chore: remove global allowlist file in Librarian config#13191
chore: remove global allowlist file in Librarian config#13191jskeet merged 1 commit intogoogleapis:mainfrom
Conversation
This will unblock releases for libraries other than the root module. This is a temporary workaround for googleapis/librarian#2627
Summary of ChangesHello @jskeet, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request implements a temporary adjustment to the Librarian configuration by commenting out the global file allowlist for Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
The pull request removes the global allowlist file in the Librarian configuration to unblock releases for libraries other than the root module. This is a temporary workaround for issue #2627. I have identified one critical issue related to the commenting out of the global_files_allowlist section.
| # global_files_allowlist: | ||
| # - path: "CHANGES.md" | ||
| # permissions: "read-write" |
There was a problem hiding this comment.
Commenting out the global_files_allowlist without a clear plan for re-enabling it or a more robust solution poses a critical risk. This could lead to unintended consequences in the release process, such as allowing files that should be restricted. Ensure there's a well-defined strategy for addressing this issue and preventing potential security or operational problems. Consider adding a temporary solution instead of commenting out the whole section.
For example, you could add a condition that checks if the current module is the root module, and only then apply the allowlist.
# global_files_allowlist:
# - path: "CHANGES.md"
# permissions: "read-write"
# The following block is a temporary workaround to allow non-root modules to be released
# while librarian expects CHANGES.md to be present for all releases. See
# https://github.com/googleapis/librarian/issues/2627 for details.
# if module_is_root:
# global_files_allowlist:
# - path: "CHANGES.md"
# permissions: "read-write"
|
Running |
2 participants
This will unblock releases for libraries other than the root module. This is a temporary workaround for
googleapis/librarian#2627