chore: Add action to warn about potentially risky PR changes (#4129)

Co-authored-by: LucasZF <[email protected]>
Co-authored-by: Krystof Woldrich <[email protected]>

Author: 3 people

.github/file-filters.yml

@@ -0,0 +1,19 @@
+# This is used by the action https://github.com/dorny/paths-filter
+
+high_risk_code: &high_risk_code
+  # React Native Interface
+  - 'src/js/vendor/react-native/index.ts'
+  - 'src/js/utils/rnlibraries.ts'
+  - 'src/js/utils/rnlibrariesinterface.ts'
+
+  # Touch Integration
+  - 'src/js/touchevents.tsx'
+  
+  # Sentry Native Interface
+  - 'src/js/NativeRNSentry.ts'
+
+  # Source Maps and Native Debug Files Autoupload
+  - 'scripts/sentry-xcode.sh'
+  - 'scripts/sentry-xcode-debug-files.sh'
+  - 'sentry.gradle'
+  

.github/workflows/changes-in-high-risk-code.yml

@@ -0,0 +1,49 @@
+name: Changes In High Risk Code
+on:
+  pull_request:
+
+# https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  files-changed:
+    name: Detect changed files
+    runs-on: ubuntu-latest
+    # Map a step output to a job output
+    outputs:
+      high_risk_code: ${{ steps.changes.outputs.high_risk_code }}
+      high_risk_code_files: ${{ steps.changes.outputs.high_risk_code_files }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Get changed files
+        id: changes
+        uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
+        with:
+          token: ${{ github.token }}
+          filters: .github/file-filters.yml
+
+          # Enable listing of files matching each filter.
+          # Paths to files will be available in `${FILTER_NAME}_files` output variable.
+          list-files: csv
+
+  validate-high-risk-code:
+    if: needs.files-changed.outputs.high_risk_code == 'true'
+    needs: files-changed
+    runs-on: ubuntu-latest
+    steps:
+      - name: Comment on PR to notify of changes in high risk files
+        uses: actions/github-script@v7
+        env:
+          high_risk_code: ${{ needs.files-changed.outputs.high_risk_code_files }}
+        with:
+          script: |
+            const highRiskFiles = process.env.high_risk_code;
+            const fileList = highRiskFiles.split(',').map(file => `- [ ] ${file}`).join('\n');
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: `### 🚨 Detected changes in high risk code 🚨 \n High-risk code has higher potential to break the SDK and may be hard to test. To prevent severe bugs, apply the rollout process for releasing such changes and be extra careful when changing and reviewing these files:\n ${fileList}`
+            })