github.com/google/osv-scalibr@v0.4.1/.github/workflows/prp-issue-workflow.yml (about) 1 name: prp-issue-workflow 2 on: 3 issues: 4 types: [labeled] 5 jobs: 6 on-request-post-welcome: 7 if: github.event.label.name == 'PRP:Request' 8 runs-on: ubuntu-latest 9 permissions: 10 issues: write 11 env: 12 GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} 13 GH_REPO: ${{ github.repository }} 14 GH_OWNER: ${{ github.repository_owner }} 15 GH_REPO_NAME: ${{ github.event.repository.name }} 16 NUMBER: ${{ github.event.issue.number }} 17 AUTHOR: ${{ github.event.issue.user.login }} 18 steps: 19 - name: Post comment 20 run: gh issue comment "$NUMBER" --body "$BODY" 21 env: 22 BODY: | 23 Welcome to the OSV-SCALIBR patch reward program! 24 Your issue has been added to our triage queue. 25 Note that due to capacity issues and a restructuring to the PRP rules, 26 we are pausing evalutations of new PRP submissions for the next 1-2 months. 27 We apologize for the invoncenience and thank you for your patience. 28 Please, do not start the work until the panel has resumed the evaluations 29 and reached a decision. Although we always welcome contributions, unapproved 30 work is not eligible for a reward. 31 *~The OSV-SCALIBR PRP team* 32 - name: Assign to author 33 continue-on-error: true 34 run: gh issue edit "$NUMBER" --add-assignee "$AUTHOR" 35 on-accepted-post-doc: 36 if: github.event.label.name == 'PRP:Accepted' 37 runs-on: ubuntu-latest 38 permissions: 39 issues: write 40 env: 41 GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} 42 GH_REPO: ${{ github.repository }} 43 NUMBER: ${{ github.event.issue.number }} 44 AUTHOR: ${{ github.event.issue.user.login }} 45 steps: 46 - name: Post comment 47 run: gh issue comment "$NUMBER" --body "$BODY" 48 env: 49 BODY: | 50 Congratulations, your request has been approved! 🎉 51 This means that you can start working on this contribution. 52 ❗ Please take a moment to fill the [participation form](https://bughunters.google.com/report/tsunami) 53 If you are unsure where to start, we have compiled a set of 54 useful guides in our documentation: 55 * [Writing a new vulnerability detector plugin](https://github.com/google/osv-scalibr/blob/main/docs/new_detector.md) 56 * [Writing a new inventory extraction plugin](https://github.com/google/osv-scalibr/blob/main/docs/new_extractor.md) 57 * [Main directory for secret detectors](https://github.com/google/osv-scalibr/tree/main/veles) - More detailed docs will be available soon! 58 * [General style guide](https://github.com/google/osv-scalibr/blob/main/docs/style_guide.md) 59 60 *~The OSV-SCALIBR PRP team* 61 on-queue-post-explanation: 62 if: github.event.label.name == 'Contributor queue' 63 runs-on: ubuntu-latest 64 permissions: 65 issues: write 66 env: 67 GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} 68 GH_REPO: ${{ github.repository }} 69 NUMBER: ${{ github.event.issue.number }} 70 AUTHOR: ${{ github.event.issue.user.login }} 71 steps: 72 - name: Post comment 73 run: gh issue comment "$NUMBER" --body "$BODY" 74 env: 75 BODY: | 76 This issue has been put in your contributor queue. This usually 77 means that you already are working on a contribution and the 78 panel is waiting for your other contributions to be fully 79 merged. 80 An issue in your queue is not pre-approved. Any issue that is 81 not explicitely approved by the panel will not be eligible for 82 a reward. 83 Unless there is an emergency, an issue in your queue cannot be 84 claimed by another contributor. 85 *~The OSV-SCALIBR PRP team*