Open annevk opened 3 years ago
foolip
commented
3 years ago In https://github.blog/2021-04-22-github-actions-update-helping-maintainers-combat-bad-actors/ it sounds like approval is only required for first-time contributors, once. Isn't that the case?
annevk
commented
3 years ago See the topic I created. I think it's first-time, but for each commit they (or you yourself on their branch) create until something is merged.
If it was only for their first commit or per branch that would be more reasonable.
Even then though, even more ideal would be whatbot being able to safelist certain people for having signed the relevant agreement.
foolip
commented
3 years ago If there isn't already an API for this approval, there probably will be soon. Given that, whatbot could approve any PR it does a contribution check for which comes out green.
lucacasonato
commented
2 years ago
Context: https://github.blog/2021-04-22-github-actions-update-helping-maintainers-combat-bad-actors/.
I already find this getting a bit tedious so I wonder what we can do here. One problem is that if you approve it once, subsequent pushes of commits, even if they are made by yourself, require approval. I've found myself approving my own commits several times now.
I think it would be ideal if people approved by whatbot get to just run CI.
I created https://github.community/t/approving-workflow-runs-feedback/178181.