[llvm] [workflows] Split pr-code-format into two parts to make it more secure (PR #78216)
Aiden Grossman via llvm-commits
llvm-commits at lists.llvm.org
Mon Jan 15 22:44:51 PST 2024
================
@@ -72,9 +58,17 @@ jobs:
# explicitly in code-format-helper.py and not have to diff starting at
# the merge base.
run: |
- python ./code-format-tools/llvm/utils/git/code-format-helper.py \
+ python ./llvm/utils/git/code-format-helper.py \
+ --write-comment-to-file \
--token ${{ secrets.GITHUB_TOKEN }} \
--issue-number $GITHUB_PR_NUMBER \
--start-rev $(git merge-base $START_REV $END_REV) \
----------------
boomanaiden154 wrote:
The start revision and end revision I think would need to be adjusted? Now that this is a `pull_request` workflow, we get a merge commit merging the PR into `main` (or whatever the target branch is), so I think we can probably just do `HEAD~1` and `HEAD`? I can't remember what Github ends up setting `base.sha` and `head.sha` to here.
https://github.com/llvm/llvm-project/pull/78216
More information about the llvm-commits
mailing list