Conversation
Comment on lines
+10
to
+28
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v6 | ||
| with: | ||
| show-progress: 'false' | ||
| - name: Trigger "On PR opened/updated (check)" for all open PRs | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| run: | | ||
| workflow_name="On PR opened/updated (check)" | ||
|
|
||
| gh pr list --state open --json number,headRefName --jq '.[] | "\(.number) \(.headRefName)"' | | ||
| while read pr branch; do | ||
| echo "Triggering '$workflow_name' for PR #$pr on ref '$branch'" | ||
|
|
||
| gh workflow run "$workflow_name" \ | ||
| --ref "$branch" \ | ||
| --field pr_number="$pr" | ||
| done |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
This autofix suggestion was applied.
Show autofix suggestion
Hide autofix suggestion
This autofix suggestion was applied.
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 months ago
To fix the issue, explicitly define a permissions block at the appropriate level (workflow root or relevant job). Since the job uses gh workflow run, it likely needs workflows: write, and possibly contents: read to run at all. The safest minimal fix is to add a permissions: section at the root of the workflow, limiting contents to read, and granting workflows: write. This way, all jobs (including the lone rerun job) will inherit these permissions unless otherwise specified. You should add the following lines after the name: field and before the on: field (per GitHub workflow conventions):
permissions:
contents: read
workflows: write
Suggested changeset
1
.github/workflows/rerun-merge-conflict-check.yml
| @@ -1,4 +1,7 @@ | ||
| name: Rerun PR merge conclicts check | ||
| permissions: | ||
| contents: read | ||
| workflows: write | ||
|
|
||
| on: | ||
| push: |
Copilot is powered by AI and may make mistakes. Always verify output.
…ain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Member
Author
|
We need to try out in This needs to go in quickly as it fixes the workflow name, too. |
Siedlerchr
added a commit
to EricW123/jabref
that referenced
this pull request
Dec 1, 2025
…ue676 * upstream/main: (227 commits) Adapt welcome message (JabRef#14487) Add message when closing a PR Add collection of "all" AI features (JabRef#14438) Trigger conflict-detection on push on main (JabRef#14479) Add unassigned_comment on comment issue New Crowdin updates (JabRef#14483) Tweak labels also at merge conflicts Merge --remove-label and --add-label Remove SmartGroup and refactor groups factory (JabRef#14398) more debug Support html when parsing arXiv identifiers (JabRef#14474) Add debug and fix run Remove "ready-for-review" if changes are required Have label move as last step of comment Add pr number to output change files to file(s) (JabRef#14465) Add CDS archive (JabRef#14476) Fix adapting labels (JabRef#14477) Chore(deps): Bump jablib/src/main/resources/csl-styles (JabRef#14468) Chore(deps): Bump net.bytebuddy:byte-buddy in /versions (JabRef#14472) ...
Siedlerchr
added a commit
to tejjgv/jabref
that referenced
this pull request
Dec 2, 2025
* upstream/main: (102 commits) Adapt welcome message (JabRef#14487) Add message when closing a PR Add collection of "all" AI features (JabRef#14438) Trigger conflict-detection on push on main (JabRef#14479) Add unassigned_comment on comment issue New Crowdin updates (JabRef#14483) Tweak labels also at merge conflicts Merge --remove-label and --add-label Remove SmartGroup and refactor groups factory (JabRef#14398) more debug Support html when parsing arXiv identifiers (JabRef#14474) Add debug and fix run Remove "ready-for-review" if changes are required Have label move as last step of comment Add pr number to output change files to file(s) (JabRef#14465) Add CDS archive (JabRef#14476) Fix adapting labels (JabRef#14477) Chore(deps): Bump jablib/src/main/resources/csl-styles (JabRef#14468) Chore(deps): Bump net.bytebuddy:byte-buddy in /versions (JabRef#14472) ...
shubhamk0205
pushed a commit
to shubhamk0205/jabref
that referenced
this pull request
Dec 3, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Triggered by following output:
I think, a daily check is enough - to not pollute our actions run list
When action runs:
Then for each trigger:
If there is a conflict:
Mandatory checks
CHANGELOG.mdin a way that is understandable for the average user (if change is visible to the user)