Add frontend revalidation and richer command handling for the PocketBase GitHub bot. Key changes:
- Expose FRONTEND_URL and REVALIDATE_SECRET to workflow env and add a best-effort revalidate() helper to ping the frontend after edits.
- Introduce shared parsing/helpers: parseKVPairs, parseTokens, readJsonBlob, formatNotesList, formatMethodsList, and other utilities to centralize logic.
- Add an "info" subcommand to display script details, links, credentials, install methods and notes.
- Improve note handling (add/edit/remove) to use shared parsers and call revalidate after updates; tweak messages and reactions.
- Expand install method management: support add/remove/edit operations, new method fields (cpu, ram, hdd, os, version, config_path, script), validation of unknown fields, and better formatting. Persist install_methods_json as JSON (not stringified JSON) when PATCHing.
- Replace ad-hoc field parsers with the shared key=value parser for field updates and SET handling; call revalidate after SET/field patches.
- Update help text and minor message wording/formatting.
- In push-json-to-pocketbase workflow, remove writing config_path from pushed payload.
These changes aim to make the bot more robust, easier to extend, and ensure frontend caches are refreshed after data changes.
Compute today's date once and use a consolidated patchBody for PATCH requests (including last_update_commit from PR_URL/COMMIT_URL). Add logic to promote dev scripts on merge: if record.is_dev === true, set is_dev to false and script_created to today, and log the promotion. Replace the previous duplicated date construction with the new patchBody.
When extracting GitHub source URLs in the workflow, only search the "# Source:" line first to avoid matching other URLs (such as license links). Update the grep pipeline to filter for the Source line (case-insensitive) before extracting the https://github.com/... pattern and add explanatory comments.
* fix(workflow): improve Node.js version drift detection accuracy
1. Fix source URL regex: now captures 'Github: https://github.com/...'
pattern (pipe-separated), not just '# Source: https://github.com/...'
This was causing ~50 scripts to show 'No GitHub source'
2. Fix semver comparison: engines.node constraints like '>=18.0.0'
no longer flag version 22 as drift. >= and ^ constraints are now
properly evaluated (our_version >= min_major = satisfied)
3. Add fallback detection: when no Dockerfile or engines.node is found,
check .nvmrc and .node-version files for Node version hints
4. Add subdirectory search: Dockerfile and package.json are now found
via GitHub API tree search, not just in repo root
5. Use GitHub API to detect default branch instead of guessing
main/master/dev with multiple HEAD requests
* fix typos in node_version
* runs on vps
Scans all install scripts using setup_nodejs and compares our
NODE_VERSION with upstream Dockerfile and package.json values.
Features:
- Detects FROM node:XX, nodesource/setup_XX, FROM alpine:X.Y
- Resolves Alpine package registry for nodejs version when
upstream uses alpine base images
- Caches Alpine version lookups to minimize requests
- Creates individual GitHub issues per script with investigation
checklist when drift is detected
- Rate-limited to avoid GitHub API throttling
- Runs weekly on Monday at 06:00 UTC + manual dispatch
Add sort: 'updated' and order: 'asc' to the issues search so closed/unlocked items are processed oldest-first. Improve logging to show items per page and total_count. Increase the pagination limit from 10 to 100 (allowing up to ~10,000 results) and update related comments.
Replace single-page search with paginated queries (per_page=100) and iterate pages up to GitHub's 1000-result limit. Remove the hardcoded cutoffDate and the logic that added comments; instead lock issues/PRs directly with lock_reason='resolved'. Add logging for pages processed, skipped items, failures, and a total locked count. This makes the workflow scalable for large repositories and avoids posting automatic comments.
