fix(ci): correct GitHub ruleset API parameter names#17
Conversation
Align pull_request and required_status_checks rule params with the actual GitHub rulesets API schema. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 07ee9de588
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| { | ||
| "type": "pull_request", | ||
| "parameters": { | ||
| "allowed_merge_methods": ["squash", "merge"], |
There was a problem hiding this comment.
Hard-coding allowed_merge_methods to squash and merge changes more than the API shape here: it also disables rebase for every repo that runs this script. GitHub's ruleset docs note that a pull-request rule will block merging if the ruleset requires a method the repository settings don't allow, so any repo configured for rebase-only merges (or that later switches to rebase-only) becomes unmergeable after this script runs. This should be derived from the repo's actual merge settings or include rebase as well.
Useful? React with 👍 / 👎.
| "parameters": { | ||
| "strict_status_checks_policy": true, | ||
| "strict_required_status_checks_policy": true, | ||
| "do_not_enforce_on_create": false, |
There was a problem hiding this comment.
Setting do_not_enforce_on_create to false makes the required build-and-test check apply even when refs/heads/main is being created. On a fresh repo, or if main ever has to be recreated, that is a chicken-and-egg failure: the branch cannot be created because the check has not run yet, and the check cannot run until the branch exists. This is especially risky in a setup script whose job is to bootstrap protection on a repository.
Useful? React with 👍 / 👎.
Actor ID 5 (RepositoryRole: admin) can merge without waiting for approval reviews. All other contributors still require 1 approval and passing CI. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 participant
Summary
strict_status_checks_policy→strict_required_status_checks_policyallowed_merge_methodsandrequired_review_thread_resolutionparams to pull_request ruledo_not_enforce_on_createparam to status checks ruleTest plan
🤖 Generated with Claude Code