From 27a366bb0ec49cc0e336531c3116ac9763130de1 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 25 Nov 2024 13:51:13 +0100 Subject: [PATCH 1/2] Limit reminder-bots to our repo --- .github/workflows/bot-create-manual-reminder.yml | 1 + .github/workflows/bot-manual-reminder.yml | 1 + .github/workflows/bot-remind-stale-pull-requests.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/.github/workflows/bot-create-manual-reminder.yml b/.github/workflows/bot-create-manual-reminder.yml index 01677d9ed7..5c750bf9b0 100644 --- a/.github/workflows/bot-create-manual-reminder.yml +++ b/.github/workflows/bot-create-manual-reminder.yml @@ -10,6 +10,7 @@ on: jobs: reminder: + if: github.repository == 'roundcube/roundcubemail' runs-on: ubuntu-latest steps: diff --git a/.github/workflows/bot-manual-reminder.yml b/.github/workflows/bot-manual-reminder.yml index 0f17ae4482..22e6378470 100644 --- a/.github/workflows/bot-manual-reminder.yml +++ b/.github/workflows/bot-manual-reminder.yml @@ -10,6 +10,7 @@ permissions: jobs: reminder: + if: github.repository == 'roundcube/roundcubemail' runs-on: ubuntu-latest steps: diff --git a/.github/workflows/bot-remind-stale-pull-requests.yml b/.github/workflows/bot-remind-stale-pull-requests.yml index b8846c2bdc..e6d429cf49 100644 --- a/.github/workflows/bot-remind-stale-pull-requests.yml +++ b/.github/workflows/bot-remind-stale-pull-requests.yml @@ -6,6 +6,7 @@ on: jobs: review-reminder: + if: github.repository == 'roundcube/roundcubemail' runs-on: ubuntu-latest steps: - uses: sojusan/github-action-reminder@v1 From d8c7c6b6d0ac67295ee6d25d056d658ea1731428 Mon Sep 17 00:00:00 2001 From: Pablo Zmdl Date: Mon, 25 Nov 2024 13:51:41 +0100 Subject: [PATCH 2/2] Bot: use permissions, not a token --- .github/workflows/bot-remind-stale-pull-requests.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/bot-remind-stale-pull-requests.yml b/.github/workflows/bot-remind-stale-pull-requests.yml index e6d429cf49..eaa5e6c000 100644 --- a/.github/workflows/bot-remind-stale-pull-requests.yml +++ b/.github/workflows/bot-remind-stale-pull-requests.yml @@ -6,12 +6,13 @@ on: jobs: review-reminder: + permissions: + pull-requests: write if: github.repository == 'roundcube/roundcubemail' runs-on: ubuntu-latest steps: - uses: sojusan/github-action-reminder@v1 with: - github_token: ${{ secrets.GITHUB_TOKEN }} reminder_message: "🛎️ This PR has had no activity in two weeks." # Remind after two weeks of inactivity inactivity_deadline_hours: 336