Skip to content

fix(workflows): add bot filter to dependency PR review workflow#1362

Merged
bindsi merged 4 commits intomainfrom
fix/dependency-pr-review-bot-filter
Apr 14, 2026
Merged

fix(workflows): add bot filter to dependency PR review workflow#1362
bindsi merged 4 commits intomainfrom
fix/dependency-pr-review-bot-filter

Conversation

@bindsi
Copy link
Copy Markdown
Member

@bindsi bindsi commented Apr 14, 2026

superseding PR #1358

fix(workflows): add bot filter to dependency PR review workflow

The dependency PR review agentic workflow triggered for any pull request matching dependency file paths, regardless of author. Human-authored PRs touching those paths (e.g., .github/workflows/*.yml) spun up the full pre-activation → activation → agent pipeline before the agent could call noop to exit. This wasted CI resources on ineligible runs.

Added the bots: ["dependabot[bot]"] frontmatter field to the on: section, which moves the actor check from agent runtime to the platform pre-activation job. The existing runtime noop activation guard remains as defense-in-depth. Recompiled all agentic workflow lock files with the latest gh-aw compiler.

Description

Observed in actions/runs/24359308843, where a synchronize event from a human contributor on PR #1353 triggered the full workflow pipeline unnecessarily.

Recompiled all 5 agentic workflow lock files from gh-aw v0.65.4 to v0.68.1, resolving two distinct runtime failures that caused repeated "No Safe Outputs Generated" errors across 20+ workflow runs.

The old compiler version generated lock files with incompatible configurations for the current runtime environment, causing both checkout failures and MCP server policy blocks.

Workflow Bot Filter

  • Added bots: ["dependabot[bot]"] to the on: frontmatter in dependency-pr-review.md, restricting pre-activation to Dependabot-authored PRs only
  • The platform pre-activation job now injects GH_AW_ALLOWED_BOTS: "dependabot[bot]" and rejects non-Dependabot actors before the agent job queues
  • Preserved the existing runtime activation guard (noop call when PR author is not dependabot[bot]) as a second layer of defense

Lock File Regeneration

Recompiled all agentic workflow lock files via gh aw compile, picking up the bots: field and a compiler version upgrade.

  • dependency-pr-review.lock.yml — now includes GH_AW_ALLOWED_BOTS check in pre-activation
  • doc-update-check.lock.yml — compiler version bump
  • issue-implement.lock.yml — compiler version bump
  • issue-triage.lock.yml — compiler version bump
  • pr-review.lock.yml — compiler version bump
  • actions-lock.json — updated action SHA references

Root Causes Fixed

The sparse-checkout failure in dependency-pr-review occurred because the v0.65.4 compiler merged on.pull_request.paths glob patterns (**/requirements.txt, **/pyproject.toml) into the git sparse-checkout set command. Git cone-mode rejects ** glob patterns with fatal: specify directories rather than patterns.

The MCP policy blocking affected all workflows. Lock files compiled with AWF v0.25.6 and MCP Gateway v0.2.14 were incompatible with the updated runtime's stricter MCP server policies, causing 2 MCP servers were blocked by policy: 'github', 'safeoutputs'. The agent completed reviews but could not submit results through safe-output tools.

Version Upgrades

All lock files updated to the same component versions:

Component Before After
gh-aw compiler v0.65.4 v0.68.1
AWF (firewall) v0.25.6 v0.25.18
MCP Gateway v0.2.14 v0.2.17
actions/github-script v8 v9
github/gh-aw-actions/setup v0.65.6 v0.68.1

The actions-lock.json consolidated 4 stale github/gh-aw-actions/setup version pins (v0.63.1, v0.65.4, v0.65.6, v0.67.1) into a single v0.68.1 entry.

Related Issue(s)

Fixes #1261
Fixes #1357
Fixes #1361

Type of Change

Select all that apply:

Code & Documentation:

  • Bug fix (non-breaking change fixing an issue)
  • New feature (non-breaking change adding functionality)
  • Breaking change (fix or feature causing existing functionality to change)
  • Documentation update

Infrastructure & Configuration:

  • GitHub Actions workflow
  • Linting configuration (markdown, PowerShell, etc.)
  • Security configuration
  • DevContainer configuration
  • Dependency update

AI Artifacts:

  • Reviewed contribution with prompt-builder agent and addressed all feedback
  • Copilot instructions (.github/instructions/*.instructions.md)
  • Copilot prompt (.github/prompts/*.prompt.md)
  • Copilot agent (.github/agents/*.agent.md)
  • Copilot skill (.github/skills/*/SKILL.md)

Note for AI Artifact Contributors:

  • Agents: Research, indexing/referencing other project (using standard VS Code GitHub Copilot/MCP tools), planning, and general implementation agents likely already exist. Review .github/agents/ before creating new ones.
  • Skills: Must include both bash and PowerShell scripts. See Skills.
  • Model Versions: Only contributions targeting the latest Anthropic and OpenAI models will be accepted. Older model versions (e.g., GPT-3.5, Claude 3) will be rejected.
  • See Agents Not Accepted and Model Version Requirements.

