rodin/review-bot
2
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 6 Wiki Activity
Pulse Contributors Code Frequency Recent Commits

2025-05-30 - 2026-05-30
Period: 1 year
1 day 3 days 1 week 1 month 3 months 6 months 1 year

Overview

72 Active Pull Requests
79 Active Issues
71
Merged Pull Requests 1
Proposed Pull Request 79
Closed Issues 79
New Issues
Excluding merges, 4 authors have pushed 65 commits to main and 384 commits to all branches. On main, 51 files have changed and there have been 7150 additions and 1502 deletions.

6 Releases published by 1 user

Published v0.4.0 v0.4.0 2026-05-15 13:05:19 +00:00

Published v0.3.2 v0.3.2 2026-05-05 12:41:18 +00:00

Published v0.3.1 v0.3.1 2026-05-02 20:35:38 +00:00

Published v0.3.0 v0.3.0 2026-05-02 19:27:42 +00:00

Published v0.2.0 v0.2.0 2026-05-02 06:13:02 +00:00

Published v0.1.0 v0.1.0 2026-05-01 21:10:37 +00:00

71 Pull requests merged by 2 users

Merged #160 Removing intermediate files 2026-05-19 02:20:06 +00:00

Merged #152 fix(#150): add EvalSymlinks to validateDocmapPath — close dir-symlink bypass 2026-05-18 19:09:30 +00:00

Merged #158 fix(#157): add never-close constraint to spec, S9 invariant, and regression test 2026-05-15 22:56:45 +00:00

Merged #155 refactor(#154): extract baseSubprocessArgs helper in main_test.go subprocess tests 2026-05-15 21:28:42 +00:00

Merged #156 feat(#141): validate-docmap subcommand 2026-05-15 17:43:05 +00:00

Merged #153 feat(#143): fetch doc-map config from trusted VCS ref 2026-05-15 12:09:20 +00:00

Merged #151 test(#146): add TestMainSubprocess_InvalidDocMapPath and TestMainSubprocess_InvalidDocMapFile 2026-05-15 12:07:28 +00:00

Merged #149 docs(#148): add SKILL.md and dev-loop-spec.md for dispatch redesign 2026-05-15 08:12:02 +00:00

Merged #142 feat(#141): validate-docmap subcommand — CI hard-fail on missing docmap coverage 2026-05-15 07:39:22 +00:00

Merged #140 test(#139): improve cmd/review-bot coverage from 44.6% to 49.3% 2026-05-15 04:35:54 +00:00

Merged #138 feat(#137): add doc-map input for path-scoped doc injection 2026-05-15 03:39:37 +00:00

Merged #131 feat: implement GitHub API methods and VCS routing (issue #130) 2026-05-14 22:06:21 +00:00

Merged #129 feat(#123): add IP-level SSRF defense to Gitea client and action 2026-05-14 19:10:20 +00:00

Merged #128 docs(#125): update CLI example to use --vcs-url 2026-05-14 07:08:16 +00:00

Merged #126 feat(#125): rename GITEA_URL to VCS_URL with deprecated fallback 2026-05-14 06:38:54 +00:00

Merged #127 feat(action): derive binary name from uname for multi-arch support (#124) 2026-05-14 05:53:16 +00:00

Merged #119 fix(github): consolidate review.go and identity.go into reviews.go (#116) 2026-05-14 01:49:57 +00:00

Merged #118 feat(vcs): add CommitID to ReviewRequest (#115) 2026-05-14 01:49:33 +00:00

Merged #117 fix(vcs): thread CommitID through abstraction layer (#114) 2026-05-13 23:13:21 +00:00

Merged #113 feat(github): add safeguards against accidental AllowInsecureHTTP use (#96) 2026-05-13 20:21:42 +00:00

Merged #112 feat(gitea): pass commit_id explicitly in PostReview (#107) 2026-05-13 18:07:39 +00:00

Merged #106 feat(cmd): wire --provider and --base-url flags into CLI (Phase 5) 2026-05-13 17:16:28 +00:00

Merged #111 feat: reject cross-host redirects and HTTPS→HTTP downgrades (#95) 2026-05-13 16:58:49 +00:00

Merged #110 feat(github): support HTTP-date format in Retry-After header 2026-05-13 15:34:26 +00:00

Merged #109 feat(gitea): harden GetPullRequestDiff against unbounded diff size 2026-05-13 14:01:22 +00:00

Merged #105 feat(github): implement Reviewer and Identity interfaces (#81) 2026-05-13 13:39:14 +00:00

Merged #108 docs(deps): update CONVENTIONS.md allowlist for go-yaml 2026-05-13 13:16:41 +00:00

Merged #104 fix(gitea): map hunk-header positions in BuildPositionToLineMap 2026-05-13 13:15:31 +00:00

Merged #103 feat(github): implement FileReader interface 2026-05-13 06:05:58 +00:00

Merged #102 feat(github): implement PRReader interface 2026-05-13 05:30:37 +00:00

Merged #101 feat(github): implement GitHub API client foundation 2026-05-13 04:46:46 +00:00

Merged #89 fix(deps): replace gopkg.in/yaml.v3 with github.com/goccy/go-yaml 2026-05-13 03:47:02 +00:00

Merged #90 feat(vcs): Gitea adapter with diff-position translation (Phase 2) 2026-05-13 00:18:06 +00:00

Merged #88 feat(vcs): complete Phase 1 — util.go, type cleanup, interface additions (fixes #84, #85, #86) 2026-05-12 20:18:18 +00:00

Merged #83 feat(vcs): extract interfaces and types from gitea/ (Phase 1) 2026-05-12 19:14:45 +00:00

Merged #77 fix(patterns): default patterns-files to empty (fetch all) 2026-05-11 17:45:19 +00:00

Merged #74 fix(gitea): handle single-object response in ListContents 2026-05-11 15:38:59 +00:00

Merged #72 fix(gitea): normalize "." path to empty string in ListContents 2026-05-11 14:16:22 +00:00

Merged #69 feat(gitea): add retry logic for 5xx errors 2026-05-11 12:59:50 +00:00

Merged #65 feat: log loaded pattern files for debugging 2026-05-11 06:53:00 +00:00

Merged #67 docs: add read:user to required token scopes 2026-05-11 06:52:22 +00:00

Merged #61 feat: load personas from target repo .review-bot/personas/ 2026-05-11 02:54:46 +00:00

Merged #58 feat: add YAML support for persona files 2026-05-11 01:39:43 +00:00

Merged #59 docs: allow approved third-party packages 2026-05-10 21:07:10 +00:00

Merged #54 feat: native SAP AI Core support 2026-05-10 20:03:32 +00:00

Merged #55 feat(persona): add role-based review personas 2026-05-10 17:16:11 +00:00

Merged #56 ci: add PR ready gate to clear self-reviewed label on push 2026-05-10 15:41:37 +00:00

Merged #53 fix: skip posting review when HEAD moves during evaluation 2026-05-10 15:26:12 +00:00

Merged #48 fix: retry on transient LLM response body truncation 2026-05-08 02:32:37 +00:00

Merged #45 fix: repair unescaped quotes in LLM JSON responses 2026-05-05 12:40:39 +00:00

Merged #44 ci: fix reviewer models — sonnet uses Anthropic, gpt uses GPT-5 2026-05-05 04:20:54 +00:00

Merged #43 fix: supersede ALL old reviews, not just the most recent 2026-05-02 20:35:23 +00:00

Merged #42 feat: resolve old inline comments when superseding review 2026-05-02 19:18:42 +00:00

Merged #41 feat: self-request as reviewer before posting 2026-05-02 19:11:15 +00:00

Merged #40 fix: trim trailing slash from giteaURL when building review link 2026-05-02 18:52:14 +00:00

Merged #39 fix: post new review first, then supersede old with link 2026-05-02 18:46:51 +00:00

Merged #38 feat: always post fresh review, supersede old with collapsed body 2026-05-02 18:36:43 +00:00

Merged #37 feat: improve test coverage for cmd/review-bot 2026-05-02 18:21:17 +00:00

Merged #36 feat: replace log.Printf with structured slog logging 2026-05-02 18:07:13 +00:00

Merged #33 fix: distinguish 404 in GetAllFilesInPath, make uploads idempotent 2026-05-02 17:07:23 +00:00

Merged #31 fix: remove worst-wins escalation logic 2026-05-02 16:46:06 +00:00

Merged #30 fix: consistent url.PathEscape across all Gitea client endpoints 2026-05-02 14:01:53 +00:00

Merged #26 feat: inline review comments on specific lines 2026-05-02 06:13:02 +00:00

Merged #22 feat: delete previous review before posting new one (#6) 2026-05-02 04:50:16 +00:00

Merged #20 feat: add context budget system for LLM overflow (#19) 2026-05-02 03:07:17 +00:00

Merged #21 feat: add Anthropic Messages API support (#18) 2026-05-02 01:57:49 +00:00

Merged #17 fix: path-escape file paths and eliminate url package shadowing 2026-05-01 21:55:02 +00:00

Merged #16 fix: quick wins (#7, #9, #13) 2026-05-01 21:30:57 +00:00

Merged #14 feat: add context.Context + unexport client fields 2026-05-01 21:10:37 +00:00

Merged #1 docs: add comprehensive code review report (vs go-patterns) 2026-05-01 19:25:16 +00:00

Merged #2 ci: add release workflow + install script 2026-05-01 19:24:16 +00:00

1 Pull request proposed by 1 user

Proposed #159 CI: gate heavy reviews on self-review (Doc consistency); comment-trigger; disable TTL heavy reviews 2026-05-16 01:16:30 +00:00

79 Issues closed from 1 user

Closed #157 Bug: dev-loop worker closed PR #156 autonomously 2026-05-15 22:56:45 +00:00

Closed #143 bug: doc-map config loaded from PR branch (untrusted) — potential data exfiltration 2026-05-15 12:09:20 +00:00

Closed #150 fix: validateDocmapPath — add EvalSymlinks to close directory-symlink bypass 2026-05-15 11:30:18 +00:00

Closed #154 refactor: extract shared base-args helper in main_test.go subprocess tests 2026-05-15 11:30:18 +00:00

Closed #144 bug: dev-loop merged PR #140 autonomously — no human review or assignment 2026-05-15 08:35:23 +00:00

Closed #145 bug: dev-loop merged PR #138 despite active REQUEST_CHANGES from security-review-bot 2026-05-15 08:35:23 +00:00

Closed #146 PR #140: missing TestMainSubprocess_InvalidDocMapPath and TestMainSubprocess_InvalidDocMapFile tests 2026-05-15 08:35:06 +00:00

Closed #147 PR #140: cmd/review-bot coverage at 49.3% — does not meet ≥50% acceptance criterion 2026-05-15 08:35:06 +00:00

Closed #148 feat: redesign dev-loop dispatch as pure shell script — no model reasoning in dispatch 2026-05-15 08:12:02 +00:00

Closed #141 feat: validate-docmap subcommand — CI hard-fail if source directories lack docmap coverage 2026-05-15 07:39:22 +00:00

Closed #139 test: improve cmd/review-bot coverage — doc-map validation, validateurl success path, isValidateError nil 2026-05-15 04:35:54 +00:00

Closed #137 feat: add doc-map input for path-scoped doc injection 2026-05-15 03:40:16 +00:00

Closed #133 PR #131: integration test not extended for GitHub (issue #130 acceptance criterion) 2026-05-14 22:53:44 +00:00

Closed #135 PR #131: cleanEnv() does not strip VCS_TYPE or VCS_URL env vars 2026-05-14 22:53:44 +00:00

Closed #134 PR #131: githubAPIURL() function has no unit tests 2026-05-14 22:53:44 +00:00

Closed #130 feat: implement GitHub API methods for PR review 2026-05-14 22:06:21 +00:00

Closed #123 security: add IP-level SSRF defense for action.yml Gitea path 2026-05-14 19:10:20 +00:00

Closed #120 action: version resolution and binary download fail when running on GitHub 2026-05-14 07:28:46 +00:00

Closed #125 Rename GITEA_URL env var to generic VCS_URL for multi-host support 2026-05-14 07:08:16 +00:00

Closed #124 Support multi-arch binary downloads in composite action 2026-05-14 06:00:28 +00:00

Closed #116 Build broken: github/reviews.go duplicates github/review.go — redeclared types and methods 2026-05-14 01:49:57 +00:00

Closed #115 PR #112: vcs.ReviewRequest.CommitID field missing — issue #107's interface-level fix not implemented 2026-05-14 01:49:34 +00:00

Closed #114 PR #112: gitea.Adapter.PostReview bypasses commitID — abstraction layer drops commit anchor 2026-05-13 23:13:21 +00:00

Closed #96 Add safeguards against accidental AllowInsecureHTTP use in production 2026-05-13 20:21:42 +00:00

Closed #107 PostReview: pass CommitID explicitly via ReviewRequest 2026-05-13 18:07:39 +00:00

Closed #82 feat(cmd): wire --provider and --base-url flags into CLI (Phase 5) 2026-05-13 17:16:28 +00:00

Closed #95 Reject cross-host redirects and HTTPS→HTTP downgrades entirely 2026-05-13 16:58:49 +00:00

Closed #94 feat(github): support HTTP-date format in Retry-After header 2026-05-13 15:34:26 +00:00

Closed #92 Harden PostReview against unbounded diff size 2026-05-13 14:01:22 +00:00

Closed #81 feat(github): Reviewer + Identity client (Phase 4) 2026-05-13 13:39:14 +00:00

Closed #91 Update CONVENTIONS.md allowlist: replace gopkg.in/yaml.v3 with github.com/goccy/go-yaml 2026-05-13 13:16:41 +00:00

Closed #97 PR #90: @@ hunk-header positions not mapped — PostReview fails for hunk-level comments 2026-05-13 13:15:31 +00:00

Closed #100 feat(github): implement FileReader interface 2026-05-13 06:05:59 +00:00

Closed #99 feat(github): implement PRReader interface 2026-05-13 05:30:37 +00:00

Closed #98 feat(github): implement GitHub API client foundation 2026-05-13 04:46:47 +00:00

Closed #80 feat(github): PRReader + FileReader client (Phase 3) 2026-05-13 04:13:12 +00:00

Closed #87 PR #58: uses gopkg.in/yaml.v3 instead of goccy/go-yaml as required by #57 2026-05-13 03:47:02 +00:00

Closed #79 feat(vcs): Gitea adapter with diff-position translation (Phase 2) 2026-05-13 00:18:06 +00:00

Closed #86 PR #83: vcs interfaces and PullRequest type missing fields required by issue #78 2026-05-12 20:18:18 +00:00

Closed #85 PR #83: review.ContentEntry and review.GiteaClient not deleted as required by #78 2026-05-12 20:18:18 +00:00

Closed #84 PR #83: vcs/util.go not delivered — GetAllFilesInPath and BuildLineToPositionMap missing 2026-05-12 20:18:18 +00:00

Closed #78 feat(vcs): extract interfaces and types from gitea/ (Phase 1) 2026-05-12 19:14:45 +00:00

Closed #76 Add VCS abstraction layer for GitHub support 2026-05-12 17:16:29 +00:00

Closed #71 bug: patterns-files defaults to README.md instead of fetching all files 2026-05-11 17:45:19 +00:00

Closed #73 bug: ListContents fails when path is a file (object vs array response) 2026-05-11 15:38:59 +00:00

Closed #70 bug: patterns-files="." causes 500 error from Gitea API 2026-05-11 14:16:23 +00:00

Closed #68 Add retry logic for pattern fetch API calls 2026-05-11 12:59:50 +00:00

Closed #64 Log loaded pattern files for debugging 2026-05-11 06:53:00 +00:00

Closed #66 Document required token scopes in README 2026-05-11 06:52:22 +00:00

Closed #60 Load personas from target repo .review-bot/personas/ 2026-05-11 02:54:46 +00:00

Closed #57 Add YAML support for persona files 2026-05-11 01:39:43 +00:00

Closed #49 feat: native SAP AI Core support (eliminate proxy dependency) 2026-05-10 20:03:32 +00:00

