search

python-trio / snekomatic

The code behind @trio-bot
Other
21 stars 6 forks source link

Stop trying to invite dependabot to join the org #5

Closed njsmith closed 4 years ago

njsmith commented 5 years ago

This is sort of funny: every time one of dependabot's PRs are merged, trio-bot dutifully notices that the user dependabot-preview[bot] is not a member of the org and has never been invited, so it tries to invite them to join.

Fortunately (?) this fails; GitHub gives a 500 error if you try to invite a bot. But we should probably stop doing this anyway.

I think the solution is just to check if the user's name ends in [bot], and if so then we skip inviting them. We'll also want a test – I guess by tweaking the Scenario in test_app.py to include the user name as a field, instead of using a hard-coded constant.

Marking this a good first issue for anyone who's interested in getting involved here.

webknjaz commented 5 years ago

I'd not rely on [bot]. The webhook payload has user or sender['type'] == 'Bot': https://github.com/sanitizers/chronographer-github-app/blob/7db46ab/chronographer/event_handlers.py#L314

njsmith commented 5 years ago

Oh, good point. I tracked down one of the webhook payloads in the github ui and it looks like:

```json { "action": "closed", "number": 78, "pull_request": { "url": "https://api.github.com/repos/python-trio/trustme/pulls/78", "id": 308494115, "node_id": "MDExOlB1bGxSZXF1ZXN0MzA4NDk0MTE1", "html_url": "https://github.com/python-trio/trustme/pull/78", "diff_url": "https://github.com/python-trio/trustme/pull/78.diff", "patch_url": "https://github.com/python-trio/trustme/pull/78.patch", "issue_url": "https://api.github.com/repos/python-trio/trustme/issues/78", "number": 78, "state": "closed", "locked": false, "title": "Bump sphinx from 2.1.2 to 2.2.0", "user": { "login": "dependabot-preview[bot]", "id": 27856297, "node_id": "MDM6Qm90Mjc4NTYyOTc=", "avatar_url": "https://avatars3.githubusercontent.com/in/2141?v=4", "gravatar_id": "", "url": "https://api.github.com/users/dependabot-preview%5Bbot%5D", "html_url": "https://github.com/apps/dependabot-preview", "followers_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/followers", "following_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/following{/other_user}", "gists_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/gists{/gist_id}", "starred_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/subscriptions", "organizations_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/orgs", "repos_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/repos", "events_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/events{/privacy}", "received_events_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/received_events", "type": "Bot", "site_admin": false }, "body": "Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 2.1.2 to 2.2.0.\n
\nChangelog\n\n*Sourced from [sphinx's changelog](https://github.com/sphinx-doc/sphinx/blob/master/CHANGES).*\n\n> Release 2.2.0 (released Aug 19, 2019)\n> =====================================\n> \n> Incompatible changes\n> --------------------\n> \n> * apidoc: template files are renamed to ``.rst_t``\n> * html: Field lists will be styled by grid layout\n> \n> Deprecated\n> ----------\n> \n> * ``sphinx.domains.math.MathDomain.add_equation()``\n> * ``sphinx.domains.math.MathDomain.get_next_equation_number()``\n> * The ``info`` and ``warn`` arguments of\n> ``sphinx.ext.autosummary.generate.generate_autosummary_docs()``\n> * ``sphinx.ext.autosummary.generate._simple_info()``\n> * ``sphinx.ext.autosummary.generate._simple_warn()``\n> * ``sphinx.ext.todo.merge_info()``\n> * ``sphinx.ext.todo.process_todo_nodes()``\n> * ``sphinx.ext.todo.process_todos()``\n> * ``sphinx.ext.todo.purge_todos()``\n> \n> Features added\n> --------------\n> \n> * [#5124](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/5124): graphviz: ``:graphviz_dot:`` option is renamed to ``:layout:``\n> * [#1464](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/1464): html: emit a warning if :confval:`html_static_path` and\n> :confval:`html_extra_path` directories are inside output directory\n> * [#6514](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6514): html: