From 4ce6e63592c285a9e6877ae1d9c7d078770214d5 Mon Sep 17 00:00:00 2001 From: Stan Ulbrych Date: Fri, 15 May 2026 18:14:34 +0100 Subject: [PATCH 1/2] Add more close triggers --- src/psrt_ghsa_bot/app.py | 15 ++++++++++++--- tests/test_app.py | 6 +++++- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/src/psrt_ghsa_bot/app.py b/src/psrt_ghsa_bot/app.py index d860e71..808e3e4 100644 --- a/src/psrt_ghsa_bot/app.py +++ b/src/psrt_ghsa_bot/app.py @@ -22,6 +22,16 @@ PSRT_GITHUB_TEAM_ORG = "python" PSRT_GITHUB_TEAM_SLUG = "psrt" +COMPLETION_TAGS = ( + "CLOSE", + "CLOSED", + "COMPLETE", + "COMPLETED", + "NOTPLANNED", + "INVALID", + "DUPLICATE", + "FIXED", +) def load_psrt_members_from_devguide() -> set[str]: @@ -148,10 +158,9 @@ def apply_to_repo( print(f" 📋 Processing {ghsa_id} (state: {state})") - # If the summary contains '[CLOSE]', '[CLOSED]', '[COMPLETE]', - # or '[COMPLETED]' then we can close the ticket. + # If the summary contains a completion tag then we can close the ticket. summary = security_advisory.get("summary", "") - if re.search(r"\[(?:CLOSED?|COMPLETED?)\]", summary.upper()) is not None: + if re.search(rf"\[(?:{"|".join(COMPLETION_TAGS)})\]", summary.upper()) is not None: github.rest.security_advisories.update_repository_advisory( owner=owner, repo=repo, diff --git a/tests/test_app.py b/tests/test_app.py index 4c444fe..a3cff6d 100644 --- a/tests/test_app.py +++ b/tests/test_app.py @@ -205,9 +205,13 @@ def test_create_private_fork() -> None: "[COMPLETE] some boring security thing", "fix soemthing in datetime module [COMPLETED]", "blah blah [closed] lowercase blah", + "[NOTPLANNED] no fix planned", + "[INVALID] some annoying spam", + "[DUPLICATE] we've seen this one before", + "[FIXED] already fixed", ], ) -def test_closes_advisory_with_close_or_complete_tag(summary) -> None: +def test_closes_advisory_with_completion_tag(summary) -> None: security_advisory = _create_advisory_dict("triage", None, [], summary=summary) github = mock.Mock() From 8cedc283d4981c9cfacb94a2ae42e31dfbfcfc38 Mon Sep 17 00:00:00 2001 From: Stan Ulbrych Date: Sat, 23 May 2026 09:56:57 +0100 Subject: [PATCH 2/2] Lint + remove 'Fixed' --- src/psrt_ghsa_bot/app.py | 3 +-- tests/test_app.py | 1 - 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/src/psrt_ghsa_bot/app.py b/src/psrt_ghsa_bot/app.py index 808e3e4..bef35cd 100644 --- a/src/psrt_ghsa_bot/app.py +++ b/src/psrt_ghsa_bot/app.py @@ -30,7 +30,6 @@ "NOTPLANNED", "INVALID", "DUPLICATE", - "FIXED", ) @@ -160,7 +159,7 @@ def apply_to_repo( # If the summary contains a completion tag then we can close the ticket. summary = security_advisory.get("summary", "") - if re.search(rf"\[(?:{"|".join(COMPLETION_TAGS)})\]", summary.upper()) is not None: + if re.search(rf"\[(?:{'|'.join(COMPLETION_TAGS)})\]", summary.upper()) is not None: github.rest.security_advisories.update_repository_advisory( owner=owner, repo=repo, diff --git a/tests/test_app.py b/tests/test_app.py index a3cff6d..b77a300 100644 --- a/tests/test_app.py +++ b/tests/test_app.py @@ -208,7 +208,6 @@ def test_create_private_fork() -> None: "[NOTPLANNED] no fix planned", "[INVALID] some annoying spam", "[DUPLICATE] we've seen this one before", - "[FIXED] already fixed", ], ) def test_closes_advisory_with_completion_tag(summary) -> None: