mirror of
https://github.com/facebook/react-native.git
synced 2026-04-01 07:08:03 +00:00
3782e939df
Summary: Pull Request resolved: https://github.com/facebook/react-native/pull/55245 Changelog: [INTERNAL] [FIXED] - Fix diff-js-api-changes workflow to correctly compare PR head vs merge base The `diff-js-api-changes` action was comparing main to main instead of comparing the PR head to the point of main it branched from. The workflow now: 1. Checks out main in `danger-pr.yml` to get the trusted scripts 2. Fetches the PR head commit and computes the merge base (the point it branched from main) 3. Extracts the API snapshots from both refs using `git show` to read-only temp files 4. Runs main's diff script to compare the two snapshots **Security notes:** - `git fetch` only downloads git objects, it does not modify the working directory - `git show <sha>:path` extracts a file as read-only data, not executable code - All executed scripts come from main (trusted), PR content is only used as data - The PR's `.d.ts` file is written to a temp directory and passed as input to main's diff script Reviewed By: huntie Differential Revision: D90978905 fbshipit-source-id: fc9b420a27c84f1812b436f41d3169fad4f91291