fix: prevent bot reviews from blocking /merge-pr#263
Merged
Conversation
- Add fallback --admin merge when bot review dismissal fails - Distinguish bot vs human reviewers in CHANGES_REQUESTED handler - Disable CodeRabbit request_changes_workflow to prevent blocking https://claude.ai/code/session_01CCLF7f32dWYYE1UXRL3S46
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (1)
📝 WalkthroughWalkthroughAdds fallback admin-merge and refined bot-vs-human CHANGES_REQUESTED handling to the Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant CodeRabbit
participant GitHubAPI
participant GHCLI
User->>CodeRabbit: /merge-pr
CodeRabbit->>GitHubAPI: fetch PR state & reviews
alt dismissal attempt required
CodeRabbit->>GitHubAPI: dismiss stale trusted-bot review(s)
GitHubAPI-->>CodeRabbit: dismissal success
CodeRabbit->>GHCLI: gh pr merge ...
GHCLI-->>CodeRabbit: merge success/failure
else dismissal fails
CodeRabbit->>GitHubAPI: re-check pre-flight (OPEN, release label, checks, mergeStateStatus)
CodeRabbit->>GitHubAPI: fetch all reviews -> classify as trusted-bot vs human
alt only trusted-bots requested changes && pre-flight passes
CodeRabbit->>GHCLI: gh pr merge ... --admin
GHCLI-->>CodeRabbit: merge success/failure
alt admin merge fails
CodeRabbit->>User: instruct manual bot-review dismissal in GitHub UI + re-run /merge-pr
end
else human reviewers present
CodeRabbit->>User: list human CHANGES_REQUESTED feedback, instruct fixes + re-run
end
end
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Ensure the --admin merge fallback requires re-verifying all other pre-flight checks pass first, and update the failure handler to acknowledge the fallback exists for bot-only blockers. https://claude.ai/code/session_01CCLF7f32dWYYE1UXRL3S46
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.claude/commands/merge-pr.md:
- Around line 29-30: The admin-merge fallback weakens the guard by only checking
mergeStateStatus != DIRTY; tighten the admin path in the merge logic so it
enforces the same pre-flight checks as normal merges except it may bypass a
single bot CHANGES_REQUESTED review: require the standard allowlist of passing
status checks, release label, PR state, and that any CHANGES_REQUESTED reviews
are only from trusted bot identities before running gh pr merge --repo ...
--admin; update the conditional that currently checks mergeStateStatus to
instead validate the full pre-flight allowlist and verify all non-bot reviewers
have not requested changes.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
Run ID: 8cdae546-95f9-4225-8593-ab2533337119
📒 Files selected for processing (1)
.claude/commands/merge-pr.md
Address CodeRabbit review: the admin-merge fallback previously only checked mergeStateStatus != DIRTY, which is weaker than the standard pre-flight allowlist. Now explicitly requires PR OPEN, release label, passing non-bot status checks, and mergeStateStatus in CLEAN/HAS_HOOKS/ UNSTABLE — matching step 2 exactly. https://claude.ai/code/session_01CCLF7f32dWYYE1UXRL3S46
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.claude/commands/merge-pr.md:
- Line 30: The sentence about the remaining blocker is ambiguous; update the
text to allow multiple bot reviews by changing "the **only** remaining blocker
is trusted-bot `CHANGES_REQUESTED`" to a plural phrasing such as "the **only**
remaining blockers are trusted-bot `CHANGES_REQUESTED` reviews (no human
`CHANGES_REQUESTED`, no other blocking condition)" so it's clear that multiple
bot `CHANGES_REQUESTED` reviews are permitted when performing `gh pr merge
--repo bd73-com/fetchthechange --squash --delete-branch --admin`.
- Around line 29-30: Add an explicit verification step before the --admin bypass
instruction: ensure the script/documentation instructs to fetch all PR reviews
(re-use the "auto-resolve" reviews data if present) and verify that zero human
reviewers have state "CHANGES_REQUESTED" by filtering reviewers against the
trusted-bot allowlist referenced in the doc; place this bullet immediately
before the line that allows using `--admin` so the check is enforced before
attempting `gh pr merge --repo ... --admin`.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
Run ID: c799eb47-4847-41c7-938a-1634ca8341d5
📒 Files selected for processing (1)
.claude/commands/merge-pr.md
Address remaining CodeRabbit feedback: add an explicit step to verify zero human reviewers have CHANGES_REQUESTED before --admin bypass, and pluralize "blocker" to clarify multiple bot reviews are permitted. https://claude.ai/code/session_01CCLF7f32dWYYE1UXRL3S46
bd73-com
dismissed stale reviews from coderabbitai[bot] and coderabbitai[bot]
Dismissing stale bot review — fixes were pushed in subsequent commits.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
--adminmerge path when bot review dismissal fails (step 7 in merge-pr skill)CHANGES_REQUESTEDfailure handler to distinguish bot vs human reviewersrequest_changes_workflowso it leaves comments instead of requesting changes, preventing it from blocking mergesTest plan
/merge-pron a PR with a stale CodeRabbit review — verify it attempts dismissal, then falls back to--adminmerge/merge-pron a PR with a humanCHANGES_REQUESTEDreview — verify it lists comments and asks user to address themCHANGES_REQUESTEDreviews on new PRshttps://claude.ai/code/session_01CCLF7f32dWYYE1UXRL3S46
Summary by CodeRabbit
Bug Fixes
New Features
Chores