Skip to content

feat(commands): let a PR's own author use chat when rate limiting is active#5087

Merged
JSONbored merged 1 commit into
mainfrom
feat/chat-pr-author-rate-limited-access
Jul 11, 2026
Merged

feat(commands): let a PR's own author use chat when rate limiting is active#5087
JSONbored merged 1 commit into
mainfrom
feat/chat-pr-author-rate-limited-access

Conversation

@JSONbored

Copy link
Copy Markdown
Owner

Summary

  • Widens @gittensory chat's default authorization from maintainer/collaborator-only to also include pr_author -- scoped to a PR's own author asking about their own PR, never an arbitrary commenter on someone else's.
  • The grant is conditional on commandRateLimitPolicy being "hold" for the repo, enforced in evaluateCommandAuthorization (not just by operator convention): a pr_author match on chat only counts as authorized when rate limiting is actually active, so a deployment that hasn't turned on rate limiting stays exactly as conservative as today no matter what chat's configured roles say. This mirrors the existing chatQa/intentRouting OpenAPI field docs, which already document commandRateLimitPolicy: hold as a co-requisite -- this PR is the same pattern applied to authorization, not a new one.
  • The existing per-actor rate limiter (maybeThrottleGittensoryCommand) already fits this: keyed by (actor, command, repo#PR), not a shared bucket, and already applies the tighter AI-cost ceiling to chat.
  • Fixes normalizeCommandRoleList's clamp so a maintainer's .gittensory.yml restatement of chat's own default (now including pr_author) isn't silently mangled, while every other maintainer-only command (generate-tests, pause, etc.) is completely unaffected -- pr_author still cannot be added to them via override.
  • Mirrors the change into packages/gittensory-engine/src/settings/command-authorization.ts to keep test:engine-parity green.

Closes #5084

Test plan

  • npm run typecheck
  • Full unsharded npm run test:coverage (14366 passed, 0 failed; zero uncovered lines/branches in every touched file)
  • npm run command-reference:check / npm run docs:drift-check
  • New unit tests: the compound rate-limit gate (off/unset/hold, confirmed-miner-as-pr_author, non-author denial), the clamp fix (restating chat's own default survives; every other maintainer-only command is still clamped), the isAuthorizedCommandActor pass-through
  • New end-to-end tests in queue-5.test.ts: a real contributor (no maintainer/collaborator role) reaches chat on their own PR when commandRateLimitPolicy: hold is set, and is silently denied (matching every other unauthorized command) when it isn't

…active

@gittensory chat was maintainer/collaborator-only, silently denying the
PR's own author with no reply. Widens chat's default roles to include
pr_author, but gates the grant on commandRateLimitPolicy being "hold"
for the repo -- enforced in evaluateCommandAuthorization, not just by
operator convention, so a deployment that hasn't turned on rate
limiting never grants contributor chat access regardless of what
chat's configured roles say.

Also fixes normalizeCommandRoleList's clamp so a maintainer's yml
restatement of chat's own default (now including pr_author) isn't
silently mangled, while every other maintainer-only command is
unaffected.

Closes #5084
@superagent-security

Copy link
Copy Markdown
Contributor

Superagent didn't find any vulnerabilities or security issues in this PR.

@cloudflare-workers-and-pages

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
gittensory-ui 0dd36ee Commit Preview URL

Branch Preview URL
Jul 11 2026, 02:08 PM

@codecov

codecov Bot commented Jul 11, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.20%. Comparing base (0800f23) to head (0dd36ee).
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #5087   +/-   ##
=======================================
  Coverage   94.20%   94.20%           
=======================================
  Files         470      470           
  Lines       39722    39732   +10     
  Branches    14493    14497    +4     
=======================================
+ Hits        37421    37431   +10     
  Misses       1645     1645           
  Partials      656      656           
Flag Coverage Δ
shard-1 46.42% <57.14%> (+<0.01%) ⬆️
shard-2 33.86% <57.14%> (+0.27%) ⬆️
shard-3 32.27% <28.57%> (+0.93%) ⬆️
shard-4 31.83% <71.42%> (-0.98%) ⬇️
shard-5 33.54% <28.57%> (-0.01%) ⬇️
shard-6 44.89% <50.00%> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
...nsory-engine/src/settings/command-authorization.ts 100.00% <100.00%> (ø)
src/github/commands.ts 98.28% <ø> (ø)
src/queue/processors.ts 95.46% <ø> (ø)
src/settings/command-authorization.ts 100.00% <100.00%> (ø)
🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@JSONbored JSONbored self-assigned this Jul 11, 2026
@gittensory-orb gittensory-orb Bot added the gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier. label Jul 11, 2026
@JSONbored JSONbored merged commit 9b307d8 into main Jul 11, 2026
20 checks passed
@JSONbored JSONbored deleted the feat/chat-pr-author-rate-limited-access branch July 11, 2026 14:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Allow PR authors to use @gittensory chat when rate limiting is active

1 participant