From 54ffc0cb24188385c574b7d4e1fdbde0c6d2c857 Mon Sep 17 00:00:00 2001 From: Marcel van der Veldt Date: Tue, 21 Oct 2025 21:56:34 +0200 Subject: [PATCH] fix typo in workflow --- .github/workflows/auto-merge-dependency-updates.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/auto-merge-dependency-updates.yml b/.github/workflows/auto-merge-dependency-updates.yml index 6e23709f..bf0a0f79 100644 --- a/.github/workflows/auto-merge-dependency-updates.yml +++ b/.github/workflows/auto-merge-dependency-updates.yml @@ -24,12 +24,11 @@ jobs: # Security check 1: Ensure PR is from a trusted actor AUTHOR="${{ github.event.pull_request.user.login }}" - # Allow only the github-actions bot or specific trusted users/bots - # Adjust this list based on your setup + # Allow only the github-actions bot, music-assistant-machine, or specific trusted bots if [[ "$AUTHOR" != "github-actions[bot]" ]] && \ - [[ "$AUTHOR" != "dependabot[bot]" ]]; then + [[ "$AUTHOR" != "music-assistant-machine" ]]; then echo "❌ PR author '$AUTHOR' is not a trusted automation account" - echo "Only github-actions[bot] is allowed to trigger auto-merge" + echo "Only github-actions[bot], music-assistant-machine are allowed to trigger auto-merge" exit 1 fi @@ -52,10 +51,11 @@ jobs: echo "✅ PR has required 'dependencies' label" # Security check 3: Verify commit author matches expected automation - # The commits should be authored by github-actions[bot] + # The commits should be authored by the trusted automation account COMMIT_AUTHOR=$(gh pr view "$PR_NUMBER" --json commits --jq '.commits[-1].authors[0].login') if [[ "$COMMIT_AUTHOR" != "github-actions[bot]" ]] && \ + [[ "$COMMIT_AUTHOR" != "music-assistant-machine" ]] && \ [[ "$COMMIT_AUTHOR" != "${{ github.event.pull_request.user.login }}" ]]; then echo "❌ Commit author '$COMMIT_AUTHOR' does not match PR author" exit 1 -- 2.34.1