Skip to content

[Snyk] Fix for 2 vulnerabilities #13

[Snyk] Fix for 2 vulnerabilities

[Snyk] Fix for 2 vulnerabilities #13

name: Notify When Maintainers Cannot Edit
# **What it does**: Notifies the author of a PR when their PR does not allow maintainers to edit it.
# **Why we have it**: To prevent having to do this manually.
# **Who does it impact**: Open-source.
on:
pull_request_target:
types:
- opened
permissions:
pull-requests: write
jobs:
notify-when-maintainers-cannot-edit:
if: github.repository == 'github/docs'
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
with:
script: |
const query = `
query($number: Int!) {
repository(owner: "github", name: "docs") {
pullRequest(number: $number) {
headRepositoryOwner {
login
}
maintainerCanModify
}
}
}
`;
const pullNumber = context.issue.number;
const variables = { number: pullNumber };
try {
console.log(`Check github/docs#${pullNumber} for maintainer edit access ...`);
const result = await github.graphql(query, variables);
console.log(JSON.stringify(result, null, 2));
const pullRequest = result.repository.pullRequest;
if (pullRequest.headRepositoryOwner.login === 'github') {
console.log('PR owned by github');
return;
}
if (!pullRequest.maintainerCanModify) {
console.log('PR not owned by github and does not have maintainer edits enabled');
await github.issues.createComment({
issue_number: pullNumber,
owner: 'github',
repo: 'docs',
body: "Thanks for submitting a PR to the GitHub Docs project!\n\nIn order to review and merge PRs most efficiently, we require that all PRs grant maintainer edit access before we review them. For information on how to do this, [see the documentation](https://docs.github.com/en/github/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork)."
});
}
} catch(e) {
console.log(e);
}