RFR: 673: PR author should be able to use /reviewers command [v3]
Kevin Rushforth
kcr at openjdk.java.net
Tue Sep 15 15:09:20 UTC 2020
On Tue, 15 Sep 2020 13:32:01 GMT, Erik Helin <ehelin at openjdk.org> wrote:
>> bots/pr/src/main/java/org/openjdk/skara/bots/pr/ReviewersCommand.java line 111:
>>
>>> 109: }
>>> 110:
>>> 111: if (pr.author().equals(command.user()) && !censusInstance.isReviewer(command.user())) {
>>
>> Maybe simplify this to just `! isReviewer`? Including the test for `is author` doesn't really add value (removing it
>> seems to better reflect the intent and might be safer / more future proof).
>
> No, we don't want people who are _not_ the PR author and who are _not_ Reviewers to be able to increase the required
> number of reviewers. Allowing that makes it possible to harass pull request by e.g. registering a spam account and just
> drop a bunch `/reviewers 9` in a number of PRs.
I agree, but that isn't related to this block (your concern is a good one and is handled by the previous block). By
adding the `author &&` to `!reviewer` it makes this less restrictive not more. In any case, it doesn't matter...at
least not given the prior test.
-------------
PR: https://git.openjdk.java.net/skara/pull/820
More information about the skara-dev
mailing list