Skip to content

ci: skip heavy suites on version-bump PRs via paths-ignore (PER-9560)#2293

Merged
AkashBrowserStack merged 2 commits into
masterfrom
PER-9560_skip-version-bump-paths-ignore
Jun 17, 2026
Merged

ci: skip heavy suites on version-bump PRs via paths-ignore (PER-9560)#2293
AkashBrowserStack merged 2 commits into
masterfrom
PER-9560_skip-version-bump-paths-ignore

Conversation

@AkashBrowserStack

@AkashBrowserStack AkashBrowserStack commented Jun 16, 2026
edited by atlassian Bot
Loading

Copy link
Copy Markdown
Contributor

Summary

Automated version-bump PRs (opened by version-bump.yml) change only lerna.json + packages/*/package.json and have no code to test, yet they otherwise wait ~1h on the full Linux/Windows test matrices (PER-9560).

This skips the heavy suites on those PRs with a simple path filter — and crucially, the heavy jobs don't appear on the PR at all (the workflow doesn't run), keeping version-bump PRs clean:

on:
  pull_request:
    paths-ignore:
      - 'lerna.json'
      - 'packages/*/package.json'

A PR whose diff is confined to those files won't trigger test.yml / windows.yml. Any PR touching source (or yarn.lock) still runs the full suite, so this doubles as a correct "only skip when there's nothing to test" filter. These checks aren't required by branch protection, so skipped PRs aren't left pending. lint, typecheck, Semgrep, and CodeQL are untouched and keep running on every PR.

Replaces the earlier approach

This reverts the job-level skip + version_only gate from #2284 (removes the changes job, the version_only / github-actions[bot] conditions, and the permissions block) in favour of the path filter — far less machinery, and it hides the jobs instead of showing them as skipped/green.

Verified end-to-end (on a fork of percy/cli)

PR Changed files Result
version-only lerna.json + packages/cli/package.json only Lint + Typecheck ran — Test and Windows did not run
source a file under packages/core/src/ Lint, Typecheck, Test, Windows all ran ✅

Test plan

  • A version-bump PR (only lerna.json + packages/*/package.json) shows no Build/Test/Regression checks; lint/typecheck/Semgrep/CodeQL still run; PR is mergeable.
  • A PR touching any source file (or yarn.lock) runs the full Linux + Windows matrices.
  • Push to master / workflow_dispatch unaffected.

🤖 Generated with Claude Code

@AkashBrowserStack @claude
ci: skip heavy suites on version-bump PRs via paths-ignore (PER-9560)
daa4587 
Replaces the job-level skip + version-only gate from #2284 with a much
simpler path filter. Version-bump PRs change only lerna.json +
packages/*/package.json and have no code to test, so test.yml and
windows.yml now skip those PRs entirely via on.pull_request.paths-ignore
— the workflows don't run, so no Build/Test/Regression checks appear on
the PR at all. These checks aren't required, so skipped PRs aren't left
pending. Any PR touching source (or yarn.lock) still runs the full suite;
lint, typecheck, Semgrep and CodeQL are untouched and keep running.

Removes the `changes` job, the version_only / github-actions[bot] gate,
and the permissions block added in #2284.

Verified end-to-end on a fork: a version-only PR triggered only
Lint/Typecheck (Test + Windows did not run); a source PR ran the full suite.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@AkashBrowserStack AkashBrowserStack requested a review from a team as a code owner June 16, 2026 14:32
@AkashBrowserStack AkashBrowserStack added the 🧹 maintenance General maintenance label Jun 16, 2026
@AkashBrowserStack

AkashBrowserStack commented Jun 16, 2026

Copy link
Copy Markdown
Contributor Author

🤖 Claude Code Review — stack:pr-review

PR: #2293Head: 3292fdbReviewers: stack:percy-cli-code-reviewer (harness percy-cli stack) + inline 18-row checklist

Summary: Skips the heavy Linux/Windows test matrices on automated version-bump PRs via on.pull_request.paths-ignore: [lerna.json, packages/*/package.json] on test.yml/windows.yml, so version-only PRs don't trigger those workflows (no Build/Test/Regression checks appear). Reverts #2284's changes job / version_only gate / permissions block. Any PR touching source (or yarn.lock) still runs the full suite.

Priority Category Check Status Notes
High Security No hardcoded secrets / credentials ✅ Pass Only pre-existing secrets.PERCY_REGRESSION_TOKEN (untouched, masked)
High Security Authn/authz checks present N/A Workflow config
High Security Input validation / sanitization ✅ Pass No new untrusted-input usage; removed gh api code used safe env: interpolation
High Security No IDOR N/A No resource access
High Security No SQL injection N/A No SQL
High Correctness Logic correct, edge cases handled ✅ Pass paths-ignore skips only when EVERY changed file matches → no false-skip; source/yarn.lock always run; push unaffected
High Correctness Explicit error handling N/A No runtime error paths in this diff
High Correctness No race/concurrency issues N/A None
Medium Testing New code has tests N/A CI config — validated end-to-end on a fork (version-only PR → Test/Windows didn't run; source PR → full suite ran)
Medium Testing Error/edge paths tested ✅ Pass Fork run covered skip + run paths
Medium Testing Existing tests still pass ✅ Pass No test logic changed
Medium Performance No N+1 / unbounded fetch N/A
Medium Performance Long tasks backgrounded N/A
Medium Quality Follows codebase patterns ✅ Pass Standard GitHub Actions path filter; valid YAML
Medium Quality Focused (single concern) ✅ Pass Two workflow files only
Low Quality Meaningful names, no dead code ✅ Pass Removes dead skip machinery
Low Quality Comments explain why ✅ Pass Comments removed per request; filter is self-evident
Low Quality No unnecessary deps ✅ Pass Drops the third-party action used by #2284

Findings: No Critical/High findings. Two non-blocking (Low) notes: (1) the filter's packages/*/package.json is narrower than version-bump.yml's add-paths: packages/**/package.json, but harmless (no nested manifests are tracked; mismatch fails safe → full suite runs). (2) Removing the permissions: block restores the repo default token scope; adding an explicit permissions: contents: read would keep least-privilege as defense-in-depth — optional.

Verdict: PASS

@AkashBrowserStack AkashBrowserStack merged commit f3c7a13 into master Jun 17, 2026
63 of 64 checks passed
@AkashBrowserStack AkashBrowserStack deleted the PER-9560_skip-version-bump-paths-ignore branch June 17, 2026 06:48
This was referenced Jun 17, 2026
Open
Merged
ninadbstack pushed a commit that referenced this pull request Jun 17, 2026
@AkashBrowserStack @claude
ci: revert PER-9560 version-bump test-skip changes (#2298)
d86817b 
Restores .github/workflows/test.yml and windows.yml to their pre-PER-9560
state. Removes the paths-ignore filter (added in #2293) — which had already
reverted the job-level skip / changes job / version_only + github-actions[bot]
gate / permissions block from #2284.

Net effect: every workflow change made for PER-9560 this session is undone;
version-bump PRs once again run the full Linux + Windows test suites as before.

Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pranavz28 pranavz28 pranavz28 approved these changes

@ninadbstack ninadbstack Awaiting requested review from ninadbstack ninadbstack is a code owner automatically assigned from percy/percy-product-reviewers

@Shivanshu-07 Shivanshu-07 Awaiting requested review from Shivanshu-07 Shivanshu-07 is a code owner automatically assigned from percy/percy-product-reviewers

Assignees

No one assigned

Labels

🧹 maintenance General maintenance

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AkashBrowserStack @pranavz28