Skip to content

fix: disable Claude/CodeRabbit check-suite auto-trigger; fix label settings#261

Closed
don-petry wants to merge 43 commits into
mainfrom
claude/issue-257-20260508-1427
Closed

fix: disable Claude/CodeRabbit check-suite auto-trigger; fix label settings#261
don-petry wants to merge 43 commits into
mainfrom
claude/issue-257-20260508-1427

Conversation

@don-petry

@don-petry don-petry commented May 8, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • API fix (applied directly): PATCHed repos/petry-projects/google-app-scripts/check-suites/preferences to set auto_trigger_checks: false for Claude (app_id 1236702) and CodeRabbit (app_id 347564). This eliminates orphaned queued check suites created on every push that permanently blocked GitHub auto-merge.
  • Label compliance fix: Updated .github/settings.yml — corrected the security label color (e4e669d93f0b) and description, and added all six missing standard labels (dependencies, scorecard, bug, enhancement, documentation, in-progress) per the org label standard.

Closes #257

Test plan

  • Verify the next weekly compliance audit does not raise check-suite-auto-trigger-1236702 for this repo
  • Verify auto-merge is unblocked on future Dependabot PRs

Generated with Claude Code

Summary by CodeRabbit

  • Chores
    • Updated the Security label’s appearance and wording to better reflect security-related PRs and issues.
    • Added standard repository labels — Dependencies, Scorecard, Bug, Enhancement, Documentation, and In-Progress — to improve issue/PR organization, triage clarity, and workflow consistency across the project.

…ttings

- Applied PATCH to repos/petry-projects/google-app-scripts/check-suites/preferences
  to set auto_trigger_checks=false for Claude (app_id 1236702) and CodeRabbit
  (app_id 347564), eliminating orphaned queued suites that block auto-merge.
- Updated .github/settings.yml: fix security label color (e4e669→d93f0b) and
  description; add all six missing standard labels per org label standards.

Closes #257

Co-authored-by: Don Petry <don-petry@users.noreply.github.com>
Copilot AI review requested due to automatic review settings May 8, 2026 14:30
@don-petry don-petry requested a review from a team as a code owner May 8, 2026 14:30
@coderabbitai

coderabbitai Bot commented May 8, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@github-actions[bot], we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 36 minutes and 51 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 549acb76-89ca-4ac1-ad7b-bb5d701bdecb

📥 Commits

Reviewing files that changed from the base of the PR and between 53780b7 and 493b610.

📒 Files selected for processing (1)
  • .gitignore
📝 Walkthrough

Walkthrough

The PR updates .github/settings.yml: it modifies the security label's color and description and adds six new labels (dependencies, scorecard, bug, enhancement, documentation, in-progress) with colors and descriptions.

Changes

Repository Label Configuration

Layer / File(s) Summary
Label Definitions
.github/settings.yml
security label color changed from e4e669 to d93f0b and description updated from "Security vulnerability or concern" to "Security-related PRs and issues". Six new labels added: dependencies, scorecard, bug, enhancement, documentation, and in-progress, each with assigned colors and descriptions.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

Suggested reviewers

  • donpetry-bot
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Linked Issues check ❓ Inconclusive The PR addresses the linked issue #257 by updating label settings in .github/settings.yml, but the critical auto-trigger disablement was applied directly via GitHub API rather than through code changes in this PR. Clarify whether the direct API PATCH to disable auto_trigger_checks satisfies issue #257, or if code changes are required to properly close the issue.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the two main changes: disabling Claude/CodeRabbit check-suite auto-trigger and fixing label settings, which directly correspond to the pull request's objectives.
Out of Scope Changes check ✅ Passed The PR includes label configuration updates (.github/settings.yml) which are related to the broader compliance objective, though the primary auto-trigger fix was applied via direct API calls outside this changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch claude/issue-257-20260508-1427

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@don-petry

Copy link
Copy Markdown
Collaborator Author

@petry-projects/org-leads — CI is running on this compliance fix PR. The change:

  1. Settings applied directly (no PR needed for this part): disabled auto_trigger_checks for Claude (app_id 1236702) and CodeRabbit (app_id 347564) via a direct PATCH to the GitHub API — resolves the orphaned queued check suites that were blocking auto-merge.

  2. Code change in this PR: Updated .github/settings.yml to align with org label standards — fixed the security label color/description and added the six missing standard labels.

Please review and merge when CI passes.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Tracks compliance remediation work for this repository: aligning repo labels with the org standard set and (per PR description) addressing orphaned Claude/CodeRabbit check suites that block auto-merge.

Changes:

  • Updates the security label color/description to match the referenced standard.
  • Adds the missing standard labels: dependencies, scorecard, bug, enhancement, documentation, in-progress.