Closed #51 Proposal: Role-based review personas 2026-05-10 17:16:11 +00:00

Closed #52 Investigate stale commit reviews on PR #687 2026-05-10 08:58:42 +00:00

Closed #47 LLM response body truncated: intermittent JSON parse failure 2026-05-08 02:32:37 +00:00

Closed #46 JSON parser fails on unescaped quotes in LLM output 2026-05-05 12:42:56 +00:00

Closed #27 Inline comment resolution tracking (edit resolved findings) 2026-05-02 19:18:42 +00:00

Closed #35 Bot should request itself as reviewer before posting 2026-05-02 19:11:16 +00:00

Closed #32 Improve test coverage and add end-to-end integration tests in CI 2026-05-02 19:10:59 +00:00

Closed #4 Add Renovate for dependency management 2026-05-02 19:08:20 +00:00

Closed #25 Add signature verification for release binary downloads 2026-05-02 19:08:13 +00:00

Closed #15 Make REQUEST_CHANGES threshold configurable 2026-05-02 19:08:00 +00:00

Closed #5 Support custom review prompt via file reference 2026-05-02 19:07:44 +00:00

Closed #34 Always post fresh review, supersede old with link 2026-05-02 18:36:43 +00:00

Closed #23 Add structured logging with verbosity levels 2026-05-02 18:07:13 +00:00

Closed #12 Document runner requirements for composite action 2026-05-02 17:22:06 +00:00

Closed #8 Distinguish 404 from other errors in GetAllFilesInPath 2026-05-02 17:07:23 +00:00

Closed #10 Make release asset uploads idempotent 2026-05-02 17:07:23 +00:00

Closed #29 Escalation deadlock risk with shared tokens 2026-05-02 16:46:06 +00:00

Closed #28 Separate token per reviewer role (eliminate worst-wins) 2026-05-02 16:46:06 +00:00

Closed #24 Consistent url.PathEscape across all Gitea client endpoints 2026-05-02 14:01:53 +00:00

Closed #6 Update existing review instead of always posting a new one 2026-05-02 04:50:16 +00:00

Closed #19 bug: handle LLM context length overflow gracefully 2026-05-02 03:07:17 +00:00

Closed #18 feat: add Anthropic Messages API support 2026-05-02 01:57:49 +00:00

Closed #7 URL-escape file paths and refs in Gitea client 2026-05-01 21:30:58 +00:00

Closed #13 Add go vet to release workflow 2026-05-01 21:30:58 +00:00

Closed #9 Add --version flag and log version on startup 2026-05-01 21:30:58 +00:00

Closed #11 Use bytes.NewReader instead of strings.NewReader in PostReview 2026-05-01 21:16:26 +00:00

Closed #3 Parallelize review steps in CI workflow 2026-05-01 21:16:26 +00:00

79 Issues created by 0 users

Opened #3 Parallelize review steps in CI workflow 2026-05-01 18:17:52 +00:00

Opened #4 Add Renovate for dependency management 2026-05-01 18:18:24 +00:00

Opened #5 Support custom review prompt via file reference 2026-05-01 18:23:30 +00:00

Opened #6 Update existing review instead of always posting a new one 2026-05-01 18:26:22 +00:00

Opened #7 URL-escape file paths and refs in Gitea client 2026-05-01 19:23:37 +00:00

Opened #9 Add --version flag and log version on startup 2026-05-01 19:23:37 +00:00

Opened #8 Distinguish 404 from other errors in GetAllFilesInPath 2026-05-01 19:23:37 +00:00

Opened #13 Add go vet to release workflow 2026-05-01 19:23:38 +00:00

Opened #10 Make release asset uploads idempotent 2026-05-01 19:23:38 +00:00

Opened #11 Use bytes.NewReader instead of strings.NewReader in PostReview 2026-05-01 19:23:38 +00:00

Opened #12 Document runner requirements for composite action 2026-05-01 19:23:38 +00:00

Opened #15 Make REQUEST_CHANGES threshold configurable 2026-05-01 19:47:20 +00:00

