Skip to content

chore: automate CHANGELOG.md generation for releases#10390

Merged
paulbalandan merged 1 commit into
codeigniter4:developfrom
paulbalandan:changelog-generator
Jul 8, 2026
Merged

chore: automate CHANGELOG.md generation for releases#10390
paulbalandan merged 1 commit into
codeigniter4:developfrom
paulbalandan:changelog-generator

Conversation

@paulbalandan

Copy link
Copy Markdown
Member

Description
This PR automates the changelog step of the release process. Previously the release manager drafted a release in the GitHub UI, clicked "Generate release notes", copied the result into CHANGELOG.md, and reformatted it by hand.

New script admin/generate-changelog.php (requires the authenticated GitHub CLI):

  • Fetches the auto-generated release notes via gh api repos/codeigniter4/CodeIgniter4/releases/generate-notes, with no draft release involved.
  • Reformats them into the existing CHANGELOG.md style: versioned heading with date, "Full Changelog" compare link, and the category sections from .github/release.yml.
  • Copies the security fixes from the SECURITY section of user_guide_src/source/changelogs/v4.x.x.rst into a leading ### Security section, converting the RST bullets. A dry run for 4.7.4 reproduces its hand-written Security entry byte for byte.
  • Prints the PRs that have none of the changelog labels (the catch-all "Others" category) so they can be relabeled and the script re-run.
  • Supports --dry-run, validates the version argument, and refuses to add a duplicate entry.

Also included:

  • admin/RELEASE.md documents the new two-step flow (dry run to check labels, then the real run), keeps the manual Releases-page procedure as a fallback, and notes that security advisory PRs must be merged and documented in the detailed changelog before generating.
  • admin/README.md lists the new script.
  • .github/release.yml additionally excludes dependabot[bot], since dependabot PRs currently appear in the generated notes despite the existing dependabot exclusion (the author login reports as dependabot[bot]).
  • tests/system/AutoReview/GenerateChangelogTest.php covers usage errors, the duplicate-entry guard, dry-run output format, security section extraction, and the real write path (restoring CHANGELOG.md afterwards). The three tests that hit the GitHub API skip with an explanatory message when gh is not authenticated, which is the expected outcome in CI. They run fully on a maintainer's machine.

Checklist:

  • Securely signed commits
  • Component(s) with PHPDoc blocks, only if necessary or adds value (without duplication)
  • Unit testing, with >80% coverage
  • User guide updated
  • Conforms to style guide

@paulbalandan paulbalandan merged commit d99d257 into codeigniter4:develop Jul 8, 2026
55 checks passed
@paulbalandan paulbalandan deleted the changelog-generator branch July 8, 2026 18:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants