chore: add @edosrecki to vouched contributors

[ericallam]

Adds edosrecki to the vouch list so they can submit PRs.

Fixes #3198

Generated with Claude Code

[changeset-bot]

⚠️ No Changeset found

Latest commit: 00df962

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

The pull request introduces a .vouch.yml configuration file to the repository. This file declares a single repository ownership mapping for Vouch, a third-party verification tool, specifying a GitHub user reference. The change consists of 2 new lines with no modifications to existing code or functionality.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title accurately describes the main change—adding a contributor to the vouch list—and aligns with the changeset content in .vouch.yml.
Description check	✅ Passed	The PR description is minimal but covers essential elements: what was done (adds edosrecki to vouch list), why (so they can submit PRs), and references the linked issue (#3198). However, it lacks the recommended template sections like Testing, Changelog, and Checklist.
Linked Issues check	✅ Passed	The PR directly supports the linked issue #3198 by adding the contributor to the vouch list, enabling them to submit the ClickHouse fix PR as requested in the issue.
Out of Scope Changes check	✅ Passed	All changes in this PR are in-scope: the .vouch.yml modification directly addresses the objective of vouching the contributor mentioned in issue #3198 with no extraneous changes.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch claude/issue-3198-20260310-1555

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no bugs or issues to report.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.vouch.yml (1)

1-2: Consider adding a comment to document the file's purpose.

Adding a brief comment explaining what this configuration does would improve maintainability for future contributors who may not be familiar with the Vouch tool.

📝 Suggested documentation enhancement

+# Vouch configuration: List of GitHub users authorized to submit pull requests
 vouch:
   - github: edosrecki

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.vouch.yml around lines 1 - 2, Add a short comment at the top of .vouch.yml
explaining the file's purpose and what the top-level key "vouch" and the
"github: edosrecki" entry represent (e.g., that this config lists trusted GitHub
users for Vouch); update the file header so future contributors immediately
understand why the file exists and how to modify the "vouch" entries.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.vouch.yml:
- Around line 1-2: Remove the incorrect .vouch.yml file and instead add the
contributor entry in Trustdown format to the existing .github/VOUCHED.td;
specifically delete .vouch.yml and append an entry matching the repository's
VOUCHED.td style such as "github:edosrecki" (no YAML), ensuring it follows the
existing Trustdown formatting and placement used by the file.

---

Nitpick comments:
In @.vouch.yml:
- Around line 1-2: Add a short comment at the top of .vouch.yml explaining the
file's purpose and what the top-level key "vouch" and the "github: edosrecki"
entry represent (e.g., that this config lists trusted GitHub users for Vouch);
update the file header so future contributors immediately understand why the
file exists and how to modify the "vouch" entries.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 15e068d4-61c0-4a00-a0b0-8a09040b457b

📥 Commits

Reviewing files that changed from the base of the PR and between c0b6309 and 00df962.

📒 Files selected for processing (1)

• .vouch.yml

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (25)

• GitHub Check: units / internal / 🧪 Unit Tests: Internal (4, 8)
• GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (5, 8)
• GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (7, 8)
• GitHub Check: units / internal / 🧪 Unit Tests: Internal (8, 8)
• GitHub Check: units / internal / 🧪 Unit Tests: Internal (1, 8)
• GitHub Check: units / internal / 🧪 Unit Tests: Internal (6, 8)
• GitHub Check: units / internal / 🧪 Unit Tests: Internal (3, 8)
• GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (2, 8)
• GitHub Check: units / internal / 🧪 Unit Tests: Internal (7, 8)
• GitHub Check: e2e / 🧪 CLI v3 tests (windows-latest - npm)
• GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (6, 8)
• GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (3, 8)
• GitHub Check: units / internal / 🧪 Unit Tests: Internal (5, 8)
• GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (8, 8)
• GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (4, 8)
• GitHub Check: units / internal / 🧪 Unit Tests: Internal (2, 8)
• GitHub Check: units / webapp / 🧪 Unit Tests: Webapp (1, 8)
• GitHub Check: sdk-compat / Cloudflare Workers
• GitHub Check: sdk-compat / Node.js 20.20 (ubuntu-latest)
• GitHub Check: e2e / 🧪 CLI v3 tests (ubuntu-latest - pnpm)
• GitHub Check: units / packages / 🧪 Unit Tests: Packages (1, 1)
• GitHub Check: e2e / 🧪 CLI v3 tests (windows-latest - pnpm)
• GitHub Check: sdk-compat / Deno Runtime
• GitHub Check: typecheck / typecheck
• GitHub Check: sdk-compat / Node.js 22.12 (ubuntu-latest)

