github-actions[bot] commented on code in PR #62232:
URL: https://github.com/apache/doris/pull/62232#discussion_r3064564604
##########
.github/workflows/license-eyes.yml:
##########
@@ -48,7 +48,37 @@ jobs:
with:
ref: ${{ github.event.pull_request.head.sha }}
+ - name: Get changed files
+ if: github.event_name == 'pull_request_target'
+ id: changed-files
+ uses: tj-actions/changed-files@v45
+ with:
+ separator: "\n"
+
+ - name: Generate incremental licenserc
+ if: github.event_name == 'pull_request_target' &&
steps.changed-files.outputs.all_changed_files != ''
+ env:
+ CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
+ run: |
+ python3 - <<'EOF'
+ import yaml, os
+
+ with open('.licenserc.yaml') as f:
+ config = yaml.safe_load(f)
+
+ changed = os.environ.get('CHANGED_FILES', '').strip().split('\n')
+ changed = [p.strip() for p in changed if p.strip()]
+
+ config['header']['paths'] = changed
Review Comment:
When `.licenserc.yaml` changes, this incremental rewrite becomes unsafe. The
step reads the new config and then replaces `header.paths` with only the
changed files. Because `.licenserc.yaml` is already in `paths-ignore`, License
Eye can end up checking zero files and still succeed. That means a PR can
change the global license configuration without validating that the new rules
still match the repository. Please fall back to the full `.licenserc.yaml`
whenever the config file itself is part of `CHANGED_FILES`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