Other:

  • Script/automation (.ps1, .sh, .py)
  • Other (please describe):

Sample Prompts (for AI Artifact Contributions)

User Request:

Execution Flow:

Output Artifacts:

Success Indicators:

For detailed contribution requirements, see:

Testing

  • Verified bots: field placement at line 13 in the frontmatter at the correct indentation level within the on: block.
  • Confirmed runtime noop activation guard remains intact at lines 57-62.
  • Confirmed GH_AW_ALLOWED_BOTS: "dependabot[bot]" present in the compiled dependency-pr-review.lock.yml.
  • Security analysis: no sensitive data exposure, no privilege changes, no dependency vulnerabilities.
  • All required automated checks passed (markdown lint, spell check, frontmatter validation, skill validation, link validation, PowerShell analysis).
  • Manual testing was not performed.

Checklist

Required Checks

  • Documentation is updated (if applicable) (N/A — no documentation changes required)
  • Files follow existing naming conventions
  • Changes are backwards compatible (if applicable)
  • Tests added for new functionality (if applicable) (N/A — frontmatter field change; no testable code)

AI Artifact Contributions

  • Used /prompt-analyze to review contribution
  • Addressed all feedback from prompt-builder review
  • Verified contribution follows common standards and type-specific requirements

Required Automated Checks

The following validation commands must pass before merging:

  • Markdown linting: npm run lint:md
  • Spell checking: npm run spell-check
  • Frontmatter validation: npm run lint:frontmatter
  • Skill structure validation: npm run validate:skills
  • Link validation: npm run lint:md-links
  • PowerShell analysis: npm run lint:ps

Notes

  • Lock files are generated output from gh aw compile and should not be edited directly.
  • All lock files were recompiled together, picking up both the bots: field and a compiler version upgrade to the gh-aw action references.

Follow-up Tasks

  • Verify the next Dependabot PR correctly activates the workflow after merge.

@bindsi
fix(workflows): add bot filter to dependency PR review workflow
f63070c 
Add bots: ["dependabot[bot]"] to the on: frontmatter section so the
pre-activation job rejects non-Dependabot actors before the agent job
queues, preventing unnecessary CI resource consumption.

Fixes #1361
@bindsi bindsi requested a review from a team as a code owner April 14, 2026 08:47
bindsi added 2 commits April 14, 2026 09:49
@bindsi
fix(workflows): add bot filter to dependency PR review workflow
5bd0bb7 
Add bots: ["dependabot[bot]"] to the on: frontmatter section so the
pre-activation job rejects non-Dependabot actors before the agent job
queues, preventing unnecessary CI resource consumption.

Fixes #1361
@bindsi
chore(workflows): remove deprecated GitHub Action versions from lock …
e61143d 
…file

Signed-off-by: Marcel Bindseil <[email protected]>
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Apr 14, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.65%. Comparing base (2ccede8) to head (c455c79).

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1362      +/-   ##
==========================================
- Coverage   87.66%   87.65%   -0.02%     
==========================================
  Files          61       61              
  Lines        9328     9328              
==========================================
- Hits         8177     8176       -1     
- Misses       1151     1152       +1
Flag Coverage Δ
pester 85.22% <ø> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 1 file with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@github-actions github-actions Bot mentioned this pull request Apr 14, 2026
Open
github-actions[bot]
github-actions Bot reviewed Apr 14, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Advisory review, this PR is from a maintainer. Findings are informational only.

Review Overview

The changes clearly address the stated root causes and are well-scoped. The single-line addition to dependency-pr-review.md is the meaningful functional change; the remaining 6 files are compiler-generated lock file updates that pick up the new bots: field and version upgrades.

✅ Issue Alignment

All linked issues are directly addressed:

  • #1261 — MCP policy blocks ('github', 'safeoutputs' servers blocked) resolved by recompiling against gh-aw v0.68.1 / MCP Gateway v0.2.17.
  • #1361 — Bot filter (bots: ["dependabot[bot]"]) moves the actor check from agent runtime to the pre-activation job, preventing unnecessary CI pipeline runs for human-authored PRs.
  • The root cause explanations in the PR description (sparse-checkout cone-mode rejection of ** globs, AWF v0.25.6 MCP policy incompatibility) are accurate and well-documented.

⚠️ PR Template Compliance

The PR body appears to have been authored against a prior version of the template. Two sections present in the current .github/PULL_REQUEST_TEMPLATE.md are absent from the PR description:

  1. Security Considerations section — three checkboxes (sensitive/NDA data, dependency security review, least-privilege attestation) are missing. The author did address security concerns in prose within the Testing section, so the substance is covered.
  2. Required Automated Checks — the current template includes npm run plugin:generate and npm run docs:test which are not listed in the PR body. Given the nature of this change (workflow infrastructure only), these are N/A, but noting for process completeness.

✅ Coding Standards

All action references in the compiled manifests use full commit SHAs, satisfying the repository's dependency pinning requirements. The actions: read permission addition across all lock files is appropriate for the gh-aw runtime's workflow state inspection. Lock files carry the DO NOT EDIT notice and are correctly treated as compiler output.

💡 Code Quality — Dual SHA Observation

See the inline comment on dependency-pr-review.lock.yml line 2 for an informational note on the two distinct SHAs for actions/github-script@v9 in the compiled manifests.

Note

🔒 Integrity filter blocked 1 item

The following item were blocked because they don't meet the GitHub integrity level.

  • #1357 issue_read: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

To allow these resources, lower min-integrity in your GitHub frontmatter:

tools:
  github:
    min-integrity: approved  # merged | approved | unapproved | none

Generated by PR Review for issue #1362 · ● 1.6M

Comment thread .github/workflows/dependency-pr-review.lock.yml
github-actions[bot]
github-actions Bot reviewed Apr 14, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Advisory Review

Advisory review — this PR is from a maintainer. Findings are informational only.

Overview

This PR correctly addresses CI inefficiency and repeated "No Safe Outputs Generated" failures by (1) adding a bots: ["dependabot[bot]"] pre-activation filter to dependency-pr-review.md and (2) recompiling all five agentic workflow lock files with gh-aw v0.68.1. The defense-in-depth approach — platform actor check plus the preserved runtime noop activation guard — is a sound pattern. The lock file regeneration is well-scoped and the root causes (sparse-checkout glob failure, MCP policy incompatibility) are clearly explained in the PR description.

1. Issue Alignment ✅

  • #1261 (Dependabot PR Review failures): Addressed by the compiler version upgrade that resolves the MCP server policy blocks.
  • #1357: Could not be read due to an integrity policy restriction; the PR description provides sufficient context that it maps to the same class of "No Safe Outputs Generated" failures.
  • #1361 (Workflow triggers for non-Dependabot PRs): Directly addressed by the bots: frontmatter field. The issue description, root cause analysis, and fix all align precisely with the code change.

2. PR Template Compliance ⚠️

Two minor gaps relative to the template at .github/PULL_REQUEST_TEMPLATE.md:

Missing Security Considerations section — The template includes a ## Security Considerations block with three checkboxes:

  • This PR does not contain any sensitive or NDA information
  • Any new dependencies have been reviewed for security issues
  • Security-related scripts follow the principle of least privilege

The PR description omits this section entirely. The Testing section does cover security inline ("Security analysis: no sensitive data exposure, no privilege changes, no dependency vulnerabilities"), but the formal template section and its checkboxes are absent.

Missing two Required Automated Checks — The template includes eight validation commands, but the PR description only lists six. Missing:

  • npm run plugin:generate
  • npm run docs:test

For a pure lock-file + frontmatter change these may genuinely be N/A, but they should be acknowledged with an explicit N/A annotation in the checklist to keep the template complete.

3. Coding Standards ✅

The only human-authored change is the single-line bots: ["dependabot[bot]"] addition in dependency-pr-review.md. Its placement as a sibling to pull_request: within the on: block matches the gh-aw frontmatter schema described in issue #1361. The five lock files and actions-lock.json are generated output from gh aw compile and carry SHA-pinned action references throughout — consistent with the workflow pinning requirements in .github/instructions/hve-core/github-actions-workflow.instructions.md.

One minor observation on the generated output: actions/upload-artifact retains the same SHA (bbbca2ddaa5d8feaa63e36b76fdaad77386f024f) across old and new lock files, but the version comment changes from # v4.4.3 to # v7. Since the SHA pin is the security-relevant artifact and lock files should not be manually edited, this is a compiler annotation change and not a concern — just worth noting for traceability.

