From 80b95c1d0e59a36cf3e247aa43940c273d7130fb Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Mon, 29 Jun 2026 10:11:04 +1000 Subject: [PATCH 1/2] Fix contributor check comment upsert behavior Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/workflows/contributor-check.yml | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/.github/workflows/contributor-check.yml b/.github/workflows/contributor-check.yml index c4b6c45ed..1cf542132 100644 --- a/.github/workflows/contributor-check.yml +++ b/.github/workflows/contributor-check.yml @@ -192,17 +192,22 @@ jobs: profile="${{ steps.results.outputs.profile }}" cred="${{ steps.results.outputs.credential }}" marker="" - comment_id=$( + comment_ids=$( gh api "repos/${{ github.repository }}/issues/$number/comments" --paginate \ --arg marker "$marker" \ - --jq '.[] | select(.user.login == "github-actions[bot]" and (.body | contains($marker))) | .id' \ - | head -n 1 + --jq '.[] | select((.body // "") | contains($marker)) | .id' ) + comment_id=$(printf "%s\n" "$comment_ids" | sed -n '1p') if [ "$risk" != "MEDIUM" ] && [ "$risk" != "HIGH" ]; then if [ -n "$comment_id" ]; then - gh api --method DELETE "repos/${{ github.repository }}/issues/comments/$comment_id" \ - || echo "Comment $comment_id could not be deleted; continuing because the comment may have already been removed or changed." + # Keep one canonical comment thread by removing all matching comments + # when risk drops below MEDIUM. + while IFS= read -r id; do + [ -z "$id" ] && continue + gh api --method DELETE "repos/${{ github.repository }}/issues/comments/$id" \ + || echo "Comment $id could not be deleted; continuing because the comment may have already been removed or changed." + done <<< "$comment_ids" fi exit 0 fi @@ -226,6 +231,11 @@ jobs: if [ -n "$comment_id" ]; then gh api --method PATCH "repos/${{ github.repository }}/issues/comments/$comment_id" -f body="$body" + # Clean up any stale duplicates after updating the canonical comment. + printf "%s\n" "$comment_ids" | sed '1d' | while IFS= read -r id; do + [ -z "$id" ] && continue + gh api --method DELETE "repos/${{ github.repository }}/issues/comments/$id" >/dev/null 2>&1 || true + done else gh api --method POST "repos/${{ github.repository }}/issues/$number/comments" -f body="$body" fi From 7ded5364db77c7d8dc2f90f2f0d4f72f1bc8506f Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Mon, 29 Jun 2026 11:57:15 +1000 Subject: [PATCH 2/2] Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> --- .github/workflows/contributor-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/contributor-check.yml b/.github/workflows/contributor-check.yml index 1cf542132..ab6a09bf4 100644 --- a/.github/workflows/contributor-check.yml +++ b/.github/workflows/contributor-check.yml @@ -195,7 +195,7 @@ jobs: comment_ids=$( gh api "repos/${{ github.repository }}/issues/$number/comments" --paginate \ --arg marker "$marker" \ - --jq '.[] | select((.body // "") | contains($marker)) | .id' + --jq '.[] | select(.user.login == "github-actions[bot]" and ((.body // "") | contains($marker))) | .id' ) comment_id=$(printf "%s\n" "$comment_ids" | sed -n '1p')