Skip to content

Enable review dispatch for fork PRs from trusted contributors #2967

Description

@fullsend-ai-retro

What happened

PR #33 on fullsend-ai/experiments was opened by raks-tt from a fork (raks-tt/experiments). The PR added 3,266 lines across 15 files implementing a SQLite-backed review cache with filter pipeline, publication policy engine, and end-to-end tests. All pull_request_target/synchronize events resulted in 'No stage matched' because the dispatch routing's is_event_actor_authorized function checks has_write_permission against the target repo, and fork contributors typically lack write access. The fullsend review agent never ran. Only qodo-code-review[bot] provided automated review, catching 4 bugs (command injection in save.py, cross-PR cache collisions in store.py, semantic key mismatches, non-env shebangs). Human reviewer ralphbean provided feedback on experiment methodology framing. PR was approved and merged on 2026-07-02.

What could go better

The fullsend review agent could have provided deeper, context-aware review of this substantial code contribution. The current permission gate is binary — if you don't have write access to the repo, you get zero fullsend review coverage. This is a reasonable security default (prevents token waste on spam PRs, as tracked in issue #2552), but it creates a coverage gap for legitimate contributions from known contributors. In this case, raks-tt is a regular contributor to fullsend-ai repos and co-authored the PR with Claude Sonnet 4.5 — exactly the kind of PR that would benefit from automated review. Confidence: medium — the security trade-off here is real, and the right mechanism (org membership check vs. label-based opt-in vs. contributor allowlist) needs careful design.

Proposed change

Add a secondary authorization path in the dispatch routing for fork PRs from contributors who are members of the target org. The is_event_actor_authorized function currently only checks repo-level write permission. It should also check org membership via gh api orgs/{org}/members/{user} as a fallback. For non-org-member contributors, support a label-based opt-in (e.g., ok-to-review) that org members can apply, similar to the existing ok-to-test pattern used in CI. This complements issue #2552 (which focuses on deferring review for untrusted PRs) by providing the positive path — enabling review for trusted fork contributors. The change belongs in the dispatch routing script's is_event_actor_authorized function.

Validation criteria

After implementation: (1) a fork PR from an org member should trigger the review stage without requiring write permission on the target repo, (2) a fork PR from a non-org-member should remain skipped by default but triggerable via ok-to-review label, (3) fork PRs from unknown contributors with no label should continue to be skipped. Verify by opening a test fork PR from an org member account and confirming the review dispatch log shows 'STAGE=review'.


Generated by retro agent from fullsend-ai/experiments#33

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    Status
    Todo

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions