ci: detect Spam pull requests in GitHub Actions #5480
Conversation
This adds a GitHub Action that for the new contributors checks if the PR has a meaningful description and doesn't contain the default text. Otherwise, they are detected as spam and are closed.
3aaade9 to
b86d271
Compare
|
This is remarkably petty but it's "rationale" not "rational". |
|
Hey @aminya, thanks for the PR. We I have been discussing this in #5449 and the consensus is we don't want an action for this if we can avoid it. We are still working on a few more important things for the project and will loop back around in that issue when we are ready. I just don't want you wasting your own time in this until we decide if an action is the right way to go. |
There was a problem hiding this comment.
This should work, actually. But we need a much bigger pull request template. One that both keeps necessary stuff (like a few mandated headings) and removes unnecessary stuff (like a comment in between that says it should be removed, and headings kept, or the PR could be closed). That way, someone who removes the entire template with a "Select All" would be caught because the headings would be missing.
@wesleytodd After fixing, couldn't we merge this in temporarily to auto-close spam PRs, and even encourage legit PRs to have detailed descriptions? We can always revert it later, if it causes problems, doesn't solve the issue, or we find a better solution.
|
@ADTC I stand by my comment above. We have a few more important things we will be discussing in tomorrows TC meeting and after we sort that out we can start addressing these more directly. |
|
How about restricting README PRs to core maintainers only? |
I went through the spam PRs trying to determine a pattern. It's not always the same file. The misled students can pick any file at random. Most of the time, the commit made from GitHub interface is left in with the default subject line. But not always. Most of the time, it's one commit. But not always. The point is, we have to be careful how we identify spam to cover as much of it as possible, with as little false positives as possible. |
| owner: context.repo.owner, | ||
| repo: context.repo.repo, | ||
| issue_number: pull_request.number, | ||
| body: "Closing this PR because it does not follow the contribution guidelines.", |
There was a problem hiding this comment.
You probably want to elaborate this a bit more by providing helpful links.
There was a problem hiding this comment.
When they ignore the clear short message in the template, I am not sure adding more information helps
There was a problem hiding this comment.
This closing comment is fine. You don't need to add any links. Anyone worth their salt will know how to look up Contribution Guidelines in GitHub.
I'd suggest a longer PR template instead. One that really requires a person to read through the template and fill it out properly.
|
I would suggest separating the script from the workflow and creating an action to make the code more maintainable. Something like this: https://github.com/animesh-chouhan/github-spamstop/blob/main/index.js Also the pull_request_template can be made more extensive if we are adopting it: https://github.com/animesh-chouhan/github-spamstop/blob/main/.github/pull_request_template.md |
|
Closing as we've decided not go to go this direction, see #5449 (comment) |
This adds a GitHub Action that for the new contributors checks if the PR has a meaningful description and doesn't contain the default text. Otherwise, they are detected as spam and are closed.