Skip to content

fix(argus): support fork PR reviews safely#256

Draft
bokelley wants to merge 1 commit into
mainfrom
fix/argus-fork-pr-reviews
Draft

fix(argus): support fork PR reviews safely#256
bokelley wants to merge 1 commit into
mainfrom
fix/argus-fork-pr-reviews

Conversation

@bokelley
Copy link
Copy Markdown
Contributor

@bokelley bokelley commented May 28, 2026

Summary

  • run Argus on pull_request_target so fork PRs can access the review App token and Anthropic secret
  • keep checkout pinned to the trusted base SHA and inspect PR changes through GitHub APIs
  • avoid local prior-SHA diffs in the skip check, falling back to full review when compare data is unavailable
  • read the review prompt from the trusted base SHA with a randomized heredoc sentinel

Validation

  • git diff --check

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ohalushchak-exadel ohalushchak-exadel Awaiting requested review from ohalushchak-exadel ohalushchak-exadel will be requested when the pull request is marked ready for review ohalushchak-exadel is a code owner

@BaiyuScope3 BaiyuScope3 Awaiting requested review from BaiyuScope3 BaiyuScope3 will be requested when the pull request is marked ready for review BaiyuScope3 is a code owner

@lockwoodscope lockwoodscope Awaiting requested review from lockwoodscope lockwoodscope will be requested when the pull request is marked ready for review lockwoodscope is a code owner

@EmmaLouise2018 EmmaLouise2018 Awaiting requested review from EmmaLouise2018 EmmaLouise2018 will be requested when the pull request is marked ready for review EmmaLouise2018 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bokelley