-
Notifications
You must be signed in to change notification settings - Fork 433
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Regenerate the Rubocop TODOs on depfu PRs #16058
base: master
Are you sure you want to change the base?
Conversation
Isn't that just
|
I mean, we could also run |
I'm not sure what you are trying to achieve? This is about complying to a style guide. If the style guide changes, a human should think about if we want to comply or not. |
Most of the times, we would face changes in the existing cops (fix of false positives or fix of false negatives). This is what this commit is for: to reduce the burden of creating a manual commit with the changes in the rubocop_todo files. I agree, that this commit automatically created could give the impression that we should approve the changes and merge the pull request because everything is fine. And maybe we miss reviewing the following pull requests in detail. But I'm in favor of merging this pull request as it is. In the worst-case scenario, merging RuboCop Depfu pull requests with the commit automatically generated can introduce a cop and its exceptions in the TODO files. This cop can be easily disabled afteward. Even if we face this case, I think this will not happen so often. |
branches: | ||
- depfu/update/srcapi/rubocop-* | ||
permissions: | ||
contents: write |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm I'm not sure about the security implications of this. In which context is this running? What if someone makes a PR from a fork from the branch depfu/update/srcapi/rubocop-i-hack-you
. Won't this action hand out the keys to the kingdom?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ups... yes. Let's study them.
This creates a commit with a regenerated TODOs file from Rubocop whenever depfu pushes into a
depfu/update/srcapi/rubocop-*
branch. Fixes #5009