Skip to content

[Snyk] Security upgrade express from 4.17.2 to 4.21.2 #248

[Snyk] Security upgrade express from 4.17.2 to 4.21.2

[Snyk] Security upgrade express from 4.17.2 to 4.21.2 #248

name: Notify When Maintainers Cannot Edit
# **What it does**: Notifies the author of a PR when their PR does not allow maintainers to edit it.
# **Why we have it**: To prevent having to do this manually.
# **Who does it impact**: Open-source.
on:
pull_request_target:
types:
- opened
permissions:
pull-requests: write
jobs:
notify-when-maintainers-cannot-edit:
if: github.repository == 'github/docs'
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@d50f485531ba88479582bc2da03ff424389af5c1
with:
script: |
const query = `
query($number: Int!) {
repository(owner: "github", name: "docs") {
pullRequest(number: $number) {
headRepositoryOwner {
login
}
maintainerCanModify
}
}
}
`;
const pullNumber = context.issue.number;
const variables = { number: pullNumber };
try {
console.log(`Check github/docs#${pullNumber} for maintainer edit access ...`);
const result = await github.graphql(query, variables);
console.log(JSON.stringify(result, null, 2));
const pullRequest = result.repository.pullRequest;
if (pullRequest.headRepositoryOwner.login === 'github') {
console.log('PR owned by github');
return;
}
if (!pullRequest.maintainerCanModify) {
console.log('PR not owned by github and does not have maintainer edits enabled');
await github.issues.createComment({
issue_number: pullNumber,
owner: 'github',
repo: 'docs',
body: "Thanks for submitting a PR to the GitHub Docs project!\n\nIn order to review and merge PRs most efficiently, we require that all PRs grant maintainer edit access before we review them. For information on how to do this, [see the documentation](https://docs.github.com/en/github/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)."
});
}
} catch(e) {
console.log(e);
}