Skip to content

Fix approval rules webhook payload showing ActiveRecord proxy

Kai Armstrongrequested to merge
fix-approval-rules-webhook-payload into master

What does this MR do and why?

Fix approval rules webhook payload showing ActiveRecord proxy

When updating a merge request without changing approval rules, the webhook payload incorrectly serializes the approval_rules.previous value as an ActiveRecord association proxy object string instead of properly converting it to an array.

References

Resolves #577568

How to set up and validate locally

  1. Setup a merge request webhook and then change reviewers using the assign option, see:
"changes": {
    "approval_rules": {
      "previous": "#<ApprovalMergeRequestRule::ActiveRecord_Associations_CollectionProxy:0x0000000379856f48>",
      "current": [
        {
          "id": 1,
          "approvals_required": 0,
          "name": "All Members",
          "rule_type": "any_approver",
          "report_type": null,
          "merge_request_id": 37,
          "section": null,
          "modified_from_project_rule": false,
          "orchestration_policy_idx": null,
          "vulnerabilities_allowed": 0,
          "scanners": [],
          "severity_levels": [],
          "vulnerability_states": [
            "new_needs_triage",
            "new_dismissed"
          ],
          "security_orchestration_policy_configuration_id": null,
          "scan_result_policy_id": null,
          "applicable_post_merge": null,
          "project_id": 2,
          "approval_policy_rule_id": null,
          "updated_at": "2025-10-16 18:41:57 UTC",
          "created_at": "2025-10-16 18:41:57 UTC"
        }
      ]
    },
  1. Checkout this branch and change reviewers in the same way and see:
"changes": {
    "approval_rules": {
      "previous": [],
      "current": [
        {
          "id": 1,
          "approvals_required": 0,
          "name": "All Members",
          "rule_type": "any_approver",
          "report_type": null,
          "merge_request_id": 37,
          "section": null,
          "modified_from_project_rule": false,
          "orchestration_policy_idx": null,
          "vulnerabilities_allowed": 0,
          "scanners": [],
          "severity_levels": [],
          "vulnerability_states": [
            "new_needs_triage",
            "new_dismissed"
          ],
          "security_orchestration_policy_configuration_id": null,
          "scan_result_policy_id": null,
          "applicable_post_merge": null,
          "project_id": 2,
          "approval_policy_rule_id": null,
          "updated_at": "2025-10-16 18:41:57 UTC",
          "created_at": "2025-10-16 18:41:57 UTC"
        }
      ]
    },

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Kai Armstrong

Merge request reports