From acf67d2cbb9c2718b421666146f499a2dfcf8ca7 Mon Sep 17 00:00:00 2001 From: Nikolai Emil Damm Date: Wed, 3 Jun 2026 18:19:19 +0200 Subject: [PATCH] fix(ci): stop TODO scanner from matching its own workflow comments MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The todos.yaml job-level permission comments contained the literal word "TODO", which alstr/todo-to-issue-action matches as task comments. On every push this opened two junk tracking issues (titled "tracking issues" and "comments") from the workflow's own documentation. Reword the comments so they no longer contain the scanner's identifier. As a template, every generated repo inherited this noise. > 🤖 Generated by the Daily AI Assistant --- .github/workflows/todos.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/todos.yaml b/.github/workflows/todos.yaml index 518647f..1911b8d 100644 --- a/.github/workflows/todos.yaml +++ b/.github/workflows/todos.yaml @@ -9,8 +9,8 @@ permissions: {} jobs: todos: permissions: - contents: read # checkout to scan for TODO comments - issues: write # open/maintain TODO tracking issues + contents: read # checkout so the scanner can read the source files + issues: write # open/maintain the tracking issues the scanner manages uses: devantler-tech/reusable-workflows/.github/workflows/scan-for-todo-comments.yaml@d6c7133cb8cb13189b97993aeb3f4d120f27479d # v5.4.1 secrets: APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }}