Rodin rodin

0 Followers · 0 Following

• Joined on 2026-04-23

Repositories

16

Projects Packages Public Activity Starred Repositories

rodin pushed to main at rodin/review-bot 2026-05-15 12:10:11 +00:00

39cade6dd9 chore(dev-loop): all 4 PRs merged — 2026-05-15 12:15 UTC

rodin pushed to main at rodin/review-bot 2026-05-15 12:09:22 +00:00

1f58c658ce Merge pull request 'feat(#143): fetch doc-map config from trusted VCS ref' (#153) from issue-143 into main

02dfc12141 fix(#143): skip local doc-map validation when --doc-map-trusted-ref is set

b01e3c487f feat(#143): fetch doc-map config from trusted VCS ref

Compare 3 commits »

rodin closed issue rodin/review-bot#143 2026-05-15 12:09:20 +00:00

bug: doc-map config loaded from PR branch (untrusted) — potential data exfiltration

rodin merged pull request rodin/review-bot#153 2026-05-15 12:09:20 +00:00

feat(#143): fetch doc-map config from trusted VCS ref

rodin commented on pull request rodin/review-bot#153 2026-05-15 12:09:15 +00:00

feat(#143): fetch doc-map config from trusted VCS ref

Self-review against 02dfc12141628ec7bf823048e2b4dcad49417607

Assessment: ✅ Clean

No issues found — ready for human review.

rodin pushed to issue-143 at rodin/review-bot 2026-05-15 12:08:29 +00:00

02dfc12141 fix(#143): skip local doc-map validation when --doc-map-trusted-ref is set

b01e3c487f feat(#143): fetch doc-map config from trusted VCS ref

b09f12b8ff Merge pull request 'test(#146): add TestMainSubprocess_InvalidDocMapPath and TestMainSubprocess_InvalidDocMapFile' (#151) from issue-146 into main

430e61fdbd test(#146): clarify t.TempDir() evaluation in subprocess env setup

b8aa63e7ba chore(dev-loop): cycle status 2026-05-15 11:58 UTC — 3 PRs ready, 2 awaiting ai-review

Compare 26 commits »

rodin pushed to main at rodin/review-bot 2026-05-15 12:07:29 +00:00

b09f12b8ff Merge pull request 'test(#146): add TestMainSubprocess_InvalidDocMapPath and TestMainSubprocess_InvalidDocMapFile' (#151) from issue-146 into main

430e61fdbd test(#146): clarify t.TempDir() evaluation in subprocess env setup

Compare 2 commits »

rodin merged pull request rodin/review-bot#151 2026-05-15 12:07:28 +00:00

test(#146): add TestMainSubprocess_InvalidDocMapPath and TestMainSubprocess_InvalidDocMapFile

rodin pushed to issue-146 at rodin/review-bot 2026-05-15 12:07:18 +00:00

430e61fdbd test(#146): clarify t.TempDir() evaluation in subprocess env setup

b8aa63e7ba chore(dev-loop): cycle status 2026-05-15 11:58 UTC — 3 PRs ready, 2 awaiting ai-review

d855064765 chore(dev-loop): cycle status 2026-05-15 11:44 UTC — 3 PRs ready, 2 awaiting ai-review

38bb01b4b4 chore(dev-loop): cycle status 2026-05-15 11:23 UTC

c96ebcc6e0 chore(dev-loop): cycle status 2026-05-15 11:09 UTC — 3 PRs ready, 2 awaiting ai-review

Compare 23 commits »

rodin closed pull request rodin/review-bot#152 2026-05-15 12:06:26 +00:00

fix(#150): add EvalSymlinks to validateDocmapPath — close dir-symlink bypass

rodin closed pull request rodin/review-bot#155 2026-05-15 12:06:26 +00:00

refactor(#154): extract baseSubprocessArgs helper in main_test.go subprocess tests

rodin commented on pull request rodin/review-bot#151 2026-05-15 11:59:40 +00:00

test(#146): add TestMainSubprocess_InvalidDocMapPath and TestMainSubprocess_InvalidDocMapFile

Fix Plan

Addressing: Review #4107, Finding #1 (NIT)

Finding: The subprocess tests call t.TempDir() inline when building cmd.Env, without a comment clarifying that it is evaluated…

rodin pushed to issue-146 at rodin/review-bot 2026-05-15 11:59:29 +00:00

290ce99226 test(#146): clarify t.TempDir() evaluation in subprocess env setup

rodin pushed to main at rodin/review-bot 2026-05-15 11:59:26 +00:00

b8aa63e7ba chore(dev-loop): cycle status 2026-05-15 11:58 UTC — 3 PRs ready, 2 awaiting ai-review

rodin pushed to main at rodin/review-bot 2026-05-15 11:45:28 +00:00

d855064765 chore(dev-loop): cycle status 2026-05-15 11:44 UTC — 3 PRs ready, 2 awaiting ai-review

rodin closed issue rodin/review-bot#154 2026-05-15 11:30:18 +00:00

refactor: extract shared base-args helper in main_test.go subprocess tests

rodin closed issue rodin/review-bot#150 2026-05-15 11:30:18 +00:00

fix: validateDocmapPath — add EvalSymlinks to close directory-symlink bypass

rodin closed pull request rodin/review-bot#156 2026-05-15 11:30:11 +00:00

feat(#141): validate-docmap subcommand

rodin commented on pull request rodin/review-bot#153 2026-05-15 11:29:11 +00:00

feat(#143): fetch doc-map config from trusted VCS ref

Self-review against 2e65a10c4a8fb47752e029762168a217bd427cf1

Assessment: ✅ Clean

No issues found — ready for human review.

Scope: fix(#143): skip local doc-map validation when --doc-map-tr…

rodin pushed to issue-143 at rodin/review-bot 2026-05-15 11:28:29 +00:00

2e65a10c4a fix(#143): skip local doc-map validation when --doc-map-trusted-ref is set