mirror of
https://github.com/openfrontio/OpenFrontIO.git
synced 2026-07-18 20:32:19 +00:00
Exempt Dependabot PRs from the PR gate (#4395)
## What Adds a trusted-bot exception to the PR gate so Dependabot's PRs are no longer auto-closed. ## Why The PR gate (`scripts/pr-gate/`, run by `.github/workflows/pr-gate.yml`) auto-closes PRs that don't fit the contribution workflow. Dependabot PRs were getting closed because the bot: - has no repo permission, - links no `approved` issue, and - opens dependency bumps that often exceed the 50-line small-fix cap. ## How - `config.ts` — new `TRUSTED_BOT_AUTHORS` constant (currently `["dependabot[bot]"]`), so the allowlist is easy to extend. - `rules.ts` — new `checkTrustedBot()` rule, wired into `evaluate()` right after the maintainer bypass and before the repo-access check. - `tests/PrGateRules.test.ts` — unit tests for the rule plus an `evaluate()`-level test proving a 5000-line Dependabot PR now passes instead of closing. - `README.md` — documented the new rule in the gate-logic ordering. The match is exact, so a lookalike login (e.g. `not-dependabot[bot]`) won't slip through. Add more bots (Renovate, etc.) to `TRUSTED_BOT_AUTHORS` as needed. ## Testing `npx vitest tests/PrGateRules.test.ts --run` → 39 passed. Lint + prettier clean. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -4,6 +4,7 @@ import {
|
||||
checkBypass,
|
||||
checkRepoAccess,
|
||||
checkSmallFix,
|
||||
checkTrustedBot,
|
||||
evaluate,
|
||||
parseLinkedIssues,
|
||||
type IssueMetadata,
|
||||
@@ -109,6 +110,26 @@ describe("checkBypass", () => {
|
||||
});
|
||||
});
|
||||
|
||||
describe("checkTrustedBot", () => {
|
||||
it("passes for dependabot[bot]", () => {
|
||||
const r = checkTrustedBot(makePR({ user: { login: "dependabot[bot]" } }));
|
||||
expect(r.action).toBe("pass");
|
||||
});
|
||||
|
||||
it("returns next for a regular author", () => {
|
||||
expect(checkTrustedBot(makePR({ user: { login: "alice" } })).action).toBe(
|
||||
"next",
|
||||
);
|
||||
});
|
||||
|
||||
it("returns next for a lookalike bot author", () => {
|
||||
expect(
|
||||
checkTrustedBot(makePR({ user: { login: "not-dependabot[bot]" } }))
|
||||
.action,
|
||||
).toBe("next");
|
||||
});
|
||||
});
|
||||
|
||||
describe("checkRepoAccess", () => {
|
||||
it("passes for admin, maintain, write permissions", async () => {
|
||||
for (const permission of ["admin", "maintain", "write"]) {
|
||||
@@ -273,6 +294,16 @@ describe("evaluate (priority ordering)", () => {
|
||||
expect(r.action).toBe("pass");
|
||||
});
|
||||
|
||||
it("trusted bot — large Dependabot PR passes without an issue", async () => {
|
||||
const r = await evaluate(
|
||||
makePR({ user: { login: "dependabot[bot]" } }),
|
||||
[{ additions: 5000, deletions: 0 }],
|
||||
async () => null,
|
||||
async () => "none",
|
||||
);
|
||||
expect(r.action).toBe("pass");
|
||||
});
|
||||
|
||||
it("close — large diff, no qualifying issue", async () => {
|
||||
const r = await evaluate(
|
||||
makePR(),
|
||||
|
||||
Reference in New Issue
Block a user