🐥 Beginner Friendly

This issue is intended for contributors who have previously completed a Good First Issue in Hiero and are at a beginner level.

We recognize that gaining confidence and building skills are equally important steps in the open-source contributor journey. The purpose of this issue is to provide a supportive, low-pressure environment where you can learn, practice, and grow your contribution skills.

👾 Description of the issue

The script .github/scripts/pr-check-changelog.sh is missing the standard shell hardening directive set -euo pipefail at the top of the file.

Most other scripts in the repository already have this hardening (e.g., bot-assignment-check.sh, bot-office-hours.sh), but pr-check-changelog.sh only has #!/bin/bash without the safety flags.

This makes the script less robust and inconsistent with other scripts in the repository.

💡 Proposed Solution

Add set -euo pipefail immediately after the shebang line:

#!/bin/bash
set -euo pipefail

This ensures:

• -e: Exit immediately if a command exits with a non-zero status
• -u: Treat unset variables as an error
• -o pipefail: Return value of a pipeline is the status of the last command to exit with a non-zero status

👩‍💻 Implementation Steps

• Open .github/scripts/pr-check-changelog.sh
• Add set -euo pipefail on line 2 (after #!/bin/bash)
• Test locally to ensure the script still works correctly
• Ensure the rest of the script is compatible with strict mode

✅ Acceptance Criteria

To be able to merge a pull request for this issue, we need:

• Assignment: get assigned by commenting /assign see guide
• Changelog Entry: Correct changelog entry see guide
• Signed commits: commits must be DCO and GPG key signed see guide
• All Tests Pass: our workflow checks like unit and integration tests must pass
• Issue is Solved: set -euo pipefail is added after the shebang and the script still functions correctly
• No Further Changes are Made: Code review feedback has been addressed and no further changes are requested

📋 Step-by-Step Contribution Guide

If you have never contributed to an open source project at GitHub, the following step-by-step guide will introduce you to the workflow.

• Assignment: get assigned by commenting /assign see guide
• Fork, Branch and Work on the issue: Create a copy of the repository, create a branch for the issue and solve the problem. For instructions, please read our Contributing guide file. Further help can be found at Set-up Training and Workflow Training.
• DCO and GPG key sign each commit : each commit must be -s and -S signed. An explanation on how to do this is at Signing Guide
• Add a Changelog Entry : your pull request will require a changelog. Read Changelog Entry Guide to learn how.
• Push and Create a Pull Request : Once your issue is resolved, and your commits are signed, and you have a changelog entry, push your changes and create a pull request. Detailed instructions can be found at Submit PR Training, part of Workflow Training.
• You did it 🎉: A maintainer or committer will review your pull request and provide feedback. If approved, we will merge the fix in the main branch. Thanks for being part of the Hiero community as an open-source contributor ❤️

IMPORTANT You will ONLY be assigned to the issue if you comment: /assign
IMPORTANT Your pull request CANNOT BE MERGED until you add a changelog entry AND sign your commits each with git commit -S -s -m "chore: your commit message" with a GPG key setup.

🤔 Additional Information

For more help, we have extensive documentation:

• SDK Developer Docs
• SDK Developer Training

Reference Scripts:

• bot-assignment-check.sh (hardened) - Example of a properly hardened script
• pr-check-changelog.sh (to be updated)

Additionally, we invite you to join our community on our Discord server.

We also invite you to attend each Wednesday, 2pm UTC our Python SDK Office Hour and Community Calls. The Python SDK Office hour is for hands-on-help and the Community Call for general community discussion.

You can also ask for help in a comment below!