From ae7e35721a0233b7d2ca983538a102ab27653514 Mon Sep 17 00:00:00 2001 From: Jarek Potiuk Date: Thu, 2 Apr 2026 00:35:09 +0200 Subject: [PATCH] Document verify-action-build exit code behavior in README MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Clarify that the script only exits with error (code 1) for genuinely broken situations (non-compilable actions, invalid JS, missing tools). Large diffs from version bumps do not cause errors — human review is always required to assess changes. --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index c8c7bdff..147340db 100644 --- a/README.md +++ b/README.md @@ -194,6 +194,8 @@ The `--no-gh` mode supports all the same features as the default `gh`-based mode Dependabot PRs that modify `dummy.yml` are automatically verified by the `verify_dependabot_action.yml` workflow. It extracts the action reference from the PR, rebuilds the compiled JavaScript in Docker, and compares it against the published version. The workflow reports success or failure but does **not** auto-approve or merge — a human reviewer must still approve. +The script exits with code **1** (failure) when something is unexpectedly broken — for example, the action cannot be compiled, the rebuilt JavaScript is invalid, or required tools are missing. In all other cases it exits with code **0** and produces reviewable diffs: a large diff does not by itself cause an error (e.g. major version bumps will naturally have big diffs). It is always up to a human reviewer to inspect the output, assess the changes, and decide whether the update is safe to approve. + To verify a specific PR locally (non-interactively), use: ```bash