add conflict action, remove check temp due not using main branch#1859
add conflict action, remove check temp due not using main branch#1859acosferreira merged 1 commit intomainfrom
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| 🙏" | ||
| label: | ||
| add: | ||
| - conflict |
There was a problem hiding this comment.
Missing rule to remove conflict label after resolution
Medium Severity
The new "warn on conflicts" rule adds a conflict label when a PR has merge conflicts, but there's no companion rule to remove the label once the conflict is resolved. Mergify only triggers actions when conditions match — once the conflict is gone, the - conflict condition is no longer true, so the rule simply stops matching without undoing its previous actions. The conflict label will persist on resolved PRs indefinitely, making it misleading.
| - check-success=pre-commit | ||
| - check-success=selftest # pip_compile check | ||
| # - check-success=pre-commit | ||
| # - check-success=selftest # pip_compile check |
There was a problem hiding this comment.
CI checks disabled for Dependabot auto-approval rules
Medium Severity
The check-success=pre-commit and check-success=selftest conditions are commented out in both the Python security updates and non-security Dependabot auto-approval rules. The PR title describes this as "temp," but it's being committed to the repo. This means Dependabot PRs for Python will be auto-approved without any CI checks passing, weakening the safety gate other ecosystems (Admin Portal, Chatbot, GitHub Actions) still enforce.
Additional Locations (1)
|
2 participants
Jira Issue: https://issues.redhat.com/browse/AAP-52843
Description
remove flag because of temp branch for test
Type of Change
Backport Policy
This change should be:
Automated Backport Instructions
After this PR is merged, add one or more labels to automatically create backport PRs:
backport/stable-2.4- Backport to stable-2.4 branchbackport/stable-2.5- Backport to stable-2.5 branchbackport/stable-2.6- Backport to stable-2.6 branchbackport/all- Backport to all active stable branchesno-backport- Explicitly mark as not needing backportBackport Justification
Special backport considerations:
Scenarios tested
Production deployment
Note
Low Risk
Changes are limited to GitHub automation config, but could slightly increase the chance of auto-approving Dependabot PRs without some CI signals until the checks are re-enabled.
Overview
Mergify auto-approval rules for Dependabot PRs are relaxed by temporarily removing required
pre-commit/selftestsuccess checks for Python security updates and for non-security Dependabot updates (checks are now commented out).Adds a new Mergify rule that detects PRs in a
conflictstate, posts a comment tagging the author, and applies aconflictlabel.Written by Cursor Bugbot for commit 5822545. This will update automatically on new commits. Configure here.