From ccf5324dd21c9baecfb817376ce05215990003aa Mon Sep 17 00:00:00 2001 From: atishj99 Date: Thu, 9 Jul 2026 14:17:46 +0530 Subject: [PATCH 1/5] updating ast-cli version to 2.3.55 --- checkmarx-ast-cli.version | 2 +- src/main/wrapper/resources/cx-linux | 4 ++-- src/main/wrapper/resources/cx-mac | 4 ++-- src/main/wrapper/resources/cx.exe | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/checkmarx-ast-cli.version b/checkmarx-ast-cli.version index fae1739..e62a93d 100644 --- a/checkmarx-ast-cli.version +++ b/checkmarx-ast-cli.version @@ -1 +1 @@ -2.3.54 +2.3.55 diff --git a/src/main/wrapper/resources/cx-linux b/src/main/wrapper/resources/cx-linux index 85f008e..452bd05 100755 --- a/src/main/wrapper/resources/cx-linux +++ b/src/main/wrapper/resources/cx-linux @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:776d9864c0104e1d0023641ef931bd1c58478cf56768ce77f2bfbfd6e9e64493 -size 80568482 +oid sha256:d76d1d464af46b0dc5976f8c79560344d86e1641b6eb1959e7a8120f5eab7293 +size 83103906 diff --git a/src/main/wrapper/resources/cx-mac b/src/main/wrapper/resources/cx-mac index e137bc6..951f21f 100755 --- a/src/main/wrapper/resources/cx-mac +++ b/src/main/wrapper/resources/cx-mac @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:df4a2d6b72936afa65df8730f0ee491f6d518286421063f50df2e48d3d5b56f9 -size 160422432 +oid sha256:2a777f54cae91dc22e27dead84734ef5e84107011c9ffde441be988b9c25ac86 +size 165550656 diff --git a/src/main/wrapper/resources/cx.exe b/src/main/wrapper/resources/cx.exe index f2f6b69..7d3cbb8 100644 --- a/src/main/wrapper/resources/cx.exe +++ b/src/main/wrapper/resources/cx.exe @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:c7227ac9dd89f344c12629d367774a2428595b3daff0a2e710981d924f13dbf4 -size 82488128 +oid sha256:8c9bf6f587910590eebde2364f19c4884f814561afbcdfcc9be3f038fdfc1199 +size 85082432 From 882c37e2689c8759d94dbbfd3246927ae5bbf449 Mon Sep 17 00:00:00 2001 From: atishj99 Date: Thu, 9 Jul 2026 16:20:47 +0530 Subject: [PATCH 2/5] vulnerability fixes --- .github/workflows/ci.yml | 10 +++++- .github/workflows/release.yml | 10 ++++++ .npmrc | 4 ++- package-lock.json | 67 ++++++++++++++--------------------- package.json | 4 +-- 5 files changed, 50 insertions(+), 45 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ae6ab87..80e99a0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,8 +34,16 @@ jobs: uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: 22.11.0 - registry-url: https://npm.pkg.github.com/ + registry-url: https://npm.echohq.com/ + - name: Configure echohq auth (both hosts) + env: + ECHO_NPM_TOKEN: ${{ secrets.ECHO_NPM_TOKEN }} + run: | + npm config set //npm.echohq.com/:_authToken "${ECHO_NPM_TOKEN}" + npm config set //packages.echohq.com/:_authToken "${ECHO_NPM_TOKEN}" - run: npm ci + env: + ECHO_NPM_TOKEN: ${{ secrets.ECHO_NPM_TOKEN }} - name: Code Linting run: npm run lint - run: npm run build --if-present diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e81704b..4732cd0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -101,6 +101,14 @@ jobs: node-version: 22.11.0 registry-url: https://npm.echohq.com/ + # CONFIGURE ECHOHQ AUTH + - name: Configure echohq auth (both hosts) + env: + ECHO_NPM_TOKEN: ${{ secrets.ECHO_NPM_TOKEN }} + run: | + npm config set //npm.echohq.com/:_authToken "${ECHO_NPM_TOKEN}" + npm config set //packages.echohq.com/:_authToken "${ECHO_NPM_TOKEN}" + # CONFIGURE GITHUB PACKAGES AUTH FOR PUBLISH - name: Configure GitHub Packages auth env: @@ -145,6 +153,8 @@ jobs: # RUN NPM INSTALL AND BUILD - name: NPM ci and build + env: + ECHO_NPM_TOKEN: ${{ secrets.ECHO_NPM_TOKEN }} run: | npm ci npm run build diff --git a/.npmrc b/.npmrc index 9990ccf..3280741 100644 --- a/.npmrc +++ b/.npmrc @@ -1,4 +1,6 @@ # Default registry for most packages registry=https://npm.echohq.com/ - +//npm.echohq.com/:_authToken= +//packages.echohq.com/:_authToken= +always-auth=true ignore-scripts=true \ No newline at end of file diff --git a/package-lock.json b/package-lock.json index 5c5d50f..d7b4375 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1279,7 +1279,6 @@ "integrity": "sha512-VlJEV0fOQ7BExOsHYAGrgbEiZoi8D+Bl2+f6V2RrXerRSylnp+ZBHmPvaIa8cz0Ajx7WO7Z5RqfgYg7ED1nRhA==", "dev": true, "license": "BSD-2-Clause", - "peer": true, "dependencies": { "@typescript-eslint/scope-manager": "5.62.0", "@typescript-eslint/types": "5.62.0", @@ -1441,7 +1440,6 @@ "integrity": "sha512-xRQbDb9BnwDafYNn6Vwl839DYVjqXYb1XVGtWAZ1kcDc6iwAL4hg3B1dZlRiuENFeO2H53gFG3in621AdERVAg==", "dev": true, "license": "MIT", - "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -1698,13 +1696,6 @@ "@babel/core": "^7.0.0" } }, - "node_modules/balanced-match": { - "version": "1.0.2", - "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/balanced-match/-/balanced-match-1.0.2.tgz", - "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", - "dev": true, - "license": "MIT" - }, "node_modules/baseline-browser-mapping": { "version": "2.10.38", "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/baseline-browser-mapping/-/baseline-browser-mapping-2.10.38.tgz", @@ -1718,16 +1709,6 @@ "node": ">=6.0.0" } }, - "node_modules/brace-expansion": { - "version": "2.0.3", - "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/brace-expansion/-/brace-expansion-2.0.3.tgz", - "integrity": "sha512-MCV/fYJEbqx68aE58kv2cA/kiky1G8vux3OR6/jbS+jIMe/6fJWa0DTzJU7dqijOWYwHi1t29FlfYI9uytqlpA==", - "dev": true, - "license": "MIT", - "dependencies": { - "balanced-match": "^1.0.0" - } - }, "node_modules/braces": { "version": "3.0.3", "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/braces/-/braces-3.0.3.tgz", @@ -1761,7 +1742,6 @@ } ], "license": "MIT", - "peer": true, "dependencies": { "baseline-browser-mapping": "^2.10.38", "caniuse-lite": "^1.0.30001799", @@ -2213,7 +2193,6 @@ "deprecated": "This version is no longer supported. Please see https://eslint.org/version-support for other options.", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@eslint/eslintrc": "^1.0.3", "@humanwhocodes/config-array": "^0.6.0", @@ -2718,21 +2697,6 @@ "dev": true, "license": "ISC" }, - "node_modules/fsevents": { - "version": "2.3.3", - "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/fsevents/-/fsevents-2.3.3.tgz", - "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==", - "dev": true, - "hasInstallScript": true, - "license": "MIT", - "optional": true, - "os": [ - "darwin" - ], - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, "node_modules/function-bind": { "version": "1.1.2", "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/function-bind/-/function-bind-1.1.2.tgz", @@ -3196,7 +3160,6 @@ "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@jest/core": "^29.7.0", "@jest/types": "^29.6.3", @@ -4165,9 +4128,9 @@ "license": "MIT" }, "node_modules/js-yaml": { - "version": "4.2.0", - "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/js-yaml/-/js-yaml-4.2.0.tgz", - "integrity": "sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==", + "version": "4.3.0", + "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/js-yaml/-/js-yaml-4.3.0.tgz", + "integrity": "sha512-1td788aAnnZ5qs7V2QIRl1owjtYpbKt749Y3xauqQgwIIGF/xXWz1wMTEBx5O3LK3lXLVuqXPdPxj2BoFHaW9Q==", "dev": true, "funding": [ { @@ -4449,6 +4412,29 @@ "node": "*" } }, + "node_modules/minimatch/node_modules/balanced-match": { + "version": "3.0.1", + "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/balanced-match/-/balanced-match-3.0.1.tgz", + "integrity": "sha512-vjtV3hiLqYDNRoiAv0zC4QaGAMPomEoq83PRmYIofPswwZurCeWR5LByXm7SyoL0Zh5+2z0+HC7jG8gSZJUh0w==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 16" + } + }, + "node_modules/minimatch/node_modules/brace-expansion": { + "version": "3.0.0", + "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/brace-expansion/-/brace-expansion-3.0.0.tgz", + "integrity": "sha512-P+6OwxY7i0tsp0Xdei2CjvVOQke51REB4c2d2wCckcMn6NBElNqLuzr6PsxFCdJ3i/cpGEkZ/Nng5I7ZkLo0CA==", + "dev": true, + "license": "MIT", + "dependencies": { + "balanced-match": "^3.0.0" + }, + "engines": { + "node": ">= 18" + } + }, "node_modules/minimist": { "version": "1.2.8", "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/minimist/-/minimist-1.2.8.tgz", @@ -5514,7 +5500,6 @@ "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==", "dev": true, "license": "Apache-2.0", - "peer": true, "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" diff --git a/package.json b/package.json index 19d2f8b..7d914b5 100644 --- a/package.json +++ b/package.json @@ -44,10 +44,10 @@ "flatted": "^3.4.2", "picomatch": "2.3.2", "serialize-javascript": "6.0.2", - "brace-expansion": "2.0.3", + "brace-expansion": "3.0.0", "lodash": "4.18.0", "uuid": "14.0.0", - "js-yaml": "4.2.0" + "js-yaml": "4.3.0" }, "publishConfig": { "registry": "https://npm.pkg.github.com" From 6f5de9b4e3b586ac9d8ce1e8ae5cf573373d55b2 Mon Sep 17 00:00:00 2001 From: atishj99 Date: Thu, 9 Jul 2026 16:37:33 +0530 Subject: [PATCH 3/5] brace expansion cve fix --- package-lock.json | 46 +++++++++++++++++++++++----------------------- package.json | 2 +- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/package-lock.json b/package-lock.json index d7b4375..e847573 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1696,6 +1696,16 @@ "@babel/core": "^7.0.0" } }, + "node_modules/balanced-match": { + "version": "4.0.4", + "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/balanced-match/-/balanced-match-4.0.4.tgz", + "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==", + "dev": true, + "license": "MIT", + "engines": { + "node": "18 || 20 || >=22" + } + }, "node_modules/baseline-browser-mapping": { "version": "2.10.38", "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/baseline-browser-mapping/-/baseline-browser-mapping-2.10.38.tgz", @@ -1709,6 +1719,19 @@ "node": ">=6.0.0" } }, + "node_modules/brace-expansion": { + "version": "5.0.7", + "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/brace-expansion/-/brace-expansion-5.0.7.tgz", + "integrity": "sha512-7oFy703dxfY3/NLxC1fh2SUCQ0H9rmAY+5EpDVfXjUTTs+HEwR2nYaqLv+GWcTsumwxPfiz6CzCNkwXwBUwqCA==", + "dev": true, + "license": "MIT", + "dependencies": { + "balanced-match": "^4.0.2" + }, + "engines": { + "node": "18 || 20 || >=22" + } + }, "node_modules/braces": { "version": "3.0.3", "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/braces/-/braces-3.0.3.tgz", @@ -4412,29 +4435,6 @@ "node": "*" } }, - "node_modules/minimatch/node_modules/balanced-match": { - "version": "3.0.1", - "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/balanced-match/-/balanced-match-3.0.1.tgz", - "integrity": "sha512-vjtV3hiLqYDNRoiAv0zC4QaGAMPomEoq83PRmYIofPswwZurCeWR5LByXm7SyoL0Zh5+2z0+HC7jG8gSZJUh0w==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">= 