absolutelynothingtoseehere / branch-dictator Goto Github PK
View Code? Open in Web Editor NEWBranch Protection via autocratic automation ๐
License: MIT License
Branch Protection via autocratic automation ๐
License: MIT License
The app should include a event listener for the repository
event. The listener should validate the event and use the webhook secret to ensure the authenticity of the request. If the request is unauthorized, return an appropriate status code, otherwise return a 200
.
The webhook's actual implementation will be covered by another issue.
Ideally all environment variables used in Heroku would exist in the repo's secrets and used on deploy to maintain 100% uptime and prevent the need for manually setting environment variables.
Hold: This issue against the Heroku Deploy Action must be implemented before this issue can be addressed.
After updating branch protection, the app should create an issue in the new repo:
Notify yourself with an @mention in an issue within the repository that outlines the protections that were added.
The project should have Actions to support CI and CD with the following features:
Status should be reported back and a badge should display said status in the README
master
)After receiving the repository
event, determine if the repo event is relevant (e.g., created
) and if it is, update the branch protection to enable protection for the default branch (if relevant) via the repos.updateBranchProtection
method of @octokit/rest
The app should be updated to feature new event listeners to enable branch protection for projects that have become public and to re-enable branch protection for repos that disable it (this is a ************ after all).
The docs should include info on how to register a webhook for the app
The existing Actions would likely benefit from caching (specifically node modules).
The README should include a test coverage badge.
Creating a private repo results in a 500
The app should skip the call to the GitHub api as it will always fail
It calls the api, fails, and throws a 500
Create a private repo
Creating a repo without a README, license, and gitignore results in a branchless repo which in turn results in a 500 error due to an api 404 (branch doesn't exist)
The app should know not to try to hit the API
A 404
-> 500
Create a repo without creating an initial commit
I'd argue that this is a bug on the GitHub side of things... if a repo doesn't have a branch, the default_branch
should be null
. I'm not actually sure if a repo in GitHub can have a branch. If the repo truly does have a branch, specifying the latest commit (or even updating pushed_at
to have a value on repo creation) would give the recipient of the event a little more context.
The docs should be update to include information on how to create a token and what scopes are required
It would be super convenient to use @octokit/webhooks
's middleware functionality, unfortunately the index.d.ts
file seems to be missing some exports for the standalone functionality. Without creating our own declaration file (which would be brittle), custom implementation seems like the best approach.
hold
: I opened an issue against the project, so after that is fixed this can be implemented
The GitHub API requires users to have a Pro account or for the repo privacy to be public:
Upgrade to GitHub Pro or make this repository public to enable this feature. - Upgrade to GitHub Pro or make this repository public to enable this feature.
If the user has a Pro account, they should be able to set an environment variable to allow for private repo branch protection and override the existing check.
Events are currently failing with a 401
They'd pass with a 200
401
Trigger a webhook event
Turns out the x-hub-signature
actually has sha1=
prepended to it; the validation logic needs to be updated to add that.
This project should utilize lgtm for code analysis and PRs should be dependent on successful passing of their tests
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.