From e6575579f9365df9b525b522539aa3f72d8bb967 Mon Sep 17 00:00:00 2001 From: Othman Shahrouri Date: Sun, 11 Jan 2026 20:36:36 +0300 Subject: [PATCH 1/4] Remove unwanted comment --- CD starter project/ContentView.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CD starter project/ContentView.swift b/CD starter project/ContentView.swift index 4f17114..440525e 100644 --- a/CD starter project/ContentView.swift +++ b/CD starter project/ContentView.swift @@ -18,7 +18,7 @@ struct ContentView: View { [.one, .two, .three, .add], [.zero, .decimal, .equals] ] - // + var body: some View { GeometryReader { geometry in ZStack { From 8ab3eb4d5860cefd75aeb571ed745df09aea62a4 Mon Sep 17 00:00:00 2001 From: Othman Shahrouri Date: Fri, 16 Jan 2026 17:39:24 +0300 Subject: [PATCH 2/4] remove some comments from tests --- CD starter projectTests/CD_starter_projectTests.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CD starter projectTests/CD_starter_projectTests.swift b/CD starter projectTests/CD_starter_projectTests.swift index acde99b..48fbb82 100644 --- a/CD starter projectTests/CD_starter_projectTests.swift +++ b/CD starter projectTests/CD_starter_projectTests.swift @@ -40,7 +40,7 @@ final class CDStarterProjectTests: XCTestCase { viewModel.tapOperation(.multiply) viewModel.tapNumber("4") viewModel.tapEquals() - // (2 + 3) * 4 = 20 + XCTAssertEqual(viewModel.formattedDisplay, "20") } From f04bec78237f6659e5f0d4f4dcf11e805f733c96 Mon Sep 17 00:00:00 2001 From: Othman Shahrouri Date: Sun, 25 Jan 2026 19:26:40 +0300 Subject: [PATCH 3/4] Restrict /build command to repo owner, members, and collaborators Uses GitHub's built-in author_association field in the job condition. Only OWNER, MEMBER, or COLLABORATOR can trigger builds. Unauthorized users see the workflow silently skip (no reaction). --- .github/workflows/build-on-comment.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-on-comment.yml b/.github/workflows/build-on-comment.yml index 9cad5b4..e29c5af 100644 --- a/.github/workflows/build-on-comment.yml +++ b/.github/workflows/build-on-comment.yml @@ -18,7 +18,10 @@ permissions: jobs: build-comment: - if: github.event.issue.pull_request != null && contains(github.event.comment.body, '/build') + if: | + github.event.issue.pull_request != null && + contains(github.event.comment.body, '/build') && + contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) runs-on: macos-15 steps: - name: React to build start From aaa88cb58bfa0d51c4b75d91c2c8fb1087bbba79 Mon Sep 17 00:00:00 2001 From: Othman Shahrouri Date: Sun, 25 Jan 2026 19:46:01 +0300 Subject: [PATCH 4/4] Restrict /build to owner, members, and collaborators Use explicit equality checks for author_association in job condition. Only OWNER, MEMBER, or COLLABORATOR can trigger builds. --- .github/workflows/build-on-comment.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-on-comment.yml b/.github/workflows/build-on-comment.yml index 45f2c4f..4910f95 100644 --- a/.github/workflows/build-on-comment.yml +++ b/.github/workflows/build-on-comment.yml @@ -18,10 +18,14 @@ permissions: jobs: build-comment: - if: | + if: >- github.event.issue.pull_request != null && contains(github.event.comment.body, '/build') && - contains(fromJSON('["OWNER", "MEMBER", "COLLABORATOR"]'), github.event.comment.author_association) + ( + github.event.comment.author_association == 'OWNER' || + github.event.comment.author_association == 'MEMBER' || + github.event.comment.author_association == 'COLLABORATOR' + ) runs-on: macos-15 steps: - name: Check user permissions