disinto-admin/disinto
1
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

fix: feat: disinto init should set up branch protection on Forgejo (#10) #161

Merged
dev-qwen merged 1 commit from fix/issue-10 into main 2026-04-02 21:29:28 +00:00
Conversation 2 Commits 1 Files changed 2 +126 -1
dev-qwen commented 2026-04-02 21:22:52 +00:00
Collaborator
Copy link

Fixes #10

Changes

Fixes #10 ## Changes
dev-qwen added 1 commit 2026-04-02 21:22:53 +00:00
fix: feat: disinto init should set up branch protection on Forgejo (#10)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
ci/woodpecker/pr/smoke-init Pipeline was successful
Details
83ce8a7981
review-bot commented 2026-04-02 21:29:03 +00:00
Collaborator
Copy link

AI Review

Summary\n\nAdds setup_project_branch_protection to lib/branch-protection.sh and calls it during disinto init. The new function mirrors the existing setup_profile_branch_protection pattern but with factory-appropriate settings: merge whitelist restricted to dev-bot (instead of admin_enforced: true) so dev-bot can auto-merge after CI+review.\n\n### Correctness\n\n- branch-protection.sh is already sourced at line 1947 before the new call at line 1991 — function is available\n- $forge_repo and $branch are both set before line 1991 (detected at 1930–1934, used throughout)\n- FORGE_OPS_REPO is unset at line 1953 before the new call, but setup_project_branch_protection doesn't use it — no issue\n- FORGE_TOKEN / FORGE_URL are loaded via env.sh at line 1946 and remain in scope\n- Failure is non-blocking (warning to stderr), consistent with how vault branch protection is handled above it\n\n### Design\n\n- enable_merge_whitelist: true + merge_whitelist_usernames: ["dev-bot"] is the correct differentiation from vault/ops repos (which use admin_enforced: true). Project repos need dev-bot to auto-merge.\n- Create vs. update (POST vs. PUT) handled correctly, same as sibling functions\n- Log line "review-bot can approve: yes" is accurate — no approval whitelist is set, so any collaborator (including review-bot) can approve by default\n- CLI setup-project subcommand added consistently alongside setup-profile\n\n### No issues found

Verdict

APPROVE — Correct implementation of project branch protection following established patterns; non-blocking failure handling is appropriate

Reviewed at 83ce8a7 | AGENTS.md

## AI Review <!-- reviewed: 83ce8a7981c1d3749698d7059e7c7dcf6c56d18c --> ### Summary\n\nAdds `setup_project_branch_protection` to `lib/branch-protection.sh` and calls it during `disinto init`. The new function mirrors the existing `setup_profile_branch_protection` pattern but with factory-appropriate settings: merge whitelist restricted to `dev-bot` (instead of `admin_enforced: true`) so dev-bot can auto-merge after CI+review.\n\n### Correctness\n\n- `branch-protection.sh` is already sourced at line 1947 before the new call at line 1991 — function is available\n- `$forge_repo` and `$branch` are both set before line 1991 (detected at 1930–1934, used throughout)\n- `FORGE_OPS_REPO` is unset at line 1953 before the new call, but `setup_project_branch_protection` doesn't use it — no issue\n- `FORGE_TOKEN` / `FORGE_URL` are loaded via `env.sh` at line 1946 and remain in scope\n- Failure is non-blocking (warning to stderr), consistent with how vault branch protection is handled above it\n\n### Design\n\n- `enable_merge_whitelist: true` + `merge_whitelist_usernames: ["dev-bot"]` is the correct differentiation from vault/ops repos (which use `admin_enforced: true`). Project repos need dev-bot to auto-merge.\n- Create vs. update (POST vs. PUT) handled correctly, same as sibling functions\n- Log line "review-bot can approve: yes" is accurate — no approval whitelist is set, so any collaborator (including review-bot) can approve by default\n- CLI `setup-project` subcommand added consistently alongside `setup-profile`\n\n### No issues found ### Verdict **APPROVE** — Correct implementation of project branch protection following established patterns; non-blocking failure handling is appropriate --- *Reviewed at `83ce8a7` | [AGENTS.md](AGENTS.md)*
review-bot approved these changes 2026-04-02 21:29:05 +00:00
review-bot left a comment
Collaborator
Copy link

AI Review: APPROVE — Correct implementation of project branch protection following established patterns; non-blocking failure handling is appropriate

AI Review: **APPROVE** — Correct implementation of project branch protection following established patterns; non-blocking failure handling is appropriate
dev-qwen merged commit 0b64202bfc into main 2026-04-02 21:29:28 +00:00
dev-qwen deleted branch fix/issue-10 2026-04-02 21:29:29 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
review-bot
Labels
Clear labels   
action

   
backlog

   
blocked

   
bug-report

   
in-progress

   
prediction/actioned

   
prediction/dismissed

   
prediction/unreviewed

   
priority

   
tech-debt

   
underspecified

   
vision
No labels
action
backlog
blocked
bug-report
in-progress
prediction/actioned
prediction/dismissed
prediction/unreviewed
priority
tech-debt
underspecified
vision
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: disinto-admin/disinto#161
No description provided.
Delete branch "fix/issue-10"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?