Cleanup if removed needs-security-action
#254
Comments
|
Can we make this a fix for when anyone on sec-team removes it? Sometimes I'm reviewing PRs and either of you get flagged for it and then it ends up retriggering if another commit gets added after I remove the label. |
|
Possible, but not the direction I'd like this to go. I'd prefer if only the assignee for the given finding would be able to remove the |
|
Could we add additional assignees on a per repo/file basis on top of the rule based assignees as well? There's times where the context matters that's relevant to the repo and these are flagging redundantly to other sec reviews in progress. For example, just recently I was working on https://github.com/brave/reviews/issues/1376 and the bot flagged no use of HTTPS. In this case, this is one of the areas that was included in the review because we're utilizing the attestation documents for integrity protection and isolating the endpoints within the VPN for confidentiality plus having issues getting enough certs issued via letsencrypt so we need to sync the certs. If it were the case that only the assignees from the rule were to be able to trigger this removal and the label is now blocking then we'll end up in a situation where sec reviews are complete but PRs won't be able to be merged until the assignee for the rule removes the label. This seems like it would lead to unnecessary double reviews. |
If an assignee removes
needs-security-actionthe next run:The text was updated successfully, but these errors were encountered: