feat: implement issue #280 — [Fleet Monitor] petry-projects/broodly — pr-review-mention.yml#281
feat: implement issue #280 — [Fleet Monitor] petry-projects/broodly — pr-review-mention.yml#281don-petry wants to merge 3 commits into
Conversation
… pr-review-mention.yml
|
Warning Review limit reached
More reviews will be available in 55 minutes and 19 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
📝 WalkthroughWalkthroughThis PR adds a security guard to the PR review mention workflow that prevents untrusted actors from triggering automation, and extends gitignore to exclude a development lead directory from version control. ChangesInfrastructure Configuration Updates
Estimated code review effort🎯 2 (Simple) | ⏱️ ~7 minutes Possibly related issues
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
| .dev-lead/ | ||
| .dev-lead/ | ||
| .dev-lead/ | ||
| .dev-lead/ |
Dev-Lead — fix-reviews (applied)Changes committed and pushed. |
There was a problem hiding this comment.
Pull request overview
This PR aims to reduce the failure rate of the pr-review-mention.yml workflow (Issue #280) by adding a job-level trust guard to avoid approval-gated runs when the triggering actor is untrusted.
Changes:
- Added a job-level
if:guard to only invoke thepr-review-mentionreusable workflow for trusted actors on comment-based triggers. - Added an additional
.dev-lead/entry to.gitignore(duplicating an already-repeated ignore rule).
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
.github/workflows/pr-review-mention.yml |
Adds a trust-gating if: condition before calling the reusable workflow with secrets: inherit. |
.gitignore |
Adds another .dev-lead/ ignore entry (increasing duplication). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # trigger GitHub's approval gate on `secrets: inherit`, producing action_required | ||
| # failures instead of clean skips. Mirrors the trust check inside the reusable. | ||
| if: | | ||
| github.event_name == 'pull_request' || |
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
.gitignore (1)
65-70:⚠️ Potential issue | 🟡 Minor | ⚡ Quick winRemove duplicate
.dev-lead/entries.The pattern
.dev-lead/appears 6 times consecutively. Gitignore only requires each pattern to be listed once.🧹 Proposed fix to remove duplicates
-.dev-lead/ -.dev-lead/ -.dev-lead/ -.dev-lead/ -.dev-lead/ .dev-lead/🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.gitignore around lines 65 - 70, The .gitignore contains six duplicate entries of the pattern ".dev-lead/"; open the .gitignore file and remove the extra lines so the pattern ".dev-lead/" appears only once, leaving a single entry to ignore that directory (no other changes needed).
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Outside diff comments:
In @.gitignore:
- Around line 65-70: The .gitignore contains six duplicate entries of the
pattern ".dev-lead/"; open the .gitignore file and remove the extra lines so the
pattern ".dev-lead/" appears only once, leaving a single entry to ignore that
directory (no other changes needed).
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: b6a18ea2-c01f-4448-8c7c-0c45473cff0d
📒 Files selected for processing (2)
.github/workflows/pr-review-mention.yml.gitignore
Dev-Lead — fix-reviews (applied)Changes committed and pushed. |
|
|
Auto-rebase failed — merge conflict — this branch has conflicts with dev-lead will attempt to resolve this automatically. If it cannot, a follow-up comment will explain what needs manual attention. To resolve manually instead: |
|
Auto-rebase failed — merge conflict — this branch has conflicts with dev-lead will attempt to resolve this automatically. If it cannot, a follow-up comment will explain what needs manual attention. To resolve manually instead: |
|
Closing due to merge conflict that cannot be auto-rebased. Re-implementing from fresh main via dev-lead. |



Closes #280
Implemented by dev-lead agent. Please review.
Summary by CodeRabbit