[auto-approve] figure out how to allow commits from certain approved authors when checking author commit status #5349
Assignees
Labels
priority: p2
Moderately-important priority. Fix may not be included in next release.
type: bug
Error or flaw in code with unintended results or allowing sub-optimal usage patterns.
Comments
sofisl
added
type: bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, there are some auto-approve checks that check if there were any other commits other than the approved author (for example, gcf-owl-bot). This is to ensure that malicious actors don't change code in a PR opened by a sanctioned author. However, this is overly restrictive in some cases, for example this pr wasn't approved because there was another author, danielbankhead. However, his commit was merging into main. Perhaps we want to ignore merges into main, or sanction an extra group of github users (i.e., those belonging to googleapis?)
@chingor13, lmk if you have any suggestions!
The text was updated successfully, but these errors were encountered: