run musescore and audacity app builds automatically on every PR

[kryksyh]

Enables consumer application build on every PR.

• I signed the CLA as username:
• The title of the PR describes the problem it addresses.
• Each commit's message describes its purpose and effects, and references the issue it resolves. If changes are extensive, there is a sequence of easily reviewable commits.
• The code in the PR follows the coding rules.
• I understand all aspects of the code I'm contributing and I'm able to explain it if requested.
• The code compiles and runs on my machine, preferably after each commit individually. I have manually tested and verified that my changes fulfil their intended purpose.
• No prior attempts to resolve this problem exist, or if they do, I listed them in my PR description and described how I avoided repeating past mistakes.
• There are no unnecessary changes.
• I created a unit test or vtest to verify the changes I made (if applicable).

Build configuration

audacity: audacity/audacity/master
audacity platforms: linux_x64
musescore: musescore/MuseScore/main
musescore platforms: linux_x64

[coderabbitai]

Warning

Review limit reached

@kryksyh, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 36 minutes and 33 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan refill rate.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, the refill rate gradually slows as usage increases. The highest same-day bursts are limited more strictly.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 8a7863b4-8baa-4400-8d4f-cc9e4e3c2dac

📥 Commits

Reviewing files that changed from the base of the PR and between 0c74e96 and 3e2bb4e.

📒 Files selected for processing (2)

• .github/pull_request_template.md
• .github/workflows/pr_dispatch.yml

📝 Walkthrough

Walkthrough

The PR switches the pr_dispatch.yml workflow from an issue_comment-based manual trigger (requiring a /build comment) to an automatic pull_request trigger that fires on opened, reopened, synchronize, and edited events. The concurrency group is updated to use the PR number, the parse job no longer gates on comment content or author association, and PR data is now read directly from GITHUB_EVENT_PATH via jq. The steps that posted "pending" statuses and the separate report job that forwarded final build statuses back to the PR head are both removed. All six build jobs gain explicit name fields. The PR template is updated to reflect that consumer-app builds now run automatically.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: automating app builds for MuseScore and Audacity on every PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description check	✅ Passed	The PR description is mostly complete with all required checklist items completed, but lacks detailed explanation of the implementation approach and specific changes made.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/pr_dispatch.yml:
- Around line 3-5: The pull_request trigger in the workflow does not include a
trust gate, allowing untrusted forks to automatically dispatch builds. Add a
conditional check (typically using `if:
github.event.pull_request.head.repo.full_name == github.repository`) at the job
level to ensure that only PRs from the main repository trigger the heavyweight
build dispatch, preventing fork PRs from consuming CI capacity.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: ae782287-61d0-472c-8aec-90d9375fbd89

📥 Commits

Reviewing files that changed from the base of the PR and between 5a48cf5 and 0c74e96.

📒 Files selected for processing (2)

• .github/pull_request_template.md
• .github/workflows/pr_dispatch.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Add a trust gate for automatic PR-triggered builds.

Line 5 now runs this workflow on every PR update (including edited) without any trust check. That allows untrusted/fork PRs to automatically dispatch heavyweight builds, which can exhaust CI capacity and starve trusted builds.

Suggested hardening

 jobs:
   parse:
+    if: |
+      github.event.pull_request.head.repo.fork == false ||
+      contains(github.event.pull_request.labels.*.name, 'safe-to-test')
     name: Configure

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/pr_dispatch.yml around lines 3 - 5, The pull_request
trigger in the workflow does not include a trust gate, allowing untrusted forks
to automatically dispatch builds. Add a conditional check (typically using `if:
github.event.pull_request.head.repo.full_name == github.repository`) at the job
level to ensure that only PRs from the main repository trigger the heavyweight
build dispatch, preventing fork PRs from consuming CI capacity.

[kryksyh]

@igorkorsukov what do you think? I guess we are good, and if it is abused, we can tighten it.

[coderabbitai]

Seems like the humans are having a chat. I'll hop back into my burrow for now. If you need me again, just tag @coderabbitai in a new comment, and I'll come hopping out!