GitHub Apps can't receive PR conversation comments via webhook without the Issues permission #201743
Replies: 3 comments
-
|
💬 Your Product Feedback Has Been Submitted 🎉 Thank you for taking the time to share your insights with us! Your feedback is invaluable as we build a better GitHub experience for all our users. Here's what you can expect moving forward ⏩
Where to look to see what's shipping 👀
What you can do in the meantime 💻
As a member of the GitHub community, your participation is essential. While we can't promise that every suggestion will be implemented, we want to emphasize that your feedback is instrumental in guiding our decisions and priorities. Thank you once again for your contribution to making GitHub even better! We're grateful for your ongoing support and collaboration in shaping the future of our platform. ⭐ |
Beta Was this translation helpful? Give feedback.
This comment was marked as spam.
This comment was marked as spam.
-
|
You've found a real quirk in GitHub's permission model. Here is the explanation and workaround: Why this happensIn GitHub's data model, pull request conversation comments and PR review comments are treated differently:
Pull request conversation (issue-style) comments use the Issues API because GitHub models PRs as a superset of Issues internally. The webhook event for these is The fixAdd {
"default_permissions": {
"pull_requests": "read",
"issues": "read"
}
}Distinguish PR comments from Issue commentsIn the {
"issue": {
"pull_request": { "url": "..." } // present = this is a PR comment
}
}Webhook event mapping summary
This is one of the most common gotchas when building GitHub Apps — hope it unblocks your Slack notification app at prflow.dev! |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
🏷️ Discussion Type
Bug
💬 Feature/Topic Area
Apps
Body
Hi,
I am building a Slack notification app (https://prflow.dev/) for pull requests. It has
pull_requests: read,checks: readandmetadata: readpermissions and it subscribes topull_request,pull_request_review,pull_request_review_commentandpull_request_review_threadwebhook events.The issue is that with these permissions, my app doesn't receive webhooks for comments not specific to a codeline in a file - so general PR comments. This would only be delivered via
issue_commentevent, and it requiresIssues: readpermission. This design decision doesn't make sense to me seems unnecessarily coupled.The REST API however seems to handle this case well.
GET /repos/{owner}/{repo}/issues/{number}/commentsworks well with only thepull_requests: readpermission.In case it helps, either of these would solve it: deliver
issue_commentevents filtered to PRs for apps that only hold pull_requests: read, matching what REST already does, or add a separate event for PR conversation comments under the Pull requests permission.Thanks.
Beta Was this translation helpful? Give feedback.
All reactions