max/lean4-htt
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
Lean 4 fork for HoTT-compatible kernel extensions (Path types, transport, HITs). Maintained against upstream leanprover/lean4.
39703 commits 1 branch 0 tags 5.3 GiB
Find a file
Kim Morrison feea8a7611
fix: use pull_request_target for label-triggered workflows (#12638) 
This PR switches four lightweight workflows from `pull_request` to
`pull_request_target` to stop GitHub from requiring manual approval when
the
`mathlib-lean-pr-testing[bot]` app triggers label events (e.g. adding
`builds-mathlib`). Since the bot never lands commits on master, it is
perpetually treated as a "first-time contributor" and every
`pull_request`
event it triggers requires approval. `pull_request_target` events always
run
without approval because they execute trusted code from the base branch.

This is safe for all four workflows because none check out or execute
code
from the PR branch — they only read labels, PR body, and file lists from
the
event payload and API:

- `awaiting-mathlib.yml` — checks label combinations
- `awaiting-manual.yml` — checks label combinations
- `pr-body.yml` — checks PR body formatting
- `check-stdlib-flags.yml` — checks if stdlib_flags.h was modified via
API

Also adds explicit `permissions: pull-requests: read` to each workflow
as a
least-privilege hardening measure, since `pull_request_target` has
access to
secrets.

Addresses the issue reported by Sebastian:

https://lean-fro.zulipchat.com/#narrow/channel/398861-general/topic/mathlib.20pr-testing.20breakage.3F/near/575084348

🤖 Prepared with Claude Code

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-01 19:20:56 +11:00
.claude chore: fix profiler shebang and add profiling skill (#12519) 2026-03-01 07:09:33 +00:00
.github fix: use pull_request_target for label-triggered workflows (#12638) 2026-03-01 19:20:56 +11:00
doc chore: switch to new test/bench suite (#12590) 2026-02-25 13:51:53 +00:00
images
releases_drafts chore: remove stale release draft notes (#12518) 2026-02-17 19:56:23 +00:00
script chore: fix profiler shebang and add profiling skill (#12519) 2026-03-01 07:09:33 +00:00
src feat: add Meta.synthInstance.apply trace class (#12699) 2026-03-01 07:06:56 +00:00
stage0 chore: update stage0 2026-02-27 21:05:46 +00:00
tests feat: add Meta.synthInstance.apply trace class (#12699) 2026-03-01 07:06:56 +00:00
.gitattributes doc: grove: update and add String data (#11551) 2025-12-08 16:49:37 +00:00
.gitignore chore: fix ci for new test suite (#12704) 2026-02-27 23:25:37 +00:00
.gitpod.Dockerfile chore: add gitpod configuration (#6382) 2024-12-15 21:38:13 +00:00
.gitpod.yml chore: add gitpod configuration (#6382) 2024-12-15 21:38:13 +00:00
.ignore
CMakeLists.txt chore: fail build on non-make generators (#12690) 2026-02-25 13:59:40 +00:00
CMakePresets.json chore: fix ci for new test suite (#12704) 2026-02-27 23:25:37 +00:00
CODEOWNERS chore: make @hargoniX code owner of the compiler (#10732) 2025-10-10 04:43:38 +00:00
CONTRIBUTING.md doc: triage 2024-07-26 18:24:06 +02:00
flake.lock chore: update to c++20 (#12117) 2026-02-11 01:17:40 +00:00
flake.nix chore: update to c++20 (#12117) 2026-02-11 01:17:40 +00:00
lean-toolchain chore: relative lean-toolchains (#12652) 2026-02-25 10:23:35 +00:00
lean.code-workspace chore: relative lean-toolchains (#12652) 2026-02-25 10:23:35 +00:00
LICENSE
LICENSES feat: ship cadical (#4325) 2024-08-23 09:13:27 +00:00
README.md doc: update URLs that are currently pointing to redirects (#10397) 2025-09-17 15:50:07 +00:00
RELEASES.md chore: updates to release_checklist.md (#7817) 2025-04-04 03:45:36 +00:00

README.md

This is the repository for Lean 4.

About

Installation

See Install Lean.

Contributing

Please read our Contribution Guidelines first.

Building from Source

See Building Lean.