Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 revert making RequiredPullRequestReviews a pointer #3728

Merged
merged 4 commits into from
Dec 13, 2023
Merged

🐛 revert making RequiredPullRequestReviews a pointer #3728

merged 4 commits into from
Dec 13, 2023

Conversation

spencerschrock
Copy link
Member

While the current approach works with the tiered scoring, it wont work for probes or if we remove tiers. Making the struct nil to signal that PRs aren't required hides some of the data we do have.

This is especially problematic for repo rules, where we can infer all settings by what we see or don't see.

What kind of change does this PR introduce?

bug fix, followup of #3499

What is the current behavior?

RequiredPullRequestReviews is a pointer

What is the new behavior (if this is a feature change)?**

RequiredPullRequestReviews is a struct again
there's a new field Required *bool to measure if the PRs are required

  • Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

Special notes for your reviewer

The most important changes are in clients/githubrepo/branches.go:

  1. For admin tokens, Required is assumed to be &false, unless we have data otherwise.
  2. For non admin tokens, Required is left nil, unless we have data otherwise.
  3. For repo rules, Required is assumed to be &false, unless we have data otherwise.

In tests anything that had a non-nil RequiredPullRequestReviews was saying PRs were required:

RequiredPullRequestReviews: &clients.PullRequestReviewRule{

Which is now represented by:

RequiredPullRequestReviews: clients.PullRequestReviewRule{
	Required:                     &trueVal,

similarly, anything which was:

RequiredPullRequestReviews: nil,

is now:

RequiredPullRequestReviews: clients.PullRequestReviewRule{
	Required: &falseVal,

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to
the release-note

(In particular, describe what changes users might need to make in their
application as a result of this pull request.)

NONE

@spencerschrock
revert the change which made RequiredPullRequestReviews a pointer
be03149 
While the current approach works with the tiered scoring,
it wont work for probes or if we remove tiers. Making the struct nil to
signal that PRs aren't required hides some of the data we do have.

This is especially problematic for repo rules, where we can infer all
settings by what we see or dont see.

Signed-off-by: Spencer Schrock <sschrock@google.com>
@spencerschrock
Copy link
Member Author

@diogoteles08 as the person most familiar with the code, can you take a first look?

@codecov Codecov
Copy link

codecov bot commented Dec 12, 2023
edited
Loading

Codecov Report

Merging #3728 (fd2a139) into main (663e1a9) will decrease coverage by 9.48%.
The diff coverage is 78.18%.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3728      +/-   ##
==========================================
- Coverage   76.04%   66.56%   -9.48%     
==========================================
  Files         214      214              
  Lines       14803    14797       -6     
==========================================
- Hits        11257     9850    -1407     
- Misses       2871     4383    +1512     
+ Partials      675      564     -111

diogoteles08
diogoteles08 suggested changes Dec 12, 2023
View reviewed changes
Copy link
Contributor

@diogoteles08 diogoteles08 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR looks great to me and follows what I was expecting as well.
I commented some minor inconsistencies and doubts.

checks/evaluation/branch_protection.go Outdated Show resolved Hide resolved
checks/evaluation/branch_protection_test.go Show resolved Hide resolved
clients/branch.go Show resolved Hide resolved
clients/githubrepo/branches.go Outdated Show resolved Hide resolved
clients/githubrepo/branches.go Show resolved Hide resolved
@spencerschrock
add helper to deref pointers
5139a2f 
Signed-off-by: Spencer Schrock <sschrock@google.com>
@spencerschrock
clarify comments and keep code consistent
b6c7bff 
Signed-off-by: Spencer Schrock <sschrock@google.com>
@spencerschrock spencerschrock marked this pull request as ready for review December 12, 2023 17:09
@spencerschrock spencerschrock requested a review from a team as a code owner December 12, 2023 17:09
@spencerschrock spencerschrock requested review from raghavkaul and laurentsimon and removed request for a team December 12, 2023 17:09
@spencerschrock
Merge branch 'main' into fix/branch-protection-require-pr
fd2a139 
Signed-off-by: Spencer Schrock <sschrock@google.com>
@spencerschrock spencerschrock enabled auto-merge (squash) December 13, 2023 00:17
@spencerschrock spencerschrock merged commit d03c8cb into ossf:main Dec 13, 2023
38 checks passed
@spencerschrock spencerschrock deleted the fix/branch-protection-require-pr branch December 13, 2023 00:26
@spencerschrock spencerschrock mentioned this pull request Dec 13, 2023
Merged
2 tasks
@diogoteles08 diogoteles08 mentioned this pull request Feb 16, 2024
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@diogoteles08 diogoteles08 diogoteles08 requested changes

@laurentsimon laurentsimon laurentsimon approved these changes

@raghavkaul raghavkaul Awaiting requested review from raghavkaul raghavkaul is a code owner automatically assigned from ossf/scorecard-maintainers

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@spencerschrock @diogoteles08 @laurentsimon