4. Code Quality and Security ✅

  • No secrets, credentials, or sensitive data introduced.
  • No new external dependencies added.
  • Privilege scope is unchanged: contents: read, pull-requests: read remain the only permissions granted to the dependency reviewer.
  • The actions/github-script upgrade from v8v9 and github/gh-aw-actions/setup consolidation from four stale pins to a single v0.68.1 entry are clean housekeeping improvements.
  • The setupGlobals call now passes getOctokit as an additional argument in the compiled output — a compiler-managed API evolution, consistent with the v0.68.1 upgrade.

Action Items

# Area Item Blocking?
1 Template Add the ## Security Considerations section with checkboxes (or an explicit note that it was reviewed inline) No
2 Template Add npm run plugin:generate and npm run docs:test to the checklist with N/A annotations No

These are informational only and do not require changes before merge.

Note

🔒 Integrity filter blocked 1 item

The following item were blocked because they don't meet the GitHub integrity level.

  • #1357 issue_read: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".

To allow these resources, lower min-integrity in your GitHub frontmatter:

tools:
  github:
    min-integrity: approved  # merged | approved | unapproved | none

Generated by PR Review for issue #1362 · ● 1.4M

@bindsi bindsi merged commit 598f8da into main Apr 14, 2026
52 checks passed
@bindsi bindsi deleted the fix/dependency-pr-review-bot-filter branch April 14, 2026 13:42
This was referenced Apr 14, 2026
Merged
Open
WilliamBerryiii pushed a commit that referenced this pull request Apr 24, 2026
@hve-core-release-please @github-actions
chore(main): pre-release 3.3.101 (#1274)
0d4452b 
## Pre-Release 3.3.101

### ✨ Features

- add removed maturity tier and retire owasp-docker (#1444)
- add evaluation dataset creator (#1279)
- align RAI planner with guide, remove scoring, improve UX (#1287)
- add PSGallery staleness check and BOM cleanup (#1379)
- ISA-95 network planner agent (#1177)
- auto-generate collection.md with maturity filtering (#1316)
- add folder-consistency check and standardize WARN outp… (#1350)
- add synth-data-generate prompt to data-science collection (#1419)
- add canonical deck workflow and customer-card rendering for design
thinking (#1413)
- add Figma MCP integration for DT artifact export (#1222)
- introduce `owasp-docker` (#1245)
- replace hve-core-specific references with portable discovery-based
language (#1335)
- introduce `owasp-cicd` (#1246)
- add secure-by-design knowledge skill (#1223)
- introduce `owasp-infrastructure` (#1244)
- introduce `owasp-mcp` (#1207)
- add OutputPath parameter to Invoke-LinkLanguageCheck.ps1 (#1229)
- add -OutputPath parameter to Validate-SkillStructure.ps1 (#1225)
- add maintainer-only skip-review label guard (#1293)
- add extension collections overview and integrate into getting started
flow (#950)
- add agentic workflows for automated issue triage, implementation, PR
review, dependency review, and doc-staleness detection (#1219)
- consolidate package-lock.json version sync into
Update-VersionFiles.ps1 (#1240)
- add standards code review agent and full review orchestrator (#1174)
- standardize pytest-mock as Python mocking framework (#1170)
- add Jira backlog workflows and Jira/GitLab skills (#978)
- add centralized version bump script and supply-chain attestation
(#1183)

