From cdd7d50aa2c36bb6452613cb5ea0f68ef6ddb3ae Mon Sep 17 00:00:00 2001 From: wlandau Date: Fri, 19 Jul 2024 11:03:53 -0400 Subject: [PATCH 1/2] Require commits from web ui --- R/review_pull_request.R | 24 ++++++++++++------------ R/review_pull_requests.R | 4 ++-- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/R/review_pull_request.R b/R/review_pull_request.R index 04e9436..6897081 100644 --- a/R/review_pull_request.R +++ b/R/review_pull_request.R @@ -19,9 +19,9 @@ review_pull_request <- function( repo = "contributions", number ) { - assert_character_scalar(owner) - assert_character_scalar(repo) - assert_positive_scalar(number) + assert_character_scalar(owner, "owner must be a character string") + assert_character_scalar(repo, "repo must be a character string") + assert_positive_scalar(number, "number must be a positive integer") message("Reviewing pull request ", number) merge <- review_pull_request_integrity(owner, repo, number) && review_pull_request_content(owner, repo, number) @@ -48,7 +48,10 @@ review_pull_request_integrity <- function(owner, repo, number) { repo = repo, sha = pull$head$sha ) - if (!isTRUE(commit$verification$verified)) { + from_web_ui <- isTRUE(commit$verification$verified) && + identical(commit$committer$name, "GitHub") && + identical(commit$committer$email, "noreply@github.com") + if (!from_web_ui) { pull_request_defer( owner = owner, repo = repo, @@ -58,14 +61,11 @@ review_pull_request_integrity <- function(owner, repo, number) { pull$head$sha, ") of pull request ", number, - " is unverified. For security reasons, ", - "R-multiverse only merges pull requests with ", - "verified commits. You can create a verified commit ", - "by contributing through the point-and-click web interface ", - "as described at https://r-multiverse.org/contributors.html. ", - "For more information on commit signature verification, please see ", - "https://docs.github.com/en/authentication/", - "managing-commit-signature-verification" + " was not created using the point-and-click ", + "web user interface on GitHub.com. ", + "For security reasons, the R-multiverse bot only ", + "merges commits created manually through a web browser ", + "as described at https://r-multiverse.org/contributors.html." ) ) return(FALSE) diff --git a/R/review_pull_requests.R b/R/review_pull_requests.R index 2ce8d6a..6c09a32 100644 --- a/R/review_pull_requests.R +++ b/R/review_pull_requests.R @@ -9,8 +9,8 @@ review_pull_requests <- function( owner = "r-multiverse", repo = "contributions" ) { - assert_character_scalar(owner) - assert_character_scalar(repo) + assert_character_scalar(owner, "owner must be a character string") + assert_character_scalar(repo, "repo must be a character string") message("Listing pull requests...") pull_requests <- gh::gh( "/repos/:owner/:repo/pulls", From 54b8c7f22f8e78d8dee6a0285446bf8d17bbc880 Mon Sep 17 00:00:00 2001 From: wlandau Date: Fri, 19 Jul 2024 11:04:57 -0400 Subject: [PATCH 2/2] version and news --- DESCRIPTION | 2 +- NEWS.md | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/DESCRIPTION b/DESCRIPTION index 8a82876..dee48b3 100644 --- a/DESCRIPTION +++ b/DESCRIPTION @@ -2,7 +2,7 @@ Package: multiverse.internals Title: Internal Infrastructure for R-multiverse Description: R-multiverse requires this internal internal infrastructure package to automate contribution reviews and populate universes. -Version: 0.2.7 +Version: 0.2.8 License: MIT + file LICENSE URL: https://github.com/r-multiverse/multiverse.internals BugReports: https://github.com/r-multiverse/multiverse.internals/issues diff --git a/NEWS.md b/NEWS.md index 883d88e..eec36d3 100644 --- a/NEWS.md +++ b/NEWS.md @@ -1,3 +1,7 @@ +# multiverse.internals 0.2.8 + +* Only merge contributions created through the web interface. + # multiverse.internals 0.2.7 * Exclude superfluous fields from `update_production()` `packages.json`.