feat: implement two-person reviewed check #492
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Reference #439 closed PR.
Rules for this check:
This Graphql API is implemented in this check.
Exception for this check is required to be defined:
Both the requirements listed are specified in SLSA requirement.
However, consider efficiency and achievability, the check will not consider these two exception in this moment.
[First-parent history] is required to check the commit as an unit, instead of the pull request as an unit. This will take more time to scan each repository.
[Historical cutoff] the definition is not clear, and fetching the attestation is impossible.
Some situations of the pull request when user provided commit-sha:
The check will consider the commit only instead of the entire pr. For example, the pr has been approved, then one user merged the target commit into the main branch. This merge is not further approved. The check will consider this commit has not been approved yet.
The design rule based on the situation: