Dear Zero King, On 4 June 2017 at 14:49, Zero King wrote: > Hi, > > GSoC coding phrase has begun and I'm implementing a CI bot that runs on > Travis CI and tests pull requests. > > My project includes two bots, the CI bot testing pull requests and the > PR bot assigning labels to PRs and notify maintainers. > > The design docs are available at https://github.com/l2dy/mpbot-design, > but the code is not functional yet so I'm not sharing it for now.
Thank you very much for the update. There's one thing I didn't fully understand: https://github.com/l2dy/mpbot-design/blob/master/cibot.md#interaction-with-ci-bot > "This design is aimed for traceability, we can find the exact GitHub user who > submitted a malicious PR." I understand that you can neither trust the author's nor committer's email from the git commit history, but doesn't GitHub provide a reliable information about who submitted the pull request? Of course one can have a stolen identity (username/password or key), but I probably don't understand at which point you wanted to identify the user submitting a PR. Or did you want to identify user trying to chat with the bots? You asked about extraction of list of ports which is currently a combination of https://github.com/macports/macports-infrastructure/blob/f79cc559611e5f42dd26808f38cd0750beee12bf/buildbot/master.cfg#L32 and list-subports in mpbb. I guess the first function could be implemented in mpbb instead. And maybe mpbb could get some more branching (if-else statements) depending on whether it runs for "production" (buildbot) or "testing" (Travis). Or maybe some functionality from mpbb could even move to the MacPorts core. > My schedule next week is to finish `port install` testing in the CI bot > and publish its code. Looking forward to it :) Thanks again for the update, Mojca
