Normalize PR and commit author names to lowercase

Ensure PR and commit authors are checked in lowercase for authorization.
2025-11-22 01:11:02 +02:00 · 2025-11-22 01:11:02 +02:00 · 34b2e2a78a
parent b98bd0bb79
commit 34b2e2a78a
1 changed files with 10 additions and 4 deletions
--- a/.github/workflows/restrict-pr-authors.yaml
+++ b/.github/workflows/restrict-pr-authors.yaml
@ -40,24 +40,26 @@ jobs:
        with:
          github-token: ${{ secrets.PR_CLOSE_TOKEN }}
          script: |
+            // List of allowed users (all lowercase)
            const allowed = [
              "expsa",
              "moutazmuhammad",
              "ronozoro",
-              "Abubaker-Altaib",
+              "abubaker-altaib",
              "altexp",
              "the5abir",
              "ahmadaking",
              "kchyounes19",
              "abdurrahman-saber"
-            ];
+            ].map(u => u.toLowerCase());

            const pr = context.payload.pull_request;
-            const prAuthor = pr.user.login;
+            const prAuthor = pr.user.login.toLowerCase();
            const owner = context.repo.owner;
            const repo = context.repo.repo;

            core.info(`PR author: ${prAuthor}`);
+            core.info(`Allowed users: ${allowed.join(", ")}`);

            // Check PR author
            if (!allowed.includes(prAuthor)) {
@ -79,7 +81,11 @@ jobs:
            });

            for (const commit of commitList.data) {
-              const commitAuthor = commit.author ? commit.author.login : null;
+              const commitAuthor = commit.author ? commit.author.login.toLowerCase() : null;
+
+              if (!commit.author) {
+                core.warning(`Commit ${commit.sha} has no GitHub-linked author.`);
+              }

              if (commitAuthor && !allowed.includes(commitAuthor)) {
                core.error(`Unauthorized commit author: ${commitAuthor}. Closing PR...`);