Skip to content

Forbid AI authored commits #682

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
cberner merged 1 commit into from
May 14, 2026
Merged

Forbid AI authored commits #682

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,28 @@ on:
- master

jobs:
commit-authors:
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'

@chatgpt-codex-connector chatgpt-codex-connector Bot May 14, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Run AI-author gate on pushes to master

The workflow triggers on both pull_request and push, but this job is hard-gated to PR events (if: github.event_name == 'pull_request'), so direct pushes to master bypass the AI-author check completely. In repositories where maintainers can push directly (or automation pushes without a PR), AI-authored commits can still land despite the stated policy.

Useful? React with 👍 / 👎.

steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Ban AI-authored commits
env:
BASE_SHA: ${{ github.event.pull_request.base.sha }}
HEAD_SHA: ${{ github.event.pull_request.head.sha }}
run: |
git fetch --no-tags --no-recurse-submodules origin "$BASE_SHA"
offenders=$(git log --no-merges --pretty=format:'%H %an <%ae> committed by %cn <%ce>' "$BASE_SHA".."$HEAD_SHA" \
| grep -iE '(claude|codex)' || true)

@chatgpt-codex-connector chatgpt-codex-connector Bot May 14, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Match bot identities precisely in author filter

The grep pattern '(claude|codex)' is a broad substring match across author and committer names/emails, so legitimate humans or domains containing these strings (for example, a person named Claude) will fail CI even when no AI tool authored the commit. This makes the check over-blocking and likely to reject valid contributions.

Useful? React with 👍 / 👎.

if [ -n "$offenders" ]; then
echo "Commits authored or committed by Claude or Codex are not allowed:"
echo "$offenders"
exit 1
fi

compile:
runs-on: ubuntu-24.04
timeout-minutes: 10
Expand Down
Loading