fix(mergify): exempt release-plz PRs from CI merge protection

[unclesp1d3r]

Summary

• Exempt release-plz PRs (head ~= ^release-plz-) from the "CI must pass" merge protection
• Release-plz force-pushes when updating existing PRs, and GITHUB_TOKEN-triggered pushes suppress workflow events, so CI never runs on the new HEAD — causing the merge protection to hang indefinitely (see PR chore: release v0.2.0 #111)
• Release-plz PRs only bump versions and changelogs; the code was already tested on main. CI still runs in the merge queue as a final safety net.

Test plan

• Verify PR chore: release v0.2.0 #111 is no longer blocked by Mergify Merge Protections after this lands
• Verify non-release-plz PRs still require CI to pass

🤖 Generated with Claude Code

[coderabbitai]

Caution

Review failed

Failed to post review comments

Summary by CodeRabbit

• Chores
  • Updated merge protection rules to improve handling of automated release processes, with exemptions for release automation PRs.

Walkthrough

This PR modifies the .mergify.yml merge protection configuration, adjusting the regex pattern for conventional commit validation by changing backslash escaping, and adding an explicit exemption for release-plz PRs in the CI requirement protection due to their version-bumping behavior.

Changes

Cohort / File(s)	Summary
Conventional Commit Regex Pattern .mergify.yml	Modified the success_conditions regex for conventional commits, changing from double-escaped to single-escaped backslashes in the pattern.
Release-plz PR Exemption .mergify.yml	Expanded the "CI must pass" protection description and added explicit condition to skip CI validation when PR head matches release-plz prefix, since these PRs bump versions/changelogs and may trigger force-pushes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• ci: add Mergify merge queue and simplify CI #78: Modifies the same .mergify.yml merge_protections and also handles release-plz PR exemptions.
• ci(Mergify): add outdated PR protection #75: Updates the "CI must pass" merge_protections rules in .mergify.yml.
• ci: Mergify merge queue, dependabot integration, and CI simplification #79: Makes related changes to .mergify.yml for release-plz queue and condition handling.

Poem

🐰 A hop, a skip, escapes take flight,
Single backslashes dancing right!
Release-plz hops through without a care,
CI checks wave from everywhere! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: exempting release-plz PRs from CI merge protection in Mergify configuration.
Description check	✅ Passed	The description is directly related to the changeset, explaining the motivation and impact of exempting release-plz PRs from CI requirements.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/release-plz-merge-protection

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[mergify]

Merge Protections

Your pull request matches the following merge protections and will not be merged until they are valid.

🔴 Enforce conventional commit

This rule is failing.

Make sure that we follow https://www.conventionalcommits.org/en/v1.0.0/

• title ~= ^(fix|feat|docs|style|refactor|perf|test|build|ci|chore|revert)(?:\\(.+\\))?!?:

🟢 📃 Configuration Change Requirements

Wonderful, this rule succeeded.

Mergify configuration change

• check-success = Configuration changed

🟢 CI must pass

Wonderful, this rule succeeded.

All CI checks must pass. This protection prevents manual merges that bypass the merge queue.

• check-success = coverage
• check-success = quality
• check-success = test
• check-success = test-cross-platform (macos-latest, macOS)
• check-success = test-cross-platform (ubuntu-22.04, Linux)
• check-success = test-cross-platform (ubuntu-latest, Linux)
• check-success = test-cross-platform (windows-latest, Windows)

🟢 Do not merge outdated PRs

Wonderful, this rule succeeded.

Make sure PRs are within 10 commits of the base branch before merging

• #commits-behind <= 10

[dosubot]

Related Documentation

Checked 50 published document(s) in 1 knowledge base(s). No updates required.

^{How did I do? Any feedback?}  

[mergify]

🧪 CI Insights

Here's what we observed from your CI run for 67319c8.

🟢 All jobs passed!

But CI Insights is watching 👀

[Copilot]

Pull request overview

Updates Mergify merge protections to avoid release-plz PRs getting stuck due to GITHUB_TOKEN force-push behavior suppressing CI workflow runs, while still relying on the merge queue as the final CI gate.

Changes:

• Exempt release-plz-* PR branches from the “CI must pass” merge protection.
• Expand the merge protection description to document the rationale for the exemption.

[Copilot]

The CI-merge-protection exemption is based solely on the branch name (head ~= ^release-plz-). That makes it easy to unintentionally (or intentionally) bypass the “CI must pass” protection by naming a branch release-plz-*, even if the PR did not come from the release-plz automation. Consider tightening the exemption to also match the PR author (the bot account used by the release-plz workflow) and/or require a bot-applied label so only genuine release-plz PRs are exempt.

Suggested change

	- "-head ~= ^release-plz-"
	- or:
	- "-head ~= ^release-plz-"
	- "-author = release-plz[bot]"

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.