fsst: regression test for i32 offset overflow in fsst_compress #1681

	name: PR Approval Check

	on:
	pull_request_review:
	types: [submitted, dismissed]
	pull_request:
	branches:
	- "develop"

	jobs:
	check-approvals:
	runs-on: ubuntu-latest
	timeout-minutes: 10
	steps:
	- name: Check required approvals
	uses: actions/github-script@450193c5abd4cdb17ba9f3ffcfe8f635c4bb6c2a
	with:
	script: \|
	const pr = context.payload.pull_request;
	const reviews = await github.rest.pulls.listReviews({
	owner: context.repo.owner,
	repo: context.repo.repo,
	pull_number: pr.number,
	});

	// Determine if PR author is a bot/GitHub Actions
	const authorType = pr.user.type; // 'Bot' vs 'User'
	const authorLogin = pr.user.login; // e.g. 'github-actions[bot]'
	const isBot = authorType === 'Bot' \|\| authorLogin.endsWith('[bot]');
	const oneApprovalBotAuthors = new Set(['renovate[bot]']);

	// Count unique approvals, including bot approvals.
	const latestByUser = {};
	for (const review of reviews.data) {
	latestByUser[review.user.login] = review.state;
	}
	const approvalCount = Object.values(latestByUser)
	.filter(state => state === 'APPROVED').length;

	const required = isBot && !oneApprovalBotAuthors.has(authorLogin) ? 2 : 1;

	console.log(`PR author: ${authorLogin} (${authorType}), isBot: ${isBot}`);
	console.log(`One-approval bot allowlist: ${oneApprovalBotAuthors.has(authorLogin)}`);
	console.log(`Approvals: ${approvalCount} / ${required} required`);

	if (isBot && (approvalCount < required)) {
	core.setFailed(
	`This PR needs ${required} approval(s) but has ${approvalCount}. ` +
	`(Author is ${isBot ? 'a bot' : 'human'})`
	);
	}

Provide feedback