Skip to content

chore: re-enable CLA signing for external contributors BED-7616#199

Merged
superlinkx merged 2 commits into2.Xfrom
BED-7616
Mar 10, 2026
Merged

chore: re-enable CLA signing for external contributors BED-7616#199
superlinkx merged 2 commits into2.Xfrom
BED-7616

Conversation

@superlinkx
Copy link
Contributor

@superlinkx superlinkx commented Mar 10, 2026
edited by coderabbitai bot
Loading

Description

Re-enable external contributors to sign CLA by changing back to pull_request_target

Motivation and Context

Resolves BED-7616

Now that we've had time to carefully review this action for potential exploits, we're comfortable re-enabling it. There's no other known way to make the CLA function, but the permissions and access are properly scoped and the configuration/code has been vetted.

How Has This Been Tested?

Revert of known trigger, tested prior to it being removed

Types of changes

  • Chore (a change that does not modify the application functionality)

Checklist:

Summary by CodeRabbit

  • Chores
    • Updated CI workflow trigger and refined conditions for pull-request comment events.
    • Adjusted workflow permissions and bumped an action to a newer version.
    • Minor formatting tweak in the workflow.

Note: No user-facing changes; this update affects internal development infrastructure only.

@superlinkx superlinkx changed the title chore: re-enable CLA signing for external contributors chore: re-enable CLA signing for external contributors BED-7616 Mar 10, 2026
@coderabbitai
Copy link

coderabbitai bot commented Mar 10, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3d93dea5-236d-471c-80da-84d381584879

📥 Commits

Reviewing files that changed from the base of the PR and between d74cbdd and 1592a2b.

📒 Files selected for processing (1)
  • .github/workflows/cla.yml
🚧 Files skipped from review as they are similar to previous changes (1)
  • .github/workflows/cla.yml

Walkthrough

The GitHub Actions CLA workflow trigger was changed from pull_request to pull_request_target for events opened, closed, and synchronize. The CLA step condition was updated to check github.event_name == 'pull_request_target'. Action version bumped and a minor echo/whitespace tweak applied.

Changes

Cohort / File(s) Summary
CLA Workflow Trigger
/.github/workflows/cla.yml		 Switched workflow trigger from pull_requestpull_request_target for issue_comment events (opened, closed, synchronize); updated step condition to github.event_name == 'pull_request_target'; bumped CLA Assistant action from v2.2.1 to v2.6.1; minor echo/formatting tweak.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐇 I hopped through YAML with nimble feet,

Swapped a trigger so the checks now meet,
Bumped a version, neat and slight,
A tiny echo, everything's right,
Hooray — CLA hops into the light.

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and concisely summarizes the main change—re-enabling CLA signing by reverting to pull_request_target trigger, directly matching the workflow file modifications.
Description check ✅ Passed The PR description includes all key required sections: Description, Motivation and Context with issue link (BED-7616), How Has This Been Tested, Types of changes, and a completed Checklist.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch BED-7616

Comment @coderabbitai help to get the list of available commands and usage tips.

@superlinkx superlinkx self-assigned this Mar 10, 2026
@superlinkx superlinkx added the bug Something isn't working label Mar 10, 2026
coderabbitai[bot]
coderabbitai bot reviewed Mar 10, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/cla.yml:
- Line 36: The workflow conditional uses github.event_name == 'pull_request' but
the job is triggered by pull_request_target, so update the condition in the CLA
check to match the trigger (e.g., change the comparison from 'pull_request' to
'pull_request_target' or otherwise check both names) so the IF expression that
currently contains "github.event_name == 'pull_request'" will evaluate true for
PR events; locate the condition string shown in the diff and modify it
accordingly.
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 652f3d4a-50a6-40d5-aaa0-f1031b2c308d

📥 Commits

Reviewing files that changed from the base of the PR and between 2bd0237 and f9e9081.

📒 Files selected for processing (1)
  • .github/workflows/cla.yml

coderabbitai[bot]
coderabbitai bot reviewed Mar 10, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
.github/workflows/cla.yml (1)

37-37: Update CLA Assistant action to the latest version v2.6.1.

The workflow uses contributor-assistant/github-action@v2.2.1, which is several releases behind the latest version (v2.6.1 from September 2024). Update to include recent bug fixes and improvements.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/cla.yml at line 37, Update the GitHub Actions step that
references the contributor assistant action by changing the version tag from
contributor-assistant/github-action@v2.2.1 to
contributor-assistant/github-action@v2.6.1; locate the workflow step that uses
contributor-assistant/github-action and replace the version substring to ensure
the action runs the latest v2.6.1 release.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/workflows/cla.yml:
- Line 37: Update the GitHub Actions step that references the contributor
assistant action by changing the version tag from
contributor-assistant/github-action@v2.2.1 to
contributor-assistant/github-action@v2.6.1; locate the workflow step that uses
contributor-assistant/github-action and replace the version substring to ensure
the action runs the latest v2.6.1 release.
ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 03a0e90d-362e-4fb2-825c-97f243e57b2c

📥 Commits

Reviewing files that changed from the base of the PR and between f9e9081 and d74cbdd.

📒 Files selected for processing (1)
  • .github/workflows/cla.yml

@superlinkx superlinkx merged commit 17ef46c into 2.X Mar 10, 2026
2 checks passed
@superlinkx superlinkx deleted the BED-7616 branch March 10, 2026 22:53
@github-actions github-actions bot locked and limited conversation to collaborators Mar 10, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@StephenHinck StephenHinck StephenHinck approved these changes

Assignees

@superlinkx superlinkx

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@superlinkx @StephenHinck