Add a label to search input for accessability purposes\n> * [#5602](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/5602): apidoc: Add ``--templatedir`` option\n> * [#6475](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6475): Add ``override`` argument to ``app.add_autodocumenter()``\n> * [#6310](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6310): imgmath: let :confval:`imgmath_use_preview` work also with the SVG\n> format for images rendering inline math\n> * [#6533](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6533): LaTeX: refactor visit_enumerated_list() to use ``\\sphinxsetlistlabels``\n> * [#6628](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6628): quickstart: Use ``https://docs.python.org/3/`` for default setting of\n> :confval:`intersphinx_mapping`\n> * [#6419](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6419): sphinx-build: give reasons why rebuilded\n> \n> Bugs fixed\n> ----------\n> \n> * py domain: duplicated warning does not point the location of source code\n> * [#6499](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6499): html: Sphinx never updates a copy of :confval:`html_logo` even if\n> original file has changed\n> * [#1125](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/1125): html theme: scrollbar is hard to see on classic theme and macOS\n> * [#5502](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/5502): linkcheck: Consider HTTP 503 response as not an error\n> * [#6439](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6439): Make generated download links reproducible\n> * [#6486](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6486): UnboundLocalError is raised if broken extension installed\n> * [#6567](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6567): autodoc: :confval:`autodoc_inherit_docstrings` does not effect to\n> ... (truncated)\n
\n
\nCommits\n\n- [`bea7b5d`](https://github.com/sphinx-doc/sphinx/commit/bea7b5d4777d6b1216213b6c58eee0c3d133ca94) Bump to 2.2.0 final\n- [`2e9f66b`](https://github.com/sphinx-doc/sphinx/commit/2e9f66b22fe9d0af1c21b42b4d86bb98949a63ad) Update CHANGES for PR [#6625](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6625)\n- [`0df7ab0`](https://github.com/sphinx-doc/sphinx/commit/0df7ab0d22d742320135e89b20457e37c6fc8455) Merge pull request [#6625](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6625) from jakobandersen/6604_field_list_rendering\n- [`4ab751c`](https://github.com/sphinx-doc/sphinx/commit/4ab751c80712261526fa0d24d5711a7400f2e95c) Merge pull request [#6657](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6657) from tk0miya/6605_crash_with_methodlikeobj\n- [`9dd7688`](https://github.com/sphinx-doc/sphinx/commit/9dd768863c613e00d1f9c33ed1d1fbbdc663cbf9) Fix field lists after switch to HTML5 writer\n- [`65e2fdc`](https://github.com/sphinx-doc/sphinx/commit/65e2fdc191f656c35e6add0f33427a7b63cbcafe) Fix [#6605](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6605): autodoc: crashed when target code contains custom method-like objects\n- [`4a1df77`](https://github.com/sphinx-doc/sphinx/commit/4a1df77e33f4d98c936837d8ab3cd750ef251772) Update CHANGES for PR [#6419](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6419)\n- [`a5d8e3d`](https://github.com/sphinx-doc/sphinx/commit/a5d8e3d457642664d054a0081279f262d5e3f18d) Merge pull request [#6419](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6419) from larsoner/config\n- [`4e12d4b`](https://github.com/sphinx-doc/sphinx/commit/4e12d4b64406ea54190471048f5b6bce18926e5c) Merge pull request [#6653](https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/6653) from jdufresne/importlib\n- [`ecb1e76`](https://github.com/sphinx-doc/sphinx/commit/ecb1e763ad0917ac37061b648a53793a687cc760) Switch uses of __import__ to importlib.get_module()\n- Additional commits viewable in [compare view](https://github.com/sphinx-doc/sphinx/compare/v2.1.2...v2.2.0)\n
\n
\n\n[![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=sphinx&package-manager=pip&previous-version=2.1.2&new-version=2.2.0)](https://dependabot.com/compatibility-score.html?dependency-name=sphinx&package-manager=pip&previous-version=2.1.2&new-version=2.2.0)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\nIf all status checks pass Dependabot will automatically merge this pull request.\n\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language\n- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language\n- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language\n- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language\n- `@dependabot badge me` will comment on this PR with code to add a \"Dependabot enabled\" badge to your readme\n\nAdditionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):\n- Update frequency (including time of day and day of week)\n- Automerge options (never/patch/minor, and dev/runtime dependencies)\n- Pull request limits (per update run and/or open at any time)\n- Out-of-range updates (receive only lockfile updates, if desired)\n- Security updates (receive only security updates, if desired)\n\nFinally, you can contact us by mentioning @dependabot.\n\n
", "created_at": "2019-08-19T08:16:06Z", "updated_at": "2019-08-19T08:19:46Z", "closed_at": "2019-08-19T08:19:46Z", "merged_at": "2019-08-19T08:19:46Z", "merge_commit_sha": "bd6ab59aacbc5da68ac7feb56bcb198143d7bc18", "assignee": null, "assignees": [ ], "requested_reviewers": [ ], "requested_teams": [ ], "labels": [ { "id": 1389816744, "node_id": "MDU6TGFiZWwxMzg5ODE2NzQ0", "url": "https://api.github.com/repos/python-trio/trustme/labels/dependencies", "name": "dependencies", "color": "0366d6", "default": false } ], "milestone": null, "commits_url": "https://api.github.com/repos/python-trio/trustme/pulls/78/commits", "review_comments_url": "https://api.github.com/repos/python-trio/trustme/pulls/78/comments", "review_comment_url": "https://api.github.com/repos/python-trio/trustme/pulls/comments{/number}", "comments_url": "https://api.github.com/repos/python-trio/trustme/issues/78/comments", "statuses_url": "https://api.github.com/repos/python-trio/trustme/statuses/0826a854058018f70e72d2098ab0082b2c892525", "head": { "label": "python-trio:dependabot/pip/sphinx-2.2.0", "ref": "dependabot/pip/sphinx-2.2.0", "sha": "0826a854058018f70e72d2098ab0082b2c892525", "user": { "login": "python-trio", "id": 26335827, "node_id": "MDEyOk9yZ2FuaXphdGlvbjI2MzM1ODI3", "avatar_url": "https://avatars2.githubusercontent.com/u/26335827?v=4", "gravatar_id": "", "url": "https://api.github.com/users/python-trio", "html_url": "https://github.com/python-trio", "followers_url": "https://api.github.com/users/python-trio/followers", "following_url": "https://api.github.com/users/python-trio/following{/other_user}", "gists_url": "https://api.github.com/users/python-trio/gists{/gist_id}", "starred_url": "https://api.github.com/users/python-trio/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/python-trio/subscriptions", "organizations_url": "https://api.github.com/users/python-trio/orgs", "repos_url": "https://api.github.com/users/python-trio/repos", "events_url": "https://api.github.com/users/python-trio/events{/privacy}", "received_events_url": "https://api.github.com/users/python-trio/received_events", "type": "Organization", "site_admin": false }, "repo": { "id": 97507840, "node_id": "MDEwOlJlcG9zaXRvcnk5NzUwNzg0MA==", "name": "trustme", "full_name": "python-trio/trustme", "private": false, "owner": { "login": "python-trio", "id": 26335827, "node_id": "MDEyOk9yZ2FuaXphdGlvbjI2MzM1ODI3", "avatar_url": "https://avatars2.githubusercontent.com/u/26335827?v=4", "gravatar_id": "", "url": "https://api.github.com/users/python-trio", "html_url": "https://github.com/python-trio", "followers_url": "https://api.github.com/users/python-trio/followers", "following_url": "https://api.github.com/users/python-trio/following{/other_user}", "gists_url": "https://api.github.com/users/python-trio/gists{/gist_id}", "starred_url": "https://api.github.com/users/python-trio/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/python-trio/subscriptions", "organizations_url": "https://api.github.com/users/python-trio/orgs", "repos_url": "https://api.github.com/users/python-trio/repos", "events_url": "https://api.github.com/users/python-trio/events{/privacy}", "received_events_url": "https://api.github.com/users/python-trio/received_events", "type": "Organization", "site_admin": false }, "html_url": "https://github.com/python-trio/trustme", "description": "#1 quality TLS certs while you wait, for the discerning tester", "fork": false, "url": "https://api.github.com/repos/python-trio/trustme", "forks_url": "https://api.github.com/repos/python-trio/trustme/forks", "keys_url": "https://api.github.com/repos/python-trio/trustme/keys{/key_id}", "collaborators_url": "https://api.github.com/repos/python-trio/trustme/collaborators{/collaborator}", "teams_url": "https://api.github.com/repos/python-trio/trustme/teams", "hooks_url": "https://api.github.com/repos/python-trio/trustme/hooks", "issue_events_url": "https://api.github.com/repos/python-trio/trustme/issues/events{/number}", "events_url": "https://api.github.com/repos/python-trio/trustme/events", "assignees_url": "https://api.github.com/repos/python-trio/trustme/assignees{/user}", "branches_url": "https://api.github.com/repos/python-trio/trustme/branches{/branch}", "tags_url": "https://api.github.com/repos/python-trio/trustme/tags", "blobs_url": "https://api.github.com/repos/python-trio/trustme/git/blobs{/sha}", "git_tags_url": "https://api.github.com/repos/python-trio/trustme/git/tags{/sha}", "git_refs_url": "https://api.github.com/repos/python-trio/trustme/git/refs{/sha}", "trees_url": "https://api.github.com/repos/python-trio/trustme/git/trees{/sha}", "statuses_url": "https://api.github.com/repos/python-trio/trustme/statuses/{sha}", "languages_url": "https://api.github.com/repos/python-trio/trustme/languages", "stargazers_url": "https://api.github.com/repos/python-trio/trustme/stargazers", "contributors_url": "https://api.github.com/repos/python-trio/trustme/contributors", "subscribers_url": "https://api.github.com/repos/python-trio/trustme/subscribers", "subscription_url": "https://api.github.com/repos/python-trio/trustme/subscription", "commits_url": "https://api.github.com/repos/python-trio/trustme/commits{/sha}", "git_commits_url": "https://api.github.com/repos/python-trio/trustme/git/commits{/sha}", "comments_url": "https://api.github.com/repos/python-trio/trustme/comments{/number}", "issue_comment_url": "https://api.github.com/repos/python-trio/trustme/issues/comments{/number}", "contents_url": "https://api.github.com/repos/python-trio/trustme/contents/{+path}", "compare_url": "https://api.github.com/repos/python-trio/trustme/compare/{base}...{head}", "merges_url": "https://api.github.com/repos/python-trio/trustme/merges", "archive_url": "https://api.github.com/repos/python-trio/trustme/{archive_format}{/ref}", "downloads_url": "https://api.github.com/repos/python-trio/trustme/downloads", "issues_url": "https://api.github.com/repos/python-trio/trustme/issues{/number}", "pulls_url": "https://api.github.com/repos/python-trio/trustme/pulls{/number}", "milestones_url": "https://api.github.com/repos/python-trio/trustme/milestones{/number}", "notifications_url": "https://api.github.com/repos/python-trio/trustme/notifications{?since,all,participating}", "labels_url": "https://api.github.com/repos/python-trio/trustme/labels{/name}", "releases_url": "https://api.github.com/repos/python-trio/trustme/releases{/id}", "deployments_url": "https://api.github.com/repos/python-trio/trustme/deployments", "created_at": "2017-07-17T18:13:54Z", "updated_at": "2019-08-17T12:37:01Z", "pushed_at": "2019-08-19T08:19:46Z", "git_url": "git://github.com/python-trio/trustme.git", "ssh_url": "git@github.com:python-trio/trustme.git", "clone_url": "https://github.com/python-trio/trustme.git", "svn_url": "https://github.com/python-trio/trustme", "homepage": "", "size": 152, "stargazers_count": 57, "watchers_count": 57, "language": "Python", "has_issues": true, "has_projects": true, "has_downloads": true, "has_wiki": true, "has_pages": false, "forks_count": 8, "mirror_url": null, "archived": false, "disabled": false, "open_issues_count": 4, "license": { "key": "other", "name": "Other", "spdx_id": "NOASSERTION", "url": null, "node_id": "MDc6TGljZW5zZTA=" }, "forks": 8, "open_issues": 4, "watchers": 57, "default_branch": "master" } }, "base": { "label": "python-trio:master", "ref": "master", "sha": "0a6a0189b7903d99a1190236576021f4abddc894", "user": { "login": "python-trio", "id": 26335827, "node_id": "MDEyOk9yZ2FuaXphdGlvbjI2MzM1ODI3", "avatar_url": "https://avatars2.githubusercontent.com/u/26335827?v=4", "gravatar_id": "", "url": "https://api.github.com/users/python-trio", "html_url": "https://github.com/python-trio", "followers_url": "https://api.github.com/users/python-trio/followers", "following_url": "https://api.github.com/users/python-trio/following{/other_user}", "gists_url": "https://api.github.com/users/python-trio/gists{/gist_id}", "starred_url": "https://api.github.com/users/python-trio/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/python-trio/subscriptions", "organizations_url": "https://api.github.com/users/python-trio/orgs", "repos_url": "https://api.github.com/users/python-trio/repos", "events_url": "https://api.github.com/users/python-trio/events{/privacy}", "received_events_url": "https://api.github.com/users/python-trio/received_events", "type": "Organization", "site_admin": false }, "repo": { "id": 97507840, "node_id": "MDEwOlJlcG9zaXRvcnk5NzUwNzg0MA==", "name": "trustme", "full_name": "python-trio/trustme", "private": false, "owner": { "login": "python-trio", "id": 26335827, "node_id": "MDEyOk9yZ2FuaXphdGlvbjI2MzM1ODI3", "avatar_url": "https://avatars2.githubusercontent.com/u/26335827?v=4", "gravatar_id": "", "url": "https://api.github.com/users/python-trio", "html_url": "https://github.com/python-trio", "followers_url": "https://api.github.com/users/python-trio/followers", "following_url": "https://api.github.com/users/python-trio/following{/other_user}", "gists_url": "https://api.github.com/users/python-trio/gists{/gist_id}", "starred_url": "https://api.github.com/users/python-trio/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/python-trio/subscriptions", "organizations_url": "https://api.github.com/users/python-trio/orgs", "repos_url": "https://api.github.com/users/python-trio/repos", "events_url": "https://api.github.com/users/python-trio/events{/privacy}", "received_events_url": "https://api.github.com/users/python-trio/received_events", "type": "Organization", "site_admin": false }, "html_url": "https://github.com/python-trio/trustme", "description": "#1 quality TLS certs while you wait, for the discerning tester", "fork": false, "url": "https://api.github.com/repos/python-trio/trustme", "forks_url": "https://api.github.com/repos/python-trio/trustme/forks", "keys_url": "https://api.github.com/repos/python-trio/trustme/keys{/key_id}", "collaborators_url": "https://api.github.com/repos/python-trio/trustme/collaborators{/collaborator}", "teams_url": "https://api.github.com/repos/python-trio/trustme/teams", "hooks_url": "https://api.github.com/repos/python-trio/trustme/hooks", "issue_events_url": "https://api.github.com/repos/python-trio/trustme/issues/events{/number}", "events_url": "https://api.github.com/repos/python-trio/trustme/events", "assignees_url": "https://api.github.com/repos/python-trio/trustme/assignees{/user}", "branches_url": "https://api.github.com/repos/python-trio/trustme/branches{/branch}", "tags_url": "https://api.github.com/repos/python-trio/trustme/tags", "blobs_url": "https://api.github.com/repos/python-trio/trustme/git/blobs{/sha}", "git_tags_url": "https://api.github.com/repos/python-trio/trustme/git/tags{/sha}", "git_refs_url": "https://api.github.com/repos/python-trio/trustme/git/refs{/sha}", "trees_url": "https://api.github.com/repos/python-trio/trustme/git/trees{/sha}", "statuses_url": "https://api.github.com/repos/python-trio/trustme/statuses/{sha}", "languages_url": "https://api.github.com/repos/python-trio/trustme/languages", "stargazers_url": "https://api.github.com/repos/python-trio/trustme/stargazers", "contributors_url": "https://api.github.com/repos/python-trio/trustme/contributors", "subscribers_url": "https://api.github.com/repos/python-trio/trustme/subscribers", "subscription_url": "https://api.github.com/repos/python-trio/trustme/subscription", "commits_url": "https://api.github.com/repos/python-trio/trustme/commits{/sha}", "git_commits_url": "https://api.github.com/repos/python-trio/trustme/git/commits{/sha}", "comments_url": "https://api.github.com/repos/python-trio/trustme/comments{/number}", "issue_comment_url": "https://api.github.com/repos/python-trio/trustme/issues/comments{/number}", "contents_url": "https://api.github.com/repos/python-trio/trustme/contents/{+path}", "compare_url": "https://api.github.com/repos/python-trio/trustme/compare/{base}...