Skip to content

fix(merge): grant statuses:read for the legacy commit-status rollup#27

Merged
bitwise-fast-forward-merge[bot] merged 1 commit into
bitwise-media-group:mainfrom
dmccaffery:fix/statuses-permission
Jun 29, 2026
Merged

fix(merge): grant statuses:read for the legacy commit-status rollup#27
bitwise-fast-forward-merge[bot] merged 1 commit into
bitwise-media-group:mainfrom
dmccaffery:fix/statuses-permission

Conversation

@dmccaffery

Copy link
Copy Markdown
Collaborator

ff-merge's getChecks reads the head commit's status rollup from BOTH the Checks API (checks.listForRef) and the legacy commit-status API (repos.listCommitStatusesForRef). The earlier fix granted checks:read but not statuses:read, so once a token finally minted, gating 403'd on GET /commits/{ref}/statuses ("Resource not accessible by integration").

Add permission-statuses: read alongside permission-checks: read in every ff-merge token mint (all five jobs in merge.yaml plus dependabot-merge.yaml) and update the scope comments. The self-* callers inherit this via uses:.

Requires the BitWise Fast-Forward Merge App to also be granted Commit statuses: Read-only, with the org installation approving the new scope.

ff-merge's getChecks reads the head commit's status rollup from BOTH the
Checks API (checks.listForRef) and the legacy commit-status API
(repos.listCommitStatusesForRef). The earlier fix granted checks:read but
not statuses:read, so once a token finally minted, gating 403'd on
GET /commits/{ref}/statuses ("Resource not accessible by integration").

Add permission-statuses: read alongside permission-checks: read in every
ff-merge token mint (all five jobs in merge.yaml plus dependabot-merge.yaml)
and update the scope comments. The self-* callers inherit this via uses:.

Requires the BitWise Fast-Forward Merge App to also be granted
Commit statuses: Read-only, with the org installation approving the new scope.

Signed-off-by: Deavon M. McCaffery <dmccaffery@users.noreply.github.com>
@github-actions

Copy link
Copy Markdown
Contributor

Note

Merging this PR: this repository merges by fast-forward so every
commit keeps its original signature. The GitHub merge button is not used.
Once this PR is approved and all checks pass, a maintainer merges it by
commenting /merge on the PR.

The branch must be up to date with main (rebased and re-signed) to
fast-forward. If /merge reports it is not fast-forwardable, rebase onto
main and comment /merge again.

@dmccaffery

Copy link
Copy Markdown
Collaborator Author

/auto-merge

@bitwise-fast-forward-merge bitwise-fast-forward-merge Bot added the auto-merge Fast-forward this PR once it is approved and all required checks pass label Jun 29, 2026
@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Note

Auto-merge armed. Once this PR is approved and every required check
passes, it will be fast-forwarded into the base branch automatically,
preserving every commit signature.

Remove the auto-merge label to cancel. If the branch is not
fast-forwardable, rebase onto the base branch and re-sign — CI re-runs
and the merge retries.

@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Cannot /merge this PR yet:

  • review decision is REVIEW_REQUIRED, need APPROVED
  • checks not passing: analyze / Analyze (actions) (pending), ci / lint (pending)

@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Cannot /merge this PR yet:

  • review decision is REVIEW_REQUIRED, need APPROVED
  • checks not passing: analyze / Analyze (actions) (pending)

@bitwise-fast-forward-merge

Copy link
Copy Markdown
Contributor

Fast-forwarded main to 3bbf3b31dda9 — original signature preserved, no re-sign.

@bitwise-fast-forward-merge bitwise-fast-forward-merge Bot merged commit 3bbf3b3 into bitwise-media-group:main Jun 29, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

auto-merge Fast-forward this PR once it is approved and all required checks pass

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants