workflows/bot: fix permission in test workflow (#457575)

.github/workflows/test.yml

@@ -66,6 +66,9 @@ jobs:
               '.github/workflows/pull-request-target.yml',
               '.github/workflows/reviewers.yml',
               '.github/workflows/test.yml',
+              'ci/github-script/bot.js',
+              'ci/github-script/merge.js',
+              'ci/github-script/withRateLimit.js',
             ].includes(file))) core.setOutput('pr', true)
 
   merge-group:

ci/github-script/merge.js

@@ -6,6 +6,13 @@ async function runChecklist({ github, context, pull_request, maintainers }) {
   const pull_number = pull_request.number
 
   if (!committers) {
+    if (context.eventName === 'pull_request') {
+      // We have no chance of getting a token in the pull_request context with the right
+      // permissions to access the members endpoint below. Thus, we're pretending to have
+      // no committers. This is OK; because this is only for the Test workflow, not for
+      // real use.
+      committers = new Set()
+    } else {
       committers = github
         .paginate(github.rest.teams.listMembersInOrg, {
           org: context.repo.owner,
@@ -14,6 +21,7 @@ async function runChecklist({ github, context, pull_request, maintainers }) {
         })
         .then((members) => new Set(members.map(({ id }) => id)))
     }
+  }
 
   const files = await github.paginate(github.rest.pulls.listFiles, {
     ...context.repo,