Allow vs-code-engineering bot to update distro field in package.json#301218
Allow vs-code-engineering bot to update distro field in package.json#301218benvillalobos merged 5 commits intomicrosoft:mainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a new GitHub Actions workflow that blocks PRs modifying engineering-system files, while allowing a narrowly-scoped exception for automated package.json distro updates authored by vs-code-engineering[bot].
Changes:
- Introduces
.github/workflows/no-engineering-system-changes.ymlto detect PRs that modify.github/workflows/,build/, orpackage.json. - Adds a bot-only exception path intended to allow PRs where the only change is updating the
distrofield in the repo-rootpackage.json. - Enforces collaborator permission checks for restricted changes, with a special-case block for
Copilotauthors.
You can also share your feedback on Copilot code review. Take the survey.
Add a targeted exception to the engineering system changes check: when the PR author is vs-code-engineering[bot], package.json is the only changed file, and the diff exclusively touches the 'distro' field, skip the permission check. This enables automated distro commit updates from vscode-engineering without broadly allowlisting the bot. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
benvillalobos
force-pushed
the
bv/allow-distro-bot-update
branch
from
30c1ce2 to
72175d8
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.
You can also share your feedback on Copilot code review. Take the survey.
- Add --repo flag so gh pr diff works without a local checkout - Remove unsupported -- package.json pathspec (unnecessary since we already verified package.json is the only changed file) - Handle gh pr diff failure gracefully by defaulting to allowed=false instead of failing the entire job Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Anchor regex to match the distro JSON key specifically instead of any line containing "distro" to prevent bypass - Append || true to prevent grep -c exit code 1 (zero matches) from crashing the step under bash set -e Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.
You can also share your feedback on Copilot code review. Take the survey.
- Redirect jq stdout to /dev/null so ONLY_PKG only captures the echo output, not jq's own true/false print - Replace \s with [[:space:]] for POSIX portability in grep -E Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.
You can also share your feedback on Copilot code review. Take the survey.
Add a targeted exception to the engineering system changes check: when the PR author is \�s-code-engineering[bot], \package.json\ is the only changed file, and the diff exclusively touches the \distro\ field, skip the permission check.
This enables the automated distro commit mismatch fix from vscode-engineering without broadly allowlisting the bot.
Companion PR: microsoft/vscode-engineering https://github.com/microsoft/vscode-engineering/pull/2056 — auto-creates fix PRs when a distro mismatch is detected.
Sample PR the vs-code-engineering[bot] would make