Comment thread .github/settings.yml
Comment on lines 4 to +9
# Labels — standard set
# Reference: https://github.com/petry-projects/.github/blob/main/standards/github-settings.md#labels--standard-set
labels:
- name: security
color: e4e669
description: Security vulnerability or concern
color: d93f0b
description: Security-related PRs and issues

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
.github/settings.yml (1)

10-27: 💤 Low value

LGTM — six new labels are well-formed.

All required fields (name, color, description) are present and valid. Quoting hex values that start with digits ('0075ca') is correct YAML practice.

One optional note: scorecard (Line 14) and security (Line 8) share the same color d93f0b. If this is intentional per org standard to visually group security-related labels, no action needed. If unintentional, consider a distinct color for scorecard to differentiate them at a glance in the GitHub UI.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/settings.yml around lines 10 - 27, The labels file defines both
scorecard and security with the same color d93f0b; if you want them visually
distinct, update the scorecard label's color value in the settings YAML (the
scorecard entry's color field) to a different hex code (ensure you quote the hex
if it begins with a digit, e.g., 'aabbcc') and keep the security label
unchanged; if the identical color is intentional, leave the scorecard color
as-is.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In @.github/settings.yml:
- Around line 10-27: The labels file defines both scorecard and security with
the same color d93f0b; if you want them visually distinct, update the scorecard
label's color value in the settings YAML (the scorecard entry's color field) to
a different hex code (ensure you quote the hex if it begins with a digit, e.g.,
'aabbcc') and keep the security label unchanged; if the identical color is
intentional, leave the scorecard color as-is.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: f72f1c0c-0b5f-4609-a83f-809ef78ac4dc

📥 Commits

Reviewing files that changed from the base of the PR and between 82a2d55 and f48411e.

📒 Files selected for processing (1)
  • .github/settings.yml

donpetry-bot
donpetry-bot previously approved these changes May 30, 2026

@donpetry-bot donpetry-bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automated review — APPROVED ✓

Risk: LOW
Reviewed commit: 0a182c15c4b0fa14c9526d6f555f6b0fd8f92be6
Review mode: triage-approved (single reviewer)

Summary

Single-file configuration change to .github/settings.yml: corrects the security label color (e4e669d93f0b) and description, and adds the six missing standard labels (dependencies, scorecard, bug, enhancement, documentation, in-progress). I cross-checked every new entry against petry-projects/.github/standards/github-settings.md — names, hex colors, and descriptions match the standard exactly. The CodeRabbit nitpick about security and scorecard sharing color d93f0b is by design per the org standard. The orphaned check-suite portion of issue #257 was resolved out-of-band via direct API PATCH (as documented in the PR body).

Linked issue analysis

Closes #257 ("Compliance: check-suite-auto-trigger-1236702"). The primary remediation (disabling auto_trigger_checks for Claude / CodeRabbit) was applied directly via the GitHub API; this PR carries the in-repo compliance work — aligning labels with the org standard set referenced from the same standards doc. Issue #257 is already closed.

Findings

None blocking.

  • Label set matches the org standard one-for-one (color and description).
  • Quoting hex values that start with a digit ('0075ca', 'e4e669'-style) is correct YAML.
  • No secrets, auth, migration, or workflow surface touched.
  • PR is MERGEABLE but BEHIND — a merge from main may be needed before merging; not a code-quality concern.

CI status

All required checks passed: CodeQL, Analyze (actions), Analyze (javascript-typescript), Analyze (python), CodeRabbit. SonarCloud Quality Gate passed (0 new issues, 0 security hotspots).


Reviewed automatically by the PR-review agent (single-reviewer mode: opus 4.7). Reply if you need a human review.

@don-petry

Copy link
Copy Markdown
Collaborator Author

Dev-Lead — review-changes (no-changes)

No changes were needed for this PR.

@don-petry

Copy link
Copy Markdown
Collaborator Author

Dev-Lead — fix-bot-comment (applied)

Changes committed and pushed.

@don-petry

Copy link
Copy Markdown
Collaborator Author

Dev-Lead — review-changes (applied)

Changes committed and pushed.

@don-petry

Copy link
Copy Markdown
Collaborator Author

Dev-Lead — review-changes (applied)

Changes committed and pushed.

@don-petry

Copy link
Copy Markdown
Collaborator Author

Dev-Lead — review-changes (applied)

Changes committed and pushed.

@sonarqubecloud

sonarqubecloud Bot commented Jun 1, 2026

Copy link
Copy Markdown

@don-petry don-petry added the dev-lead For dev-lead agent pickup label Jun 2, 2026
@don-petry

Copy link
Copy Markdown
Collaborator Author

Closing due to merge conflict that cannot be auto-rebased. Re-implementing from fresh main via dev-lead.

@don-petry don-petry closed this Jun 2, 2026
auto-merge was automatically disabled June 2, 2026 12:15

Pull request was closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dev-lead For dev-lead agent pickup

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Compliance: check-suite-auto-trigger-1236702

3 participants