From 6b6d1ddcf9025bb16f0718f582c08196d9326b9a Mon Sep 17 00:00:00 2001
From: Henry Mercer <henrymercer@github.com>
Date: Mon, 22 Sep 2025 16:08:31 +0200
Subject: [PATCH 1/3] Update required checks: Fail on error

---
 .github/workflows/script/update-required-checks.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/script/update-required-checks.sh b/.github/workflows/script/update-required-checks.sh
index 950b13c5d4..420ac1fce2 100755
--- a/.github/workflows/script/update-required-checks.sh
+++ b/.github/workflows/script/update-required-checks.sh
@@ -1,6 +1,8 @@
 #!/usr/bin/env bash
 # Update the required checks based on the current branch.
 
+set -euo pipefail
+
 SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
 REPO_DIR="$(dirname "$SCRIPT_DIR")"
 GRANDPARENT_DIR="$(dirname "$REPO_DIR")"

From 8a9ef89a8a4f81be00be2e2386f3a5145ee68394 Mon Sep 17 00:00:00 2001
From: Henry Mercer <henrymercer@github.com>
Date: Mon, 22 Sep 2025 16:08:45 +0200
Subject: [PATCH 2/3] Update required checks: Fail if no check runs found

---
 .github/workflows/script/update-required-checks.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/script/update-required-checks.sh b/.github/workflows/script/update-required-checks.sh
index 420ac1fce2..47e89f72dd 100755
--- a/.github/workflows/script/update-required-checks.sh
+++ b/.github/workflows/script/update-required-checks.sh
@@ -33,6 +33,12 @@ CHECKS="$(gh api repos/github/codeql-action/commits/"${GITHUB_SHA}"/check-runs -
 
 echo "$CHECKS" | jq
 
+# Fail if there are no checks
+if [ -z "$CHECKS" ] || [ "$CHECKS" == "[]" ]; then
+  echo "No checks found for $GITHUB_SHA"
+  exit 1
+fi
+
 echo "{\"contexts\": ${CHECKS}}" > checks.json
 
 echo "Updating main"

From 33da5f0b3603ffae40cce063e31fe17b517979ce Mon Sep 17 00:00:00 2001
From: Henry Mercer <henrymercer@github.com>
Date: Mon, 22 Sep 2025 15:21:20 +0100
Subject: [PATCH 3/3] Use jq to check array length

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 .github/workflows/script/update-required-checks.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/script/update-required-checks.sh b/.github/workflows/script/update-required-checks.sh
index 47e89f72dd..30a39731b1 100755
--- a/.github/workflows/script/update-required-checks.sh
+++ b/.github/workflows/script/update-required-checks.sh
@@ -34,7 +34,7 @@ CHECKS="$(gh api repos/github/codeql-action/commits/"${GITHUB_SHA}"/check-runs -
 echo "$CHECKS" | jq
 
 # Fail if there are no checks
-if [ -z "$CHECKS" ] || [ "$CHECKS" == "[]" ]; then
+if [ -z "$CHECKS" ] || [ "$(echo "$CHECKS" | jq '. | length')" -eq 0 ]; then
   echo "No checks found for $GITHUB_SHA"
   exit 1
 fi