Add CommitID string field to vcs.ReviewRequest so both platform
adapters can thread the commit anchor through the abstraction layer.
Changes:
- vcs/types.go: Add CommitID field with json tag commit_id,omitempty
- gitea/client.go: Re-add commitID parameter to PostReview (was
removed during PR #112 refactoring)
- gitea/adapter.go: Forward req.CommitID to underlying client
- github/review.go: Use req.CommitID as primary anchor, fall back to
comment-derived CommitID when empty, reject on conflict
- cmd/review-bot/main.go: Set ReviewRequest.CommitID = evaluatedSHA
Fixes#115
Add CommitID field to vcs.ReviewRequest so the commit anchor propagates
through the vcs.Client interface to platform adapters.
Changes:
- vcs/types.go: Add CommitID string field to ReviewRequest
- gitea/client.go: Add commitID parameter to PostReview, include in API payload
- gitea/adapter.go: Pass req.CommitID to underlying client
- github/review.go: Use req.CommitID as primary, fall back to comment-level
- cmd/review-bot/main.go: Set CommitID on ReviewRequest from pr.Head.SHA
Fixes#114
flag.StringVar sets *p = value at registration time. Using "" as the
default overwrites the env-resolved value that --vcs-url already stored
in *vcsURL. Restore *vcsURL as the default to preserve the GITEA_URL /
VCS_URL / GITHUB_SERVER_URL resolution chain.
Fixes CI error: --vcs-url (or --gitea-url) is required for provider=gitea
- #19639: Use empty default for --gitea-url alias to remove ordering dependency
- #19640: Upgrade slog.Warn to slog.Error for missing ReviewSuperseder (signals bug)
- #19641: Remove orphaned comment fragment from buildSupersededBody relocation
- #19642: Rename ProviderGithub → ProviderGitHub per Go acronym convention
- #19643: Log resolution failures at debug level in SupersedeReviews
- Remove unused envOrDefaultBool function and its test (Sonnet #3266 NIT)
- Replace Unicode em dashes with ASCII in slog messages (GPT #3267 NIT)
- Add scheme validation for vcsURL before embedding in Markdown link
(Security #3269 MINOR — defense-in-depth against unsafe schemes)
- Extract ReviewerSelfRequester interface to remove concrete gitea.Adapter
dependency from main's self-reviewer path (Sonnet #3266 NIT)
- Add compile-time conformance assertion and test for Adapter.RequestReviewerSelf
- github/client.go: add missing blank line between doRequestWithBody and doJSONRequest
- cmd/review-bot/main.go: remove double blank line before findAllOwnReviews
- cmd/review-bot/main.go: remove unreachable default case in VCS client init switch
(provider is already validated at startup)
- cmd/review-bot/main_test.go: remove double blank line before TestHasSharedToken
- cmd/review-bot/main_test.go: fix comment alignment (gofmt)
- review/persona_test.go: fix comment alignment in table literal (gofmt)
Address sonnet-review feedback on PR #106:
- Document that the type assertion in supersedeOldReviews is guaranteed to
succeed given the caller's provider switch, with the !ok branch guarding
against future refactors (comment 18889).
- Clarify that vcsURL is only used in the Gitea path for constructing
review permalink URLs (comment 18890).
- Add note explaining why the page-limit warning in ListReviews only fires
when the final page is full, confirming the logic is intentional
(comment 18891).
- Remove dead code: findOwnReview (replaced by findAllOwnReviews)
- Check SetRetryBackoff return value in doJSONRequest tests
- Extract doWithRetry shared helper to eliminate ~100 lines of
duplicated 429-retry/backoff/Retry-After logic between doRequest
and doJSONRequest
- Fix import order: context before encoding/json (goimports)
- Add slog.Warn when ListReviews hits maxReviewPages limit
- Add 429 rate-limit retry logic to doJSONRequest (matching doRequest
behavior) so write operations (PostReview, DismissReview) properly
retry when rate-limited by GitHub
- Remove redundant explicit case for ReviewEventComment in
translateReviewEvent (default already handles it)
- Add ordering comment on --gitea-url alias registration explaining
the dependency on registration-before-parse evaluation order
- Add tests for doJSONRequest retry/exhaust behavior
- Document --gitea-url/--vcs-url last-one-wins behavior when both flags
are passed simultaneously (sonnet MINOR #1)
- Move doJSONRequest from github/reviews.go to github/client.go where
other HTTP helpers live (sonnet MINOR #2)
- Return joined error from supersedeOldReviews GitHub case instead of
silently swallowing DismissReview failures (sonnet MINOR #3)
- Fix evaluateCIStatus to distinguish 'all checks passed' from 'no
failures (N pending)' to avoid misleading status (gpt MINOR #2)
- Extract reviewsPerPage and maxReviewPages named constants for
ListReviews pagination (gpt NIT #3)
The empty case "gitea": body exits the switch and continues to the
Gitea-specific logic below. Replace the vague comment with an explicit
note about the fall-through intent, per self-review feedback.
- Replace panic() with fmt.Fprintf+os.Exit(1) in provider switch default
(repo convention: never panic)
- Remove spurious 'event' field from DismissReview payload (GitHub dismiss
endpoint only documents 'message')
- Change translateReviewEvent default to return 'COMMENT' as canonical
fallback instead of passing unknown events through to GitHub API
- Refactor supersedeOldReviews to use explicit switch/case with default
error for exhaustiveness
- Replace interface{} with any in github/reviews.go (Go 1.18+ idiom)
- Add default panic case to VCS client init switch
- Refactor supersedeOldReviews to return error instead of os.Exit(1)
- Remove spurious blank lines in formatter.go and formatter_test.go
- Add doc comment to DeleteReview explaining when to use vs DismissReview
- Sanitize extractSentinelName output to prevent log injection
- Add --provider flag (gitea|github) for VCS backend selection
- Add --base-url flag for GitHub API endpoint configuration
- Rename --gitea-url to --vcs-url with backward-compatible alias
- Replace direct gitea.Client usage with vcs.Client interface
- Create vcs.Client via factory switch based on --provider value
- Implement Reviewer + Identity interfaces on github.Client
- Add verdictToEvent() using canonical vcs.ReviewEvent types
- Remove review.GiteaEvent() (replaced by verdictToEvent)
- GitHub supersede uses DismissReview; Gitea keeps EditComment flow
- Add VCS_PROVIDER, VCS_BASE_URL, VCS_URL env var support
Closes#82
- Add comment in DismissReview explaining why the Event field is required
by the GitHub API even though DISMISS is the only valid value (#18652).
- Change t.Errorf to t.Fatalf for method/path routing assertions in test
handlers so failures are immediately fatal instead of silently
continuing handler execution (#18653).
Address review findings from sonnet-review-bot (review 3086):
- PostReview now returns ErrConflictingCommitIDs when comments specify
different non-empty CommitIDs, since the GitHub API accepts only a
single commit_id per review. Previously the discrepancy was silently
ignored, using only the first commit's ID.
- Extract newTestClient into helpers_test.go to make cross-file sharing
between review_test.go and identity_test.go explicit.
Refs: #81
Address review feedback from round-3 sonnet review:
- PostReview doc comment now accurately describes vcs.ReviewEvent → GitHub
wire-format string cast and notes nil-Comments omitempty behavior.
- Rename 'expected' field to 'want' in TestTranslateGitHubReviewState to
match the project's established naming convention.
- Wrap ErrCannotDeleteSubmittedReview with operation context via fmt.Errorf
so callers get both sentinel identity and context (MINOR fix)
- Combine double iteration in PostReview into single loop (NIT)
- Remove extra trailing blank line in review_test.go (NIT)
- Clarify translateGitHubReviewState comment re: PENDING state (NIT)
- Update requestOptions.bodyFn comment to mention DELETE-with-body (NIT)
- MAJOR: Extract doRequestCore to eliminate doRequest/doRequestWithBody
duplication. Both now delegate to a shared implementation with the
retry/backoff logic in a single place.
- MINOR: Replace custom containsStr/containsSubstring helpers with
strings.Contains in review_test.go.
- MINOR: Use http.Method* constants (MethodPost, MethodDelete, MethodPut)
in review.go for consistency with doGet.
- MINOR: Remove redundant APPROVED/DISMISSED cases from
translateGitHubReviewState that were identical to the default passthrough.
- NIT: Clarify DeleteReview comment about COMMENTED being a GitHub API
state name.
- DismissReview Event field verified as required by GitHub API docs;
kept as-is.
Implement the remaining vcs.Client interface methods for github.Client:
Reviewer:
- PostReview: POST /repos/{owner}/{repo}/pulls/{number}/reviews
- ListReviews: GET /repos/{owner}/{repo}/pulls/{number}/reviews
with state translation (CHANGES_REQUESTED → REQUEST_CHANGES, etc.)
- DeleteReview: DELETE /repos/{owner}/{repo}/pulls/{number}/reviews/{id}
Returns ErrCannotDeleteSubmittedReview on 422
- DismissReview: PUT /repos/{owner}/{repo}/pulls/{number}/reviews/{id}/dismissals
Identity:
- GetAuthenticatedUser: GET /user
Infrastructure:
- Add doRequestWithBody helper for POST/PUT/DELETE with JSON bodies
- Update conformance_test.go: var _ vcs.Client = (*github.Client)(nil)
All unit tests pass including error cases (401, 404, 422, malformed).
Adds TestTranslate_HunkHeaderAtEnd covering the edge case where a
hunk-header is the last position in the file with no subsequent
new-file line. Mirrors TestBuildPositionToLineMap_DeletionAtEnd for
the hunk-header code path.