Opened #18 feat: add Anthropic Messages API support 2026-05-01 23:51:14 +00:00

Opened #19 bug: handle LLM context length overflow gracefully 2026-05-02 01:08:15 +00:00

Opened #23 Add structured logging with verbosity levels 2026-05-02 03:32:25 +00:00

Opened #25 Add signature verification for release binary downloads 2026-05-02 04:02:36 +00:00

Opened #24 Consistent url.PathEscape across all Gitea client endpoints 2026-05-02 04:02:36 +00:00

Opened #28 Separate token per reviewer role (eliminate worst-wins) 2026-05-02 06:13:22 +00:00

Opened #27 Inline comment resolution tracking (edit resolved findings) 2026-05-02 06:13:22 +00:00

Opened #29 Escalation deadlock risk with shared tokens 2026-05-02 06:13:22 +00:00

Opened #32 Improve test coverage and add end-to-end integration tests in CI 2026-05-02 16:45:36 +00:00

Opened #34 Always post fresh review, supersede old with link 2026-05-02 17:32:31 +00:00

Opened #35 Bot should request itself as reviewer before posting 2026-05-02 17:39:27 +00:00

Opened #46 JSON parser fails on unescaped quotes in LLM output 2026-05-03 16:48:37 +00:00

Opened #47 LLM response body truncated: intermittent JSON parse failure 2026-05-07 07:20:58 +00:00

Opened #49 feat: native SAP AI Core support (eliminate proxy dependency) 2026-05-09 00:00:30 +00:00

Opened #51 Proposal: Role-based review personas 2026-05-09 05:43:30 +00:00

Opened #52 Investigate stale commit reviews on PR #687 2026-05-09 14:48:46 +00:00

Opened #57 Add YAML support for persona files 2026-05-10 17:11:09 +00:00

Opened #60 Load personas from target repo .review-bot/personas/ 2026-05-11 01:57:13 +00:00

Opened #64 Log loaded pattern files for debugging 2026-05-11 06:35:44 +00:00

Opened #66 Document required token scopes in README 2026-05-11 06:38:19 +00:00

Opened #68 Add retry logic for pattern fetch API calls 2026-05-11 07:47:50 +00:00

Opened #70 bug: patterns-files="." causes 500 error from Gitea API 2026-05-11 13:15:24 +00:00

Opened #71 bug: patterns-files defaults to README.md instead of fetching all files 2026-05-11 13:15:24 +00:00

Opened #73 bug: ListContents fails when path is a file (object vs array response) 2026-05-11 13:26:49 +00:00

Opened #76 Add VCS abstraction layer for GitHub support 2026-05-11 15:52:03 +00:00

Opened #78 feat(vcs): extract interfaces and types from gitea/ (Phase 1) 2026-05-12 16:59:54 +00:00

Opened #79 feat(vcs): Gitea adapter with diff-position translation (Phase 2) 2026-05-12 16:59:55 +00:00

Opened #80 feat(github): PRReader + FileReader client (Phase 3) 2026-05-12 16:59:56 +00:00

Opened #81 feat(github): Reviewer + Identity client (Phase 4) 2026-05-12 16:59:57 +00:00

Opened #82 feat(cmd): wire --provider and --base-url flags into CLI (Phase 5) 2026-05-12 16:59:58 +00:00

Opened #84 PR #83: vcs/util.go not delivered — GetAllFilesInPath and BuildLineToPositionMap missing 2026-05-12 19:16:18 +00:00

Opened #85 PR #83: review.ContentEntry and review.GiteaClient not deleted as required by #78 2026-05-12 19:16:29 +00:00

Opened #86 PR #83: vcs interfaces and PullRequest type missing fields required by issue #78 2026-05-12 19:16:41 +00:00

Opened #87 PR #58: uses gopkg.in/yaml.v3 instead of goccy/go-yaml as required by #57 2026-05-12 19:19:36 +00:00

Opened #91 Update CONVENTIONS.md allowlist: replace gopkg.in/yaml.v3 with github.com/goccy/go-yaml 2026-05-12 20:36:31 +00:00

Opened #92 Harden PostReview against unbounded diff size 2026-05-12 21:56:45 +00:00

Opened #94 feat(github): support HTTP-date format in Retry-After header 2026-05-12 23:38:53 +00:00

Opened #95 Reject cross-host redirects and HTTPS→HTTP downgrades entirely 2026-05-13 00:30:03 +00:00

Opened #96 Add safeguards against accidental AllowInsecureHTTP use in production 2026-05-13 00:30:10 +00:00

Opened #97 PR #90: @@ hunk-header positions not mapped — PostReview fails for hunk-level comments 2026-05-13 02:57:15 +00:00

Opened #98 feat(github): implement GitHub API client foundation 2026-05-13 04:12:29 +00:00

Opened #99 feat(github): implement PRReader interface 2026-05-13 04:12:33 +00:00

Opened #100 feat(github): implement FileReader interface 2026-05-13 04:12:37 +00:00

Opened #107 PostReview: pass CommitID explicitly via ReviewRequest 2026-05-13 09:36:16 +00:00

Opened #114 PR #112: gitea.Adapter.PostReview bypasses commitID — abstraction layer drops commit anchor 2026-05-13 19:07:20 +00:00

Opened #115 PR #112: vcs.ReviewRequest.CommitID field missing — issue #107's interface-level fix not implemented 2026-05-13 19:07:32 +00:00

Opened #116 Build broken: github/reviews.go duplicates github/review.go — redeclared types and methods 2026-05-13 19:07:57 +00:00

Opened #120 action: version resolution and binary download fail when running on GitHub 2026-05-14 03:58:44 +00:00

Opened #123 security: add IP-level SSRF defense for action.yml Gitea path 2026-05-14 04:29:07 +00:00

Opened #124 Support multi-arch binary downloads in composite action 2026-05-14 04:54:22 +00:00

Opened #125 Rename GITEA_URL env var to generic VCS_URL for multi-host support 2026-05-14 05:05:15 +00:00

Opened #130 feat: implement GitHub API methods for PR review 2026-05-14 20:32:23 +00:00

Opened #133 PR #131: integration test not extended for GitHub (issue #130 acceptance criterion) 2026-05-14 22:16:03 +00:00

Opened #134 PR #131: githubAPIURL() function has no unit tests 2026-05-14 22:16:13 +00:00

Opened #135 PR #131: cleanEnv() does not strip VCS_TYPE or VCS_URL env vars 2026-05-14 22:16:23 +00:00

Opened #137 feat: add doc-map input for path-scoped doc injection 2026-05-15 03:11:24 +00:00

Opened #139 test: improve cmd/review-bot coverage — doc-map validation, validateurl success path, isValidateError nil 2026-05-15 04:12:20 +00:00

Opened #141 feat: validate-docmap subcommand — CI hard-fail if source directories lack docmap coverage 2026-05-15 04:43:21 +00:00

Opened #144 bug: dev-loop merged PR #140 autonomously — no human review or assignment 2026-05-15 05:03:36 +00:00

Opened #143 bug: doc-map config loaded from PR branch (untrusted) — potential data exfiltration 2026-05-15 05:03:36 +00:00

Opened #145 bug: dev-loop merged PR #138 despite active REQUEST_CHANGES from security-review-bot 2026-05-15 05:03:36 +00:00

Opened #146 PR #140: missing TestMainSubprocess_InvalidDocMapPath and TestMainSubprocess_InvalidDocMapFile tests 2026-05-15 05:14:13 +00:00

Opened #147 PR #140: cmd/review-bot coverage at 49.3% — does not meet ≥50% acceptance criterion 2026-05-15 05:14:22 +00:00

Opened #148 feat: redesign dev-loop dispatch as pure shell script — no model reasoning in dispatch 2026-05-15 05:33:25 +00:00

Opened #150 fix: validateDocmapPath — add EvalSymlinks to close directory-symlink bypass 2026-05-15 08:21:29 +00:00

Opened #154 refactor: extract shared base-args helper in main_test.go subprocess tests 2026-05-15 08:36:05 +00:00

Opened #157 Bug: dev-loop worker closed PR #156 autonomously 2026-05-15 14:40:07 +00:00