ci: exempt mergify-ci-bot from human review for autobump PRs#22
Merged
Merged
Conversation
The ci-bot homebrew-tap-sync workflow opens mergify-cli formula bump PRs authored by the mergify-ci-bot user. Treat it like dependabot[bot]: add it to the `automated updates` queue conditions and exclude it from the `👀 Review Requirements` protection, so the bump PR auto-queues on all-greens with no human approval. Safe by construction — CI downloads and tests all four binaries, so a wrong url/sha turns CI red and the PR never queues. Related to MRGFY-7687 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Change-Id: If1c23685fcf46b333162e01b865df605192444c1
Merge Protections🟢 All 6 merge protections satisfied — ready to merge. |
There was a problem hiding this comment.
Pull request overview
Updates the repository’s Mergify configuration to treat PRs authored by mergify-ci-bot the same way as Dependabot PRs, allowing fully-CI-validated autobump PRs to merge without the human 2-approval requirement.
Changes:
- Expands the
automated updatesqueue rule to match PRs authored by eitherdependabot[bot]ormergify-ci-bot. - Updates the
👀 Review Requirementsmerge protection so the 2-approval requirement does not apply to PRs authored bymergify-ci-bot(mirroring the existing Dependabot exemption).
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
jd
approved these changes
Jun 17, 2026
JulianMaurin
approved these changes
Jun 17, 2026
remyduthu
approved these changes
Jun 17, 2026
|
Queued — the merge queue status continues in this comment ↓. |
Merge Queue Status
This pull request spent 18 seconds in the queue, including 4 seconds running CI. Required conditions to merge
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The new ci-bot
homebrew-tap-sync.ymlworkflow opensmergify-cliformula bump PRs into this repo. Those PRs are authored by the
mergify-ci-botGitHub user (a plain user account, no[bot]suffix —they're pushed with its PAT), so today they would be blocked on the
2-approval rule in
👀 Review Requirements.This mirrors the existing
dependabot[bot]exemption:automated updatesqueue_rule — the singleauthor = dependabot[bot]condition becomes an
or:ofdependabot[bot]andmergify-ci-bot, sothe bump PR auto-queues once CI is green.
👀 Review Requirementsmerge_protection — addsauthor != mergify-ci-botalongside the existing
author != dependabot[bot], so the 2-approvalrequirement does not apply to the bot's PRs.
Safe by construction: CI downloads and tests all four binaries, so a wrong
url/sha turns CI red and the PR never queues — no human approval is being
traded away for correctness.
Related to MRGFY-7687
🤖 Generated with Claude Code