Addresses NIT from sonnet-review-bot on PR #104 (comment 18412).
BuildPositionToLineMap incremented position and updated maxPositions for
@@ hunk-header lines but did not store a map entry, causing Translate()
to return a hard error for any comment positioned at a hunk header.
Store sentinel value 0 for hunk-header positions (analogous to -1 for
deletions) and extend Translate() to fall through to the nearest
context/addition line below, matching the existing deletion-line
behavior.
Fixes#97
Pass 2 elements to SetRetryBackoff (matching maxRetryAttempts-1 = 2)
and check the error return. Previously passing 1 element silently
failed, causing tests to fall back to default {1s, 2s} backoffs.
Fixes self-review finding: 429Retry tests now run in <10ms instead
of ~1s.
Implement FileReader conformance on the GitHub client: GetFileContent,
ListContents, path helpers, base64 decode. Includes compile-time
conformance checks for both PRReader and FileReader.
Requires PR B (#102). Part 3 of 3 for #80.
- Add maxFileContentSize (10 MB) limit to decodeBase64Content to prevent
resource exhaustion from oversized file content (security MINOR)
- Fix reversed NewClient arg order in TestGetFileContentAtRef_DotSegmentError
(GPT MINOR + Sonnet NIT)
- Remove 'waiting' from mapCheckRunStatus conclusion cases since it is a
status value not a conclusion, update comment (GPT NIT)
- Add TestDecodeBase64Content_SizeLimit test
- escapePath now returns an error when paths contain dot-segments
(".", "..") instead of silently rewriting them. This prevents
subtle API misses where callers pass "foo/../bar" expecting to
hit "bar" but the old code produced "foo/bar".
- Uses path.Clean for canonical form after validation.
- CommitStatus.Description for check runs is now empty string
instead of the raw conclusion enum. The conclusion is already
captured in the Status field via mapCheckRunStatus; storing it
again in Description was semantically inconsistent with commit
statuses where Description carries a human-readable narrative.
- Removed unused derefString helper.
- Added tests for escapePath valid paths, dot-segment rejection,
and GetFileContentAtRef dot-segment error propagation.
- Separate maxPages into maxFilesPages and maxCheckRunPages constants
for clarity (sonnet MINOR #1)
- Add parallel to CheckRunConclusions subtests (sonnet MINOR #2)
- Add TestGetCommitStatuses_CheckRunsErrorAfterStatusesSucceed test
covering check-runs 500 after statuses succeed (sonnet MINOR #2)
- Expand mapCheckRunStatus doc comment with full mapping rules including
cancelled/skipped/neutral rationale and unknown value behavior
(sonnet MINOR #3, gpt MINOR #1)
- Expand GetPullRequest doc comment to mention error types returned
(sonnet NIT #4)
- Add inline comment on Description field clarifying it holds raw
conclusion value (gpt NIT #3)
- Implement GetFileContentAtRef on *Client to satisfy vcs.PRReader interface
- Add escapePath and decodeBase64Content helpers
- Fix conformance_test.go to properly import and qualify github.Client
(was using unqualified Client in package github_test)
Fixes CI failure: the PRReader interface requires GetFileContentAtRef
but it was missing from this PR (only present in the file-reader PR).
- MAJOR #1: Replace panic in doRequest with safe default fallback.
Validation now happens in SetRetryBackoff (returns error on invalid
length). doRequest gracefully falls back to default backoff if the
configured slice is somehow invalid.
- MINOR #2: SetRetryBackoff validates slice length at configuration
time, making the coupling between maxRetryAttempts and backoff
explicit and catching mismatches early with a clear error.
- MINOR #4: Reword oversized response error to remove '(truncated)'
which implied truncated data was returned when actually only an
error is returned.
- MINOR #5: Functional options kept as-is - idiomatic Go pattern
that allows future growth without breaking the API.
Address review feedback on PR #101:
1. Capture resp.StatusCode and Retry-After header *before* passing resp
to handleResponse, making ownership transfer explicit. Previously the
caller read resp.StatusCode after handleResponse had closed the body —
correct but fragile coupling.
2. Add panic guard ensuring backoff slice length equals maxAttempts-1.
Previously the relationship was implicit and could silently break if
maxAttempts were changed without updating the default backoff.
Add GitHub API client with configurable base URL and GHE support,
HTTP helpers with 429 retry and Retry-After handling.
Also adds Patch field to vcs.ChangedFile.
Part 1 of 3 for #80.
Add fmt.Errorf wrapping to the two remaining unwrapped error returns
in the adapter:
- GetPullRequest: 'get pull request: %w'
- PostReview (final client call): 'post review: %w'
This makes all error paths in the adapter consistent with the wrapping
pattern used by the diff-fetch and position-translation errors.
Addresses self-review findings #1 and #2 from b2eea502.
claw
aweiker