16" - } - }, - "node_modules/minimatch/node_modules/brace-expansion": { - "version": "3.0.0", - "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/brace-expansion/-/brace-expansion-3.0.0.tgz", - "integrity": "sha512-P+6OwxY7i0tsp0Xdei2CjvVOQke51REB4c2d2wCckcMn6NBElNqLuzr6PsxFCdJ3i/cpGEkZ/Nng5I7ZkLo0CA==", - "dev": true, - "license": "MIT", - "dependencies": { - "balanced-match": "^3.0.0" - }, - "engines": { - "node": ">= 18" - } - }, "node_modules/minimist": { "version": "1.2.8", "resolved": "https://packages.echohq.com/artifactory/api/npm/npm/minimist/-/minimist-1.2.8.tgz", diff --git a/package.json b/package.json index 7d914b5..3e95b18 100644 --- a/package.json +++ b/package.json @@ -44,7 +44,7 @@ "flatted": "^3.4.2", "picomatch": "2.3.2", "serialize-javascript": "6.0.2", - "brace-expansion": "3.0.0", + "brace-expansion": "5.0.7", "lodash": "4.18.0", "uuid": "14.0.0", "js-yaml": "4.3.0" From 02660ac226231912314d5214cb6007f13fc37452 Mon Sep 17 00:00:00 2001 From: atishj99 Date: Thu, 9 Jul 2026 17:48:51 +0530 Subject: [PATCH 4/5] changing variable name --- .github/workflows/ast-cli-team-review.yml | 76 ----------------------- .github/workflows/ci.yml | 8 +-- .github/workflows/release.yml | 8 +-- 3 files changed, 8 insertions(+), 84 deletions(-) delete mode 100644 .github/workflows/ast-cli-team-review.yml diff --git a/.github/workflows/ast-cli-team-review.yml b/.github/workflows/ast-cli-team-review.yml deleted file mode 100644 index e44e870..0000000 --- a/.github/workflows/ast-cli-team-review.yml +++ /dev/null @@ -1,76 +0,0 @@ -name: add-assignee-and-reviewers - -on: - pull_request_target: - types: [ready_for_review, opened, reopened, review_requested, edited] - -permissions: - contents: read - issues: write - pull-requests: read - -jobs: - add-assignee-and-reviewers: - runs-on: cx-public-ubuntu-x64 - if: ${{ github.event.pull_request.user.type != 'Bot' }} - steps: - - name: Set up GitHub CLI - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - with: - version: latest - - - name: Authenticate GitHub CLI - env: - GH_TOKEN: ${{ secrets.AST_CLI_GH_TOKEN }} - run: gh auth status - - - name: Fetch team members - id: team - env: - GH_TOKEN: ${{ secrets.AST_CLI_GH_TOKEN }} - run: | - gh api orgs/Checkmarx/teams/ast-sypher-team/members --jq '.[].login' > team_members.txt - echo "✅ Team members:" - cat team_members.txt - - - name: Fetch current reviewers - id: reviewers - env: - GH_TOKEN: ${{ secrets.AST_CLI_GH_TOKEN }} - PR_NUMBER: ${{ github.event.pull_request.number }} - run: | - gh pr view "$PR_NUMBER" --json reviewRequests --jq '.reviewRequests' > all_reviewers.json - - jq -r '.[] | select(.type == "User") | .login' all_reviewers.json > user_reviewers.txt - jq -r '.[] | select(.type == "Team") | .login' all_reviewers.json > team_reviewers.txt - - echo "👤 User reviewers:" - cat user_reviewers.txt || echo "None" - - echo "👥 Team reviewers:" - cat team_reviewers.txt || echo "None" - - - name: Validate reviewers are only from ast-sypher-team - run: | - INVALID_USERS=() - while read reviewer; do - if ! grep -qx "$reviewer" team_members.txt; then - INVALID_USERS+=("$reviewer") - fi - done < user_reviewers.txt || true - - INVALID_TEAMS=() - while read team; do - if [ "$team" != "ast-sypher-team" ]; then - INVALID_TEAMS+=("$team") - fi - done < team_reviewers.txt || true - - if [ ${#INVALID_USERS[@]} -gt 0 ] || [ ${#INVALID_TEAMS[@]} -gt 0 ]; then - echo "❌ Invalid reviewers detected!" - echo "Invalid users: ${INVALID_USERS[*]}" - echo "Invalid teams: ${INVALID_TEAMS[*]}" - exit 1 - fi - - echo "✅ All reviewers are valid members of the ast-sypher-team or the team itself." diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 80e99a0..39bb705 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -37,13 +37,13 @@ jobs: registry-url: https://npm.echohq.com/ - name: Configure echohq auth (both