potiuk opened a new pull request, #152: URL: https://github.com/apache/airflow-steward/pull/152
## Summary Two related improvements to `security-issue-import`: 1. **Consolidated receipt pattern**: when N>1 trackers are imported from the same reporter or same source thread within one skill run, propose a single consolidated receipt-of-confirmation reply listing all N tracker URLs, instead of N redundant receipts. Reporters get one credit-preference question, not N. 2. **`Report (disposition converged)` sub-class**: detected when the inbound thread already has a team-member substantive technical disposition AND the reporter has acknowledged it before the tracker was created. The tracker is still created (audit trail) but the canned receipt is skipped (it would be tone-deaf) and a brief rollup entry notes the converged state. ## Motivation Both patterns surfaced in the 2026-05-14 import sweep against `airflow-s/airflow-s`: - Lokhesh Ujhoodha's 4 split-out GHSAs were correctly imported but the existing per-tracker receipt pattern would have sent him 4 redundant emails asking the credit-preference question 4 times. We sent a single consolidated reply manually. - airflow-s#408 (edge3 worker JWT) had Omkhar Arasaratnam's Option-1-or-Option-2 disposition already agreed with Jarek on the inbound thread, with the docs PR already open. The canned receipt-of-confirmation reply would have been tone-deaf. We skipped the draft manually. Codifying both patterns prevents the next operator from having to detect and handle these cases by hand. ## Test plan - [ ] Re-run `/security-issue-import` on a fixture where N>1 trackers share `From:` reporter and confirm one consolidated receipt is proposed, not N. - [ ] Re-run on a thread fixture where the team replied with "agreed Option 2, opening docs PR" and the reporter ack'd, then confirm the new `Report (disposition converged)` sub-class fires and the canned receipt is omitted. - [ ] Confirm a normal single-tracker import with no prior thread disposition still draws the canned receipt template — no regression. 🤖 Generated with [Claude Code](https://claude.com/claude-code) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
