rodin/review-bot
2
1
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases 6 Wiki Activity

docs: add read:user to required token scopes #67

Merged
aweiker merged 1 commits from issue-66 into main 2026-05-11 06:52:22 +00:00
Conversation 4 Commits 1 Files Changed 1
+3 -2
rodin commented 2026-05-11 06:40:31 +00:00
Owner
Copy Link
Copy Source

The read:user scope is needed for the bot to self-request as a reviewer on PRs. Without it, the bot still functions but cannot add itself to the reviewer list.

Closes #66

The `read:user` scope is needed for the bot to self-request as a reviewer on PRs. Without it, the bot still functions but cannot add itself to the reviewer list. Closes #66
rodin self-assigned this 2026-05-11 06:40:31 +00:00
rodin added 1 commit 2026-05-11 06:40:32 +00:00
docs: add read:user to required token scopes
CI / test (pull_request) Successful in 13s
Details
CI / review (anthropic--claude-4.6-sonnet, sonnet, SONNET_REVIEW_TOKEN) (pull_request) Successful in 20s
Details
CI / review (gpt-5, security, SECURITY_REVIEW.md, SECURITY_REVIEW_TOKEN) (pull_request) Successful in 27s
Details
CI / review (gpt-5, gpt, GPT_REVIEW_TOKEN) (pull_request) Successful in 50s
Details
4a1cb6b47c 
The read:user scope is needed for the bot to self-request as a
reviewer on PRs. Without it, the bot still functions but cannot
add itself to the reviewer list.

Closes #66
security-review-bot requested review from security-review-bot 2026-05-11 06:41:54 +00:00
security-review-bot approved these changes 2026-05-11 06:41:54 +00:00
security-review-bot left a comment
Collaborator
Copy Link
Copy Source

Security Review

Summary

The change updates documentation to include the optional read:user scope and clarifies its purpose. There are no code changes and CI passed.

Recommendation

APPROVE — This PR only adjusts README guidance around token scopes, adding read:user as optional for self-requesting as a reviewer. No security-impacting code changes are present and CI has passed. Approve as-is.

Review by security

Evaluated against 4a1cb6b4

# Security Review ## Summary The change updates documentation to include the optional `read:user` scope and clarifies its purpose. There are no code changes and CI passed. ## Recommendation **APPROVE** — This PR only adjusts README guidance around token scopes, adding `read:user` as optional for self-requesting as a reviewer. No security-impacting code changes are present and CI has passed. Approve as-is. --- *Review by security* <!-- review-bot:security --> --- *Evaluated against 4a1cb6b4*
sonnet-review-bot approved these changes 2026-05-11 06:41:55 +00:00
sonnet-review-bot left a comment
First-time contributor
Copy Link
Copy Source

Sonnet Review

Summary

This is a pure documentation change adding the read:user scope to the README's token scopes table, along with a clarifying note about its optional nature. CI passed, the change is accurate and well-worded.

Findings

# Severity File Line Finding
1 [NIT] README.md 332 The header separator row changed from `

Recommendation

APPROVE — Approve. The change correctly documents the read:user scope as optional but recommended, replaces a previously inaccurate statement ('No read:user scope needed'), and CI passed. The only finding is a one-character difference in a Markdown table separator that has no functional impact.

Review by sonnet

Evaluated against 4a1cb6b4

# Sonnet Review ## Summary This is a pure documentation change adding the `read:user` scope to the README's token scopes table, along with a clarifying note about its optional nature. CI passed, the change is accurate and well-worded. ## Findings | # | Severity | File | Line | Finding | |---|----------|------|------|--------| | 1 | [NIT] | `README.md` | 332 | The header separator row changed from `|-------|---------|` to `|-------|--------|` (one fewer dash in the second column). Both are valid Markdown table syntax, but the inconsistency with the surrounding table style is trivially cosmetic. | ## Recommendation **APPROVE** — Approve. The change correctly documents the `read:user` scope as optional but recommended, replaces a previously inaccurate statement ('No `read:user` scope needed'), and CI passed. The only finding is a one-character difference in a Markdown table separator that has no functional impact. --- *Review by sonnet* <!-- review-bot:sonnet --> --- *Evaluated against 4a1cb6b4*
README.md
@@ -330,3 +330,3 @@
| Scope | Purpose |
|-------|---------|
|-------|--------|
sonnet-review-bot commented 2026-05-11 06:41:55 +00:00
First-time contributor
Copy Link
Copy Source

[NIT] The header separator row changed from |-------|---------| to |-------|--------| (one fewer dash in the second column). Both are valid Markdown table syntax, but the inconsistency with the surrounding table style is trivially cosmetic.

**[NIT]** The header separator row changed from `|-------|---------|` to `|-------|--------|` (one fewer dash in the second column). Both are valid Markdown table syntax, but the inconsistency with the surrounding table style is trivially cosmetic.
gpt-review-bot approved these changes 2026-05-11 06:42:25 +00:00
gpt-review-bot left a comment
First-time contributor
Copy Link
Copy Source

Gpt Review

Summary

Documentation update correctly adds the read:user scope and clarifies its optional nature. CI has passed and the change is limited to README content.

Findings

# Severity File Line Finding
1 [NIT] README.md 329 Section title says 'Token Scopes Required' but the table includes an optional scope (read:user). Consider renaming to 'Token Scopes' or splitting into 'Required' and 'Optional' for clarity.

Recommendation

APPROVE — The change is a straightforward documentation improvement that adds the read:user scope and clarifies behavior without it. Since CI passed and there are no code changes, this can be merged as-is. Optionally, consider adjusting the section title or separating required vs optional scopes to avoid confusion.

Review by gpt

Evaluated against 4a1cb6b4

# Gpt Review ## Summary Documentation update correctly adds the read:user scope and clarifies its optional nature. CI has passed and the change is limited to README content. ## Findings | # | Severity | File | Line | Finding | |---|----------|------|------|--------| | 1 | [NIT] | `README.md` | 329 | Section title says 'Token Scopes Required' but the table includes an optional scope (`read:user`). Consider renaming to 'Token Scopes' or splitting into 'Required' and 'Optional' for clarity. | ## Recommendation **APPROVE** — The change is a straightforward documentation improvement that adds the read:user scope and clarifies behavior without it. Since CI passed and there are no code changes, this can be merged as-is. Optionally, consider adjusting the section title or separating required vs optional scopes to avoid confusion. --- *Review by gpt* <!-- review-bot:gpt --> --- *Evaluated against 4a1cb6b4*
README.md
@@ -329,11 +329,12 @@ All flags have environment variable equivalents:
### Token Scopes Required
gpt-review-bot commented 2026-05-11 06:42:25 +00:00
First-time contributor
Copy Link
Copy Source

[NIT] Section title says 'Token Scopes Required' but the table includes an optional scope (read:user). Consider renaming to 'Token Scopes' or splitting into 'Required' and 'Optional' for clarity.

**[NIT]** Section title says 'Token Scopes Required' but the table includes an optional scope (`read:user`). Consider renaming to 'Token Scopes' or splitting into 'Required' and 'Optional' for clarity.
rodin commented 2026-05-11 06:50:38 +00:00
Author
Owner
Copy Link
Copy Source

Self-review: PASS

No blocking issues found.

Observations:

  • [fit] Minor: Table separator changed from 9 to 8 dashes (|---------||--------|). Markdown renders identically either way — cosmetic NIT only, not blocking.

The change is coherent (single purpose: document read:user scope), fits the codebase style, accurately reflects the RequestReviewer functionality in gitea/client.go, and is complete for a documentation-only PR.

Ready for human review.

## Self-review: PASS No blocking issues found. **Observations:** - [fit] Minor: Table separator changed from 9 to 8 dashes (`|---------|` → `|--------|`). Markdown renders identically either way — cosmetic NIT only, not blocking. The change is coherent (single purpose: document `read:user` scope), fits the codebase style, accurately reflects the `RequestReviewer` functionality in `gitea/client.go`, and is complete for a documentation-only PR. Ready for human review.
rodin added the self-reviewed label 2026-05-11 06:50:38 +00:00
aweiker merged commit 877dbf9999 into main 2026-05-11 06:52:22 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
security-review-bot
sonnet-review-bot
gpt-review-bot
Labels
Clear labels
ai-review
bug
needs-review
ready
Ready for human review
 self-reviewed
Self-review passed since last push
 wip
Work in progress - do not start new work on this PR
No Label self-reviewed
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
security-review-bot rodin (Rodin)
No Assignees rodin
4 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: rodin/review-bot#67
Delete Branch "issue-66"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?