fix(settle-tier4): accept admin collaborator settlements#8408
Conversation
Aragora Code ReviewAdvisory-only review. No issues found. |
|
Closing as a duplicate of #8412 (consolidating the Both PRs solve the same root cause — on the org-owned repo, admin operators show
For a Tier-4 merge-authority boundary, fail-closed-when-unconfigured wins, so #8412 is the keeper. The one thing worth porting from here is the policy-rationale comment on the trust constant. No functionality is lost by closing this; #8412 supersedes it. Generated by Claude Code |
|
Closing as duplicate/superseded by merged PR #8412. The prior thread already recorded why #8412 is the keeper: it implements the admin-COLLABORATOR Tier-4 settlement fix with the fail-closed allowlist/admin-permission boundary, while this draft trusts admin collaborators more broadly. #8412 merged at c8f9cfa and current main contains the stricter COLLABORATOR allowlist checks. This closes queue residue only; no settlement, merge, or branch-protection mutation is being performed. |
Summary
COLLABORATORsettlement comments likeMEMBERcomments when live repo admin permission verifies the login.Validation
python3 -m pytest tests/scripts/test_settle_tier4_pr.pygit diff --checkNotes
COLLABORATOR, whilesettle_tier4_pr.py --checkonly treatedOWNERand adminMEMBERas trusted.