Skip to content

Bump cookie, cookie-parser and express #12

Bump cookie, cookie-parser and express

Bump cookie, cookie-parser and express #12

name: Check unallowed file changes
# **What it does**: If someone changes some files in the open repo, we prevent the pull request from merging.
# **Why we have it**: Some files can only be changed in the internal repository for security and workflow reasons.
# **Who does it impact**: Open source contributors.
on:
# Needed in lieu of `pull_request` so that PRs from a fork can be notified of unallowed changes.
pull_request_target:
permissions:
contents: read
pull-requests: write
jobs:
triage:
if: >-
${{
github.repository == 'github/docs' &&
github.event.pull_request.user.login != 'docs-bot' &&
github.event.pull_request.user.login != 'dependabot[bot]'
}}
runs-on: ubuntu-latest
steps:
- name: Check out repo
uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
- name: Set up Node and dependencies
uses: ./.github/actions/node-npm-setup
- name: Get files changed
uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50
id: filter
with:
# Base branch used to get changed files
base: 'main'
# Enables setting an output in the format in `${FILTER_NAME}_files
# with the names of the matching files formatted as JSON array
list-files: json
# Returns list of changed files matching each filter
filters: 'src/workflows/unallowed-contribution-filters.yml'
# When there are changes to files we can't accept, leave a comment
# explaining this to the PR author
- name: "Comment about changes we can't accept"
if: ${{ steps.filter.outputs.notAllowed || steps.filter.outputs.contentTypes}}
run: npm run unallowed-contributions
env:
REPO_OWNER_AND_NAME: ${{ github.repository }}
PR_NUMBER: ${{ github.event.number }}
FILE_PATHS_NOT_ALLOWED: ${{ steps.filter.outputs.notAllowed_files }}
FILE_PATHS_CONTENT_TYPES: ${{ steps.filter.outputs.contentTypes_files }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}