Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Issue-Bot: Emit GitHub Action annotation when issues are affected #4326

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ondrejmirtes merged 10 commits into phpstan:2.1.x from staabm:issue-bot
Sep 12, 2025

Conversation

Copy link
Contributor

@staabm staabm commented Sep 12, 2025
edited
Loading

with this PR we get a issue-bot 'pull request annotation' in the 'files changed' tab, which looks like:

grafik

this annotation is only visible when issue bot finds affected issues, otherwise no annotation is showing up.
intentionally I used a message type "notice" to get a gentle hint which distracts as less as possible.

Goal: make it more obvious when issue bot has helpful results. before this PR we sometimes missed to check the issue bot results as they are hidden deep in the github.com UI

triggered by a discussion in #4168 (comment)

@clxmstaab clxmstaab force-pushed the issue-bot branch 2 times, most recently from 49638aa to c442163 Compare September 12, 2025 13:09
Copy link
Contributor Author

staabm commented Sep 12, 2025
edited
Loading

@ondrejmirtes @VincentLanglet any opinion on this? is it acceptable?

if so, I would cleanup the PR and we can give it a try.
if it doesn't work we can remove the annotation just by removing the commit.. so it does not cost much to test it
VincentLanglet reacted with thumbs up emoji

Comment on lines 145 to 146
// XXX debug test
$exitCode = self::EXIT_AFFECTS_ISSUES;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

todo: remove this debug line, which atm enforce rendering of the github action annotation message

Copy link
Contributor

Personally I like it

Copy link
Member

I like it too!

The reason why it's not safe to post a comment is because the only event that has access to secrets is pull_request_target. And you can't check out the repository if you want to be safe. There's a lot of attacks possible if you do that. There's a big warning here: https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows#pull_request_target

@staabm staabm marked this pull request as ready for review September 12, 2025 14:19
Copy link
Collaborator

This pull request has been marked as ready for review.

Copy link
Contributor Author

staabm commented Sep 12, 2025

ok cool - lets give it a try then

@ondrejmirtes ondrejmirtes merged commit f6b6762 into phpstan:2.1.x Sep 12, 2025
277 of 281 checks passed
Copy link
Member

Awesome, thank you!

@staabm staabm deleted the issue-bot branch September 12, 2025 14:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AltStyle によって変換されたページ (->オリジナル) /