Address CodeRabbit review feedback

- Support both main and master branches (ComfyUI uses master) - Dynamically detect branch from push context instead of hardcoding - Fix approval check to use latest review per reviewer (handles dismissed reviews) - Add UNREVIEWED_MERGES_TOKEN validation before use - Add concurrency control to prevent duplicate issues - Fix version comment: v7 -> v7.1.0 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-28 20:03:04 +08:00 · 2026-05-27 16:14:15 -07:00
parent 863ca98fc2
commit 2ced468ab6
1 changed files with 28 additions and 6 deletions
--- a/.github/workflows/detect-unreviewed-merge.yml
+++ b/.github/workflows/detect-unreviewed-merge.yml
@ -2,7 +2,11 @@ name: Detect Unreviewed Merge

 on:
  push:
-    branches: [main]
+    branches: [main, master]
+
+concurrency:
+  group: detect-unreviewed-merge
+  cancel-in-progress: false

 permissions:
  contents: read
@ -13,13 +17,14 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check for unreviewed merge
-        uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7
+        uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0
        env:
          UNREVIEWED_MERGES_TOKEN: ${{ secrets.UNREVIEWED_MERGES_TOKEN }}
        with:
          script: |
            const sha = context.sha;
            const { owner, repo } = context.repo;
+            const branch = context.ref.replace('refs/heads/', '');

            // Find the PR associated with this merge commit
            const { data: prs } = await github.rest.repos.listPullRequestsAssociatedWithCommit({
@ -28,7 +33,7 @@ jobs:
              commit_sha: sha,
            });

-            const pr = prs.find(p => p.merged_at && p.base.ref === 'main');
+            const pr = prs.find(p => p.merged_at && p.base.ref === branch);
            if (!pr) {
              core.info('No merged PR found for this commit — skipping.');
              return;
@ -36,14 +41,26 @@ jobs:

            core.info(`Found PR #${pr.number}: ${pr.title}`);

-            // Check for approving reviews
+            // Determine effective approval state using latest review per reviewer
            const reviews = await github.paginate(github.rest.pulls.listReviews, {
              owner,
              repo,
              pull_number: pr.number,
            });

-            if (reviews.some(r => r.state === 'APPROVED')) {
+            const latestByReviewer = new Map();
+            for (const r of reviews) {
+              if (!r.user || r.state === 'COMMENTED') continue;
+              const prev = latestByReviewer.get(r.user.login);
+              if (!prev || new Date(r.submitted_at) > new Date(prev.submitted_at)) {
+                latestByReviewer.set(r.user.login, r);
+              }
+            }
+
+            const hasApproval = Array.from(latestByReviewer.values()).some(
+              r => r.state === 'APPROVED'
+            );
+            if (hasApproval) {
              core.info('PR has an approving review — no action needed.');
              return;
            }
@ -94,7 +111,7 @@ jobs:
              `| **Author** | @${pr.user.login} |`,
              `| **Merged by** | @${mergedBy} |`,
              `| **Merged at** | ${pr.merged_at} |`,
-              '| **Branch** | main |',
+              `| **Branch** | ${branch} |`,
            ];

            const policyRef = [
@ -139,6 +156,11 @@ jobs:
            }

            // Create issue in the tracking repo with the dedicated PAT
+            if (!process.env.UNREVIEWED_MERGES_TOKEN) {
+              core.setFailed('UNREVIEWED_MERGES_TOKEN secret is not configured');
+              return;
+            }
+
            const { getOctokit } = require('@actions/github');
            const tracking = getOctokit(process.env.UNREVIEWED_MERGES_TOKEN);