Automatically commit re-generated build files on PR push events

[jamesgeorge007]

The PR author is expected to re-generate the build by running npm run build and commit the changes. This adds friction and misses out on the cases with PRs opened by Dependabot. There are two approaches that I'm thinking of.

1. Update the existing workflow to commit the changes after generating the build to branches apart from main.
2. Author another workflow that gets triggered on push events on PRs that generate the build and commit the changes. The existing workflow will only used for format checks.

We can use a GH Action like git-auto-commit.

[jamesgeorge007]

@tuunit, appreciate your thoughts and suggestions.

[tuunit]

@jamesgeorge007 the first approach might not work. As far as I know github actions are not allowed to commit changes to a fork of another user. Therefore extending the CI workflow or adding another workflow that gets triggered after a merge from to generate the distribution files and commit them directly to the master branch seems like the proper solution to me.

[jamesgeorge007]

I prefer generating the dist files straightaway in the PR and avoiding any follow-up commits to the default branch. If the PR author grants write access to the maintainer, won't that suffice for the GH Action 🤔

[tuunit]

We can test it I know that in the past GitHub Actions on PRs have been quite restricted because of security reasons. To prevent malicious PRs to make changes to the base repo or get access to repo / org secrets.