( prAuthor: string, repositoryName: string, permission: string | null, )
| 198 | * Generate security notification message for blocked PR deployments |
| 199 | */ |
| 200 | export const getSecurityBlockedMessage = ( |
| 201 | prAuthor: string, |
| 202 | repositoryName: string, |
| 203 | permission: string | null, |
| 204 | ) => { |
| 205 | return `### 🚨 Preview Deployment Blocked - Security Protection |
| 206 | |
| 207 | **Your pull request was blocked from triggering preview deployments** |
| 208 | |
| 209 | #### Why was this blocked? |
| 210 | - **User**: \`${prAuthor}\` |
| 211 | - **Repository**: \`${repositoryName}\` |
| 212 | - **Permission Level**: \`${permission || "none"}\` |
| 213 | - **Required Level**: \`write\`, \`maintain\`, or \`admin\` |
| 214 | |
| 215 | #### How to resolve this: |
| 216 | |
| 217 | **Option 1: Get Collaborator Access (Recommended)** |
| 218 | Ask a repository maintainer to invite you as a collaborator with **write permissions** or higher. |
| 219 | |
| 220 | **Option 2: Request Permission Override** |
| 221 | Ask a repository administrator to disable security validation for this specific application if appropriate. |
| 222 | |
| 223 | #### For Repository Administrators: |
| 224 | To disable this security check (⚠️ **not recommended for public repositories**): |
| 225 | Enter to preview settings and disable the security check. |
| 226 | |
| 227 | --- |
| 228 | *This security measure protects against malicious code execution in preview deployments. Only trusted collaborators should have the ability to trigger deployments.* |
| 229 | |
| 230 | <details> |
| 231 | <summary>🛡️ Learn more about this security feature</summary> |
| 232 | |
| 233 | This protection prevents unauthorized users from: |
| 234 | - Executing malicious code on the deployment server |
| 235 | - Accessing environment variables and secrets |
| 236 | - Potentially compromising the infrastructure |
| 237 | |
| 238 | Preview deployments are powerful but require trust. Only users with repository write access can trigger them. |
| 239 | </details>`; |
| 240 | }; |
| 241 | |
| 242 | /** |
| 243 | * Check if a security notification comment already exists on a GitHub PR |
no outgoing calls
no test coverage detected