethCohen/github-releases-to-discord@v1.15.1
with:
Copilot is powered by AI and may make mistakes. Always verify output.
Unable to commit as this autofix suggestion is now outdated
Copy link
Copy Markdown
Contributor

@adboio adboio Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

crazy work, github bot

@charlesvien charlesvien marked this pull request as ready for review April 2, 2026 16:04
@charlesvien charlesvien force-pushed the 04-02-add_release_notification_workflow branch 2 times, most recently from 45eb2e8 to c44de3e Compare April 2, 2026 16:09
@charlesvien charlesvien changed the base branch from main to graphite-base/1457 April 2, 2026 16:56
@charlesvien charlesvien force-pushed the 04-02-add_release_notification_workflow branch from c44de3e to 4d102da Compare April 2, 2026 16:56
@charlesvien charlesvien changed the base branch from graphite-base/1457 to 04-02-session_idle_kill_preserves_state April 2, 2026 16:56
@charlesvien charlesvien mentioned this pull request Apr 2, 2026
Merged
Base automatically changed from 04-02-session_idle_kill_preserves_state to main April 2, 2026 19:13
@charlesvien charlesvien changed the base branch from main to graphite-base/1457 April 2, 2026 19:17
@charlesvien charlesvien force-pushed the 04-02-add_release_notification_workflow branch from 4d102da to 71bb2b4 Compare April 2, 2026 19:17
@charlesvien charlesvien mentioned this pull request Apr 2, 2026
Merged
@charlesvien charlesvien force-pushed the 04-02-add_release_notification_workflow branch from 71bb2b4 to 71de004 Compare April 2, 2026 20:24
@charlesvien charlesvien mentioned this pull request Apr 2, 2026
Merged
adboio
adboio approved these changes Apr 2, 2026
View reviewed changes
.github/workflows/code-discord-release.yml Fixed
Comment on lines +9 to +13
runs-on: ubuntu-latest
steps:
- uses: SethCohen/github-releases-to-discord@v1.15.1
with:
webhook_url: ${{ secrets.DISCORD_RELEASE_WEBHOOK_URL }}
Copy link
Copy Markdown
Contributor

@adboio adboio Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

crazy work, github bot

@charlesvien Graphite App
Copy link
Copy Markdown
Member Author

charlesvien commented Apr 2, 2026
edited
Loading

Merge activity

  • Apr 2, 9:44 PM UTC: A user started a stack merge that includes this pull request via Graphite.
  • Apr 2, 9:46 PM UTC: Graphite rebased this pull request as part of a merge.
  • Apr 2, 9:51 PM UTC: @charlesvien merged this pull request with Graphite.

@charlesvien charlesvien changed the base branch from graphite-base/1457 to main April 2, 2026 21:44
@charlesvien charlesvien force-pushed the 04-02-add_release_notification_workflow branch from 224e51e to d1481c7 Compare April 2, 2026 21:45
@charlesvien charlesvien merged commit 3f61990 into main Apr 2, 2026
16 checks passed
@charlesvien charlesvien deleted the 04-02-add_release_notification_workflow branch April 2, 2026 21:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adboio adboio adboio approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@charlesvien @adboio @github-advanced-security