Reports Team does not belong to organization error even if team is assigned to a proper GitHub organization. (mszostok/codeowners-validator#121)
Root cause
This was a side effect of mszostok/codeowners-validator#78 where not only team was normalized. Unfortunately, it was not detected by the integration test, as I used only the gh-codeowners organization. As you can see, it's all lower-case.
I also added new integration tests against new GitHubCODEOWNERS organization to ensure no regression in the future.
Additional Corrective and Preventative Measures
In this case it's a bit of revers engineering as I don't have access to GitHub code which is responsible for assigning owners. As a result, I will need to create yet another e2e test that will be executed periodically to:
Create a sample PR against files where @GiTHubCodeOwners/A-TeAm is specified and check whether GitHub is still case-insensitive and assigns @GitHubCodeowners/a-team properly.
In this way, I will be notified when GitHub will change its behavior and I will be able to release a new version that will match a changed functionality.
🎉 GitHub Codeowners Validator 0.7.0 is now available!
Highlights
🔧 Bug Fixes
Normalize team name before comparison (#78) (@​mszostok)
GitHub is case-insensitive when assigning owners for a review. To match this approach now owners are normalized before checking if they exist under a given GitHub organization.
Allow unowned patterns by default with an option to change it (#113) (@​mszostok)
GitHub allows you to define a pattern and left its owners empty. For example:
/apps/ @octocat
/apps/github
In version 0.6 this was reported as error (Missing owner, at least one owner is required).
In this release, this check was moved under owner checker and made optional. As a result, validator may work in a picky mode when needed, see new option:
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps mszostok/codeowners-validator from 0.6.0 to 0.7.1.
Release notes
Sourced from mszostok/codeowners-validator's releases.
... (truncated)
Commits
2f478ec
Prepare for release v0.7.1 (#123)a4545a8
Make the org comparison case-insensitive too (#122)6bf04a9
Add login to Docker Hub623a681
Remove upx-3.96-amd64_linux.tar.xz archive before goreleaser executiona74f7fa
Fix tar expression5136b12
Ensure that git is not in dirty state after upx downloadc4754a1
Adjust docs and GitHub action for v0.7.0 release (#120)dcfa851
Update goreleaser, add release GitHub Action0e709b4
Changed belongs to belong in error message, add integration tests(#108)e933870
Fix spelling of brand GitHub (#106)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)