mirror of
https://github.com/QwenLM/qwen-code.git
synced 2026-07-10 01:29:17 +00:00
* fix(ci): allow triage for fork PRs that pass safety precheck Fork PRs by non-write authors were blocked from triage even when the safety precheck passed, because the authorize job gates on write permission. Triage is read-only (checks out trusted base code, reads PR via API), so precheck pass is sufficient to run it safely. Split the pull_request_target and issue_comment authorization paths: - pull_request_target: accept write permission OR precheck pass - issue_comment /triage: still require write permission on the commenter tmux-testing is unchanged — it executes PR code and must keep the write permission gate. * fix(ci): allow prechecked fork PR automation * docs(ci): clarify PR review authorization routing * test(ci): guard fork precheck authorization * fix(ci): tighten fork precheck review guards * test(ci): guard review-request authorization |
||
|---|---|---|
| .. | ||
| actions/post-coverage-comment | ||
| ISSUE_TEMPLATE | ||
| scripts | ||
| workflows | ||
| actionlint.yaml | ||
| dependabot.yml | ||
| pull_request_template.md | ||
| release.yml | ||