From 0cc643b73d7b8b7bffc1948de61100edd663767f Mon Sep 17 00:00:00 2001 From: josh Date: Mon, 9 Feb 2026 10:27:45 +0000 Subject: [PATCH] fix: replace users config with role-based auth --- .github/scripts/validate.ts | 1 - .github/tigent.yml | 8 -------- app/api/webhook/feedback.ts | 5 ++--- app/api/webhook/triage.ts | 2 -- app/docs/config/page.tsx | 27 --------------------------- app/docs/feedback/page.tsx | 5 ++--- 6 files changed, 4 insertions(+), 44 deletions(-) diff --git a/.github/scripts/validate.ts b/.github/scripts/validate.ts index 37bf8e4..a05e367 100644 --- a/.github/scripts/validate.ts +++ b/.github/scripts/validate.ts @@ -6,7 +6,6 @@ const schema = z.object({ confidence: z.number().min(0).max(1).optional(), model: z.string().optional(), prompt: z.string().optional(), - users: z.array(z.string()).optional(), }); const configpath = '.github/tigent.yml'; diff --git a/.github/tigent.yml b/.github/tigent.yml index 9602696..f0857e3 100644 --- a/.github/tigent.yml +++ b/.github/tigent.yml @@ -1,13 +1,5 @@ confidence: 0.6 -users: - - gr2m - - dancer - - aayush-kapoor - - lgrammel - - nicoalbanese - - felixarntz - prompt: | this bot labels issues and prs for the vercel ai sdk monorepo. the ai sdk provides a unified api for working with large language models across providers. diff --git a/app/api/webhook/feedback.ts b/app/api/webhook/feedback.ts index 28bb64e..b3d7356 100644 --- a/app/api/webhook/feedback.ts +++ b/app/api/webhook/feedback.ts @@ -40,10 +40,9 @@ rules: export async function handlecomment(gh: Gh, config: Config, payload: any) { const comment = payload.comment; const body: string = comment.body?.trim() || ''; - const username: string = comment.user?.login || ''; + const association: string = comment.author_association || ''; - if (!config.users.some(u => u.toLowerCase() === username.toLowerCase())) - return; + if (!['OWNER', 'MEMBER', 'COLLABORATOR'].includes(association)) return; if (!body.toLowerCase().startsWith('@tigent')) return; await reactcomment(gh, comment.id); diff --git a/app/api/webhook/triage.ts b/app/api/webhook/triage.ts index a39f989..9a1a49b 100644 --- a/app/api/webhook/triage.ts +++ b/app/api/webhook/triage.ts @@ -13,7 +13,6 @@ export interface Config { confidence: number; model: string; prompt: string; - users: string[]; } export interface Label { @@ -25,7 +24,6 @@ export const defaultconfig: Config = { confidence: 0.6, model: 'openai/gpt-5-nano', prompt: '', - users: [], }; export async function getconfig(gh: Gh): Promise { diff --git a/app/docs/config/page.tsx b/app/docs/config/page.tsx index 2fd805b..4db9afd 100644 --- a/app/docs/config/page.tsx +++ b/app/docs/config/page.tsx @@ -94,37 +94,10 @@ export default function Config() { -
-
-
-

- users -

-

- List of GitHub usernames allowed to use feedback commands (@tigent - why, @tigent wrong). Only users in this list can interact with - Tigent. If no users are configured, feedback commands are - disabled. -

- {`users: - - gr2m - - aayush-kapoor - - dancer`} -
-
-
-

A complete config file:

{`confidence: 0.7 -users: - - gr2m - - aayush-kapoor - prompt: | crashes and errors are always bug. feature requests get feature, not enhancement.`} diff --git a/app/docs/feedback/page.tsx b/app/docs/feedback/page.tsx index 6ddcde0..ea951a0 100644 --- a/app/docs/feedback/page.tsx +++ b/app/docs/feedback/page.tsx @@ -75,9 +75,8 @@ prompt: |

- Only users listed in the users config can use feedback commands. - Comments from other users are ignored. If no users are configured, - feedback commands are disabled. + Only repository owners, members, and collaborators can use feedback + commands. Comments from other users are ignored.