Skip to content

Change PR approval condition for cap-java user #709

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
KoblerS merged 2 commits into from
Jan 7, 2026
Merged

Change PR approval condition for cap-java user #709

KoblerS merged 2 commits into from
Jan 7, 2026

Conversation

@KoblerS
Copy link
Collaborator

@KoblerS KoblerS commented Jan 7, 2026

Fixing that review is not always required, but only from users that are not part of the cap-java organisation

@KoblerS KoblerS self-assigned this Jan 7, 2026
@hyperspace-insights
Copy link
Contributor

hyperspace-insights bot commented Jan 7, 2026

Summary

The following content is AI-generated and provides a summary of the pull request:

Fix PR Approval Workflow for cap-java Organization

🔧 Chore: Corrected the GitHub workflow configuration to properly skip PR approval requirements for members of the cap-java organization.

Changes

  • .github/workflows/ci.yml: Updated the conditional check in the requires-approval job to reference cap-java instead of the incorrect cap-js organization name. This ensures that pull requests from cap-java organization members bypass the manual approval step, while external contributors still require approval before the workflow executes.
  • 🔄 Regenerate and Update Summary
  • ✏️ Insert as PR Description (deletes this comment)
  • 🗑️ Delete comment
PR Bot Information

Version: 1.17.5

  • Output Template: Default Template
  • Correlation ID: 58a30910-ebd0-11f0-8e7e-9de3917b0140
  • Summary Prompt: Default Prompt
  • LLM: anthropic--claude-4.5-sonnet
  • Event Trigger: pull_request.opened

💌 Have ideas or want to contribute? Create an issue and share your thoughts with us!
📑 Check out the documentation for more information.

Made with ❤️ by Hyperspace.

@KoblerS KoblerS requested review from a team and removed request for Schmarvinius January 7, 2026 13:54
hyperspace-insights[bot]
hyperspace-insights bot reviewed Jan 7, 2026
View reviewed changes
Copy link
Contributor

@hyperspace-insights hyperspace-insights bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Summary

This pull request introduces a critical logic error in the PR approval workflow. The condition checks the wrong GitHub context field (base.user.login instead of the PR author or source repository owner), which inverts the intended security behavior: it will require approval from trusted cap-java organization members while skipping approval for external contributors. This defeats the purpose of the pull_request_target security gate and should be corrected before merging.

PR Bot Information

Version: 1.17.5

  • Event Trigger: pull_request.opened
  • Correlation ID: 58a30910-ebd0-11f0-8e7e-9de3917b0140
  • LLM: anthropic--claude-4.5-sonnet

@KoblerS KoblerS requested a review from eric-pSAP January 7, 2026 14:08
@KoblerS KoblerS merged commit 9aa3c46 into main Jan 7, 2026
2 of 3 checks passed
@KoblerS KoblerS deleted the KoblerS-patch-1 branch January 7, 2026 14:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hyperspace-insights hyperspace-insights[bot] hyperspace-insights[bot] left review comments

@eric-pSAP eric-pSAP eric-pSAP approved these changes

@busehalis-sap busehalis-sap Awaiting requested review from busehalis-sap

Assignees

@KoblerS KoblerS

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@KoblerS @eric-pSAP