Skip to content

chore: require admin approval for .github #8363

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: require admin approval for .github #8363

wants to merge 1 commit into from

Conversation

@avivkeller
Copy link
Member

@avivkeller avivkeller commented Nov 24, 2025

Fixes #7986

Copilot AI review requested due to automatic review settings November 24, 2025 13:11
@avivkeller avivkeller requested a review from a team as a code owner November 24, 2025 13:11
@vercel
Copy link

vercel bot commented Nov 24, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Updated (UTC)
nodejs-org Ready Ready Preview Nov 24, 2025 1:12pm

Copilot finished reviewing on behalf of avivkeller November 24, 2025 13:12
Copilot AI reviewed Nov 24, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds the @nodejs/web-admins team as a required reviewer for changes to the .github directory, ensuring that administrative approval is obtained for GitHub configuration changes alongside the existing @nodejs/web-infra team review.

  • Adds @nodejs/web-admins team as an additional code owner for the .github directory

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@codecov
Copy link

codecov bot commented Nov 24, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 76.29%. Comparing base (8504a85) to head (b0850c0).
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #8363   +/-   ##
=======================================
  Coverage   76.29%   76.29%           
=======================================
  Files         118      118           
  Lines        9903     9903           
  Branches      336      336           
=======================================
  Hits         7555     7555           
  Misses       2346     2346           
  Partials        2        2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@MattIPv4
Copy link
Member

MattIPv4 commented Nov 24, 2025

Is this needed still, I thought the SHA pins were removed from the repo allow-list, so web-infra can merge bumps? Admins would only be needed for net-new actions now?

@bmuenzenmeyer
Copy link
Contributor

bmuenzenmeyer commented Nov 24, 2025

Is this needed still, I thought the SHA pins were removed from the repo allow-list, so web-infra can merge bumps? Admins would only be needed for net-new actions now?

I was just wondering this - I think this covers the new action case

@MattIPv4
Copy link
Member

MattIPv4 commented Nov 24, 2025

Yeh, if this is just for new actions now I think I'd probably prefer to allow web-infra to merge without admin approval. This ask originally came out of us merging Dependabot updates and breaking CI, but I think there's a lot less risk if it's just new actions that'll break without admin involvement.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@bmuenzenmeyer bmuenzenmeyer bmuenzenmeyer approved these changes

@AugustinMauroy AugustinMauroy AugustinMauroy approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Update CODEOWNERS to require admin approval for workflow changes

5 participants

@avivkeller @MattIPv4 @bmuenzenmeyer @AugustinMauroy