feat: add AI co-author pattern check for PR and commits#783
Merged
Conversation
git commit的提交规范,不允许在gith commit当中包含ai agent相关的co-author Log:
Contributor
deepin pr auto review你好!我是CodeGeeX。我已仔细审查了你提供的 GitHub Actions 工作流( 这段代码的主要目的是在 CI 阶段拦截包含 AI 作为共同作者的 PR 描述和 Commit Message。这是一个有趣的需求,但在语法逻辑、代码质量、代码性能和代码安全方面都有可以改进和优化的空间。 以下是详细的审查意见和改进建议: 1. 语法与逻辑
2. 代码质量
3. 代码性能
4. 代码安全
🚀 改进后的代码综合以上建议,我为你重构了这部分 YAML 配置: @@ -12,5 +12,39 @@ jobs:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
+ - name: check PR description for AI co-author pattern
+ shell: bash
+ env:
+ # 1. 提取为环境变量复用;2. 优化正则,匹配常见的 AI 特征词(全小写匹配)
+ BLOCKED_PATTERN: 'co-authored-by:.*(<[^>]*(ai|agent|copilot|llm|gpt)[^>]*@[^>]*>|:\s*(ai|agent|copilot|llm|gpt)\b)'
+ PR_BODY: ${{ github.event.pull_request.body }} # 安全传递:作为环境变量传入避免代码注入
+ run: |
+ if [[ -n "${PR_BODY}" && "${PR_BODY,,}" =~ ${BLOCKED_PATTERN} ]]; then
+ echo "FAIL: PR description contains blocked co-author AI pattern." >&2
+ # 输出具体匹配内容帮助排查,但隐藏完整PR Body以防敏感信息泄露
+ echo "Matched line: ${BASH_REMATCH[0]}" >&2
+ exit 1
+ fi
+ echo "PASS: PR description does not contain blocked AI co-author pattern."
+
+ - name: check commit messages for AI co-author pattern
+ shell: bash
+ env:
+ BLOCKED_PATTERN: 'co-authored-by:.*(<[^>]*(ai|agent|copilot|llm|gpt)[^>]*@[^>]*>|:\s*(ai|agent|copilot|llm|gpt)\b)'
+ BASE_SHA: ${{ github.event.pull_request.base.sha }}
+ HEAD_SHA: ${{ github.event.pull_request.head.sha }}
+ run: |
+ # 使用 git log 获取 Co-authored-by trailer,减少不必要的数据扫描
+ COMMIT_MSGS=$(git log --format='%b' "${BASE_SHA}..${HEAD_SHA}" 2>/dev/null)
+
+ # 检查 git 命令是否成功执行,如果失败则报错退出,防止安全检查被绕过
+ if [[ $? -ne 0 ]]; then
+ echo "ERROR: Failed to retrieve commit messages." >&2
+ exit 1
+ fi
+
+ if [[ -n "${COMMIT_MSGS}" && "${COMMIT_MSGS,,}" =~ ${BLOCKED_PATTERN} ]]; then
+ echo "FAIL: Commit messages contain blocked co-author AI pattern." >&2
+ echo "Matched line: ${BASH_REMATCH[0]}" >&2
+ exit 1
+ fi
+ echo "PASS: Commit messages do not contain blocked AI co-author pattern."
+
- name: Call Conventional Commits Checker
uses: linuxdeepin/action-conventionalcommits-checker@master💡 核心改进点解释:
|
BLumia
approved these changes
May 14, 2026
Contributor
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: BLumia, hudeng-go The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
git commit的提交规范,不允许在gith commit当中包含ai agent相关的co-author