Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(custom-resources-handlers): s3 deployment handler log injection vulnerability #28599

Merged
merged 5 commits into from
Feb 23, 2024

Merge branch 'main' into gh-28469

f088a6a
Select commit
Loading
Failed to load commit list.
Merged

fix(custom-resources-handlers): s3 deployment handler log injection vulnerability #28599

Merge branch 'main' into gh-28469
f088a6a
Select commit
Loading
Failed to load commit list.
Mergify / Summary succeeded Feb 23, 2024 in 1s

8 potential rules

Rule: automatic merge (queue)

  • -closed
  • -merged
  • #approved-reviews-by>=1
  • #changes-requested-reviews-by=0
  • -approved-reviews-by~=author
  • -draft [📌 queue requirement]
  • -label~=(blocked|do-not-merge|no-squash|two-approvers)
  • -title~=(WIP|wip)
  • author!=dependabot-preview[bot]
  • author!=dependabot[bot]
  • base!=release
  • status-success=validate-pr
  • status-success~=AWS CodeBuild us-east-1
  • any of: [📌 queue -> configuration change requirements]
    • -mergify-configuration-changed
    • check-success=Configuration changed
  • any of: [🔀 queue conditions]
    • all of: [📌 queue conditions of queue default]
      • #approved-reviews-by>=1 [🛡 GitHub branch protection]
      • #changes-requested-reviews-by=0 [🛡 GitHub branch protection]
      • any of: [🛡 GitHub branch protection]
        • check-success=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)
        • check-neutral=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)
        • check-skipped=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)

Rule: automatic merge (comment)

  • -closed
  • -merged
  • #approved-reviews-by>=1
  • #changes-requested-reviews-by=0
  • -approved-reviews-by~=author
  • -label~=(blocked|do-not-merge|no-squash|two-approvers)
  • -title~=(WIP|wip)
  • author!=dependabot-preview[bot]
  • author!=dependabot[bot]
  • base!=release
  • status-success=validate-pr
  • status-success~=AWS CodeBuild us-east-1

Rule: automatic merge (2+ approvers) (queue)

  • #approved-reviews-by>=2
  • -closed
  • -merged
  • label~=two-approvers
  • #changes-requested-reviews-by=0
  • -approved-reviews-by~=author
  • -draft [📌 queue requirement]
  • -label~=(blocked|do-not-merge|no-squash)
  • -title~=(WIP|wip)
  • author!=dependabot-preview[bot]
  • author!=dependabot[bot]
  • base!=release
  • status-success=validate-pr
  • status-success~=AWS CodeBuild us-east-1
  • any of: [📌 queue -> configuration change requirements]
    • -mergify-configuration-changed
    • check-success=Configuration changed
  • any of: [🔀 queue conditions]
    • all of: [📌 queue conditions of queue default]
      • #approved-reviews-by>=1 [🛡 GitHub branch protection]
      • #changes-requested-reviews-by=0 [🛡 GitHub branch protection]
      • any of: [🛡 GitHub branch protection]
        • check-success=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)
        • check-neutral=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)
        • check-skipped=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)

Rule: automatic merge (2+ approvers) (comment)

  • #approved-reviews-by>=2
  • -closed
  • -merged
  • label~=two-approvers
  • #changes-requested-reviews-by=0
  • -approved-reviews-by~=author
  • -label~=(blocked|do-not-merge|no-squash)
  • -title~=(WIP|wip)
  • author!=dependabot-preview[bot]
  • author!=dependabot[bot]
  • base!=release
  • status-success=validate-pr
  • status-success~=AWS CodeBuild us-east-1

Rule: automatic merge (no-squash) (queue)

  • -closed
  • -merged
  • label~=no-squash
  • #approved-reviews-by>=1
  • #changes-requested-reviews-by=0
  • -approved-reviews-by~=author
  • -draft [📌 queue requirement]
  • -label~=(blocked|do-not-merge)
  • -title~=(WIP|wip)
  • author!=dependabot-preview[bot]
  • author!=dependabot[bot]
  • status-success=validate-pr
  • status-success~=AWS CodeBuild us-east-1
  • any of: [📌 queue -> configuration change requirements]
    • -mergify-configuration-changed
    • check-success=Configuration changed
  • any of: [🔀 queue conditions]
    • all of: [📌 queue conditions of queue default]
      • #approved-reviews-by>=1 [🛡 GitHub branch protection]
      • #changes-requested-reviews-by=0 [🛡 GitHub branch protection]
      • any of: [🛡 GitHub branch protection]
        • check-success=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)
        • check-neutral=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)
        • check-skipped=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)

Rule: automatic merge (no-squash) (comment)

  • -closed
  • -merged
  • label~=no-squash
  • #approved-reviews-by>=1
  • #changes-requested-reviews-by=0
  • -approved-reviews-by~=author
  • -label~=(blocked|do-not-merge)
  • -title~=(WIP|wip)
  • author!=dependabot-preview[bot]
  • author!=dependabot[bot]
  • status-success=validate-pr
  • status-success~=AWS CodeBuild us-east-1

Rule: remove stale reviews (dismiss_reviews)

  • -closed
  • -merged
  • author!=dependabot-preview[bot]
  • author!=dependabot[bot]
  • base=main
  • changes-requested-reviews-by!=aws-cdk-automation
  • label!=contribution/core

Rule: if fails conventional commits (comment)

  • -closed
  • -merged
  • status-failure=Semantic Pull Request
  • author!=dependabot-preview[bot]
  • author!=dependabot[bot]

💖  Mergify is proud to provide this service for free to open source projects.

🚀  You can help us by becoming a sponsor!


3 not applicable rules

Rule: label core (label)

  • author~=^(rix0rrr|iliapolo|otaviomacedo|kaizencc|comcalvi|TheRealAmazonKendra|vinayak-kukreja|mrgrain|pahud|cgarvis|kellertk|HBobertz|sumupitchayan|SankyRed|udaypant|colifran|scanlonp|mikewrighton|moelasmar|paulhcsun|awsmjs|evgenyka|GavinZZ|aaythapa|xazhao|ConnorRobertson|ssenchenko|gracelu0|jfuss|SimonCMoore)$
  • -label~="contribution/core"

Rule: automatic merge of Dependabot PRs (queue)

  • -closed
  • -merged
  • author~=dependabot
  • #approved-reviews-by>=1
  • #changes-requested-reviews-by=0
  • -draft [📌 queue requirement]
  • -label~=(blocked|do-not-merge)
  • -title~=(WIP|wip)
  • status-success=validate-pr
  • status-success~=AWS CodeBuild us-east-1
  • any of: [📌 queue -> configuration change requirements]
    • -mergify-configuration-changed
    • check-success=Configuration changed
  • any of: [🔀 queue conditions]
    • all of: [📌 queue conditions of queue default]
      • #approved-reviews-by>=1 [🛡 GitHub branch protection]
      • #changes-requested-reviews-by=0 [🛡 GitHub branch protection]
      • any of: [🛡 GitHub branch protection]
        • check-success=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)
        • check-neutral=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)
        • check-skipped=AWS CodeBuild us-east-1 (AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv)

Rule: automatic merge of Dependabot PRs (comment)

  • -closed
  • -merged
  • author~=dependabot
  • #approved-reviews-by>=1
  • #changes-requested-reviews-by=0
  • -label~=(blocked|do-not-merge)
  • -title~=(WIP|wip)
  • status-success=validate-pr
  • status-success~=AWS CodeBuild us-east-1
Mergify commands and options

More conditions and actions can be found in the documentation.

You can also trigger Mergify actions by commenting on this pull request:

  • @Mergifyio refresh will re-evaluate the rules
  • @Mergifyio rebase will rebase this PR on its base branch
  • @Mergifyio update will merge the base branch into this PR
  • @Mergifyio backport <destination> will backport this PR on <destination> branch

Additionally, on Mergify dashboard you can:

  • look at your merge queues
  • generate the Mergify configuration with the config editor.

Finally, you can contact us on https://mergify.com