Add community PR limit workflow#6229
Conversation
There was a problem hiding this comment.
Pull request overview
Adds an automated workflow that caps community contributors at 10 concurrent open pull requests. On PR open/reopen, a team-membership check skips enforcement for maintainers; otherwise the contributor's open-PR count is queried via the search API, and if the limit is exceeded the PR is labeled (too-many-prs), commented on, and closed. The enforcement logic lives in a new shared JS module with unit tests.
Changes:
- New workflow
.github/workflows/limit-community-prs.ymlwith team-check and limit-enforcement jobs gated onpull_request_target. - New helper
.github/scripts/pr_limit_moderation.jsimplementing label-ensure, comment, and close logic against the Octokit REST surface. - New Node test suite
.github/tests/test_pr_limit_moderation.jscovering at-limit, search-not-indexed, missing-label, and message-body cases.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| .github/workflows/limit-community-prs.yml | New workflow wiring team-check + enforcement jobs. |
| .github/scripts/pr_limit_moderation.js | New helper that counts open PRs and closes/labels/comments when over limit. |
| .github/tests/test_pr_limit_moderation.js | Unit tests for the enforcement helper. |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Automated Code Review
Reviewers: 4 | Confidence: 92%
✓ Correctness
The PR adds a clean, well-tested workflow for limiting community PRs. The core logic in
getOpenPrCountcorrectly handles the GitHub search indexing race condition by checking whether the current PR number appears in search results. Error handling inensureLabelproperly handles both 404 (label doesn't exist) and 422 (race condition on creation). The workflow correctly usespull_request_targetfor secret access and a custom token for team membership checks. All previously flaged issues (reopened trigger loop, env redundancy, >100 PRs edge case, team_check failure mode) are marked resolved. No new correctness issues found.
✓ Security Reliability
The PR implements a community PR limit workflow using
pull_request_targetwith appropriate security controls: scripts are checked out from the base branch (not the PR head), action versions are pinned to SHA, input validation exists for the payload structure, concurrency control prevents race conditions, and the label creation handles 404/422 races correctly. No new security or reliability issues found beyond those already discussed and resolved in the review thread.
✓ Test Coverage
The test file covers the main happy paths (at-limit, over-limit, label creation, message content) but mises several explicitly-coded error-handling paths in the production code. Most notably, the 422 race-condition guard in
ensureLabeland thegetPullRequestvalidation throw are untested. The tests also never assert oncore.infolog output, leaving observability behavior unverified.
✓ Design Approach
I found two design issues that can disable or contradict the intended moderation flow. First, the workflow still runs on
reopened, but the moderation script always recloses over-limit PRs and even tells authors a maintainer can reopen them, so deliberate maintainer reopens will loop back into auto-close. Second, if the team-membership lookup errors, the helper throws and the downstreamifonly runs on an explicit'false'output, so enforcement is silently skipped for that PR instead of failing closed or continuing with the limit check.
Automated review by moonbox3's agents
Motivation and Context
Limit community contributors to 10 open pull requests at a time.
This helps keep the review queue manageable and prevents a single community author from opening a large number of concurrent PRs. Team members are excluded from this limit.
Contribution Checklist