Feat/pr auto merge bot#500
Conversation
claude-verify only reports on auto-merge-labeled prs; requiring it as a branch-protection check would block every normal unlabeled pr from merging. the label flow still gates on it via the arm-needs-verify job dependency in auto-merge.yml, so the veto holds without blocking manual merges.
drop the author_association==OWNER guard so the owner can authorize a contributor PR by labeling it, not just their own PRs. the trusted-labeler check becomes the primary authorization gate and now strips the label if an untrusted actor applies it, so a stray label cannot persist and bypass the check on a later synchronize event.
a push to a labeled pr previously re-entered the pipeline on synchronize without re-checking the labeler, so a contributor could get a benign commit labeled and then push malicious code that verify would check out and run with the anthropic key + write token (pull_request_target rce). now synchronize only runs a deauthorize job that disables auto-merge, removes the label, and comments — it never checks out head. verification re-runs only on a fresh owner label. also scope permissions per job (deny-all default; verify gets no contents:write since untrusted code runs there) and pin verify to the labeled head sha.
learned from openclaw/openclaw's pr-merge tooling and applied the transferable practices: - pin every third-party action to a commit sha (checkout, setup-python, claude-code-action) so a moved tag cannot inject code. - add a workflow-lint gate running zizmor (security) + actionlint (correctness) on every workflow change, openclaw's signature practice. - annotate the deliberate pull_request_target / workflow_run triggers with justified `# zizmor: ignore[dangerous-triggers]` comments. - set persist-credentials: false on the untrusted-head checkout in the verify job so contributor code cannot read the token from .git/config. - add concurrency/supersede on auto-merge so a newer event cancels an in-flight run. - .github/zizmor.yml disables the pin/permissions-migration audits repo-wide (same stance as openclaw) so the gate does not require migrating every older workflow at once; labeler + release get justified inline ignores.
…eset - extract verify + arm into a reusable pr-verify.yml shared by the label path and the new slash-command path (avoids github label-recursion). - #2 environment gate: the verify job runs behind a pr-verify environment with a required-reviewer rule, so untrusted head code and the api key are gated on the owner per-run approval. the key is passed explicitly to the handler, not inherited. - #3 comment-command.yml: the owner authorizes a pr by commenting /auto-merge or /verify (owner-gated), as an alternative to the label. - #1 setup_repo_guards.sh replaces setup_branch_protection.sh: creates a branch ruleset (pr + code-owner review + ci/trust-gate checks, org-admin bypass) plus the pr-verify environment and the labels. - deauthorize-on-push now runs on every synchronize (unconditional disarm).
|
Warning Review limit reached
Next review available in: 7 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (13)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
What changed
Why
What might break
VEP
Tests
make checkpasses locally (lint + mypy + pytest)CHANGELOG.mdupdated under## [Unreleased]