Files
2026-07-13 13:22:34 +08:00

37 lines
1.1 KiB
YAML

name: close-security-issues
on:
issues:
types: [opened]
defaults:
run:
shell: bash
permissions: {}
jobs:
close:
if: github.repository == 'mlflow/mlflow'
runs-on: ubuntu-slim
timeout-minutes: 5
permissions:
issues: write
steps:
- env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
ISSUE_TITLE: ${{ github.event.issue.title }}
REPO: ${{ github.repository }}
run: |
title_lower=$(echo "$ISSUE_TITLE" | tr '[:upper:]' '[:lower:]')
if echo "$title_lower" | grep -qE "security\s+vulnerability"; then
gh issue close "$ISSUE_NUMBER" --repo "$REPO" --comment "$(cat <<'EOF'
This issue has been automatically closed because it appears to report a security vulnerability.
Please report security vulnerabilities through [GitHub's private vulnerability reporting](https://github.com/mlflow/mlflow/security/advisories/new) instead. See our [Security Policy](https://github.com/mlflow/mlflow/blob/master/SECURITY.md) for more details.
EOF
)"
fi