From db607c59b6bad8ae08a3acce0cb536ef8b231f98 Mon Sep 17 00:00:00 2001 From: Bryan Thompson Date: Thu, 25 Jun 2026 17:36:38 -0500 Subject: [PATCH] ci(validate): trigger on .github/policy/** so policy-prompt PRs clear the required check A PR touching only .github/policy/** matched none of the validate pull_request paths, so the required 'validate' check never ran via pull_request and sat Expected forever (a workflow_dispatch check run isn't associated with the PR, so it can't satisfy the gate). Mirrors the existing .github/workflows/** carve-out. --- .github/workflows/validate-plugins.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/validate-plugins.yml b/.github/workflows/validate-plugins.yml index da9bdf2f..51920c8f 100644 --- a/.github/workflows/validate-plugins.yml +++ b/.github/workflows/validate-plugins.yml @@ -14,6 +14,11 @@ on: # check runs aren't associated with the PR, so they don't satisfy it). Run # validate on workflow changes too so those PRs can clear the gate in-context. - '.github/workflows/**' + # Same rationale for the scan policy prompt: a policy-only PR (.github/policy/**) + # touches none of the plugin paths above, so validate would never trigger via + # pull_request and the required check would sit "Expected" forever (a dispatch + # check run isn't associated with the PR, so it can't satisfy the gate either). + - '.github/policy/**' push: branches: [main] paths: