chore(ci): make vendored-file-warning a failing check

[jdx]

Summary

• Replace the PR-comment step in vendored-file-warning.yml with a plain failing status check, dropping the need for MISE_PR_COMMENT_TOKEN and pull_request_target.
• Switch the skip condition from github.actor to github.event.pull_request.user.login so re-triggers from bots like autofix-ci on release PRs (opened by mise-en-dev) don't run the job.

Both fix the failing check seen on #9463, where autofix-ci[bot] re-triggered the workflow on a release PR and the comment step then errored with Resource not accessible by personal access token (addComment).

Test plan

• Verify this PR's own checks pass (vendored-file-warning should not trigger — no aqua-registry files are touched).
• On the next aqua-registry sync PR opened by mise-en-dev, confirm the workflow is skipped.
• On a contributor PR that edits crates/aqua-registry/aqua-registry/**, confirm the check fails with the explanatory log message.

🤖 Generated with Claude Code

---

Note

Low Risk
CI-only workflow change with no production code impact; main risk is unintended job triggering/skipping due to the updated event and allowlist condition.

Overview
Switches the vendored-file-warning workflow from pull_request_target to pull_request and replaces the PR-commenting behavior (and required token) with a simple failing check that prints guidance when vendored crates/aqua-registry/aqua-registry/** files are modified.

Updates the skip condition to key off github.event.pull_request.user.login (instead of github.actor) so bot re-runs don’t bypass the intended allowlist for jdx/mise-en-dev.

^{Reviewed by Cursor Bugbot for commit a4446d1. Bugbot is set up for automated code reviews on this repo. Configure here.}

[gemini-code-assist]

Note

Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported.

[greptile-apps]

Greptile Summary

This PR simplifies vendored-file-warning.yml by switching from pull_request_target (with a token-authenticated PR comment) to a plain pull_request trigger that just prints a message and exits with code 1. It also fixes the bot re-trigger problem by checking github.event.pull_request.user.login (PR author) rather than github.actor (workflow triggerer).

Confidence Score: 5/5

Safe to merge — the change is a pure CI simplification with no production code impact.

Single CI workflow file change with clear, correct logic. The switch from pull_request_target to pull_request is a security improvement (removes elevated token access), the skip-condition fix correctly targets the PR author, and the exit 1 approach is a simpler and more reliable replacement for the commented PR step. No issues found.

No files require special attention.

Important Files Changed

Filename	Overview
.github/workflows/vendored-file-warning.yml	Replaces pull_request_target + PR comment step with a simpler pull_request trigger + exit 1; fixes bot re-trigger issue by switching skip condition from github.actor to github.event.pull_request.user.login

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[pull_request event fires\npath: crates/aqua-registry/**] --> B{PR author is 'jdx'\nor 'mise-en-dev'?}
    B -- Yes --> C[Job skipped ✅\ne.g. release PRs by mise-en-dev\nor autofix-ci re-triggers]
    B -- No --> D[Run: Fail on vendored file changes]
    D --> E[cat explanatory message\nto workflow log]
    E --> F[exit 1 → Check fails ❌\nContributor sees message in CI]

Loading

_{Reviews (1): Last reviewed commit: "chore(ci): fail vendored-file-warning in..." | Re-trigger Greptile}

[github-actions]

Hyperfine Performance

mise x -- echo

Command	Mean [ms]	Min [ms]	Max [ms]	Relative
mise-2026.4.25 x -- echo	27.7 ± 2.0	23.8	44.3	1.00
mise x -- echo	28.8 ± 3.1	24.4	66.5	1.04 ± 0.13

mise env

Command	Mean [ms]	Min [ms]	Max [ms]	Relative
mise-2026.4.25 env	27.3 ± 1.8	23.2	39.1	1.00
mise env	28.1 ± 1.9	23.8	40.5	1.03 ± 0.10

mise hook-env

Command	Mean [ms]	Min [ms]	Max [ms]	Relative
mise-2026.4.25 hook-env	27.8 ± 1.7	24.0	43.4	1.00
mise hook-env	28.5 ± 1.8	24.4	45.2	1.03 ± 0.09

mise ls

Command	Mean [ms]	Min [ms]	Max [ms]	Relative
mise-2026.4.25 ls	28.0 ± 1.8	24.4	39.3	1.00
mise ls	29.1 ± 1.9	24.8	41.0	1.04 ± 0.09

xtasks/test/perf

Command	mise-2026.4.25	mise	Variance
install (cached)	173ms	177ms	-2%
ls (cached)	93ms	92ms	+1%
bin-paths (cached)	93ms	96ms	-3%
task-ls (cached)	825ms	834ms	-1%