Rodin

rodin merged pull request rodin/review-bot#142

2026-05-15 07:39:22 +00:00

feat(#141): validate-docmap subcommand — CI hard-fail on missing docmap coverage

rodin pushed to issue-141 at rodin/review-bot

2026-05-15 07:34:22 +00:00

af8b29fa5d fix(#141): restore runValidateDocmap doc comment inadvertently truncated

rodin pushed to issue-141 at rodin/review-bot

2026-05-15 07:33:53 +00:00

7d7a49e967 fix(#141): harden docmap file path — confine to repo-root, reject symlinks, cap size

rodin pushed to issue-141 at rodin/review-bot

2026-05-15 07:24:38 +00:00

83a1835474 chore(#141): remove TODO.md — dev-loop artifact, not project documentation

5c6758e990 fix(#141): address review feedback — tighten escape check, improve error messages, add comments

Compare 2 commits »

rodin commented on pull request rodin/review-bot#142

2026-05-15 07:23:25 +00:00

feat(#141): validate-docmap subcommand — CI hard-fail on missing docmap coverage

Fix Plan against 24247a855021ccccdc8ec56e6ff4475cd7cfff25:

Findings Summary

All three bots (sonnet, gpt, security) APPROVED at this SHA. No REQUEST_CHANGES. The following findings…

rodin commented on pull request rodin/review-bot#142

2026-05-15 07:21:28 +00:00

feat(#141): validate-docmap subcommand — CI hard-fail on missing docmap coverage

Multi-Model Review — Config A (GPT-5 investigates, Opus judges)

Verdict: ✅ APPROVE

Pipeline Summary

rodin commented on pull request rodin/review-bot#142

2026-05-15 07:16:41 +00:00

feat(#141): validate-docmap subcommand — CI hard-fail on missing docmap coverage

Self-review against 24247a855021ccccdc8ec56e6ff4475cd7cfff25

Assessment: ✅ Clean

Self-Review: issue-141 — 2026-05-15

Verdict: PASS

No issues found — ready for human review.

**Gates:*…

rodin pushed to issue-141 at rodin/review-bot

2026-05-15 07:03:58 +00:00

24247a8550 chore(#141): update dev-loop status — ready for PR submission

rodin pushed to issue-141 at rodin/review-bot

2026-05-15 06:50:17 +00:00

b22de19aa1 fix(#141): address security-review-bot REQUEST_CHANGES findings

rodin commented on pull request rodin/review-bot#142

2026-05-15 06:47:43 +00:00

feat(#141): validate-docmap subcommand — CI hard-fail on missing docmap coverage

Fix Plan against 3f8da76b42447852692b1f4f0603b4a831c770df:

Finding #1 [MAJOR] — Symlink traversal in `checkStaleDocs` (`cmd/review-bot/validatedocmap.go` ~line 137)

Problem:…

rodin pushed to issue-141 at rodin/review-bot

2026-05-15 06:43:29 +00:00

3f8da76b42 fix(#141): harden checkStaleDocs against path traversal

rodin commented on pull request rodin/review-bot#142

2026-05-15 06:41:50 +00:00

feat(#141): validate-docmap subcommand — CI hard-fail on missing docmap coverage

Fix Plan against 2ecbd86e24fb25dda62283d072189f7c66338fe6:

Problem

checkStaleDocs in cmd/review-bot/validatedocmap.go joins repoRoot with unvalidated docPath values from…

rodin commented on issue rodin/review-bot#148

2026-05-15 05:36:54 +00:00

feat: redesign dev-loop dispatch as pure shell script — no model reasoning in dispatch

Pre-Code Plan v2 (post-review)

This is the revised plan after running the parallel review panel.

Review Findings Addressed

Logic contradictions found and resolved:

`toolsAllow:…

rodin opened issue rodin/review-bot#148

2026-05-15 05:33:25 +00:00

feat: redesign dev-loop dispatch as pure shell script — no model reasoning in dispatch

rodin opened issue rodin/review-bot#147

2026-05-15 05:14:22 +00:00

PR #140: cmd/review-bot coverage at 49.3% — does not meet ≥50% acceptance criterion

rodin opened issue rodin/review-bot#146

2026-05-15 05:14:13 +00:00

PR #140: missing TestMainSubprocess_InvalidDocMapPath and TestMainSubprocess_InvalidDocMapFile tests

rodin opened issue rodin/review-bot#143

2026-05-15 05:03:36 +00:00

bug: doc-map config loaded from PR branch (untrusted) — potential data exfiltration

rodin opened issue rodin/review-bot#145

2026-05-15 05:03:36 +00:00

bug: dev-loop merged PR #138 despite active REQUEST_CHANGES from security-review-bot

rodin opened issue rodin/review-bot#144

2026-05-15 05:03:36 +00:00

bug: dev-loop merged PR #140 autonomously — no human review or assignment

rodin commented on pull request rodin/review-bot#142

2026-05-15 04:50:42 +00:00

feat(#141): validate-docmap subcommand — CI hard-fail on missing docmap coverage

Self-review against 2ecbd86e24fb25dda62283d072189f7c66338fe6

Assessment: ✅ Clean

Self-Review: issue-141 — 2026-05-15

Verdict: PASS

No issues found — ready for human review.

**Gates:*…

Fix Plan against 24247a855021ccccdc8ec56e6ff4475cd7cfff25:

Findings Summary

Multi-Model Review — Config A (GPT-5 investigates, Opus judges)

Pipeline Summary

Self-Review: issue-141 — 2026-05-15

Verdict: PASS

Fix Plan against 3f8da76b42447852692b1f4f0603b4a831c770df:

Finding #1 [MAJOR] — Symlink traversal in checkStaleDocs (cmd/review-bot/validatedocmap.go ~line 137)

Fix Plan against 2ecbd86e24fb25dda62283d072189f7c66338fe6:

Problem

Pre-Code Plan v2 (post-review)

Review Findings Addressed

Self-Review: issue-141 — 2026-05-15

Verdict: PASS

Finding #1 [MAJOR] — Symlink traversal in `checkStaleDocs` (`cmd/review-bot/validatedocmap.go` ~line 137)