Skip to content

ci(Mergify): configuration update #124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
unclesp1d3r merged 1 commit into from
Mar 1, 2026
Merged

ci(Mergify): configuration update #124

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 17 additions & 35 deletions .mergify.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,31 +4,25 @@ queue_rules:
merge_conditions:
- check-success = quality
- check-success = test
- "check-success = test-cross-platform (ubuntu-latest, Linux)"
- "check-success = test-cross-platform (ubuntu-22.04, Linux)"
- "check-success = test-cross-platform (macos-latest, macOS)"
- "check-success = test-cross-platform (windows-latest, Windows)"
- check-success = test-cross-platform (ubuntu-latest, Linux)
- check-success = test-cross-platform (ubuntu-22.04, Linux)
- check-success = test-cross-platform (macos-latest, macOS)
- check-success = test-cross-platform (windows-latest, Windows)
- check-success = coverage

pull_request_rules:
# Tier 1: Trusted bot PRs -- auto-approve and queue immediately
- name: Auto-approve and queue dependabot PRs
conditions:
- base = main
- author = dependabot[bot]
- -draft
- label != do-not-merge
# release.yml is autogenerated by cargo-dist -- dependabot updates to
# pinned actions in it will break the release pipeline. Dependabot has no
# way to ignore specific workflow files, so we block it here instead.
- -files~=\.github/workflows/release\.yml
actions:
review:
type: APPROVE
message: Automatically approved by Mergify
queue:
name: default

- name: Auto-approve and queue dosu PRs
conditions:
- base = main
Expand All @@ -41,45 +35,38 @@ pull_request_rules:
message: Automatically approved by Mergify
queue:
name: default

- name: Auto-queue release-plz PRs
conditions:
- base = main
- "head ~= ^release-plz-"
- head ~= ^release-plz-
- -draft
- label != do-not-merge
actions:
queue:
name: default

# Tier 2: Maintainer PRs -- queue when maintainer self-labels 'lgtm'
# (no approval required; solves the sole-maintainer self-merge problem)
- name: Queue maintainer PRs with lgtm label
conditions:
- base = main
- "author=@maintainers"
- author=@maintainers
- -draft
- label = lgtm
- label != do-not-merge
actions:
queue:
name: default

# Tier 3: External contributor PRs -- require maintainer approval
- name: Queue external PRs when approved by maintainer
conditions:
- base = main
- "-author=@maintainers"
- -author=@maintainers
- author != dependabot[bot]
- author != dosubot[bot]
- "-head ~= ^release-plz-"
- -head ~= ^release-plz-
- -draft
- "approved-reviews-by=@maintainers"
- approved-reviews-by=@maintainers
- label != do-not-merge
actions:
queue:
name: default

- name: Keep PRs up to date with main
conditions:
- base = main
Expand All @@ -89,33 +76,28 @@ pull_request_rules:
- label != do-not-merge
actions:
update: {}

merge_protections:
- name: Enforce conventional commit
description: Make sure that we follow https://www.conventionalcommits.org/en/v1.0.0/
if:
- base = main
success_conditions:
- "title ~= ^(fix|feat|docs|style|refactor|perf|test|build|ci|chore|revert)(?:\\\\(.+\\\\))?!?:"

- "title ~=
^(fix|feat|docs|style|refactor|perf|test|build|ci|chore|revert)(?:\\\\(\
.+\\\\))?!?:"
Comment on lines +85 to +87
Copy link

Copilot AI Mar 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The conventional-commit protection condition is now split across multiple YAML lines inside a double-quoted string, including a line-continuation escape. This is easy to accidentally break and can change the exact string Mergify evaluates. Consider keeping this condition on a single line (as before) or using a folded scalar (e.g., >-) to make the final evaluated string unambiguous.

Copilot uses AI. Check for mistakes.
- name: CI must pass
description: >-
All CI checks must pass. This protection prevents manual merges
description: All CI checks must pass. This protection prevents manual merges
that bypass the merge queue.
if:
- base = main
success_conditions:
- check-success = quality
- check-success = test
- "check-success = test-cross-platform (ubuntu-latest, Linux)"
- "check-success = test-cross-platform (ubuntu-22.04, Linux)"
- "check-success = test-cross-platform (macos-latest, macOS)"
- "check-success = test-cross-platform (windows-latest, Windows)"
- check-success = coverage

- check-success = test-cross-platform (ubuntu-latest, Linux)
- check-success = test-cross-platform (macos-latest, macOS)
- check-success = test-cross-platform (windows-latest, Windows)
Comment on lines 93 to +97
Copy link

Copilot AI Mar 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

merge_protections.CI must pass no longer requires the test and coverage checks, and it also dropped the test-cross-platform (ubuntu-22.04, Linux) matrix job. This weakens the protection and allows manual merges that bypass parts of CI (even though the queue still requires them). Add back the missing required checks so the protection matches the intended CI gate.

Copilot uses AI. Check for mistakes.
- name: Do not merge outdated PRs
description: Make sure PRs are within 10 commits of the base branch before merging
if:
- base = main
success_conditions:
- "#commits-behind <= 10"
- "#commits-behind <= 3"
Comment on lines 99 to +103
Copy link

Copilot AI Mar 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The outdated-PR protection now enforces #commits-behind <= 3, but the description still says PRs must be within 10 commits. Either update the description to match the new threshold or revert the threshold change. Also confirm the tighter limit is intended, since it can block merges/queueing more aggressively than before.

Copilot uses AI. Check for mistakes.
Loading