fix: check all non-bot users in auto-decline safety net, not just owner#5572
Conversation
The safety-net auto-decline jq filter was restricting comment search to only the authenticated user ($username), but the feature's goal is to block auto-decline when ANY non-bot user has commented. This could lead to incorrect auto-declines if a different user commented on the notification issue. Remove the username filter and keep only the bot-exclusion filter so that comments from any human user prevent auto-decline. Closes #5559
|
Important Review skippedAuto reviews are limited based on label configuration. 🚫 Review skipped — only excluded labels are configured. (1)
Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request addresses a high-severity bug in the auto-decline safety net, ensuring that the system accurately detects human interaction on notification issues. By broadening the scope of comment checks, it prevents drafts from being automatically declined when there's active human engagement, thereby improving the reliability of the automated workflow. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here. Footnotes
|
🔍 Code Quality Report�[0;35m[MONITOR]�[0m Code Review Monitoring Report �[0;34m[INFO]�[0m Latest Quality Status: �[0;34m[INFO]�[0m Recent monitoring activity: 📈 Current Quality Metrics
Generated on: Mon Mar 23 18:52:49 UTC 2026 Generated by AI DevOps Framework Code Review Monitoring |
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates the draft-response-helper.sh script to broaden the criteria for detecting human engagement on issues. Previously, only comments from the repository owner were considered to prevent auto-decline; now, any non-bot user's comment will block auto-decline. A suggestion was made to improve efficiency by consolidating jq calls for counting comments and to avoid suppressing stderr for jq commands to aid debugging.
| local sa_comments | ||
| sa_comments=$(gh api --paginate "repos/${slug}/issues/${sa_issue_number}/comments?per_page=100" \ | ||
| --jq "[.[] | select(.user.login == \"${username}\") | select(.user.login | test(\"\\\\[bot\\\\]\$\"; \"i\") | not)]" \ | ||
| --jq '[.[] | select(.user.login | test("\\[bot\\]$"; "i") | not)]' \ | ||
| 2>/dev/null) || sa_comments="[]" | ||
| local sa_user_comment_count | ||
| sa_user_comment_count=$(echo "$sa_comments" | jq 'length' 2>/dev/null) || sa_user_comment_count=0 |
There was a problem hiding this comment.
For efficiency, you can get the count of non-bot comments directly within the gh api call, avoiding an intermediate variable and a second jq process. Additionally, the 2>/dev/null suppression has been removed from the suggestion, as it's generally best to avoid suppressing stderr on commands that parse configuration files like jq to prevent hiding syntax errors and making debugging difficult.
| local sa_comments | |
| sa_comments=$(gh api --paginate "repos/${slug}/issues/${sa_issue_number}/comments?per_page=100" \ | |
| --jq "[.[] | select(.user.login == \"${username}\") | select(.user.login | test(\"\\\\[bot\\\\]\$\"; \"i\") | not)]" \ | |
| --jq '[.[] | select(.user.login | test("\\[bot\\]$"; "i") | not)]' \ | |
| 2>/dev/null) || sa_comments="[]" | |
| local sa_user_comment_count | |
| sa_user_comment_count=$(echo "$sa_comments" | jq 'length' 2>/dev/null) || sa_user_comment_count=0 | |
| local sa_user_comment_count | |
| sa_user_comment_count=$(gh api --paginate "repos/${slug}/issues/${sa_issue_number}/comments?per_page=100" \ | |
| --jq '([.[] | select(.user.login | test("\\[bot\\]\[bot\]|actions-user|github-actions\\[bot\\]$"; "i") | not)] | length)') || sa_user_comment_count=0 |
References
- Consolidate multiple 'jq' calls into a single pass where possible to improve performance and script efficiency.
- Avoid suppressing stderr with
2>/dev/nullon commands that parse configuration files (e.g.,jq), as it can hide syntax errors and make debugging difficult.
marcusquinn
added
the
review-feedback-scanned
2 participants
Summary
jqfilter indraft-response-helper.shwas restricting the comment search to only$username(the authenticated user), but the feature's goal is to block auto-decline when any non-bot user has commentedselect(.user.login == "${username}")filter and kept only the bot-exclusion filter (select(.user.login | test("\\[bot\\]$"; "i") | not)), so comments from any human user prevent auto-declineCloses #5559