Validate that GAP directories only contain allowed files#35
Draft
magicmark wants to merge 7 commits into
Draft
Conversation
Restrict files in GAP directories to *.md and metadata.yml to prevent files that could poison developer environments (e.g. .nvmrc) from being merged. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
benjie
reviewed
May 21, 2026
| `Unexpected directory "${entry}" found. GAP directories may only contain *.md files and metadata.yml. If you believe this is in error, please ping @graphql/gaps-editors.`, | ||
| ); | ||
| } | ||
| if (entry === "metadata.yml" || entry.endsWith(".md")) { |
Address review feedback: skip dotfiles (e.g. .gitkeep) from the allowlist check, and permit metadata.json alongside metadata.yml. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Dotfiles like .nvmrc should still be rejected. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Catches cases like .foo.md that would otherwise pass the .md check. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Two plain functions, no abstractions. Validates YYYY-MM.md and YYYY-MM.yml in versions/, rejects dotfiles at both levels. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a file allowlist check to
validate-structure.js— GAP directories may now only contain*.mdfiles andmetadata.yml. Rejects unexpected files or subdirectories with a message pointing contributors to @graphql/gaps-editors.Motivation: prevent files like
.nvmrcfrom being merged that could inadvertently affect developer environments.Draft PR: This PR was sent by Claude and may not have yet been reviewed by markl.