{head}", "merges_url": "https://api.github.com/repos/python-trio/trustme/merges", "archive_url": "https://api.github.com/repos/python-trio/trustme/{archive_format}{/ref}", "downloads_url": "https://api.github.com/repos/python-trio/trustme/downloads", "issues_url": "https://api.github.com/repos/python-trio/trustme/issues{/number}", "pulls_url": "https://api.github.com/repos/python-trio/trustme/pulls{/number}", "milestones_url": "https://api.github.com/repos/python-trio/trustme/milestones{/number}", "notifications_url": "https://api.github.com/repos/python-trio/trustme/notifications{?since,all,participating}", "labels_url": "https://api.github.com/repos/python-trio/trustme/labels{/name}", "releases_url": "https://api.github.com/repos/python-trio/trustme/releases{/id}", "deployments_url": "https://api.github.com/repos/python-trio/trustme/deployments", "created_at": "2017-07-17T18:13:54Z", "updated_at": "2019-08-17T12:37:01Z", "pushed_at": "2019-08-19T08:19:46Z", "git_url": "git://github.com/python-trio/trustme.git", "ssh_url": "git@github.com:python-trio/trustme.git", "clone_url": "https://github.com/python-trio/trustme.git", "svn_url": "https://github.com/python-trio/trustme", "homepage": "", "size": 152, "stargazers_count": 57, "watchers_count": 57, "language": "Python", "has_issues": true, "has_projects": true, "has_downloads": true, "has_wiki": true, "has_pages": false, "forks_count": 8, "mirror_url": null, "archived": false, "disabled": false, "open_issues_count": 4, "license": { "key": "other", "name": "Other", "spdx_id": "NOASSERTION", "url": null, "node_id": "MDc6TGljZW5zZTA=" }, "forks": 8, "open_issues": 4, "watchers": 57, "default_branch": "master" } }, "_links": { "self": { "href": "https://api.github.com/repos/python-trio/trustme/pulls/78" }, "html": { "href": "https://github.com/python-trio/trustme/pull/78" }, "issue": { "href": "https://api.github.com/repos/python-trio/trustme/issues/78" }, "comments": { "href": "https://api.github.com/repos/python-trio/trustme/issues/78/comments" }, "review_comments": { "href": "https://api.github.com/repos/python-trio/trustme/pulls/78/comments" }, "review_comment": { "href": "https://api.github.com/repos/python-trio/trustme/pulls/comments{/number}" }, "commits": { "href": "https://api.github.com/repos/python-trio/trustme/pulls/78/commits" }, "statuses": { "href": "https://api.github.com/repos/python-trio/trustme/statuses/0826a854058018f70e72d2098ab0082b2c892525" } }, "author_association": "CONTRIBUTOR", "draft": false, "merged": true, "mergeable": null, "rebaseable": null, "mergeable_state": "unknown", "merged_by": { "login": "dependabot-preview[bot]", "id": 27856297, "node_id": "MDM6Qm90Mjc4NTYyOTc=", "avatar_url": "https://avatars3.githubusercontent.com/in/2141?v=4", "gravatar_id": "", "url": "https://api.github.com/users/dependabot-preview%5Bbot%5D", "html_url": "https://github.com/apps/dependabot-preview", "followers_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/followers", "following_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/following{/other_user}", "gists_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/gists{/gist_id}", "starred_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/subscriptions", "organizations_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/orgs", "repos_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/repos", "events_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/events{/privacy}", "received_events_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/received_events", "type": "Bot", "site_admin": false }, "comments": 0, "review_comments": 0, "maintainer_can_modify": false, "commits": 1, "additions": 1, "deletions": 1, "changed_files": 1 }, "repository": { "id": 97507840, "node_id": "MDEwOlJlcG9zaXRvcnk5NzUwNzg0MA==", "name": "trustme", "full_name": "python-trio/trustme", "private": false, "owner": { "login": "python-trio", "id": 