Skip to content

Add LFI exploit prevention support #4237

Add LFI exploit prevention support

Add LFI exploit prevention support #4237

name: Add milestone to pull requests
on:
pull_request:
types: [closed]
branches:
- master
- release/v*
jobs:
add_milestone_to_merged:
name: Add milestone to merged pull requests
permissions:
issues: write # Required to update a pull request using the issues API
pull-requests: write # Required to update the milestone of a pull request
if: github.event.pull_request.merged && github.event.pull_request.milestone == null
runs-on: ubuntu-latest
steps:
- name: Add milestone to merged pull requests
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # 7.0.1
with:
script: |
// Get project milestones
const response = await github.rest.issues.listMilestones({
owner: context.repo.owner,
repo: context.repo.repo,
state: 'open'
})
if (!response.data || response.data.length == 0) {
core.setFailed(`Failed to list milestones: ${response.status}`)
return
}
// Get the base branch
const base = '${{ github.event.pull_request.base.ref }}'
// Look for the matching milestone
let milestoneNumber = null
if (base == 'master') {
// Pick the milestone with the highest version as title using semver
milestoneNumber = response.data
.map(milestone => {
// Parse version title as semver "<major>.<minor>.<patch>"
const versionNumbers = milestone.title.match(/^(\d+)\.(\d+)\.(\d+)$/)
if (versionNumbers == null) {
return null
}
milestone.version = {
major: parseInt(versionNumbers[1]),
minor: parseInt(versionNumbers[2]),
patch: parseInt(versionNumbers[3])
}
return milestone
})
.filter(milestone => milestone != null)
.sort((a, b) => {
if (a.version.major != b.version.major) {
return a.version.major - b.version.major
}
if (a.version.minor != b.version.minor) {
return a.version.minor - b.version.minor
}
return a.version.patch - b.version.patch
})
.pop()?.number
} else if (base.startsWith('release/v') && base.endsWith('.x')) {
// Extract the minor version related to the base branch (e.g. "release/v1.2.x" -> "1.2.")
const version = base.substring(9, base.length - 1)
// Pick the milestone with title matching the extracted version
const versionMilestone = response.data
.find(milestone => milestone.title.startsWith(version))
if (!versionMilestone) {
core.setFailed(`Milestone not found for minor version: ${version}`)
} else {
milestoneNumber = versionMilestone.number
}
} else {
core.setFailed(`Unexpected pull request base: ${base}`)
}
// Update pull request milestone using the issues API (as pull requests are issues)
if (milestoneNumber != null) {
await github.rest.issues.update({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: ${{ github.event.pull_request.number }},
milestone: milestoneNumber
});
}