Skip to content

fix(automerge): gate .github/dependabot.yml + composite actions as risk-tier#112

Merged
topcoder1 merged 1 commit into
mainfrom
claude/friendly-tereshkova-e50b50
Jul 10, 2026
Merged

fix(automerge): gate .github/dependabot.yml + composite actions as risk-tier#112
topcoder1 merged 1 commit into
mainfrom
claude/friendly-tereshkova-e50b50

Conversation

@topcoder1

Copy link
Copy Markdown
Owner

Problem

The claude-author-automerge risk-tier regex covered .github/workflows/** but not the sibling non-workflow .github/ surfaces. On 2026-07-10 ~15:13 UTC six Claude-authored PRs whose ONLY change was .github/dependabot.yml (+2/−2) auto-merged fleet-wide:

  • topcoder1/attaxion_marketing#18, topcoder1/basecamp-mcp#32, topcoder1/hr-center#20
  • whois-api-llc/wxa-secrets#23, whois-api-llc/wxa_marketing#41, whois-api-llc/wxa_sanctions#27

This contradicts the CLAUDE.md policy classifying .github production-infra config as manual click-merge.

Fix — enumerate, don't blanket

Per the 2026-05-24 lesson ("automerge risk-tier globs are literal-segment alternations"), a blanket .github/** would wrongly sweep in README-ish files. So the added coverage is enumerated:

Pattern Why
^\.github/dependabot\.ya?ml$ dependency-automation config (controls what auto-merges; can set insecure-external-code-execution)
^\.github/actions?/.* repo-local composite actions, singular or plural (executed CI code)
^\.github/scripts/.* workflow-invoked scripts (executed CI code)
(^|/)action\.ya?ml$ GitHub's reserved action-def filename, gated at any depth — like the existing Dockerfile/main.go/.sql filename rules — so actions outside .github/action(s)/ are still caught

Kept auto-mergeable (pinned SAFE in the corpus): .github/ISSUE_TEMPLATE/, PULL_REQUEST_TEMPLATE.md, FUNDING.yml, actionlint.yml, root dependabot.yml, and reaction.yaml/transaction.yml filename lookalikes.

Lockstep (no drift)

  • This PR: global regex in claude-author-automerge.yml, its mirror in selftest/test_automerge_risk_patterns.sh, the shared selftest/risk_patterns_corpus.txt (RISKY + SAFE, read by both GH and BB selftests), and this repo's .github/risk-paths.yml classifier.
  • dotclaude (separate, local): bb-automerge.py HIGH_RISK_PATTERNS, the CLAUDE.md Claude-authored-PR policy + 2026-05-24 lesson, and install-automerge-policy.sh prose.

Verification

  • GH selftest ✅ + BB selftest ✅ (166 corpus cases)
  • Full uv run pytest -q ✅ (7 passed)
  • classify.mjs functionally confirmed: dependabot.ymlblocked, action(s)/sensitive, actionlint.yml/ISSUE_TEMPLATE/root-dependabot.yml→non-risk
  • Codex pre-review: 6 rounds, converged clean (each round hardened the action-location coverage; closed permanently via the reserved-filename rule)

Auto-merge rationale: MANUAL — touches .github/workflows/** (risk-tier) and PRs to topcoder1/ci-workflows are always manual click-merge. Auto-merge intentionally NOT enabled.

🤖 Generated with Claude Code

…sk-tier

The claude-author-automerge risk-tier regex covered `.github/workflows/**`
but not sibling non-workflow `.github/` surfaces. On 2026-07-10 ~15:13 UTC
six Claude-authored PRs whose ONLY change was `.github/dependabot.yml`
auto-merged fleet-wide (attaxion_marketing#18, basecamp-mcp#32, hr-center#20,
wxa-secrets#23, wxa_marketing#41, wxa_sanctions#27), contradicting the
CLAUDE.md policy that classifies `.github` production-infra config as
manual click-merge.

Add three enumerated patterns (house style per the 2026-05-24 lesson —
literal-segment alternations, never blanket `.github/**` which would sweep
in README-ish files):

  - `^\.github/dependabot\.ya?ml$`  dependency-automation config (controls
    what auto-merges; can set insecure-external-code-execution)
  - `^\.github/actions?/.*`         repo-local composite actions, singular
    or plural (executed CI code)
  - `^\.github/scripts/.*`          workflow-invoked scripts (executed CI code)

Plus `(^|/)action\.ya?ml$` — GitHub's reserved action-definition filename
gated at any depth (like the existing Dockerfile/main.go/.sql filename rules),
so actions living outside `.github/action(s)/` are still caught.

Kept auto-mergeable (verified SAFE in the corpus): `.github/ISSUE_TEMPLATE/`,
`PULL_REQUEST_TEMPLATE.md`, `FUNDING.yml`, `actionlint.yml`, root
`dependabot.yml`, and `reaction.yaml`/`transaction.yml` filename lookalikes.

Mirrored into the shared corpus (RISKY + SAFE cases, read by both the GH and
BB selftests) and this repo's `.github/risk-paths.yml` classifier. The BB
counterpart in bb-automerge.py (dotclaude) and the CLAUDE.md/installer policy
prose are updated in lockstep.

Verified: GH + BB selftests green (166 corpus cases), full pytest suite green,
classify.mjs functionally confirmed (dependabot->blocked, action(s)->sensitive,
actionlint/README-ish->non-risk). Codex pre-review: 6 rounds, converged clean.

Auto-merge rationale: MANUAL — touches `.github/workflows/**` (risk-tier) and
PRs to topcoder1/ci-workflows are always manual click-merge.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@github-actions github-actions Bot added the risk:blocked Risk class: blocked label Jul 10, 2026
@github-actions

Copy link
Copy Markdown

Risk class: blocked — manual merge required.

This PR touches one of the blocked path categories from .github/risk-paths.yml (Dockerfiles, docker-compose, .github/workflows/**, **/.env*, **/secrets*, infra/, terraform/, k8s/, or the classifier config itself).

Auto-merge is refused by claude-author-automerge.yml. A maintainer should review the diff and click "Squash and merge" themselves.

(This is a policy notice, not a code-quality failure. The classify job itself does not fail — required CI checks remain authoritative for "is the code green.")

@github-actions

Copy link
Copy Markdown

Coverage Floor — mode: enforce

metric value
measured 100.0%
floor (current) 99.0%
target 100.0%
last bumped 2026-05-12

@claude

claude Bot commented Jul 10, 2026

Copy link
Copy Markdown

No issues found. Regex additions are correctly anchored, consistent across the workflow/selftest/corpus, and covered by new RISKY+SAFE corpus cases (incl. lookalikes like reaction.yaml/actionlint.yml/root-dependabot.yml).

@topcoder1 topcoder1 merged commit 88844dd into main Jul 10, 2026
13 checks passed
@topcoder1 topcoder1 deleted the claude/friendly-tereshkova-e50b50 branch July 10, 2026 20:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

risk:blocked Risk class: blocked

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant