github-project-automation

# GitHub Project Automation

**Status**: Production Ready ✅
**Last Updated**: 2025-12-17
**Version**: 2.0.0 (Optimized with progressive disclosure)
**Dependencies**: None (git and gh CLI recommended)
**Latest Versions**: actions/checkout@v4.2.2, actions/setup-node@v4.1.0, github/codeql-action@v3.27.4

---

## Quick Start (15 Minutes)

### 1. Choose Your Framework

Select the workflow template that matches your project:

```bash
# For React/Vite projects
cp templates/workflows/ci-react.yml .github/workflows/ci.yml

# For Node.js libraries (matrix testing)
cp templates/workflows/ci-node.yml .github/workflows/ci.yml

# For Python projects
cp templates/workflows/ci-python.yml .github/workflows/ci.yml

# For Cloudflare Workers
cp templates/workflows/ci-cloudflare-workers.yml .github/workflows/deploy.yml

# For basic projects (any framework)
cp templates/workflows/ci-basic.yml .github/workflows/ci.yml
```

**Why this matters:**
- Pre-validated YAML prevents syntax errors
- SHA-pinned actions for security
- Explicit runner versions (ubuntu-24.04)
- All 8 GitHub Actions errors prevented

### 2. Add Issue Templates

```bash
# Create directory structure
mkdir -p .github/ISSUE_TEMPLATE

# Copy YAML templates (with validation)
cp templates/issue-templates/bug_report.yml .github/ISSUE_TEMPLATE/
cp templates/issue-templates/feature_request.yml .github/ISSUE_TEMPLATE/
```

**Why YAML over Markdown:**
- Required field validation (Error #12 prevented)
- Consistent data structure
- Better user experience
- No incomplete issues

### 3. Enable Security Scanning

```bash
# CodeQL for code analysis
cp templates/workflows/security-codeql.yml .github/workflows/codeql.yml

# Dependabot for dependency updates
cp templates/security/dependabot.yml .github/dependabot.yml
```

**CRITICAL:**
- CodeQL requires specific permissions (security-events: write)
- Dependabot has 10 PR limit per ecosystem
- Both must run on Dependabot PRs (Error #13 prevention)

---

## The 5-Step Complete Setup Process