### 🐛 Bug Fixes

- pin PowerShell-Yaml to 0.4.7 across all install sites (#1378)
- close fork-PR/workflow-file-PR secret-strip gap and normalize
upload-artifact version (#1421)
- replace stream-based lookahead with array indexing in
list-changed-files.sh (#1376)
- centralize ISO 8601 timestamp regex in CIHelpers (#1343)
- update stale documentation date in release-process.md (#1363)
- pin basic-ftp to 5.3.0 to resolve GHSA-rp42-5vxx-qpwr (#1374)
- add bot filter to dependency PR review workflow (#1362)
- resolve pip-audit findings in powerpoint, gitlab, and jira skill lock
files (#1360)
- standardize Timestamp JSON key casing across all lint result files
(#1314)
- add synchronize trigger to PR Review workflow (#1323)
- standardize timestamp in Validate-SkillStructure.ps1 to use
Get-StandardTimestamp (#1280)
- add parallel subagent dispatch and structured JSON contracts to
code-review-full (#1304)
- standardize timestamp in SecurityHelpers.psm1 to use
Get-StandardTimestamp (#1284)
- standardize timestamps in Test-DependencyPinning.ps1 and
SecurityClasses.psm1 (#1282)
- derive collection artifact counts from YAML at build time (#1275)
- standardize timestamp in FrontmatterValidation.psm1 to use
Get-StandardTimestamp (#1285)
- standardize timestamp in Markdown-Link-Check.ps1 to use
Get-StandardTimestamp (#1283)
- escape hyphens in Mermaid diagram on Collections page (#1262)
- add summary timestamp to PSScriptAnalyzer output (#1211)
- fix plugin compatibility and robustness for coding-standards code
review agents (#1289)
- standardize timestamp in Test-CopyrightHeaders.ps1 to use
Get-StandardTimestamp (#1278)
- standardize timestamp in Invoke-YamlLint.ps1 to use
Get-StandardTimestamp (#1270)
- standardize timestamp in Invoke-LinkLanguageCheck.ps1 to use
Get-StandardTimestamp (#1264)
- fix dependency-review path filters and sparse-checkout cone mode
(#1259)
- replace invalid bare tool names with official tool identifiers (#1198)
- fix broken links and remove orphaned reference in code review docs
(#1257)
- exclude Python env dirs from skill validation warnings (#1255)
- pin happy-dom and serialize-javascript to resolve Dependabot
vulnerabilities (#1253)
- remove Mermaid diagram and add missing collection cards (#1247)
- disable MCP servers by default to prevent token limit errors (#1144)
- sync package-lock.json after pre-release version bump (#1236)
- separate mermaid node declarations and add dynamic diagram generation
with tests (#1215)
- replace anchor links in meeting-analyst with bold text references
(#1201)
- remove recursive symlinks in jira and gitlab skill directories (#1233)
- validate-installation scripts now check .github/skills directory
(#1010) (#1206)
- resolve npm audit vulnerabilities via dependency overrides (#1200)
- add post-release triggers to scorecard workflow (#1186)
- add missing .md extensions to relative links in agent documentation
(#1180)

### 📚 Documentation

- broaden Security Review description beyond OWASP (#1385)
- document maintainer advisory mode and skip-review label guard (#1386)
- document ExcludePaths/OutputPath for Invoke-LinkLanguageCheck (#1383)
- CLI getting-started: clarify plugin install commands as alternatives
(-all vs base) (#1251)

### ♻️ Refactoring

- align agent and prompt folder names to collection identifier (#1210)

### 🔧 Maintenance

- pin PSScriptAnalyzer to 1.25.0 and sync stale workflow version
comments (#1389)
- bump lxml from 6.0.2 to 6.1.0 in
/.github/skills/experimental/powerpoint (#1424)
- bump @vscode/vsce from 3.7.1 to 3.9.1 in the npm-dependencies group
(#1390)
- bump the github-actions group across 1 directory with 7 updates
(#1391)
- bump follow-redirects from 1.15.11 to 1.16.0 in /docs/docusaurus
(#1356)
- upgrade Node.js from 20 to 24 and bump cspell to v10 (#1353)
- bump basic-ftp from 5.2.0 to 5.2.1 (#1324)
- update github/gh-aw-actions requirement to
536ea1bad8c6715d098a9dc1afea8d403733acfe in the github-actions group
across 1 directory (#1298)
- update security instruction attributions and compliance (#1294)
- bump the npm-dependencies group with 2 updates (#1297)
- pre-release 3.3.41 (#1252)
- streamline RAI Planner phase structure and documentation (#1273)
- bump happy-dom from 20.8.8 to 20.8.9 in /docs/docusaurus (#1237)
- pre-release 3.3.27 (#1191)
- bump pygments from 2.19.2 to 2.20.0 in /.github/skills/gitlab/gitlab
(#1234)
- bump path-to-regexp from 0.1.12 to 0.1.13 in /docs/docusaurus (#1226)
- bump the github-actions group with 4 updates (#1231)
- add missing folders and alphabetize location lists (#1193)
- bump brace-expansion (#1224)
- bump handlebars from 4.7.8 to 4.7.9 in /docs/docusaurus (#1217)
- bump brace-expansion from 5.0.3 to 5.0.5 in /docs/docusaurus (#1213)
- pre-release 3.3.10 (#1187)
- bump markdownlint-cli2 from 0.21.0 to 0.22.0 in the npm-dependencies
group (#1175)
- bump the github-actions group with 3 updates (#1176)
- pre-release 3.3.1 (#1165)

---
*Managed automatically by pre-release workflow.*

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@hve-core-release-please hve-core-release-please Bot mentioned this pull request Apr 27, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@katriendg katriendg katriendg approved these changes

@auyidi1 auyidi1 auyidi1 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

4 participants

@bindsi @codecov-commenter @katriendg @auyidi1