Build runner test

[talklainerib]

Pull Request Readiness Checklist

See details at https://github.com/opencv/opencv/wiki/How_to_contribute#making-a-good-pull-request

• I agree to contribute to the project under Apache 2 License.
• To the best of my knowledge, the proposed patch is not based on a code under GPL or another license that is incompatible with OpenCV
• The PR is proposed to the proper branch
• There is a reference to the original bug report and related work
• There is accuracy test, performance test and test data in opencv_extra repository, if applicable
  Patch to opencv_extra has the same branch name.
• The feature is well documented and sample code can be built with the project CMake

[zozo123]

islo.dev — Score: 2.85/5.0 — Changes requested.

[zozo123]

🔴 Critical — Null context on schedule/workflow_dispatch runs: github.event.pull_request.user.login and github.head_ref both expand to empty string when the trigger is not pull_request. The checkout-and-merge action will receive empty author and source_branch inputs, causing it to silently check out the wrong ref or fail. Fix: wrap these steps with if: github.event_name == 'pull_request' or provide fallback expressions like ${{ github.event.pull_request.user.login || github.actor }}.

[zozo123]

🔴 Critical — ::error annotation syntax is wrong: echo "::error Warnings have been found!" will print plain text — it will not create a GitHub Actions error annotation. The correct syntax requires a second :: separator before the message. Fix: echo "::error::Warnings have been found!"

[zozo123]

🟠 Warning — Dead CCACHE_MAXSIZE env var: ccache was removed in a prior commit (fix: remove ccache) but CCACHE_MAXSIZE: "8G" remains. This is misleading — it suggests ccache is active when it isn't. Remove the env var.

[zozo123]

🟠 Warning — All 14 original CI jobs removed: Linux, Windows, ARM64, macOS, iOS, Android, TIM-VX, CUDA, OpenVINO, docs, and RISC-V jobs have all been deleted. If this is a permanent change to 4.x, OpenCV loses all cross-platform PR gating. If it's a temporary test branch, the PR description should state that explicitly and the target branch should be changed accordingly. The checklist item 'The PR is proposed to the proper branch' is currently unchecked.

[zozo123]

🟡 Suggestion — Pin container image by digest, not tag: The tag 20251127 is mutable and could be overwritten, silently changing the build environment. For reproducible and tamper-resistant builds use a SHA256 digest: quay.io/opencv-ci/opencv-ubuntu-24.04@sha256:<digest>.

[zozo123]

🟡 Suggestion — WARNINGS=1 collision loses source info: Both the opencv-only and opencv-contrib warning checks write WARNINGS=1 to $GITHUB_ENV. The final step fires on either, but you lose which build triggered it. Consider OPENCV_WARNINGS=1 and CONTRIB_WARNINGS=1 so logs and downstream steps can distinguish between the two.

[zozo123]

islo.dev Review: #5

Dimension	Score	Weight	Weighted
Correctness	2.5/5	25%	0.63
Security	3.5/5	20%	0.70
Performance	2.5/5	15%	0.38
Architecture	2.0/5	10%	0.20
Best Practices	2.5/5	10%	0.25
Test Coverage	1.5/5	10%	0.15
Product Completeness	2.5/5	5%	0.13
Cross-Repo Safety	3.5/5	5%	0.18
Overall		100%	2.62/5

Grade: D | Verdict: REQUEST_CHANGES

Summary

The CodeQL permissions fix in 4.x.yml is correct and clean. The PR-4.x.yaml rewrite remains a POC with two unresolved correctness bugs (null PR context on scheduled runs, broken ::error annotation syntax), a dead CCACHE_MAXSIZE env var left over from a reverted feature, and a 20-minute cron that will saturate the runner continuously. No fixes have been applied since the prior review.

Key Findings

#	Sev	File	Issue
1	🔴	PR-4.x.yaml:48	github.event.pull_request.* is null on schedule/workflow_dispatch — checkout-and-merge receives empty author + branch
2	🔴	PR-4.x.yaml:125	echo "::error Warnings..." missing second :: — not rendered as annotation
3	🟠	PR-4.x.yaml:8	*/20 * * * * cron fires faster than a 30–90 min build completes
4	🟠	PR-4.x.yaml:27	CCACHE_MAXSIZE: "8G" is dead (ccache was removed)
5	🟠	PR-4.x.yaml:16	All 14 original CI jobs removed without documented justification
6	🟡	PR-4.x.yaml:24	Container image pinned by mutable tag, not digest
7	🟡	PR-4.x.yaml:119	WARNINGS=1 used by both warning steps — loses source info

7 inline comments posted on specific lines above.

Changes Since Last Review

• Prior: 2.85/5 → Current: 2.62/5
• Fixed: none
• Still open: all 7 findings from prior review
• New: none (last commit predates prior review)

Risk

Factor	Level
Data loss	None
Security	Low (self-hosted runner exposure, mutable image tag)
Rollback	Easy (revert 2 files)
Blast radius	Single CI pipeline (but disables all cross-platform PR gating)

---

islo.dev PR Code Reviewer • sandbox: pr-opencv-5-claude-1774956948

[zozo123]

islo.dev — Score: 2.62/5 (Grade D)