From f17deaa82031eed639b559d3c57bfd00a5a98173 Mon Sep 17 00:00:00 2001
From: max-tech-bot <max-tech-bot@users.noreply.github.com>
Date: Thu, 12 Mar 2026 01:01:00 +0000
Subject: [PATCH] fix: handle fork PR permission errors in review bot

The GITHUB_TOKEN has limited permissions for fork PRs, causing the
Post PR comment step to fail with 403. Added continue-on-error and
try/catch to handle this gracefully instead of failing the job.
---
 .github/workflows/pr-review-bot.yml | 49 ++++++++++++++++-------------
 1 file changed, 27 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/pr-review-bot.yml b/.github/workflows/pr-review-bot.yml
index 38d84161..f05a939a 100644
--- a/.github/workflows/pr-review-bot.yml
+++ b/.github/workflows/pr-review-bot.yml
@@ -87,6 +87,7 @@ jobs:
           echo "count=$COUNT" >> $GITHUB_OUTPUT
 
       - name: Post PR comment
+        continue-on-error: true
         uses: actions/github-script@v7
         with:
           script: |
@@ -173,29 +174,33 @@ jobs:
             ---
             <sub>This is an automated review. Please address the issues above.</sub>`;
 
-            // Find existing bot comment
-            const existingComments = await github.rest.issues.listComments({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: context.issue.number
-            });
-
-            const botComment = existingComments.data.find(c =>
-              c.user?.type === 'Bot' && c.body?.includes('🤖 PR Review Bot')
-            );
-
-            if (botComment) {
-              await github.rest.issues.updateComment({
+            // Post comment — may fail on fork PRs due to limited GITHUB_TOKEN permissions
+            try {
+              const existingComments = await github.rest.issues.listComments({
                 owner: context.repo.owner,
                 repo: context.repo.repo,
-                comment_id: botComment.id,
-                body
-              });
-            } else {
-              await github.rest.issues.createComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: context.issue.number,
-                body
+                issue_number: context.issue.number
               });
+
+              const botComment = existingComments.data.find(c =>
+                c.user?.type === 'Bot' && c.body?.includes('🤖 PR Review Bot')
+              );
+
+              if (botComment) {
+                await github.rest.issues.updateComment({
+                  owner: context.repo.owner,
+                  repo: context.repo.repo,
+                  comment_id: botComment.id,
+                  body
+                });
+              } else {
+                await github.rest.issues.createComment({
+                  owner: context.repo.owner,
+                  repo: context.repo.repo,
+                  issue_number: context.issue.number,
+                  body
+                });
+              }
+            } catch (error) {
+              core.warning(`Could not post PR comment (likely a fork PR with limited token permissions): ${error.message}`);
             }