Fail restricted-paths guard on collaborator API errors

Treat 404 responses from the collaborator permission API as the expected
non-collaborator case, but fail the workflow for any other API error so
restricted-paths review labels are not added based on an unknown result.

Made-with: Cursor

Author: rwgk

.github/workflows/restricted-paths-guard.yml

@@ -39,14 +39,8 @@ jobs:
         run: |
           set -euo pipefail
 
-          # Query the collaborator permission API to get the author's actual
-          # permission level. This is authoritative regardless of whether the
-          # PR originates from a fork or a branch in the main repo.
-          # Returns: admin, maintain, write, triage, read, or none.
-          COLLABORATOR_PERMISSION=$(
-            gh api "repos/$REPO/collaborators/$PR_AUTHOR/permission" \
-              --jq '.permission' 2>/dev/null || echo "none"
-          )
+          COLLABORATOR_PERMISSION="not checked"
+          COLLABORATOR_PERMISSION_API_ERROR=""
 
           if ! MATCHING_RESTRICTED_PATHS=$(
             gh api \
@@ -112,19 +106,56 @@ jobs:
             echo '```'
           }
 
+          write_collaborator_permission_api_error() {
+            echo "- **Collaborator permission API error**:"
+            echo '```text'
+            printf '%s\n' "$COLLABORATOR_PERMISSION_API_ERROR"
+            echo '```'
+          }
+
           HAS_TRUSTED_SIGNAL=false
           LABEL_ACTION="not needed (no restricted paths)"
           TRUSTED_SIGNALS="(none)"
 
           if [ "$TOUCHES_RESTRICTED_PATHS" = "true" ]; then
+            # Distinguish a legitimate 404 "not a collaborator" response from
+            # actual API failures. The former is an expected untrusted case;
+            # the latter fails the workflow so it can be rerun later.
+            if COLLABORATOR_PERMISSION_RESPONSE=$(
+              gh api "repos/$REPO/collaborators/$PR_AUTHOR/permission" \
+                --jq '.permission' 2>&1
+            ); then
+              COLLABORATOR_PERMISSION="$COLLABORATOR_PERMISSION_RESPONSE"
+            elif [[ "$COLLABORATOR_PERMISSION_RESPONSE" == *"(HTTP 404)"* ]]; then
+              COLLABORATOR_PERMISSION="none"
+            else
+              COLLABORATOR_PERMISSION="unknown"
+              COLLABORATOR_PERMISSION_API_ERROR="$COLLABORATOR_PERMISSION_RESPONSE"
+              echo "::error::Failed to inspect collaborator permission for $PR_AUTHOR."
+              {
+                echo "## Restricted Paths Guard Failed"
+                echo ""
+                echo "- **Error**: Failed to inspect collaborator permission."
+                echo "- **Author**: $PR_AUTHOR"
+                echo "- **Collaborator permission**: $COLLABORATOR_PERMISSION"
+                echo ""
+                write_matching_restricted_paths
+                echo ""
+                write_collaborator_permission_api_error
+                echo ""
+                echo "Please retry this workflow. If the failure persists, inspect the collaborator permission API error above."
+              } >> "$GITHUB_STEP_SUMMARY"
+              exit 1
+            fi
+
             case "$COLLABORATOR_PERMISSION" in
               admin|maintain|write)
                 HAS_TRUSTED_SIGNAL=true
                 LABEL_ACTION="not needed (collaborator permission is a trusted signal)"
                 TRUSTED_SIGNALS="collaborator_permission:$COLLABORATOR_PERMISSION"
                 ;;
               *)
-                # triage, read, none, or API error: not a trusted signal
+                # triage, read, or none: not a trusted signal
                 ;;
             esac
           fi