fix(claude-automerge): check bypass label BEFORE path-scan#36
Open
topcoder1 wants to merge 1 commit into
Open
Conversation
The Option-A bypass label (`auto-merge-approved`) was unreachable for
PRs whose diff exceeded GitHub's 20k-line `gh pr diff` cap. Old order:
1. detect Claude authorship
2. check classifier_verdict label (risk:blocked)
3. risk-tier path-scan ← `gh pr diff` HTTP 406 on >20k-line PRs;
`set -euo pipefail` exits step with code 1
4. check Option-A bypass label (never reached)
5. check Option-B Codex bypass (never reached)
6. enable auto-merge
Once step 3 exited 1, the workflow halted with no path to recovery —
applying the `auto-merge-approved` label triggered a re-run that hit
the same wall. The bypass mechanism the policy advertises was inert
on exactly the class of PR most likely to need it (large data drops,
fixture refreshes, generated-code commits).
Verified live against topcoder1/attaxion_dev#71 (2026-05-04, 261k-line
Tokio Stage C data drop):
classify / Classify PR Risk → HTTP 406, exit 1
automerge / automerge → HTTP 406, exit 1
Bypass label applied → workflow re-ran, same exit 1
Repo admin had to admin-override-merge through the GitHub UI.
Fix: move the Option-A bypass label check UP, before the path-scan,
and gate the path-scan on `bypass != '1'`. New order:
1. detect Claude authorship
2. check classifier_verdict label
3. **check Option-A bypass label** ← new position
4. risk-tier path-scan, gated on `bypass != '1'` so oversized PRs
skip the diff fetch entirely
5. check Option-B Codex bypass (only when path-scan ran + risky)
6. enable auto-merge
Behavior on each scenario:
Claude PR + classifier:blocked
→ blocked=1; bypass_label SKIPPED; risk SKIPPED;
revoke runs; comment-when-classifier-blocked runs.
(Unchanged.)
Claude PR + auto-merge-approved label
→ blocked=0; bypass_label runs (bypass=1); risk SKIPPED;
bypass_codex SKIPPED; auto-merge runs.
(NEW: works for >20k-line PRs that previously crashed.)
Claude PR + non-risky paths + no bypass label
→ blocked=0; bypass_label runs (bypass=0); risk runs (risky=0);
bypass_codex SKIPPED; auto-merge runs.
(Unchanged.)
Claude PR + risky paths + no bypass label
→ blocked=0; bypass_label runs (bypass=0); risk runs (risky=1);
bypass_codex runs (Codex pass → auto-merge; otherwise comment).
(Unchanged.)
Claude PR + risky paths + bypass label
→ blocked=0; bypass_label runs (bypass=1); risk SKIPPED;
bypass_codex SKIPPED; auto-merge runs.
(Functionally equivalent to old behavior; minor UX change —
path-scan output no longer appears in the run log when bypass
is applied. The label is the audit trail; what was overridden
is implicit.)
Verified:
- actionlint clean
- python yaml.safe_load parses
- all 5 scenarios traced through every downstream step's `if:`
condition; no breakage
Auto-merge rationale: Reusable workflow change. Touches only step
ordering + one if-condition. Fail-closed default preserved (any error
in bypass_label step exits 1 via `set -euo pipefail` before risk
runs, same as before). All callers in the fleet (33 repos) get the
fix automatically on next workflow_call. No caller-side changes
needed.
Refs: topcoder1/attaxion_dev#71 (the live failure case), global
CLAUDE.md auto-merge policy block.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
No issues found. Step reordering is logically sound — all downstream |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes a workflow-design gap where the `auto-merge-approved` bypass label was unreachable for Claude PRs whose diff exceeded GitHub's 20k-line `gh pr diff` cap.
The path-scan step calls `gh pr diff "$PR" --name-only`, which returns HTTP 406 "Sorry, the diff exceeded the maximum number of lines (20000)" on oversized PRs. Combined with `set -euo pipefail`, the step exits 1 — and the workflow halts BEFORE ever evaluating the bypass label.
The bypass mechanism the policy advertises was inert on exactly the class of PR most likely to need it (large data drops, fixture refreshes, generated-code commits).
Live failure
Verified against topcoder1/attaxion_dev#71 (2026-05-04, 261k-line Tokio Stage C data drop):
Repo admin had to admin-override-merge through the GitHub UI.
Fix
Move the Option-A bypass label check up, before the path-scan, and gate the path-scan on `bypass != '1'` so oversized PRs skip the diff fetch entirely.
Scenarios traced
All 5 downstream conditions verified:
Auto-merge rationale
Reusable workflow change. Touches only step ordering + one if-condition. Fail-closed default preserved (any error in bypass_label step exits 1 via `set -euo pipefail` before risk runs, same as before). All 33 fleet callers get the fix automatically on next workflow_call. No caller-side changes needed.
Test plan
Refs
🤖 Generated with Claude Code