New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Images next to comments reactions are broken for bots #2125
Comments
Apparently the image URL is different for bots. Users have Bots don't:
If we don't find the right URL, we can just drop the avatar from the list. |
This, reactions from bots don't matter for regular conversations, ignoring bots makes sense. |
@bfred-it I've got some experience with writing bots. So here's some info about them and common mistakes of integration writers as well as GitHub itself.
|
So Ref: https://developer.github.com/v3/apps/#get-a-single-github-app |
Here's an example of full app meta output for $ curl -sH 'Accept: application/vnd.github.machine-man-preview+json' https://api.github.com/apps/dependabot-preview
{
"id": 2141,
"node_id": "MDM6QXBwMjE0MQ==",
"owner": {
"login": "github",
"id": 9919,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjk5MTk=",
"avatar_url": "https://avatars1.githubusercontent.com/u/9919?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/github",
"html_url": "https://github.com/github",
"followers_url": "https://api.github.com/users/github/followers",
"following_url": "https://api.github.com/users/github/following{/other_user}",
"gists_url": "https://api.github.com/users/github/gists{/gist_id}",
"starred_url": "https://api.github.com/users/github/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/github/subscriptions",
"organizations_url": "https://api.github.com/users/github/orgs",
"repos_url": "https://api.github.com/users/github/repos",
"events_url": "https://api.github.com/users/github/events{/privacy}",
"received_events_url": "https://api.github.com/users/github/received_events",
"type": "Organization",
"site_admin": false
},
"name": "Dependabot Preview",
"description": "Dependabot helps you keep your dependencies secure and up to date. It works with most popular languages - you can see full details of the languages we support [here](https://dependabot.com/#languages).\r\n\r\nEach day:\r\n- Dependabot will scan your dependency files, looking for outdated requirements.\r\n- If any of your dependencies are out of date Dependabot will open pull requests to bump each one, including changelog links and release notes.\r\n- You check the linked changelog and release notes, and hit merge.\r\n\r\n### Great PRs that stay up-to-date\r\nDependabot pull requests include release notes, changelogs and commit links whenever they're available. They'll also automatically keep themselves conflict-free.\r\n\r\n### Compatibility scores for each update\r\nDependabot aggregates everyone's test results into a compatibility score, so you can be certain a dependency update is backwards compatible and bug-free.\r\n\r\n### Security advisories handled automatically\r\nDependabot monitors security advisories for Ruby, JavaScript, PHP, Java, .NET, Python, Elixir and Rust. We create PRs immediately in response to new advisories.\r\n\r\n### Simple getting started flow\r\nWe'll update five of your dependencies each day, until you're on the cutting edge. Request more PRs if you want, or close them to ignore a dependency until the next release.\r\n\r\n### Automatic merge options\r\nDependabot can be configured to automatically merge PRs if your tests pass on them, based on the size of the change (patch/minor/major) and the dependency type.\r\n\r\nDependabot is owned and maintained by GitHub.",
"external_url": "https://dependabot.com/",
"html_url": "https://github.com/apps/dependabot-preview",
"created_at": "2017-04-21T12:03:36Z",
"updated_at": "2019-05-29T13:49:40Z",
"permissions": {
"checks": "read",
"contents": "write",
"issues": "write",
"metadata": "read",
"pull_requests": "write",
"statuses": "read"
},
"events": [
"check_run",
"check_suite",
"commit_comment",
"delete",
"issues",
"issue_comment",
"label",
"pull_request",
"pull_request_review",
"pull_request_review_comment",
"push",
"repository",
"status"
]
} |
Bots are becoming more common over time. They are actually useful. And they provide more control over ACL so GitHub aggressively recommends rewriting other integrations to use GitHub Apps. Side note: Dependabot was actually recently acquired by GitHub itself btw. I suggest you give it a shot and see how it goes :) |
Then just detect |
That's a useless icon though: https://github.com/identicons/app/app/dependabot-preview |
I didn't say that bots are useless, in #2125 (comment) what I explicitly mentioned was that bots are not that relevant in conversations where reviews from a user are more important and something that I'd like to be a highlighted than some generated content from a bot. Take this issue as example, to be frank I wouldn't care if a bot reacted to my comment more than a reaction from the project maintainers or collaborators (wink wink to #2108). |
Right, I thought I'd get resolved into a proper picture...
They are relevant. In this specific case, bot indicates that it "saw" the mention. As for human reactions: if they are more important, I'd organize the order of pictures to prioritize them. |
Ideal solution: find another URL shortcut like github.com/bfred-it.png but for bots Currently-possible solution: look for the image URL on the current page, e.g. The solution should drop this |
You're reading my mind 🤔 |
Example comment: aio-libs/aiohttp#3809 (comment)
The text was updated successfully, but these errors were encountered: