diff options
| author | Yuriy Andamasov <yuriy@vyos.io> | 2026-05-13 09:03:03 +0300 |
|---|---|---|
| committer | Yuriy Andamasov <yuriy@vyos.io> | 2026-05-13 09:03:03 +0300 |
| commit | 5edeb78a84a4cf266df93cb7e914a56e3fb401c0 (patch) | |
| tree | a3d4112de32ee0623478deda534caa24a53855c8 | |
| parent | 788cfae0097b493e8688f1c0a3eb493e895cb719 (diff) | |
| download | coderabbit-5edeb78a84a4cf266df93cb7e914a56e3fb401c0.tar.gz coderabbit-5edeb78a84a4cf266df93cb7e914a56e3fb401c0.zip | |
T8764: allow non-org-member chat + expand bot ignore list
Two changes against the org-wide CodeRabbit baseline, motivated by
fleet-wide noise from bot-authored PRs and chat lockouts on the public
side:
1. `chat.allow_non_org_members: false` → `true`. The `vyos` org is
public-facing OSS; external contributors routinely open PRs and the
previous setting blocked them from using `@coderabbitai` commands on
their own PRs. This does not change auto-review eligibility — review
skip rules remain governed by `reviews.auto_review`.
2. `reviews.auto_review.ignore_usernames` extended from `[mergify[bot]]`
to the full bot list of `mergify`, `mergify[bot]`, `netlify`,
`netlify[bot]`, `claude`, `claude[bot]`. Both the bare login and the
`[bot]` suffix are listed because GitHub Apps use the `[bot]` form
while service or human accounts may share the bare name; exact-match
semantics per the schema mean listing both is required to cover
every variant.
Net effect on per-repo `.coderabbit.yaml` files: a per-repo override that
listed the same bots becomes redundant after this merges. Repos that
need to chat-restrict (e.g. private commercial repos) can still set
`chat.allow_non_org_members: false` at the repo level since
inheritance is per-field.
Advances: IS-430
| -rw-r--r-- | .coderabbit.yaml | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/.coderabbit.yaml b/.coderabbit.yaml index 84aa3b9..82842db 100644 --- a/.coderabbit.yaml +++ b/.coderabbit.yaml @@ -53,10 +53,18 @@ reviews: # `@coderabbitai review` still works if a human asks for one. The list # targets bots that open mechanical PRs whose content was already # reviewed upstream (e.g. Mergify cherry-picks the merge commit of an - # already-reviewed source PR, so re-reviewing the backport adds no - # signal and burns rate limit). + # already-reviewed source PR; Netlify and Claude bots either deploy + # or post code that's reviewed elsewhere) — re-reviewing the port + # adds no signal and burns rate limit. Both the bare login and the + # `[bot]` suffix are listed because GitHub Apps use the `[bot]` + # form, while service/human accounts may share the bare name. ignore_usernames: + - "mergify" - "mergify[bot]" + - "netlify" + - "netlify[bot]" + - "claude" + - "claude[bot]" path_filters: - "!**/*.lock" @@ -122,9 +130,13 @@ reviews: chat: auto_reply: true - # Lifted from Org-UI Web dashboard (2026-05-12). Restricts CodeRabbit - # chat to org members; non-members receive a deny message. - allow_non_org_members: false + # Allow non-organization members to interact with CodeRabbit in comment + # chat. The vyos org hosts public OSS repos where external contributors + # routinely open PRs; restricting chat to org members blocks them from + # using CodeRabbit's `@coderabbitai` commands on their own PRs. Does + # NOT affect auto-review eligibility — that's governed by + # `reviews.auto_review` (drafts, ignore_usernames, base_branches). + allow_non_org_members: true integrations: jira: { usage: disabled } linear: { usage: disabled } |
