expose push: restricted to users (#828)

* expose push: restricted to users

the action runtime already understood `disabled | restricted | enabled`
for `push` (see action/external.ts, action/mcp/git.ts); the DB enum, the
zod schema, the React settings UI, and the action.yml input docs lagged
behind. catches all four up. UI surfaces a 2-state toggle (restricted
↔ enabled) in the Security card alongside shell isolation — `disabled`
stays in the enum so non-UI callers (action.yml input) still accept it
but is intentionally hidden from the console.

* address reviews: doc full restricted scope + disabled UI edge case

reviewers flagged that "restricted" blocks more than default-branch
pushes (also delete_branch + push_tags per action/mcp/git.ts:621-700),
and that the popover's "off = full push access" claim is wrong for
repos whose workflow sets `push: disabled` (also renders as OFF since
the toggle is `props.push === "restricted"`). action.yml description
now enumerates the full restricted scope, and the popover frames off
behavior in terms of the workflow input so disabled repos aren't
misrepresented.
This commit is contained in:
Colin McDonnell
2026-05-23 01:10:37 +00:00
committed by pullfrog[bot]
parent e52206b8ca
commit d93ddcbf4a
+1 -1
View File
@@ -16,7 +16,7 @@ inputs:
description: "Working directory for the agent (defaults to GITHUB_WORKSPACE)" description: "Working directory for the agent (defaults to GITHUB_WORKSPACE)"
required: false required: false
push: push:
description: "Git push permission: disabled (read-only, can't push) or enabled (can push). Default: enabled" description: "Git push permission: disabled (read-only), restricted (push feature branches only — blocks pushes to the default branch, branch deletion, and tag pushes), or enabled (full push access). Default: enabled"
required: false required: false
shell: shell:
description: "Shell permission: disabled, restricted (filters secrets from env vars), or enabled. Public repos default to restricted for security; private repos default to enabled." description: "Shell permission: disabled, restricted (filters secrets from env vars), or enabled. Public repos default to restricted for security; private repos default to enabled."