26335827, "node_id": "MDEyOk9yZ2FuaXphdGlvbjI2MzM1ODI3", "avatar_url": "https://avatars2.githubusercontent.com/u/26335827?v=4", "gravatar_id": "", "url": "https://api.github.com/users/python-trio", "html_url": "https://github.com/python-trio", "followers_url": "https://api.github.com/users/python-trio/followers", "following_url": "https://api.github.com/users/python-trio/following{/other_user}", "gists_url": "https://api.github.com/users/python-trio/gists{/gist_id}", "starred_url": "https://api.github.com/users/python-trio/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/python-trio/subscriptions", "organizations_url": "https://api.github.com/users/python-trio/orgs", "repos_url": "https://api.github.com/users/python-trio/repos", "events_url": "https://api.github.com/users/python-trio/events{/privacy}", "received_events_url": "https://api.github.com/users/python-trio/received_events", "type": "Organization", "site_admin": false }, "html_url": "https://github.com/python-trio/trustme", "description": "#1 quality TLS certs while you wait, for the discerning tester", "fork": false, "url": "https://api.github.com/repos/python-trio/trustme", "forks_url": "https://api.github.com/repos/python-trio/trustme/forks", "keys_url": "https://api.github.com/repos/python-trio/trustme/keys{/key_id}", "collaborators_url": "https://api.github.com/repos/python-trio/trustme/collaborators{/collaborator}", "teams_url": "https://api.github.com/repos/python-trio/trustme/teams", "hooks_url": "https://api.github.com/repos/python-trio/trustme/hooks", "issue_events_url": "https://api.github.com/repos/python-trio/trustme/issues/events{/number}", "events_url": "https://api.github.com/repos/python-trio/trustme/events", "assignees_url": "https://api.github.com/repos/python-trio/trustme/assignees{/user}", "branches_url": "https://api.github.com/repos/python-trio/trustme/branches{/branch}", "tags_url": "https://api.github.com/repos/python-trio/trustme/tags", "blobs_url": "https://api.github.com/repos/python-trio/trustme/git/blobs{/sha}", "git_tags_url": "https://api.github.com/repos/python-trio/trustme/git/tags{/sha}", "git_refs_url": "https://api.github.com/repos/python-trio/trustme/git/refs{/sha}", "trees_url": "https://api.github.com/repos/python-trio/trustme/git/trees{/sha}", "statuses_url": "https://api.github.com/repos/python-trio/trustme/statuses/{sha}", "languages_url": "https://api.github.com/repos/python-trio/trustme/languages", "stargazers_url": "https://api.github.com/repos/python-trio/trustme/stargazers", "contributors_url": "https://api.github.com/repos/python-trio/trustme/contributors", "subscribers_url": "https://api.github.com/repos/python-trio/trustme/subscribers", "subscription_url": "https://api.github.com/repos/python-trio/trustme/subscription", "commits_url": "https://api.github.com/repos/python-trio/trustme/commits{/sha}", "git_commits_url": "https://api.github.com/repos/python-trio/trustme/git/commits{/sha}", "comments_url": "https://api.github.com/repos/python-trio/trustme/comments{/number}", "issue_comment_url": "https://api.github.com/repos/python-trio/trustme/issues/comments{/number}", "contents_url": "https://api.github.com/repos/python-trio/trustme/contents/{+path}", "compare_url": "https://api.github.com/repos/python-trio/trustme/compare/{base}...{head}", "merges_url": "https://api.github.com/repos/python-trio/trustme/merges", "archive_url": "https://api.github.com/repos/python-trio/trustme/{archive_format}{/ref}", "downloads_url": "https://api.github.com/repos/python-trio/trustme/downloads", "issues_url": "https://api.github.com/repos/python-trio/trustme/issues{/number}", "pulls_url": "https://api.github.com/repos/python-trio/trustme/pulls{/number}", "milestones_url": "https://api.github.com/repos/python-trio/trustme/milestones{/number}", "notifications_url": "https://api.github.com/repos/python-trio/trustme/notifications{?since,all,participating}", "labels_url": "https://api.github.com/repos/python-trio/trustme/labels{/name}", "releases_url": "https://api.github.com/repos/python-trio/trustme/releases{/id}", "deployments_url": "https://api.github.com/repos/python-trio/trustme/deployments", "created_at": "2017-07-17T18:13:54Z", "updated_at": "2019-08-17T12:37:01Z", "pushed_at": "2019-08-19T08:19:46Z", "git_url": "git://github.com/python-trio/trustme.git", "ssh_url": "git@github.com:python-trio/trustme.git", "clone_url": "https://github.com/python-trio/trustme.git", "svn_url": "https://github.com/python-trio/trustme", "homepage": "", "size": 