ci: add backport labels automatically when a new minor version is released

[christian-byrne]

add the core/x.yy and cloud/x.yy labels (used for backporting) automatically when a minor version is released (and the previous version is made into RC).

By "add labels" I mean add them into the repo's list of available labels that can be used in the UI.

┆Issue is synchronized with this Notion page by Unito

[github-actions]

🎨 Storybook Build Status

✅ Build completed successfully!

⏰ Completed at: 11/06/2025, 08:19:55 PM UTC

🔗 Links

• 📊 View Workflow Run
• 🎨 View Storybook

---

🎉 Your Storybook is ready for review!

[github-actions]

🎭 Playwright Test Results

⚠️ Tests passed with flaky tests

⏰ Completed at: 11/06/2025, 08:43:22 PM UTC

📈 Summary

• Total Tests: 497
• Passed: 464 ✅
• Failed: 0
• Flaky: 3 ⚠️
• Skipped: 30 ⏭️

📊 Test Reports by Browser

• ✅ chromium: View Report • ✅ 457 / ❌ 0 / ⚠️ 3 / ⏭️ 30
• ❌ chromium-2x: Deployment failed
• ✅ chromium-0.5x: View Report • ✅ 1 / ❌ 0 / ⚠️ 0 / ⏭️ 0
• ✅ mobile-chrome: View Report • ✅ 6 / ❌ 0 / ⚠️ 0 / ⏭️ 0

---

🎉 Click on the links above to view detailed test results for each browser configuration.

[github-actions]

Bundle Size Report

Summary

• Raw size: 12.2 MB baseline 12.2 MB — ⚪ 0 B
• Gzip: 2.49 MB baseline 2.49 MB — ⚪ 0 B
• Brotli: 1.96 MB baseline 1.96 MB — ⚪ 0 B
• Bundles: 58 current • 58 baseline

Category Glance
Vendor & Third-Party ⚪ 0 B (5.32 MB) · App Entry Points ⚪ 0 B (3.25 MB) · Other ⚪ 0 B (2.55 MB) · Graph Workspace ⚪ 0 B (792 kB) · Panels & Settings ⚪ 0 B (293 kB) · UI Components ⚪ 0 B (12.6 kB) · + 3 more

Per-category breakdown

App Entry Points — 3.25 MB (baseline 3.25 MB) • ⚪ 0 B

Main entry bundles and manifests

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/index-Cdeizypm.js	1.75 kB	1.75 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/index-D2940QdZ.js	2.87 MB	2.87 MB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/index-m2JLsAl3.js	382 kB	382 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Graph Workspace — 792 kB (baseline 792 kB) • ⚪ 0 B

Graph editor runtime, canvas, workflow orchestration

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/GraphView-BxYtfGP8.js	792 kB	792 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Views & Navigation — 8.18 kB (baseline 8.18 kB) • ⚪ 0 B

Top-level views, pages, and routed surfaces

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/UserSelectView-CvDum833.js	8.18 kB	8.18 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Panels & Settings — 293 kB (baseline 293 kB) • ⚪ 0 B

Configuration panels, inspectors, and settings screens

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/AboutPanel-DBUXot_1.js	10.3 kB	10.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/CreditsPanel-ELjO8PJB.js	23 kB	23 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/ExtensionPanel-Duj00HSL.js	12.1 kB	12.1 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/KeybindingPanel-D5tJTifW.js	15.3 kB	15.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/ServerConfigPanel-RZY6apx0.js	8.23 kB	8.23 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-0O6mq5to.js	24.3 kB	24.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-BYaBy7dC.js	20.4 kB	20.4 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-C3vygQN4.js	25.7 kB	25.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-CbKYXyH0.js	22.7 kB	22.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-CCholIsI.js	25 kB	25 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-DFX7vRkK.js	19.8 kB	19.8 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-INJLrcmT.js	31.3 kB	31.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-iR6BKRXe.js	23.7 kB	23.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/settings-YjQmudNE.js	23.5 kB	23.5 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/UserPanel-Db6t2adE.js	7.94 kB	7.94 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

UI Components — 12.6 kB (baseline 12.6 kB) • ⚪ 0 B

Reusable component library chunks

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/ComfyQueueButton-d7iP36iS.js	11.3 kB	11.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/UserAvatar.vue_vue_type_script_setup_true_lang-D2s8tnS2.js	1.26 kB	1.26 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Data & Services — 10.4 kB (baseline 10.4 kB) • ⚪ 0 B

