From 599cfcf1b324cfcc4b2353900d66c9e15d19efc4 Mon Sep 17 00:00:00 2001 From: dmystical-coder Date: Sat, 30 May 2026 13:44:44 +0100 Subject: [PATCH] ci: disable auto-review.yml workflow (closes #404) The auto-review workflow auto-merges PRs scored confidence>=0.7 by an LLM using `gh pr merge --admin`, bypassing branch protection. This is how PR #399 landed in a non-compiling state (#400, #401, #402). Beyond the --admin bypass, the file has multiple structural problems that cannot be patched without a full rewrite: - System prompt is configured to "APPROVE almost everything" with explicit instructions to ignore missing tests, no error handling, hardcoded values, etc. This framing is incompatible with a smart-contract project that custodies funds. - Runs on `pull_request_target` with `contents: write` permissions, a known supply-chain risk surface. - System prompt still references "Lernza, a hackathon project" (leftover from another repo) and merge commits inject `Co-authored-by: Dopey ` on every auto-merge. - `actions/checkout@v6` is unpinned (tag, not SHA). This commit renames the file to `auto-review.yml.disabled` so GitHub Actions stops loading it. The file is preserved in the tree (not deleted) for reference if a future advisory bot is designed from scratch with safer foundations. CI (`ci.yml`) is unaffected. PR review is now fully human-driven. Closes #404 --- .github/workflows/{auto-review.yml => auto-review.yml.disabled} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{auto-review.yml => auto-review.yml.disabled} (100%) diff --git a/.github/workflows/auto-review.yml b/.github/workflows/auto-review.yml.disabled similarity index 100% rename from .github/workflows/auto-review.yml rename to .github/workflows/auto-review.yml.disabled