Skip to content

fix: gate release branch PRs with team review, scope fallback to non-release#84

Merged
Qbandev merged 1 commit into
mainfrom
fix/policy-bot-release-branch-gating
Mar 5, 2026
Merged

fix: gate release branch PRs with team review, scope fallback to non-release#84
Qbandev merged 1 commit into
mainfrom
fix/policy-bot-release-branch-gating

Conversation

@Qbandev
Copy link
Copy Markdown
Contributor

@Qbandev Qbandev commented Mar 5, 2026

Summary

Replaces the blanket "no approval necessary" fallback (from PR #83) with two scoped rules so that PRs targeting release/* branches are properly gated.

Rules

Rule Scope Requires Purpose
cherry-pick auto-approval release/* + cherry-pick title + < 200 LOC count: 0 Auto-approve qualifying cherry-picks
release branch review release/* (any PR) 1 approval from MetaMask/release-team Gate all other release PRs
non-release fallback Everything except release/* count: 0 Clean approved status for non-release PRs

The fallback uses a RE2-compatible negation regex since Go's regexp engine does not support lookaheads:

^([^r]|r[^e]|re[^l]|rel[^e]|rele[^a]|relea[^s]|releas[^e]|release[^/]).*$|^.{0,7}$

Evaluation scenarios

# Scenario Rule 1 Rule 2 Rule 3 or result
1 Cherry-pick PR → release/* (< 200 LOC) ✅ approved ⏳ pending skipped SUCCESS
2 Regular PR → main skipped skipped ✅ approved SUCCESS
3 Wrong title (no cherry-pick) → release/* skipped ⏳ pending skipped PENDING
4 Large PR (> 200 LOC) → release/* skipped ⏳ pending skipped PENDING

Test plan

  • Scenario 1: Cherry-pick PR targeting release/* with correct title and < 200 LOC → success
  • Scenario 2: Regular PR targeting mainsuccess (fallback rule)
  • Scenario 3: PR targeting release/* without "cherry-pick" in title → pending
  • Scenario 4: Large cherry-pick PR (> 200 LOC) targeting release/*pending

🤖 Generated with Claude Code

@Qbandev @claude
fix: gate release branch PRs with team review, scope fallback to non-…
fcebc73 
…release

Replace the blanket "no approval necessary" fallback with two scoped rules:

- "release branch review": requires release-team approval for all PRs
  targeting release/* branches that don't match cherry-pick criteria
- "non-release fallback": auto-approves PRs targeting non-release
  branches using RE2-compatible negation regex

This ensures PRs with wrong titles or large diffs on release branches
get PENDING status instead of being silently approved.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@Qbandev Qbandev merged commit bbe49d0 into main Mar 5, 2026
2 checks passed
@Qbandev Qbandev deleted the fix/policy-bot-release-branch-gating branch March 5, 2026 10:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jluque0101 jluque0101 jluque0101 approved these changes

+1 more reviewer

@omii2711 omii2711 omii2711 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Qbandev @jluque0101 @omii2711