Stores, services, APIs, and repositories

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/keybindingService-EUnaA9E6.js	7.6 kB	7.6 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/serverConfigStore-BOo8M-7s.js	2.79 kB	2.79 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Utilities & Hooks — 1.07 kB (baseline 1.07 kB) • ⚪ 0 B

Helpers, composables, and utility bundles

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/mathUtil-CTARWQ-l.js	1.07 kB	1.07 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Vendor & Third-Party — 5.32 MB (baseline 5.32 MB) • ⚪ 0 B

External libraries and shared vendor chunks

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/vendor-other-Bfb5Ofrh.js	3.22 MB	3.22 MB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-primevue-PESgPnbc.js	517 B	517 B	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-three-JDoAqkQm.js	1.37 MB	1.37 MB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-tiptap-Dvg9y4X0.js	232 kB	232 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-vue-SdQKVoRx.js	92.6 kB	92.6 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/vendor-xterm-BZLod3g9.js	407 kB	407 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

Other — 2.55 MB (baseline 2.55 MB) • ⚪ 0 B

Bundles that do not match a named category

File	Before	After	Δ Raw	Δ Gzip	Δ Brotli
assets/commands-B2KZRBmX.js	15.1 kB	15.1 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-Bw-ckyga.js	13.9 kB	13.9 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-C_NmM85I.js	13.8 kB	13.8 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-CuozCW4W.js	14 kB	14 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-DGfVUJCR.js	16.2 kB	16.2 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-dOJNDogK.js	14.5 kB	14.5 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-DwiE551e.js	14.7 kB	14.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-Fw7mvqSy.js	13.1 kB	13.1 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/commands-FXnO1W4Q.js	13.2 kB	13.2 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-B28vuueQ.js	58.7 kB	58.7 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-B5DMAz5p.js	76.3 kB	76.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-B9oeRB3u.js	66.2 kB	66.2 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-BfxLm2q9.js	68.4 kB	68.4 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-Bqw7zi8p.js	92.9 kB	92.9 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-CxXcIMmb.js	80.3 kB	80.3 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-DbrkzQIr.js	70.6 kB	70.6 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-DwpdJL5U.js	67.5 kB	67.5 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/main-mC3TQk_1.js	59.4 kB	59.4 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-3I1vPgv4.js	181 kB	181 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-B2huPGKQ.js	190 kB	190 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-BWugyUzd.js	215 kB	215 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-bXqu6Stq.js	194 kB	194 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-CtB2M3sY.js	229 kB	229 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-D-rCrn-T.js	200 kB	200 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-D38DSnl1.js	179 kB	179 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-DAsU52ON.js	192 kB	192 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B
assets/nodeDefs-DnGONaA_.js	196 kB	196 kB	⚪ 0 B	⚪ 0 B	⚪ 0 B

[DrJKL]

Will the exit 1 here block subsequent steps?

[DrJKL]

Might just need to add always() && to "Post summary"

[christian-byrne]

Done! 22cf3cf

[DrJKL]

The labels list is so long already 😧

[socket-security]

No dependency changes detected. Learn more about Socket for GitHub.

👍 No dependency changes detected in pull request

[christian-byrne]

The labels list is so long already 😧

We can remove the oldest release labels as well in this step, so the list of release tag labels does not grow. What do you think?

Edit: done in f80f475

[claude]

[security] high Priority

Issue: Secrets are potentially exposed via environment variables with fallback pattern
Context: Using secrets.PR_GH_TOKEN || secrets.GITHUB_TOKEN pattern can leak token usage in logs
Suggestion: Use explicit conditional logic or ensure proper token scoping with minimal permissions

[claude]

[quality] medium Priority

Issue: Hardcoded color values in associative array without validation
Context: Colors 4361ee and 4f6ef5 are not validated and may be inconsistent with design system
Suggestion: Extract colors to constants or validate hex format with proper error handling

[claude]

[quality] low Priority

Issue: Magic numbers used without clear reasoning
Context: MIN_LABELS_TO_KEEP=3 and MAX_LABELS_TO_FETCH=200 are hardcoded without explanation
Suggestion: Add inline comments explaining these thresholds or make them configurable via environment variables

