Add @cli/code-reviewers to all CODEOWNERS rules#13190
Conversation
This ensures that an approval from @cli/code-reviewers can satisfy the CODEOWNERS requirement for any path, not just the catch-all wildcard. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Updates CODEOWNERS so @cli/code-reviewers is listed on each specific rule, ensuring reviews from that team can satisfy CODEOWNERS requirements even when a more specific path rule overrides the global * entry.
Changes:
- Add
@cli/code-reviewersto the codespaces-owned paths. - Add
@cli/code-reviewersto Package Security–owned attestation/release-related paths and the attestation integration tests. - Add
@cli/code-reviewersto skills- and TUF-root-reviewer-owned paths.
Show a summary per file
| File | Description |
|---|---|
| .github/CODEOWNERS | Adds @cli/code-reviewers to all existing path-specific ownership rules so it remains a valid approver even when specific rules override the global wildcard. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 1/1 changed files
- Comments generated: 2
| pkg/cmd/codespace/ @cli/codespaces @cli/code-reviewers | ||
| internal/codespaces/ @cli/codespaces @cli/code-reviewers | ||
|
|
||
| # Limit Package Security team ownership to the attestation command package and related integration tests |
There was a problem hiding this comment.
The header comment says ownership is limited to the Package Security team, but the following rules now also include @cli/code-reviewers. Please update the comment to reflect the new intent (e.g., that either team can approve these paths).
| # Limit Package Security team ownership to the attestation command package and related integration tests | |
| # Limit ownership of the attestation command package and related integration tests to the Package Security team or @cli/code-reviewers |
| test/integration/attestation-cmd @cli/package-security @cli/code-reviewers | ||
|
|
||
| pkg/cmd/attestation/verification/embed/tuf-repo.github.com/ @cli/tuf-root-reviewers | ||
| pkg/cmd/attestation/verification/embed/tuf-repo.github.com/ @cli/tuf-root-reviewers @cli/code-reviewers |
There was a problem hiding this comment.
Adding @cli/code-reviewers to the TUF root repository embed path broadens who can approve changes in a security-sensitive area. If the intent is to keep this restricted to @cli/tuf-root-reviewers, consider omitting @cli/code-reviewers for this rule (or add an explicit note documenting the policy change).
| pkg/cmd/attestation/verification/embed/tuf-repo.github.com/ @cli/tuf-root-reviewers @cli/code-reviewers | |
| pkg/cmd/attestation/verification/embed/tuf-repo.github.com/ @cli/tuf-root-reviewers |
This ensures that an approval from
@cli/code-reviewerscan satisfy the CODEOWNERS requirement for any path, not just the catch-all wildcard rule.Previously, paths like
pkg/cmd/skills/orpkg/cmd/attestation/could only be approved by their specialist team. Now either the specialist team or@cli/code-reviewerscan approve.