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify that the GitHub user exists
gh api /users/edosrecki --jq '{login: .login, name: .name, created_at: .created_at}'

Repository: triggerdotdev/trigger.dev

Length of output: 229

---

🌐 Web query:

Vouch .vouch.yml configuration file format documentation

💡 Result:

The Vouch configuration file format (including .vouch.yml) is documented in Vouch’s docs/configuration.md. (github.com)

Key points from the documentation:

• The config file can be YAML or JSON. (github.com)
• Default filenames/locations:
  • In your home directory: .vouch.yml (or .vouch.json)
  • Under --base-dir / VOUCH_BASE_DIR: vouch.yml (or vouch.json) (github.com)
• Precedence when the same setting is provided in multiple places: command-line > environment > config file. (github.com)
• The doc includes a fully annotated sample YAML showing the expected structure and fields. (github.com)

Citations:

• 1: https://github.com/attestantio/vouch/blob/v1.12.1/docs/configuration.md
• 2: https://github.com/attestantio/vouch/blob/v1.12.1/docs/configuration.md
• 3: https://github.com/attestantio/vouch/blob/v1.12.1/docs/configuration.md
• 4: https://github.com/attestantio/vouch/blob/v1.12.1/docs/configuration.md
• 5: https://github.com/attestantio/vouch/blob/v1.12.1/docs/configuration.md

---

🏁 Script executed:

#!/bin/bash
# Search for vouch-related content in the repository
echo "=== Searching for vouch references ==="
rg -i "vouch" --type-list | head -5
echo ""
echo "=== Looking for vouch files ==="
fd -i vouch
echo ""
echo "=== Searching for references to vouch in code ==="
rg -i "vouch" -A 2 -B 2

Repository: triggerdotdev/trigger.dev

Length of output: 2295

---

🌐 Web query:

GitHub vouch tool PR permission system

💡 Result:

Vouch’s GitHub integration doesn’t introduce a new “PR permission system” of its own—it relies on GitHub App permissions + GitHub repo settings:

• How Vouch authenticates to GitHub: Vouch mints short‑lived (~1 hour) GitHub installation access tokens via a GitHub App installed in your org, and those tokens are scoped to only the repos the org granted the app (all repos or selected repos). If the app isn’t granted a repo, you’ll see “repository not accessible with current token scope.” [1]
• What the token can do (including PR actions): A GitHub App’s installation token can only do what the app was granted (repo selection + permission set). GitHub also supports requesting scoped installation tokens with a reduced set of repos and/or permissions (least privilege). [2]
• If you mean PR creation/approval by automation (Actions): GitHub has a separate org/repo setting—“Allow GitHub Actions to create and approve pull requests”—which is disabled by default; enabling it allows the workflow GITHUB_TOKEN to create/approve PRs. [3]

Practical takeaway: to let “Vouch tooling” (via its GitHub App token) create/comment/update PRs, you grant the Vouch GitHub App access to the target repos and the necessary GitHub App permissions for PR endpoints; branch protection/review rules still apply unless you explicitly allow an app to bypass them in GitHub.