[claude]

[quality] medium Priority

Issue: Inconsistent error handling pattern
Context: Some operations use set -euo pipefail while others use manual error checking
Suggestion: Apply consistent error handling throughout the script or document why different patterns are used

[claude]

[quality] medium Priority

Issue: Label deletion logic has potential off-by-one errors
Context: The pruning logic limits removal to 1 when REMOVE_COUNT > 1, but this might not maintain proper ordering
Suggestion: Review deletion logic to ensure oldest labels are properly removed and consider sorting by semantic version

[claude]

[architecture] low Priority

Issue: Missing conditional execution guard for label cleanup
Context: Label cleanup runs even if label creation fails, potentially causing inconsistent state
Suggestion: Add error handling and only run cleanup if label creation succeeds

[claude]

[architecture] critical Priority

Issue: Version downgrade from 1.32.2 to 1.32.1 in unrelated PR
Context: This PR is about CI label automation but includes a version downgrade, indicating merge conflicts or inappropriate PR scope
Suggestion: Separate version changes into distinct PR or verify if this downgrade is intentional

[claude]

[architecture] high Priority

Issue: Removal of dev:cloud script without explanation
Context: The removal of cross-env DEV_SERVER_COMFYUI_URL cloud development script appears unrelated to label automation
Suggestion: Document why this script was removed or restore if accidentally deleted during merge

[claude]

[architecture] critical Priority

Issue: Massive scope creep - PR contains hundreds of unrelated changes
Context: A PR titled CI label automation includes version downgrades, CSS changes, component deletions, test removals, and config modifications
Suggestion: Split this PR into focused changes - one for CI automation, separate ones for cleanup, refactoring, and version management

[claude]

[architecture] high Priority

Issue: Deletion of useAssetWidgetData composable without migration path
Context: This composable is likely used by widget components and its removal could break asset handling functionality
Suggestion: Verify all references are properly migrated before deleting or provide deprecation path

[claude]

Comprehensive PR Review

This review is generated by Claude. It may not always be accurate, as with human reviewers. If you believe that any of the comments are invalid or incorrect, please state why for each. For others, please implement the changes in one way or another.

Review Summary

PR: ci: add backport labels automatically when a new minor version is released (#6615)
Impact: 71 additions, 1 deletions across 1 workflow file (plus 100+ unrelated files)

Issue Distribution

• Critical: 3
• High: 3
• Medium: 3
• Low: 1

Category Breakdown

• Architecture: 5 issues
• Security: 1 issues
• Performance: 0 issues
• Code Quality: 4 issues

Key Findings

Architecture & Design

Major Concern: This PR suffers from massive scope creep. What should be a focused CI enhancement includes:

• Version downgrades (1.32.2 to 1.32.1)
• Removal of development scripts
• Deletion of composables and components
• CSS/styling changes across hundreds of files
• Test file removals
• Configuration modifications

The core CI workflow change (adding label automation) is well-structured but embedded in a problematic PR scope.

Security Considerations

The workflow uses GitHub token fallback patterns that could potentially leak token usage information in logs. While not a direct security vulnerability, it represents a security hygiene issue for CI/CD systems.

Performance Impact

The CI changes themselves should have minimal performance impact. However, the massive scope of unrelated changes makes it impossible to properly assess the full performance implications of this PR.

Integration Points

Critical Risk: The deletion of composables like useAssetWidgetData and removal of development scripts could break existing functionality. The PR scope makes it difficult to track all integration impacts.

Positive Observations

• The core label automation logic is well-structured with proper error handling
• GitHub Actions workflow follows good practices with proper conditionals
• Label creation/updating logic includes color coding and descriptions
• Cleanup logic prevents unlimited label accumulation

Next Steps

1. CRITICAL: Split this PR into focused changes:
   • CI label automation only
   • Separate PR for version management
   • Separate PR for cleanup/refactoring
   • Separate PR for component deletions (with migration plan)
2. Address security token handling in workflow
3. Verify all deleted components have been properly migrated
4. Test CI workflow in isolation before merging

---

This is a comprehensive automated review. The scope of changes in this PR makes manual review essential for architectural decisions.

[DrJKL]

Could you use --search?

[DrJKL]

Also --sort=created maybe

[DrJKL]

Delete 1 per run?