Problem
The security-committer-identity check fails on legitimate committer mismatches with no way to allowlist known-safe patterns. Common scenarios:
| Scenario |
PR Author |
Last Committer |
Result |
| Bot cherry-pick |
my-app[bot] |
org identity |
❌ Mismatch |
| Pre-commit CI auto-fix |
human user |
pre-commit-ci[bot] |
❌ Mismatch |
Both are expected behavior in automated workflows, but the check flags them as security concerns.
Proposed Solution
Add a trusted-committers list under security-checks. Any committer in this list passes the identity check regardless of PR author:
security-checks:
trusted-committers:
- "pre-commit-ci[bot]"
- "MyOrg"
- "my-app[bot]"
When last_committer is in trusted-committers, the check passes with a message like:
✅ Committer pre-commit-ci[bot] is in the trusted-committers allowlist.
When last_committer is NOT in the list, the existing mismatch logic applies unchanged.
Affected Code
webhook_server/libs/handlers/runner_handler.py — run_security_committer_identity()
webhook_server/config/schema.yaml — new trusted-committers property under security-checks
Done
Problem
The
security-committer-identitycheck fails on legitimate committer mismatches with no way to allowlist known-safe patterns. Common scenarios:my-app[bot]pre-commit-ci[bot]Both are expected behavior in automated workflows, but the check flags them as security concerns.
Proposed Solution
Add a
trusted-committerslist undersecurity-checks. Any committer in this list passes the identity check regardless of PR author:When
last_committeris intrusted-committers, the check passes with a message like:When
last_committeris NOT in the list, the existing mismatch logic applies unchanged.Affected Code
webhook_server/libs/handlers/runner_handler.py—run_security_committer_identity()webhook_server/config/schema.yaml— newtrusted-committersproperty undersecurity-checksDone
trusted-committersto schema undersecurity-checks(array of strings)run_security_committer_identity()to check allowlist before failing on mismatch