mirror of
https://github.com/QwenLM/qwen-code.git
synced 2026-07-10 01:29:17 +00:00
* ci(workflows): remind authors not to force-push active PRs Add a workflow that detects force-pushes (rebase/amend/reset) to open PRs via the pull_request_target synchronize event and posts a one-time, bilingual reminder that force-pushing invalidates existing review comments and that the integration bots squash all changes into a single commit automatically. A normal push (compare status "ahead") is ignored; the reminder is posted at most once per PR, bot-initiated pushes are skipped, and a failed compare is treated conservatively (no comment). * ci(workflows): address review — add issues:write, serialize without cancel - Add `issues: write`: the listComments/createComment calls go through the Issues API; declaring it matches the repo's other PR-commenting workflows and avoids any risk of a 403 making the workflow inert. - Set `cancel-in-progress: false`: an in-flight run that already detected a force-push must finish and post. The concurrency group still serializes runs per PR, and the once-per-PR marker prevents duplicates, so later pushes queue and then no-op instead of cancelling (and silently dropping) a pending reminder. * ci(workflows): harden force-push detection per review - Marker dedup now requires the comment to be from github-actions[bot], so a user pasting the marker string into a comment can't suppress reminders. - Skip known automation logins (qwen-code-dev-bot et al.) that push via PAT as sender.type 'User', not just GitHub App bots (mirrors qwen-autofix KNOWN_BOTS). - Narrow the compare catch to 404 (orphaned old tip -> skip); rethrow other errors so auth/rate failures go red instead of silently no-op'ing. - Wrap createComment with structured error logging + rethrow. Kept 3-dot compare and base-repo owner: verified that 3-dot returns diverged/behind for force-pushes and that the base repo resolves fork-PR commits, while the suggested 2-dot syntax 404s in the REST API. * test(ci): add structural test for the force-push reminder workflow - Add scripts/tests/pr-force-push-reminder-workflow.test.js (runs under test:scripts, which CI chains into test:ci). It asserts the trigger, repo guard, permissions, serialized concurrency, KNOWN_AUTOMATION sync with qwen-autofix, the 3-dot compare on the base repo, 404-vs-rethrow, the marker author check, and the bilingual body — locking in the reviewed behaviors. - Wrap the listComments paginate call in the same core.error + rethrow the other two API calls already use. - Note that KNOWN_AUTOMATION must stay in sync with qwen-autofix.yml KNOWN_BOTS. * ci(workflows): drop concurrency group, rely on marker for idempotency A concurrency group keeps at most one pending run per group, so a burst of pushes can cancel a still-pending force-push run before it reaches the script, dropping the reminder this workflow exists to post. Remove the group entirely: every synchronize event now runs independently and is always evaluated, and the once-per-PR marker provides idempotency. A rare double-post on two near-simultaneous first force-pushes is the acceptable cost of never silently missing one. Update the structural test to assert there is no concurrency block. The reviewer's suggested `queue: max` is not a valid GitHub Actions concurrency key (only `group`/`cancel-in-progress` are allowed) and fails actionlint. * test(ci): use Qwen Team header and assert the dedup skip path - Switch the copyright header to the prevailing `Qwen Team` (14 of 17 sibling test files use it; this file had copied an older Google LLC header). - Assert the idempotency skip log line so removing the marker guard fails a test. * test(ci): mechanically enforce KNOWN_AUTOMATION sync with qwen-autofix Read qwen-autofix.yml's KNOWN_BOTS and assert each login is also skipped here, so adding a bot there without updating this workflow fails the test instead of silently drifting. Replaces the hardcoded login list whose comment overclaimed that the sync was verified. |
||
|---|---|---|
| .. | ||
| installation | ||
| lib | ||
| tests | ||
| acp-http-smoke.mjs | ||
| benchmark-api-latency.mjs | ||
| build-hosted-installation-assets.js | ||
| build-standalone-release.js | ||
| build.js | ||
| build_package.js | ||
| build_sandbox.js | ||
| build_vscode_companion.js | ||
| check-build-status.js | ||
| check-desktop-isolation.js | ||
| check-i18n.ts | ||
| check-lockfile.js | ||
| check-serve-fast-path-bundle.js | ||
| clean.js | ||
| cli-entry.js | ||
| copy_bundle_assets.js | ||
| copy_files.js | ||
| create-standalone-package.js | ||
| create_alias.sh | ||
| daemon-dev.js | ||
| desktop-openwork-sync.ts | ||
| dev.js | ||
| esbuild-shims.js | ||
| generate-changelog.js | ||
| generate-git-commit-info.js | ||
| generate-settings-schema.ts | ||
| get-release-version.js | ||
| lint.js | ||
| local_telemetry.js | ||
| measure-flicker.mjs | ||
| pre-commit.js | ||
| prepare-package.js | ||
| release-script-utils.js | ||
| sandbox_command.js | ||
| sign-release.sh | ||
| start.js | ||
| sync-computer-use-schemas.ts | ||
| telemetry.js | ||
| telemetry_gcp.js | ||
| telemetry_utils.js | ||
| test-rewind-e2e.sh | ||
| test-windows-paths.js | ||
| unused-keys-only-in-locales.json | ||
| upload-aliyun-oss-assets.js | ||
| verify-installation-release.js | ||
| version.js | ||
| workspaces.js | ||