Skip to content

Run the code from the PR, not from main #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 7, 2025
Merged

Run the code from the PR, not from main #61

merged 2 commits into from
Nov 7, 2025

Conversation

@kevinbackhouse
Copy link
Collaborator

@kevinbackhouse kevinbackhouse commented Nov 7, 2025
edited
Loading

The smoke test isn't working properly, because it's checking out the code from main, rather than the pull request. I've added a step that uses the GitHub CLI to checkout the pull request.

Copilot AI review requested due to automatic review settings November 7, 2025 16:03
Copilot AI reviewed Nov 7, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates the smoketest workflow to better handle PR comments by adding explicit PR validation and changing the checkout mechanism from the standard GitHub Actions checkout action to using the GitHub CLI.

  • Added a conditional check to ensure the workflow only runs when comments are on pull requests
  • Replaced the actions/checkout@v5 action with a gh pr checkout command using the PR number from the event context

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Copilot AI review requested due to automatic review settings November 7, 2025 16:37
Copilot AI reviewed Nov 7, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@kevinbackhouse
Copy link
Collaborator Author

kevinbackhouse commented Nov 7, 2025

@JarLob: what do you think about the CodeQL alert? I think this code is safe because we're using the branch-deploy action.

@JarLob
Copy link
Contributor

JarLob commented Nov 7, 2025

Yes, this is because there is no exception for the branch deploy action in the rule.

@kevinbackhouse kevinbackhouse merged commit 456e309 into GitHubSecurityLab:main Nov 7, 2025
9 checks passed
@kevinbackhouse kevinbackhouse deleted the smoketest branch November 7, 2025 17:58
@kevinbackhouse kevinbackhouse mentioned this pull request Nov 7, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@JarLob JarLob JarLob approved these changes

@m-y-mo m-y-mo Awaiting requested review from m-y-mo m-y-mo is a code owner

@p- p- Awaiting requested review from p- p- is a code owner

@sylwia-budzynska sylwia-budzynska Awaiting requested review from sylwia-budzynska sylwia-budzynska is a code owner

@Kwstubbs Kwstubbs Awaiting requested review from Kwstubbs Kwstubbs is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kevinbackhouse @JarLob