Skip to content

[l10n/automation] Advisory source-string diff comment on PRs#942

Open
Chaitanya-Keyal wants to merge 1 commit into
SeedSigner:devfrom
Chaitanya-Keyal:l10n/advisory
Open

[l10n/automation] Advisory source-string diff comment on PRs#942
Chaitanya-Keyal wants to merge 1 commit into
SeedSigner:devfrom
Chaitanya-Keyal:l10n/advisory

Conversation

@Chaitanya-Keyal

@Chaitanya-Keyal Chaitanya-Keyal commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

Note

One of the l10n source-string automation PRs (#940, #941, #942, #943, #944). It uses the schema and tools from #940 and #941. It needs no bot fork, secrets, or configuration: these workflows run in this repo on the built-in GITHUB_TOKEN.

Description

Problem or Issue being addressed

There is no automated way to see what source strings a PR adds, removes, or changes. Reviewers either skip translation impact entirely or manually diff catalogs.

Solution

Adds the two-workflow advisory comment pipeline:

  • l10n-pot-diff.yml -- triggers on pull_request (the untrusted path, no secrets). It regenerates the catalog from the base branch and the PR head separately, calls pot_diff.py to build a review manifest, and uploads it as a workflow artifact. Running untrusted PR code here is safe because the job has only contents: read and no secrets to leak.
  • l10n-pot-comment.yml -- triggers on workflow_run (the trusted path, default-branch code only). It downloads the artifact, validates it via validate_manifest.py (schema plus trust anchors), renders the comment via render_comment.py, and upserts a single advisory comment per PR. The workflow_run trigger guarantees this job always runs the code from the default branch, never the PR, so the write-capable GITHUB_TOKEN is never in the untrusted execution context (pwn-request-safe split).

Both jobs are SHA-pinned, use persist-credentials: false, run with minimal permissions, and have a timeout-minutes: 10 guard.

Additional Information

Demo PR: Chaitanya-Keyal#2


This pull request is categorized as a:

  • Other (l10n automation)

Checklist

I ran pytest locally

  • N/A

(No Python code is added here; the unit tests for the code these workflows invoke are in #940 and #941.)


I included screenshots of any new or modified screens

  • Yes (Demo PR link included)

I added or updated tests

  • N/A

(The workflows are validated end-to-end on a fork; there are no unit-testable parts in this PR.)


I tested this PR hands-on on the following platform(s):

  • Github Actions

I have reviewed these notes:

  • Keep your changes limited in scope.
  • If you uncover other issues or improvements along the way, ideally submit those as a separate PR.
  • The more complicated the PR, the harder it is to review, test, and merge.
  • We appreciate your efforts, but we're a small team of volunteers so PR review can be a very slow process.
  • Please only "@" mention a contributor if their input is truly needed to enable further progress.
  • I understand

Adds the read-only producer and the trusted follow-up consumer:
- l10n-pot-diff.yml runs on pull_request with no secrets and a read-only
  token; it extracts the catalog from the base and the PR-head source,
  diffs them, and uploads a schema-constrained manifest artifact.
- l10n-pot-comment.yml runs on workflow_run from default-branch code; it
  validates the manifest (schema + repository/head-SHA trust anchors, with
  an authoritative PR-number to head-SHA binding) and maintains a single
  advisory comment.

Depends on the contract, diff engine, renderer, and validator changes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: Summer of Bitcoin

Development

Successfully merging this pull request may close these issues.

1 participant