assignUser commented on PR #38523: URL: https://github.com/apache/arrow/pull/38523#issuecomment-1793305983
@jonkeane well it is closely related, if we don't manage to get the permission working (which is the case based on you findings) there will also not be a way to do the rebase and we can remove both steps in this PR. Good catch with the docs, this is def. something that worked previously but it seems that they removed this possibility with the rework of default permissions this year. The setting mentioned above is something we/INFRA will never enable for security reasons as it would remove the protections that the `pull_request` trigger gives us and allow for all kinds of bad things to happen^^ IIUC this is meant for use within orgs for private repos where you want to use private forks instead of branches. So the conclusion seems to be that this is not possible anymore in an automated way? Individuals with `write` access to the base repo(apache/arrow) can still manually push changes to the fork branch if the checkmark 'Maintainers are allowed to edit this pull request.' is set but the generated `GITHUB_TOKEN`'s can't? + changes via web gui. :/ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
