hubcio opened a new pull request, #3231:
URL: https://github.com/apache/iggy/pull/3231
Reviewers cannot tell at a glance which open PRs are still in their
queue. Iggy's .asf.yaml requires 2 approvals with stale-dismiss, so
each push wipes prior approvals - the review backlog grows opaque
fast as PR volume rises.
Adopt rust-lang/triagebot's S-waiting-on-{review,author} pattern via
a single GitHub Actions workflow. Comment commands /ready, /author,
and /request-review @user move the labels explicitly; PR lifecycle
events (open, ready_for_review, converted_to_draft, closed) keep
them in sync without manual upkeep. Filter the queue with
`is:open is:pr label:S-waiting-on-review`.
The auth gate is author_association in {COLLABORATOR, OWNER}, which
matches @apache/iggy-committers. MEMBER is excluded deliberately -
it would admit any unrelated apache podling member.
issue_comment.created and pull_request_target are the only triggers;
the workflow never checks out a ref or executes PR-supplied code,
only calls the REST API via actions/github-script. This avoids the
pwn-request RCE class and stays inside the default GITHUB_TOKEN
scope - no PAT, no INFRA Jira ticket, no external host.
CODEOWNERS gains a `* @apache/iggy-committers` wildcard so reviewer
auto-request fires on every PR, not just .github/** changes.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
