You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The reason will be displayed to describe this comment to others. Learn more.
Enabling write.enabled: true here makes mention-driven writes active for this repo. In the current implementation, the mention handler does not appear to gate write-mode by commenter authorization (e.g., collaborator/member/authorAssociation), so any user who can comment on a PR could potentially trigger bot-authored commits/PRs within the allowlist. Consider keeping write-mode disabled on the default branch and only enabling it on short-lived smoke/test branches, or narrowing the allowlist further (and/or adding an authorization gate in code) before enabling write-mode in-repo.
The reason will be displayed to describe this comment to others. Learn more.
allowPaths: - docs/** is fairly broad for a smoke validation flow. If the intent is only to exercise same-repo write behavior via documentation edits, consider restricting this to the smallest path(s) needed (e.g., docs/smoke/** or even the specific smoke doc) to reduce the blast radius of any unintended write requests.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The reason will be displayed to describe this comment to others. Learn more.
The seed note only includes a date, which can become ambiguous over time. Consider including a reference that’s reproducible (e.g., the PR number or commit SHA for the baseline) so future readers can easily trace what “baseline” refers to.
Validate the full mention-driven write flow in the default repo (`xbmc/kodiai`) using:
Expand Down
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Enabling
write.enabled: truehere makes mention-driven writes active for this repo. In the current implementation, the mention handler does not appear to gate write-mode by commenter authorization (e.g., collaborator/member/authorAssociation), so any user who can comment on a PR could potentially trigger bot-authored commits/PRs within the allowlist. Consider keeping write-mode disabled on the default branch and only enabling it on short-lived smoke/test branches, or narrowing the allowlist further (and/or adding an authorization gate in code) before enabling write-mode in-repo.