Auto add and remove of "status: changes-required" label #13778
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
koppor
changed the title
|
@trag-bot didn't find any issues in the code! ✅✨ |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+9
to
+18
| if: github.event.review.state == 'changes_requested' | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Adapt labels | ||
| run: | | ||
| gh issue --repo ${{ github.repository }} edit ${{ github.event.pull_request.number }} --remove-label "status: ready-for-review" | ||
| gh issue --repo ${{ github.repository }} edit ${{ github.event.pull_request.number }} --remove-label "status: awaiting-second-review" | ||
| gh issue --repo ${{ github.repository }} edit ${{ github.event.pull_request.number }} --add-label "status: changes-required" | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 3 months ago
To fix the problem, add a permissions block to the workflow or to the specific job so the GITHUB_TOKEN only has the privileges needed to execute the label changes. Since the workflow edits issue labels, issues: write is required. To allow reading repository information, which is commonly needed for most actions, add contents: read. The permissions block can be placed just below the workflow name (name:), applying to the entire workflow, or inside the job itself if a more granular approach is needed; in this case, using workflow-level permissions is simpler and sufficient.
Add the following block below the workflow name in .github/workflows/on-pr-changes-requested.yml:
permissions:
contents: read
issues: writeNo additional imports or code changes are required.
Suggested changeset
1
.github/workflows/on-pr-changes-requested.yml
| @@ -1,4 +1,7 @@ | ||
| name: Adapt PR status labels | ||
| permissions: | ||
| contents: read | ||
| issues: write | ||
|
|
||
| on: | ||
| pull_request_review: |
Copilot is powered by AI and may make mistakes. Always verify output.
Siedlerchr
added a commit
that referenced
this pull request
Aug 28, 2025
…n-c23b1a88-5c29-46a2-a007-701edd344b9b' into jetbrains-junie-issue-13623-run-c23b1a88-5c29-46a2-a007-701edd344b9b * upstream/jetbrains-junie-issue-13623-run-c23b1a88-5c29-46a2-a007-701edd344b9b: Streamline code for getTabTitle() (#13781) Add missing variables Reformat BibTex in Show BibTex Source (#13761) Auto publish before JBang tests (#13779) Hotfix: calling of publish.yml Support BibLaTeX datamodel validations (#13693) Auto add and remove of "status: changes-required" label (#13778) New Crowdin updates (#13777) Restore local-only Git behavior for SLR to fix repository initialization error (#13775) Use vanilla hashset (#13771) Fix Springer Fetcher names (#13770) Fix condition Publish SNAPSHOT on jablib change (#13774) Adapt as per new set of checks (#13772) Bump jablib/src/main/resources/csl-styles from `1194364` to `17cfa60` (#13750) Fix path (#13769) Mode aware consistency check (#13584) Refine JBang check (#13765) Add Language Server to the UI and add the integrity/consistency check (#13697) Fix/remove comment code (#13763)
1 task
Siedlerchr
added a commit
that referenced
this pull request
Sep 8, 2025
* upstream/main: Add missing variables Reformat BibTex in Show BibTex Source (#13761) Auto publish before JBang tests (#13779) Hotfix: calling of publish.yml Support BibLaTeX datamodel validations (#13693) Auto add and remove of "status: changes-required" label (#13778) New Crowdin updates (#13777) Restore local-only Git behavior for SLR to fix repository initialization error (#13775) Use vanilla hashset (#13771) Fix Springer Fetcher names (#13770) Fix condition Publish SNAPSHOT on jablib change (#13774) Adapt as per new set of checks (#13772) Bump jablib/src/main/resources/csl-styles from `1194364` to `17cfa60` (#13750)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We more and more make use of the label status: changes-required
For each PR with the label, we need to check now and then if the label is still valid.
With the label removed, we "only" need to check if the changes were really adressed.
GitHub itself does not handle the whole status properly: https://github.com/orgs/community/discussions/17875
Steps to test
Work with PRs :)
Mandatory checks
CHANGELOG.mdin a way that is understandable for the average user (if change is visible to the user)