securesauce / precaution-beta

Precaution provides a simple, automated code review for GitHub projects by running code linters with a security focus on pull requests.
Other
1 stars 0 forks source link

Bug when clicked "Re-run" button #204

Open MVrachev opened 5 years ago

MVrachev commented 5 years ago

Describe the bug This bug appears when you click "Re-run all checks" or "Re-run failed checks button on the checks tab in one repository.

image

This bug happens when you already have a pull request from a forked repository to an original repository and click the above buttons. This bug doesn't affect when you create a pull request directly into the repository without a forked repository.

To Reproduce Steps to reproduce the behavior:

  1. Make a pull request from a forked repository to an original repository
  2. Click on the buttons showed above
  3. You will get the error "Cannot read property 'filter' of undefined" as a result.
MVrachev commented 5 years ago

After investigation, I found out that GitHub doesn't send me a pull request attribute in this specific situation when the pull request is from a forked repository to an original repository and I clicked the buttons "Re-run" I get an empty pull request attribute: image

in the other situation when I create a pull request directly without using a forked repository and I clicked the "Re-run buttons" the pull request field is there: image

joshuagl commented 5 years ago

Apologies, accidentally triggered the shortcut to close...

joshuagl commented 5 years ago

The GitHub documentation for CheckSuiteEvent says:

Note: The Checks API only looks for pushes in the repository where the check suite or check run were created. Pushes to a branch in a forked repository are not detected and return an empty pull_requests array and a null value for head_branch.

Which feels related to this issue. We know from #199 that we receive the CheckSuiteEvent for both the target repository against which a pull request was filed and a source repository when the app is also installed there. I think we'll need to filter the CheckSuiteEvent's to make sure they are being triggered for the right repository.