feat(persona): add role-based review personas
PR Ready Gate / clear-labels (pull_request) Successful in 1s
CI / test (pull_request) Successful in 9m32s
CI / review (/anthropic/v1, anthropic--claude-4.6-sonnet, sonnet, anthropic, SONNET_REVIEW_TOKEN) (pull_request) Successful in 10m2s
CI / review (/openai/v1, gpt-5, gpt, openai, GPT_REVIEW_TOKEN) (pull_request) Successful in 11m2s
CI / review (/openai/v1, gpt-5, security, openai, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 11m11s
PR Ready Gate / clear-labels (pull_request) Successful in 1s
CI / test (pull_request) Successful in 9m32s
CI / review (/anthropic/v1, anthropic--claude-4.6-sonnet, sonnet, anthropic, SONNET_REVIEW_TOKEN) (pull_request) Successful in 10m2s
CI / review (/openai/v1, gpt-5, gpt, openai, GPT_REVIEW_TOKEN) (pull_request) Successful in 11m2s
CI / review (/openai/v1, gpt-5, security, openai, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 11m11s
Add persona system for specialized review roles. Each persona defines: - A specific review focus (security, architecture, documentation) - Custom system prompt additions - Personality/tone adjustments Built-in personas: security, architect, docs Custom personas: load from JSON via persona-file flag Includes workspace validation to prevent path traversal attacks. Closes #51
This commit is contained in:
Rodin
@@ -182,6 +182,8 @@ Prints the review to CI logs without posting to the PR. Useful for testing promp
|
||||
| `patterns-repo` | No | `""` | Comma-separated repos with language patterns (e.g. `rodin/go-patterns`) |
|
||||
| `patterns-files` | No | `README.md` | Files/directories to fetch from pattern repos |
|
||||
| `system-prompt-file` | No | `""` | Local file with additional system prompt instructions |
|
||||
| `persona` | No | `""` | Built-in persona name (security, architect, docs) |
|
||||
| `persona-file` | No | `""` | Path to persona JSON file with custom review focus |
|
||||
| `temperature` | No | `0` | LLM temperature (0 = server default) |
|
||||
| `timeout` | No | `300` | LLM request timeout in seconds |
|
||||
| `dry-run` | No | `false` | Print review to stdout instead of posting |
|
||||
@@ -329,3 +331,110 @@ budget/ Token estimation + context trimming
|
||||
## License
|
||||
|
||||
MIT
|
||||
|
||||
## Review Personas
|
||||
|
||||
Personas provide role-based review specialization. Instead of generic code review, each persona focuses on a specific domain (security, architecture, documentation) with tailored prompts and severity calibration.
|
||||
|
||||
### Built-in Personas
|
||||
|
||||
| Persona | Focus |
|
||||
|---------|-------|
|
||||
| `security` | Vulnerabilities, auth bypass, secrets exposure, injection attacks |
|
||||
| `architect` | Design patterns, code organization, API contracts, testability |
|
||||
| `docs` | Documentation quality, API clarity, error messages |
|
||||
|
||||
### Using Built-in Personas
|
||||
|
||||
```yaml
|
||||
- uses: rodin/review-bot/.gitea/actions/review@v1
|
||||
with:
|
||||
reviewer-name: security
|
||||
persona: security
|
||||
llm-model: claude-opus-4-20250514 # Security benefits from strong reasoning
|
||||
...
|
||||
```
|
||||
|
||||
### Multiple Personas in Parallel
|
||||
|
||||
```yaml
|
||||
jobs:
|
||||
review:
|
||||
strategy:
|
||||
matrix:
|
||||
include:
|
||||
- name: security
|
||||
persona: security
|
||||
- name: architect
|
||||
persona: architect
|
||||
steps:
|
||||
- uses: rodin/review-bot/.gitea/actions/review@v1
|
||||
with:
|
||||
reviewer-name: ${{ matrix.name }}
|
||||
persona: ${{ matrix.persona }}
|
||||
...
|
||||
```
|
||||
|
||||
Each persona posts independently with its own sentinel, so reviews don't interfere.
|
||||
|
||||
|
||||
### Custom Personas
|
||||
|
||||
Create a YAML file with your domain-specific review focus:
|
||||
|
||||
```yaml
|
||||
# .review/personas/trading.yaml
|
||||
name: trading
|
||||
display_name: Trading Domain Expert
|
||||
|
||||
identity: |
|
||||
You are a trading systems expert reviewing code for correctness.
|
||||
|
||||
Your expertise:
|
||||
- Order lifecycle and state machines
|
||||
- Fill handling and partial fills
|
||||
- Position tracking and P&L calculations
|
||||
- Event sourcing invariants
|
||||
|
||||
focus:
|
||||
- Order state machine correctness
|
||||
- Fill handling edge cases (partial, overfill)
|
||||
- Position and P&L calculation accuracy
|
||||
- Event replay determinism
|
||||
- Decimal precision for money
|
||||
|
||||
ignore:
|
||||
- Code style
|
||||
- General performance
|
||||
- Documentation formatting
|
||||
|
||||
severity:
|
||||
major: Bugs that cause incorrect positions, fills, or money calculations
|
||||
minor: Edge cases that could cause issues under unusual conditions
|
||||
nit: Clarity improvements for domain logic
|
||||
```
|
||||
|
||||
Use it in CI:
|
||||
|
||||
```yaml
|
||||
- uses: rodin/review-bot/.gitea/actions/review@v1
|
||||
with:
|
||||
reviewer-name: trading
|
||||
persona-file: .review/personas/trading.yaml
|
||||
...
|
||||
```
|
||||
|
||||
JSON format is also supported for backwards compatibility.
|
||||
|
||||
### Persona vs system-prompt-file
|
||||
|
||||
| Feature | `persona` / `persona-file` | `system-prompt-file` |
|
||||
|---------|---------------------------|----------------------|
|
||||
| Replaces base prompt | Yes | No (appends) |
|
||||
| Structured format | Yes (YAML/JSON) | No (freeform) |
|
||||
| Focus/ignore lists | Yes | Manual |
|
||||
| Severity calibration | Yes | Manual |
|
||||
| Header display name | Yes | No |
|
||||
| Built-in options | Yes | No |
|
||||
|
||||
Use personas for domain-specialized reviews. Use `system-prompt-file` for minor tweaks to the generic review.
|
||||
|
||||
Reference in New Issue
Block a user