Skip to content

Commit 83ea30c

Browse files
authored
fix(codeowners): require admin review for nested .github paths (github-aws-runners#5164)
## Problem The CODEOWNERS rule for the `.github` directory currently is: ``` .github/* @github-aws-runners/terraform-aws-github-runner-admins ``` `.github/*` only matches files directly inside `.github/` (e.g. `.github/dependabot.yml`). It does **not** match nested paths such as `.github/workflows/update-docs.yml`, so workflow changes can be merged without admin approval — contrary to the intent of the rule. Concrete recent example: github-aws-runners#4808 modified `.github/workflows/update-docs.yml` and was approved/merged without going through the admins team, which introduced the bug fixed in github-aws-runners#5162. ## Fix Use the recursive glob `.github/**` so the admins team is required for any file under `.github/`, including subdirectories.
1 parent 79c869f commit 83ea30c

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

CODEOWNERS

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77
# admins
88
CODEOWNERS @github-aws-runners/terraform-aws-github-runner-admins
99
LICENSE* @github-aws-runners/terraform-aws-github-runner-admins
10-
.github/* @github-aws-runners/terraform-aws-github-runner-admins
10+
.github/** @github-aws-runners/terraform-aws-github-runner-admins
1111

1212
# maintainers - protect potential interface changes by maintainer team
1313
/*.* @github-aws-runners/terraform-aws-github-runner-maintainers

0 commit comments

Comments
 (0)