chore: set up semantic-pull-request GitHub Action

[flotwig]

• Closes

User facing changelog

Additional details

• Switches from the semantic PR probot added in internal: enable semantic pull request support #7946 to the https://github.com/amannn/action-semantic-pull-request GitHub Action.
• Motivated by downtime on the probot, including the current multi-day outage
• Example of failure PR and output:
  • test PR rename flotwig/cypress-workflow-test#4
  • https://github.com/flotwig/cypress-workflow-test/runs/5112017104?check_suite_focus=true

How has the user experience changed?

PR Tasks

• [na] Have tests been added/updated?
• [na] Has the original issue (or this PR, if no issue exists) been tagged with a release in ZenHub? (user-facing changes only)
• [na] Has a PR for user-facing changes been opened in cypress-documentation?
• [na] Have API changes been updated in the type definitions?
• [na] Have new configuration options been added to the cypress.schema.json?

Post-Merge:

• Disable Github App
• Add this check to required checks

[cypress-bot]

Thanks for taking the time to open a PR!

• Create a Draft Pull Request if your PR is not ready for review. Mark the PR as Ready for Review when you're ready for a Cypress team member to review the PR.
• Become familiar with the Code Review Checklist for guidelines on coding standards and what needs to be done before a PR can be merged.

[jennifer-shehane]

@flotwig Is this a certified GitHub action? I know we've hesitated bringing in randomly published github actions since they get permissions to our repo which could be problematic.

[flotwig]

Doesn't seem to be. Should I fork it to cypress-io org to lock it down?

[flotwig]

Switched to using a fork under the cypress-io org.

[emilyrohrbough]

IMO we should use the existing repository instead of adding another forked repository to maintain. If issues occur, we can lean on the open-source community to contribute to the fixes.

[flotwig]

The issue is that at any point the action publisher can re-tag a release. You can mitigate this by using a SHA1 hash but there can still be a collision. GitHub recommends only using 3rd party actions by "authors you trust": https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions

[BlueWinds]

My only ask is that we add a comment here explaining why we're pointing to a forked version of the repo. And maybe in the forked version of the repo's README as well, though that's less important.

[emilyrohrbough]

Discussed during our sync today. Moving forward with forked repository. 👍🏻

[cypress]

---

Test summary

19177 • 0 • 218 • 0 • 11

---

Run details

Project	cypress
Status	Passed
Commit	a0e78f6
Started	Feb 8, 2022 4:57 PM
Ended	Feb 8, 2022 5:09 PM
Duration	12:07 💡
OS	Linux Debian - 10.10
Browser	Multiple

View run in Cypress Dashboard ➡️

---

Flakiness

	commands/xhr_spec.js		1
1	... > no status when request isnt forced 404
	e2e/e2e_cookies_spec.js		4
1	e2e cookies spec > __Host- prefix > can set __Host- cookie
2	e2e cookies spec > __Host- prefix > errors when __Host- cookie and path
3	e2e cookies spec > __Secure- prefix > errors when __Secure- cookie secure:false
4	e2e cookies spec > __Host- prefix > errors when __Host- cookie and secure:false
This comment includes only the first 5 flaky tests. See all 11 flaky tests in the Cypress Dashboard.

---

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard