feat: implement issue #324 — Compliance: non-stub-auto-rebase.yml#338
feat: implement issue #324 — Compliance: non-stub-auto-rebase.yml#338don-petry wants to merge 2 commits into
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
| # compliance-ci-trigger | ||
| # ci-trigger-298 | ||
| .dev-lead/ | ||
| .dev-lead/ |
There was a problem hiding this comment.
The entry .dev-lead/ is already defined in this file (on lines 8, 9, and 12). This duplicate entry is redundant and should be removed.
|
Warning Review limit reached
More reviews will be available in 59 minutes and 48 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5d4da1359d
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| contents: write # update-branch via GITHUB_TOKEN (may touch .github/workflows/) | ||
| pull-requests: write # post comments on PRs | ||
| uses: petry-projects/.github/.github/workflows/auto-rebase-reusable.yml@d3d768dabb7f28cc63283cdfe48630da53700e50 # v1 | ||
| uses: petry-projects/.github/.github/workflows/auto-rebase-reusable.yml@v1 |
There was a problem hiding this comment.
Switching uses: from a full commit SHA to @v1 makes this workflow non-deterministic and weakens supply-chain safety, because the referenced code can change without any commit in this repo. This file’s own guidance (lines 9–10) says to bump the SHA when upgrading, so using a mutable tag here can cause unexpected behavior or policy drift on future runs.
Useful? React with 👍 / 👎.
|
There was a problem hiding this comment.
Pull request overview
Updates the repository’s auto-rebase workflow stub to match org compliance requirements (issue #324) by referencing the reusable workflow via the @v1 tag instead of a commit SHA.
Changes:
- Update
.github/workflows/auto-rebase.ymlto callpetry-projects/.github/.../auto-rebase-reusable.yml@v1. - Add an additional
.dev-lead/ignore entry in.gitignore(currently results in duplicated ignore lines).
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
.github/workflows/auto-rebase.yml |
Pins the reusable auto-rebase workflow reference to the required @v1 tag for compliance. |
.gitignore |
Adds a duplicate .dev-lead/ entry (should be deduped to avoid noise/merge conflicts). |
Closes #324
Implemented by dev-lead agent. Please review.