152, "stargazers_count": 57, "watchers_count": 57, "language": "Python", "has_issues": true, "has_projects": true, "has_downloads": true, "has_wiki": true, "has_pages": false, "forks_count": 8, "mirror_url": null, "archived": false, "disabled": false, "open_issues_count": 4, "license": { "key": "other", "name": "Other", "spdx_id": "NOASSERTION", "url": null, "node_id": "MDc6TGljZW5zZTA=" }, "forks": 8, "open_issues": 4, "watchers": 57, "default_branch": "master" }, "organization": { "login": "python-trio", "id": 26335827, "node_id": "MDEyOk9yZ2FuaXphdGlvbjI2MzM1ODI3", "url": "https://api.github.com/orgs/python-trio", "repos_url": "https://api.github.com/orgs/python-trio/repos", "events_url": "https://api.github.com/orgs/python-trio/events", "hooks_url": "https://api.github.com/orgs/python-trio/hooks", "issues_url": "https://api.github.com/orgs/python-trio/issues", "members_url": "https://api.github.com/orgs/python-trio/members{/member}", "public_members_url": "https://api.github.com/orgs/python-trio/public_members{/member}", "avatar_url": "https://avatars2.githubusercontent.com/u/26335827?v=4", "description": null }, "sender": { "login": "dependabot-preview[bot]", "id": 27856297, "node_id": "MDM6Qm90Mjc4NTYyOTc=", "avatar_url": "https://avatars3.githubusercontent.com/in/2141?v=4", "gravatar_id": "", "url": "https://api.github.com/users/dependabot-preview%5Bbot%5D", "html_url": "https://github.com/apps/dependabot-preview", "followers_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/followers", "following_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/following{/other_user}", "gists_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/gists{/gist_id}", "starred_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/starred{/owner}{/repo}", "subscriptions_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/subscriptions", "organizations_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/orgs", "repos_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/repos", "events_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/events{/privacy}", "received_events_url": "https://api.github.com/users/dependabot-preview%5Bbot%5D/received_events", "type": "Bot", "site_admin": false }, "installation": { "id": 1551243, "node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTU1MTI0Mw==" } } ```

And if you squint, buried in there it looks like there's a pull_request.user.type field that's set to "Bot".

So I guess the check in snekomatic.app.pull_request_merged would be something like:

if glom(event.payload, "pull_request.user.type").lower() == "bot":
    print("This user is a bot -> not inviting")
    return
njsmith commented 5 years ago

Note: for regular users, the pull_request.user.type is "User"

webknjaz commented 5 years ago

Yep, and there's bots which use regular user accounts. That's why my bot has a setting for blacklisting human accounts as well: https://github.com/sanitizers/chronographer-github-app/blob/7db46ab032476670dfef7a09e756c06cbf60751d/chronographer/event_handlers.py#L321

njsmith commented 5 years ago

Eh, I don't think we need to care about that too much though. We don't generally get PRs from bots-masquerading-as-users (at least, as far as I know!), and even if we did invite one to join the org once it would be fine. With dependabot though it keeps crashing when trying to send the invitation, so we don't mark it down as previously-invited, so we try again the next time, and the text...

webknjaz commented 5 years ago

even if we did invite one to join the org once it would be fine

I'd still consider this a security breach I guess...

njsmith commented 5 years ago

Oh yeah, for most projects it would be. But we have a pretty open membership policy (as you've seen). Our basic security approach is to assume that almost everyone is trustworthy, and then make sure that if we do end up with a malicious member, they can't do too much harm before being caught. (So e.g. we have branch protection so changes have to go through public review, and we don't put important credentials in our repos, even encrypted.)