From b5469dede222e33cbfa3371eace28d0f9058f7b8 Mon Sep 17 00:00:00 2001
From: ipad54 <63200545+ipad54@users.noreply.github.com>
Date: Fri, 15 Nov 2024 03:10:43 +0300
Subject: [PATCH 1/2] Flowable blocks now can't be placed inside liquid (#5392)

---
 src/block/Flowable.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/block/Flowable.php b/src/block/Flowable.php
index 795fe2756..0328bcd74 100644
--- a/src/block/Flowable.php
+++ b/src/block/Flowable.php
@@ -25,6 +25,7 @@ namespace pocketmine\block;
 
 use pocketmine\block\utils\SupportType;
 use pocketmine\math\AxisAlignedBB;
+use pocketmine\math\Vector3;
 
 /**
  * "Flowable" blocks are destroyed if water flows into the same space as the block. These blocks usually don't have any
@@ -40,6 +41,11 @@ abstract class Flowable extends Transparent{
 		return false;
 	}
 
+	public function canBePlacedAt(Block $blockReplace, Vector3 $clickVector, int $face, bool $isClickedBlock) : bool{
+		return (!$this->canBeFlowedInto() || !$blockReplace instanceof Liquid) &&
+			parent::canBePlacedAt($blockReplace, $clickVector, $face, $isClickedBlock);
+	}
+
 	/**
 	 * @return AxisAlignedBB[]
 	 */

From 8a693f2a4c4b2fcd29788584cbe5b6af9a9470fd Mon Sep 17 00:00:00 2001
From: "Dylan T." <dktapps@pmmp.io>
Date: Fri, 15 Nov 2024 20:08:54 +0000
Subject: [PATCH 2/2] team-pr-auto-approve: Use RestrictedActions auto approver

---
 .github/workflows/team-pr-auto-approve.yml | 31 +++++++++-------------
 1 file changed, 13 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/team-pr-auto-approve.yml b/.github/workflows/team-pr-auto-approve.yml
index a582be328..ad2812383 100644
--- a/.github/workflows/team-pr-auto-approve.yml
+++ b/.github/workflows/team-pr-auto-approve.yml
@@ -13,30 +13,25 @@ on:
       - reopened
       - ready_for_review
 
-permissions:
-  pull-requests: write
-
 jobs:
   approve:
     name: Auto approve
     runs-on: ubuntu-latest
 
     steps:
-      - name: Check if PR author has write access
-        id: check-permission
-        uses: actions-cool/check-user-permission@v2
+      - name: Generate access token
+        id: generate-token
+        uses: actions/create-github-app-token@v1
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          require: write
-          username: ${{ github.event.pull_request.user.login }}
-          #technically this would be fine for dependabot but generally bots don't count as team members
-          check-bot: true
+          app-id: ${{ vars.RESTRICTED_ACTIONS_DISPATCH_ID }}
+          private-key: ${{ secrets.RESTRICTED_ACTIONS_DISPATCH_KEY }}
+          owner: ${{ github.repository_owner }}
+          repositories: RestrictedActions
 
-        #TODO: Some way to avoid unnecessary repeated reviews would be nice here
-
-      - name: Approve PR if authorized
-        if: steps.check-permission.outputs.require-result == 'true' && steps.check-permission.outputs.check-result == 'false'
-        uses: juliangruber/approve-pull-request-action@v2
+      - name: Dispatch restricted action
+        uses: peter-evans/repository-dispatch@v3
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-          number: ${{ github.event.pull_request.number }}
+          token: ${{ steps.generate-token.outputs.token }}
+          repository: ${{ github.repository_owner }}/RestrictedActions
+          event-type: auto_approve_collaborator_pr
+          client-payload: '{"repo": "${{ github.repository }}", "pull_request_id": "${{ github.event.pull_request.number }}" }'