Sources: [1] [2] [3]

---

🏁 Script executed:

#!/bin/bash
# Check vouch tool documentation and configuration format
echo "=== Looking at vouch references in CONTRIBUTING.md ==="
cat CONTRIBUTING.md | grep -A 20 "Getting vouched"
echo ""
echo "=== Search for any vouch configuration examples ==="
find . -name "*.md" -o -name "*.yml" -o -name "*.yaml" | xargs grep -l "github:" 2>/dev/null | head -10

Repository: triggerdotdev/trigger.dev

Length of output: 1148

---

🌐 Web query:

mitchellh vouch .vouch.yml format configuration schema

💡 Result:

In mitchellh/vouch (the trust-management tool), there isn’t a documented .vouch.yml configuration file. Configuration is done via:

• GitHub Action inputs (per-workflow), e.g. vouched-file defaults to ".github/VOUCHED.td" in action/check-pr. [1]
• A Trustdown vouch list file: VOUCHED.td (or .github/VOUCHED.td), which is the canonical “schema/format” the project defines. [2]

VOUCHED.td (Trustdown) format

• # ... comments allowed
• One handle per line (no leading @), typically sorted alphabetically
• Optional platform prefix: platform:username (example given: github:mitchellh)
• Denounced users are prefixed with -
• Optional free-form details/reason after a space

Example from the README: [2]

• username
• platform:username
• -platform:denounced-user
• -platform:denounced-user reason for denouncement

If you meant a different “vouch” project (there are several), tell me which repo/link you’re using and I’ll pull that project’s .vouch.yml schema instead.

---

🏁 Script executed:

#!/bin/bash
# Search for vouch tool and configuration details
echo "=== Checking vouch tool GitHub repository ==="
curl -s https://api.github.com/repos/mitchellh/vouch | jq '{name, description, url}'

echo ""
echo "=== Search for VOUCHED or vouch references in trigger.dev ==="
find . -name "*VOUCH*" -o -name "*vouch*" 2>/dev/null

echo ""
echo "=== Check if there are any GitHub Actions using vouch ==="
fd -t f "\.(yml|yaml)$" .github | xargs grep -l vouch 2>/dev/null || echo "No vouch references in GitHub Actions"

Repository: triggerdotdev/trigger.dev

Length of output: 577

---

🌐 Web query:

mitchellh vouch tool Trustdown format VOUCHED.td vs .vouch.yml

💡 Result:

In mitchellh/vouch, the trust list is a Trustdown file (.td) named VOUCHED.td (or .github/VOUCHED.td by default). It’s a simple line-based format (optionally platform:user, denouncements prefixed with -, optional reason text after a space, # comments). [1]

.vouch.yml is not the vouch-list format used by this tool. Configuration for the GitHub Actions is done via workflow/action inputs (for example, the actions default vouched-file to .github/VOUCHED.td), not via a .vouch.yml config file. [2]

So: use VOUCHED.td for the vouch/denounce list; ignore .vouch.yml unless you’re dealing with some other unrelated “vouch” project/tooling. [1][2]

Sources:
[1] https://github.com/mitchellh/vouch (README: “Vouched File Format”, Trustdown, default lookup paths)
[2] https://raw.githubusercontent.com/mitchellh/vouch/main/action/check-issue/action.yml (action inputs showing default vouched-file: .github/VOUCHED.td)

---

🏁 Script executed:

#!/bin/bash
# Check the existing VOUCHED.td file format
echo "=== Existing VOUCHED.td file ==="
cat .github/VOUCHED.td

echo ""
echo "=== Check vouch workflow configuration ==="
cat .github/workflows/vouch-check-pr.yml | grep -A 5 -B 5 "vouched"

echo ""
echo "=== Check the new .vouch.yml file ==="
cat .vouch.yml

Repository: triggerdotdev/trigger.dev

Length of output: 421

---

Remove this file and add the contributor to .github/VOUCHED.td instead.

The repository uses mitchellh/vouch, which expects a Trustdown format file (.github/VOUCHED.td), not YAML. The correct entry should be added to the existing .github/VOUCHED.td file as:

github:edosrecki

Delete .vouch.yml and add edosrecki to .github/VOUCHED.td following the existing format.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.vouch.yml around lines 1 - 2, Remove the incorrect .vouch.yml file and
instead add the contributor entry in Trustdown format to the existing
.github/VOUCHED.td; specifically delete .vouch.yml and append an entry matching
the repository's VOUCHED.td style such as "github:edosrecki" (no YAML), ensuring
it follows the existing Trustdown formatting and placement used by the file.