Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhance PullRequest feature #370

Closed
laurentsimon opened this issue Apr 27, 2021 · 5 comments
Closed

Enhance PullRequest feature #370

laurentsimon opened this issue Apr 27, 2021 · 5 comments
Labels
check/Code-Review help wanted Community contributions welcome, maintainers supportive of idea but not a high priority kind/bug Something isn't working kind/enhancement New feature or request

Comments

@laurentsimon
Copy link
Contributor

laurentsimon commented Apr 27, 2021
edited
Loading

  1. Code-Review discards commits made by bots with names bot and gardener but only checks for their presence as substrings in the committer name. This is brittle, e.g.commits by user abotas would not be detected by the checks. I think we should use == instead.
  2. Similarly, we check for reviews via gerrit by checking the presence of string Reviewed-on: in the commit message. Is there a better way? Is gerrit always used in combination with PRs?
@laurentsimon laurentsimon added the kind/enhancement New feature or request label Apr 27, 2021
@laurentsimon
Copy link
Contributor Author

laurentsimon commented May 4, 2021
edited
Loading

Update: I think gerrit uses status check APIs, and these are independent of the review messages. So this may be a better signal for non-malicious repos.
If the repo is considered potentially malicious, that won't work unless we can uniquely identify gerrit (and its proper configuration). This seems to suggest the gerrit app would have to be run by github itself and github should attest that it's being run and enforced. I don't know if such a thing exist.

@laurentsimon laurentsimon modified the milestones: q2, milestone-q2 May 11, 2021
@laurentsimon laurentsimon added help wanted Community contributions welcome, maintainers supportive of idea but not a high priority kind/bug Something isn't working labels Sep 13, 2021
@afmarcum
Copy link
Contributor

Does this bug still need to be addressed?
If there is no feedback in the next 7 days on whether this remains important for the project, then this issue will be closed.

@cpanato
Copy link
Contributor

cpanato commented Feb 4, 2024

is this still relevant?

@lasomethingsomething
Copy link

Reviewed during community backlog refinement and determined this is no longer relevant.

@cpanato
Copy link
Contributor

cpanato commented Feb 5, 2024

so we can close this

@afmarcum afmarcum closed this as completed Feb 5, 2024
@afmarcum afmarcum closed this as not planned Won't fix, can't repro, duplicate, stale Feb 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
check/Code-Review help wanted Community contributions welcome, maintainers supportive of idea but not a high priority kind/bug Something isn't working kind/enhancement New feature or request
Projects
Scorecard
Status: Done
Milestone
No milestone
Development

No branches or pull requests
5 participants
@lasomethingsomething @cpanato @spencerschrock @laurentsimon @afmarcum