hosts) env: - ECHO_NPM_TOKEN: ${{ secrets.ECHO_NPM_TOKEN }} + ECHO_LIBRARIES_ACCESS_KEY: ${{ secrets.ECHO_LIBRARIES_ACCESS_KEY }} run: | - npm config set //npm.echohq.com/:_authToken "${ECHO_NPM_TOKEN}" - npm config set //packages.echohq.com/:_authToken "${ECHO_NPM_TOKEN}" + npm config set //npm.echohq.com/:_authToken "${ECHO_LIBRARIES_ACCESS_KEY}" + npm config set //packages.echohq.com/:_authToken "${ECHO_LIBRARIES_ACCESS_KEY}" - run: npm ci env: - ECHO_NPM_TOKEN: ${{ secrets.ECHO_NPM_TOKEN }} + ECHO_LIBRARIES_ACCESS_KEY: ${{ secrets.ECHO_LIBRARIES_ACCESS_KEY }} - name: Code Linting run: npm run lint - run: npm run build --if-present diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4732cd0..7792f44 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -104,10 +104,10 @@ jobs: # CONFIGURE ECHOHQ AUTH - name: Configure echohq auth (both hosts) env: - ECHO_NPM_TOKEN: ${{ secrets.ECHO_NPM_TOKEN }} + ECHO_LIBRARIES_ACCESS_KEY: ${{ secrets.ECHO_LIBRARIES_ACCESS_KEY }} run: | - npm config set //npm.echohq.com/:_authToken "${ECHO_NPM_TOKEN}" - npm config set //packages.echohq.com/:_authToken "${ECHO_NPM_TOKEN}" + npm config set //npm.echohq.com/:_authToken "${ECHO_LIBRARIES_ACCESS_KEY}" + npm config set //packages.echohq.com/:_authToken "${ECHO_LIBRARIES_ACCESS_KEY}" # CONFIGURE GITHUB PACKAGES AUTH FOR PUBLISH - name: Configure GitHub Packages auth @@ -154,7 +154,7 @@ jobs: # RUN NPM INSTALL AND BUILD - name: NPM ci and build env: - ECHO_NPM_TOKEN: ${{ secrets.ECHO_NPM_TOKEN }} + ECHO_LIBRARIES_ACCESS_KEY: ${{ secrets.ECHO_LIBRARIES_ACCESS_KEY }} run: | npm ci npm run build From 78f1045eee92af3b06a1122f3620dbf1a05a0c68 Mon Sep 17 00:00:00 2001 From: atishj99 Date: Thu, 9 Jul 2026 18:50:51 +0530 Subject: [PATCH 5/5] removing bot review actions --- .github/workflows/auto-merge-pr.yml | 23 ----------------------- .github/workflows/pr-automation.yml | 22 ---------------------- 2 files changed, 45 deletions(-) delete mode 100644 .github/workflows/auto-merge-pr.yml delete mode 100644 .github/workflows/pr-automation.yml diff --git a/.github/workflows/auto-merge-pr.yml b/.github/workflows/auto-merge-pr.yml deleted file mode 100644 index 548bb47..0000000 --- a/.github/workflows/auto-merge-pr.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Post-Check Actions -on: [pull_request] - -permissions: - contents: read - -jobs: - dependabot-merge: - permissions: - contents: write - pull-requests: write - runs-on: cx-public-ubuntu-x64 - if: contains(github.head_ref, 'feature/update_cli') - steps: - - name: Enable auto-merge for Dependabot PRs - env: - PR_URL: ${{ github.event.pull_request.html_url }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: gh pr merge --auto --squash "$PR_URL" - - name: Auto approve dependabot PRs - uses: step-security/auto-approve-action@0c28339628c8e79ab2f6813291e7e6cd584b4d30 # v4.0.0 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pr-automation.yml b/.github/workflows/pr-automation.yml deleted file mode 100644 index 2c5da62..0000000 --- a/.github/workflows/pr-automation.yml +++ /dev/null @@ -1,22 +0,0 @@ -# name: PR Automation -# on: -# pull_request_target: -# types: [ready_for_review, opened, reopened] - -# permissions: -# contents: none -# issues: write -# pull-requests: write - -# jobs: -# add-reviewers: -# runs-on: ubuntu-latest -# if: ${{ github.event.pull_request.user.type != 'Bot' }} -# steps: -# - name: Request reviewers -# env: -# GH_REPO: ${{ github.repository }} -# GH_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} -# PRNUM: ${{ github.event.pull_request.number }} -# PRAUTHOR: ${{ github.event.pull_request.user.login }} -# run: gh pr edit $PRNUM