Skip to content

Commit 17c0f27

Browse files
github-actions[bot]Copilot
github-actions[bot]
and
Copilot
committed
Add null guard for PrInfo in Checkout-GhAwPr.ps1
Prevents silent fork check bypass when gh returns empty/malformed JSON — $null.isFork evaluates to $false in PowerShell, which would let the fork check pass incorrectly. Note: ready_for_review cannot be added to pull_request_target types yet — gh-aw compiler doesn't include it in the allowed type list. Filed as a known gap. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1 parent 00af259 commit 17c0f27

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

.github/scripts/Checkout-GhAwPr.ps1

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,11 @@ if ($LASTEXITCODE -ne 0) {
5050
exit 1
5151
}
5252

53+
if (-not $PrInfo -or -not $PrInfo.author) {
54+
Write-Host "❌ PR #$PrNumber returned empty or malformed metadata"
55+
exit 1
56+
}
57+
5358
if ($PrInfo.isFork) {
5459
Write-Host "⏭️ PR #$PrNumber is from a fork. workflow_dispatch does not check out fork PRs."
5560
Write-Host " Fork PRs are evaluated automatically via pull_request_target."

0 commit comments

Comments
 (0)