Skip to content

GHA to prompt reviewers to think about dependency changes when backporting #37800

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 23, 2025
Merged

GHA to prompt reviewers to think about dependency changes when backporting #37800

merged 1 commit into from
Oct 23, 2025

Conversation

@SarahFrench
Copy link
Member

@SarahFrench SarahFrench commented Oct 22, 2025
edited
Loading

This GHA posts comments to PRs if a dependency change is going to be backported to a release branch.

If a PR has diffs detected in go.mod files (root and nested locations) and the PR has a label containing "backport" then this message will be posted to the PR:

Screenshot 2025-10-22 at 13 10 37

The comment will be removed if the PR is updated to:

  • Remove the backport label
  • Remove diffs in go.mod files

This automation is a way to deal with lack of fully-automated Mend scanning, see #37584

Target Release

N/A

Rollback Plan

  • If a change needs to be reverted, we will roll out an update to the code within 7 days.

Changes to Security Controls

Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.

CHANGELOG entry

  • This change is user-facing and I added a changelog entry.
  • This change is not user-facing.

@SarahFrench SarahFrench added the no-changelog-needed Add this to your PR if the change does not require a changelog entry label Oct 22, 2025
@SarahFrench SarahFrench marked this pull request as ready for review October 22, 2025 12:17
@SarahFrench SarahFrench requested a review from a team as a code owner October 22, 2025 12:17
@SarahFrench
Copy link
Member Author

SarahFrench commented Oct 22, 2025

Here's the check running on this PR: https://github.com/hashicorp/terraform/actions/runs/18715567800/job/53374010319?pr=37800

mildwonkey
mildwonkey approved these changes Oct 22, 2025
View reviewed changes
Copy link
Contributor

@mildwonkey mildwonkey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, this should help!

@SarahFrench
Copy link
Member Author

SarahFrench commented Oct 23, 2025

Thanks!

@SarahFrench SarahFrench merged commit 620264e into main Oct 23, 2025
16 of 17 checks passed
@SarahFrench SarahFrench deleted the sarah/gha-flag-backported-deps-change branch October 23, 2025 11:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mildwonkey mildwonkey mildwonkey approved these changes

Assignees

No one assigned

Labels

no-changelog-needed Add this to your PR if the change does not require a changelog entry

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@SarahFrench @mildwonkey