Commit 6e4ea2e
authored
feat(workflows): add maintainer-only skip-review label guard (#1293)
## Description
Added a dual-condition **skip-review** noop guard to the agentic
automated PR review workflow (`pr-review.md`). The guard calls `noop`
and halts review when a PR carries the `skip-review` label *and* the
author's association is `MEMBER`, `OWNER`, or `COLLABORATOR`. Requiring
both conditions prevents any contributor from self-applying the label to
bypass automated review: only maintainers qualify.
The lock file (`pr-review.lock.yml`) was recompiled from gh-aw v0.63.1
to v0.65.6, incorporating several security hardening and operational
improvements alongside the feature change.
### Core Feature
- Added `skip-review` label + privileged-association guard in
*`pr-review.md`* — calls `noop` with `"Skipping: skip-review label set
by maintainer."` when both conditions are met
- Author association must be `MEMBER`, `OWNER`, or `COLLABORATOR`; label
alone is insufficient to skip review
### Security Hardening (Lock File Recompilation)
- Uniquified heredoc sentinels with hash suffixes (e.g.,
`GH_AW_PROMPT_b4e589eddbf00c0a_EOF`) to close a prompt-injection path
where adversarial content could terminate heredocs prematurely
- Replaced `--env-all` with explicit `--exclude-env COPILOT_GITHUB_TOKEN
--exclude-env GITHUB_MCP_SERVER_TOKEN --exclude-env MCP_GATEWAY_API_KEY`
to follow least-privilege for sensitive tokens in the agent sandbox
- Added `--audit-dir /tmp/gh-aw/sandbox/firewall/audit` to the `awf`
invocation; extended firewall artifact upload to include the audit path
### Operational Improvements (Lock File Recompilation)
- Bumped gh-aw compiler `v0.63.1` → `v0.65.6`; AWF binary `v0.25.0` →
`v0.25.11`; `gh-aw-mcpg` `v0.2.4` → `v0.2.11`; Docker image tags updated
atomically
- Several other changes based on the CLI update.
### Dependency Lock
- Added SHA pin for `github/gh-aw-actions/setup@v0.65.6`
(`31130b20a8fd3ef263acbe2091267c0aace07e09`) in
*`.github/aw/actions-lock.json`*
## Related Issue(s)
Closes #1290
## Type of Change
Select all that apply:
**Code & Documentation:**
* [ ] Bug fix (non-breaking change fixing an issue)
* [x] New feature (non-breaking change adding functionality)
* [ ] Breaking change (fix or feature causing existing functionality to
change)
* [ ] Documentation update
**Infrastructure & Configuration:**
* [x] GitHub Actions workflow
* [ ] Linting configuration (markdown, PowerShell, etc.)
* [ ] Security configuration
* [ ] DevContainer configuration
* [ ] Dependency update
**AI Artifacts:**
* [ ] Reviewed contribution with `prompt-builder` agent and addressed
all feedback
* [ ] Copilot instructions (`.github/instructions/*.instructions.md`)
* [ ] Copilot prompt (`.github/prompts/*.prompt.md`)
* [ ] Copilot agent (`.github/agents/*.agent.md`)
* [ ] Copilot skill (`.github/skills/*/SKILL.md`)
> Note for AI Artifact Contributors:
>
> * Agents: Research, indexing/referencing other project (using standard
VS Code GitHub Copilot/MCP tools), planning, and general implementation
agents likely already exist. Review `.github/agents/` before creating
new ones.
> * Skills: Must include both bash and PowerShell scripts. See
[Skills](../docs/contributing/skills.md).
> * Model Versions: Only contributions targeting the **latest Anthropic
and OpenAI models** will be accepted. Older model versions (e.g.,
GPT-3.5, Claude 3) will be rejected.
> * See [Agents Not
Accepted](../docs/contributing/custom-agents.md#agents-not-accepted) and
[Model Version
Requirements](../docs/contributing/ai-artifacts-common.md#model-version-requirements).
**Other:**
* [ ] Script/automation (`.ps1`, `.sh`, `.py`)
* [ ] Other (please describe):
## Testing
Testing will be done when merged, to trigger this in a future PR.
Automated validation commands run and results:
* `npm run lint:md` — Passed (pre-confirmed by author)
* `npm run spell-check` — Passed (pre-confirmed by author)
* `npm run lint:frontmatter` — Passed
* `npm run validate:skills` — Passed
* `npm run lint:md-links` — Passed
* `npm run lint:ps` — Passed
* `npm run plugin:generate` — Passed
Security analysis: no secrets or sensitive data expose; the diff
reinforces security posture by adding sensitive token exclusions and
audit logging. No unintended file changes detected. Commit message
follows conventional commits format.
## Checklist
### Required Checks
* [ ] Documentation is updated (if applicable) (N/A — changes are
workflow source and compiler output only)
* [x] Files follow existing naming conventions
* [x] Changes are backwards compatible (if applicable)
* [ ] Tests added for new functionality (if applicable) (N/A — no test
files changed)
### AI Artifact Contributions
<!-- If contributing an agent, prompt, instruction, or skill, complete
these checks -->
* [ ] Used `/prompt-analyze` to review contribution
* [ ] Addressed all feedback from `prompt-builder` review
* [ ] Verified contribution follows common standards and type-specific
requirements
### Required Automated Checks
The following validation commands must pass before merging:
* [x] Markdown linting: `npm run lint:md`
* [x] Spell checking: `npm run spell-check`
* [x] Frontmatter validation: `npm run lint:frontmatter`
* [x] Skill structure validation: `npm run validate:skills`
* [x] Link validation: `npm run lint:md-links`
* [x] PowerShell analysis: `npm run lint:ps`
* [x] Plugin freshness: `npm run plugin:generate`
## Security Considerations
<!-- 1 parent 84ddd5d commit 6e4ea2e
File tree
3 files changed
+212
-192
lines changed- .github
- aw
- workflows
3 files changed
+212
-192
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
15 | 15 | | |
16 | 16 | | |
17 | 17 | | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
18 | 23 | | |
19 | 24 | | |
20 | 25 | | |
| |||
0 commit comments