Add lint CI workflow that annotates PRs

[malkoG]

Summary

• Adds .github/workflows/lint.yml: on PRs and main pushes, runs ./gradlew lintDebug, parses Kotlin compiler w:/e: lines, filters to files changed in the diff, and emits GitHub inline annotations on the Files Changed view.
• Fails the job only when there is at least one error (e:) on a changed file; warnings surface but do not block.
• Uploads the full lint.log as an artifact for post-hoc inspection.

Test plan

• Confirm the Lint check runs on this PR.
• Confirm no error-level annotations appear (workflow-only diff).
• Verified separately on a throwaway fork PR that a warning annotation on HtmlContent.kt:371 (ClickableText deprecation) lights up inline when that file is part of the diff, and that files outside the diff produce no annotations.
• Confirm the lint-log artifact is available from the run.

[coderabbitai]

Warning

Rate limit exceeded

@malkoG has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 40 minutes and 1 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 40 minutes and 1 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3ffe6a9b-4102-4306-b0e9-8c1da7570d40

📥 Commits

Reviewing files that changed from the base of the PR and between 6303105 and 258903c.

📒 Files selected for processing (1)

• .github/workflows/lint.yml

📝 Walkthrough

Walkthrough

A new GitHub Actions workflow file is introduced that automatically runs Gradle linting on pull requests and main branch pushes, executes lint checks, parses the output, and emits GitHub workflow annotations for errors and warnings found in changed files.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow .github/workflows/lint.yml	Added a new linting workflow that runs ./gradlew lintDebug, identifies changed files via git diff, parses lint output for errors and warnings, and emits GitHub annotations filtered to changed files. Includes artifact upload of lint logs.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly and clearly describes the main change: adding a lint CI workflow that annotates pull requests.
Description check	✅ Passed	The description is directly related to the changeset, providing specific details about the workflow's purpose, behavior, and testing approach.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

.github/workflows/lint.yml (1)

12-15: Unused permissions.

checks: write and pull-requests: read aren't used — the workflow only emits ::error/::warning workflow commands (which need no extra permissions) and reads the PR's base/head SHAs from the event payload (not the API). Tightening this keeps least-privilege, especially relevant because this workflow runs on pull_request from forks.

Proposed change

     permissions:
       contents: read
-      pull-requests: read
-      checks: write

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/lint.yml around lines 12 - 15, The workflow grants
unnecessary permissions—remove the unused permissions keys "checks: write" and
"pull-requests: read" from the permissions block and keep only the required
"contents: read" entry; update the permissions section so it no longer includes
checks or pull-requests to enforce least-privilege while retaining reads of the
event payload.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/lint.yml:
- Around line 43-45: The workflow step that runs git diff to produce changed.txt
fails silently when github.event.before is the all-zero SHA, producing an empty
changed.txt which causes the Python filter to treat it as "no filter" and
annotate everything; update the step to detect the all-zero or non-fetchable
before SHA (github.event.before), and on that case fall back to diffing against
the previous reachable commit (e.g., HEAD~1 or FETCH_HEAD~1 after fetching the
current commit) or intentionally skip the filter on main; specifically, change
the git diff invocation around the existing git diff --name-only "${{
github.event.before }}" "${{ github.sha }}" > changed.txt || true to first check
for the zero SHA (or a failed fetch) and then use a fallback diff (e.g., git
diff --name-only HEAD~1 "${{ github.sha }}" or fetch the commit and diff
FETCH_HEAD~1) so changed.txt contains the real changed files or you explicitly
mark that filtering should be skipped.
- Around line 49-98: The current regex stored in pattern only matches
diagnostics of the form "^[we]: file://...", so Android Lint console output
(e.g. "path:line: [Type]: message [IssueId]") is ignored; update the workflow to
also capture Android Lint lines by either adding an alternate regex branch to
pattern that matches the Android Lint text format (e.g.
r"^(?P<path>[^:]+):(?P<line>\d+):\s+\[(?P<type>[^\]]+)\]:\s+(?P<msg>.*)$" and
map its groups to sev/msg/col logic) or switch to parsing SARIF/XML by enabling
lint { sarifReport = true } (or XML) in the Android module and reading that
report instead of relying solely on lint.log; adjust the code that computes
sev/errors/warnings and the print annotation so both formats produce GitHub
annotations.

---

Nitpick comments:
In @.github/workflows/lint.yml:
- Around line 12-15: The workflow grants unnecessary permissions—remove the
unused permissions keys "checks: write" and "pull-requests: read" from the
permissions block and keep only the required "contents: read" entry; update the
permissions section so it no longer includes checks or pull-requests to enforce
least-privilege while retaining reads of the event payload.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: dc1213f1-8d7d-47bc-ab00-667240fd1fe7

📥 Commits

Reviewing files that changed from the base of the PR and between 8cbd0bb and 6303105.

📒 Files selected for processing (1)

• .github/workflows/lint.yml