Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/main' into bugbountyDemo
Browse files Browse the repository at this point in the history
  • Loading branch information
Advaitgaur004 committed Oct 25, 2024
2 parents b1cf7ed + db01d3a commit 34685f9
Show file tree
Hide file tree
Showing 3 changed files with 117 additions and 2 deletions.
56 changes: 56 additions & 0 deletions .github/workflows/bugbounty-label.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
name: Bug Bounty PR Labeling

on:
pull_request:
types: [opened, synchronize, closed]

jobs:
check_issue_and_add_bugbounty:
if: github.event.pull_request.merged == false
runs-on: ubuntu-latest
steps:
- name: Check for 'bugbounty' label on related issue
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const issueNumber = context.payload.pull_request.body.match(/#(\d+)/);
if (!issueNumber) return;
const issue = await github.rest.issues.get({
owner: 'devlup-labs',
repo: 'dev-playground',
issue_number: issueNumber[1],
});
if (issue.data.labels.some(label => label.name.toLowerCase() === 'bugbounty')) {
await github.rest.issues.addLabels({
owner: 'devlup-labs',
repo: 'dev-playground',
issue_number: context.payload.pull_request.number,
labels: ['bugbounty'],
});
}
add_bugbountyverified_on_merge:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
steps:
- name: Check if issue has 'bugbounty' label before adding 'bugbountyverified'
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const issueNumber = context.payload.pull_request.body.match(/#(\d+)/);
if (!issueNumber) return;
const issue = await github.rest.issues.get({
owner: 'devlup-labs',
repo: 'dev-playground',
issue_number: issueNumber[1],
});
if (issue.data.labels.some(label => label.name.toLowerCase() === 'bugbounty')) {
await github.rest.issues.addLabels({
owner: 'devlup-labs',
repo: 'dev-playground',
issue_number: context.payload.pull_request.number,
labels: ['bugbountyverified'],
});
}
60 changes: 60 additions & 0 deletions .github/workflows/prevent-bugbounty-label.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,60 @@
name: Prevent Manual 'bugbounty' and Handle Bug Bounty Verification

on:
pull_request:
types: [labeled, unlabeled, opened, synchronize, closed]

jobs:
remove_invalid_labels:
if: github.event.pull_request.merged == false
runs-on: ubuntu-latest
steps:
- name: Remove 'bugbounty' and 'bugbountyverified' if manually added
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const restrictedLabels = ['bugbounty', 'bugbountyverified'];
const labelsToRemove = context.payload.pull_request.labels
.filter(label => restrictedLabels.map(l => l.toLowerCase()).includes(label.name.toLowerCase()));
if (labelsToRemove.length > 0) {
await Promise.all(labelsToRemove.map(label =>
github.rest.issues.removeLabel({
owner: 'devlup-labs',
repo: 'dev-playground',
issue_number: context.payload.pull_request.number,
name: label.name,
})
));
}
add_bugbountyverified_on_merge:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
steps:
- name: Check issue and add 'bugbountyverified' on merge if no 'bugbounty' label on issue
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const issueNumber = context.payload.pull_request.body.match(/#(\d+)/);
if (!issueNumber) return; // No issue referenced in the PR body
const issue = await github.rest.issues.get({
owner: 'devlup-labs',
repo: 'dev-playground',
issue_number: issueNumber[1],
});
// Check if the issue has the 'bugbounty' label
if (issue.data.labels.some(label => label.name.toLowerCase() === 'bugbounty')) {
await github.rest.issues.addLabels({
owner: 'devlup-labs',
repo: 'dev-playground',
issue_number: context.payload.pull_request.number,
labels: ['bugbountyverified'],
});
} else {
console.log('Issue has "bugbounty" label, skipping "bugbountyverified" addition.');
}
3 changes: 1 addition & 2 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -5,5 +5,4 @@ yarn-error.log
.DS_Store
dist/
build/
coverage/
*.log
*.log

0 comments on commit 34685f9

Please sign in to comment.