Skip to content

fix(review): surface guardrail hold details#3255

Merged
gittensory-orb[bot] merged 2 commits into
mainfrom
codex/fix-guardrail-audit-rerun
Jul 5, 2026
Merged

fix(review): surface guardrail hold details#3255
gittensory-orb[bot] merged 2 commits into
mainfrom
codex/fix-guardrail-audit-rerun

Conversation

@JSONbored

Copy link
Copy Markdown
Owner

Summary

  • surface exact guardrail path/glob evidence in manual-review comments
  • persist guardrail match evidence in autonomous hold audit metadata
  • keep the review-panel rerun checkbox restricted to maintainers/write collaborators, even if command policy is widened

What changed

  • Builds manual hold verdict reasons from gate warning details for guardrail/size/inconclusive holds.
  • Adds guardrailMatches to agent.action.hold audit metadata.
  • Uses a fixed maintainer/collaborator authorization policy for the persisted rerun checkbox.
  • Adds regressions for guardrail comment detail, AI-review visibility during holds, guardrail hold audit metadata, and contributor rerun denial.

Validation

  • npm run typecheck
  • npx vitest run test/unit/unified-comment-bridge.test.ts
  • npx vitest run test/unit/queue.test.ts -t "guardrail-path hold|confirmed-miner PR authors|maintainer checks the rerun task|write collaborator checks the rerun task|users without repository write permission"
  • npx vitest run test/unit/queue.test.ts test/unit/unified-comment-bridge.test.ts

@superagent-security

Copy link
Copy Markdown

Superagent didn't find any vulnerabilities or security issues in this PR.

@codecov

codecov Bot commented Jul 4, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.88%. Comparing base (9e87b4c) to head (6bbde37).
⚠️ Report is 3 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #3255   +/-   ##
=======================================
  Coverage   93.88%   93.88%           
=======================================
  Files         280      280           
  Lines       30552    30562   +10     
  Branches    11130    11132    +2     
=======================================
+ Hits        28684    28694   +10     
  Misses       1211     1211           
  Partials      657      657           
Files with missing lines Coverage Δ
src/queue/processors.ts 92.94% <100.00%> (-0.04%) ⬇️
src/review/unified-comment-bridge.ts 97.41% <100.00%> (+1.11%) ⬆️
🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@gittensory-orb gittensory-orb Bot added the gittensor:bug Gittensor-scored bug fix — scores a 0.5x multiplier. label Jul 4, 2026
@gittensory-orb

gittensory-orb Bot commented Jul 4, 2026

Copy link
Copy Markdown

Tip

🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩

✅ Gittensory review result - approve/merge recommended

Review updated: 2026-07-05 04:28:32 UTC

4 files · 1 AI reviewer · no blockers · readiness 93/100 · CI green · clean

✅ Suggested Action - Approve/Merge

  • safe to merge

Review summary
The change correctly moves manual-hold comment wording to the warning details, so guardrail evidence can show the exact path/glob instead of the generic gate summary, and it records guardrail match evidence in hold audit metadata. The panel rerun authorization change is intentionally stricter than repository command policy and the tests now cover the contributor-denial path. I do not see a reachable correctness defect in the visible diff, but there are a couple of small hardening and coverage gaps worth tightening.

Nits — 5 non-blocking
  • nit: src/review/unified-comment-bridge.ts:148 should handle an unexpectedly blank `finding.title` when `detail` is present, because `holdWarningVerdictReason` would currently render a leading `: detail` string instead of just the detail.
  • nit: src/review/unified-comment-bridge.ts:154 only has direct tests for `guardrail_hold`; add at least one assertion covering the other manual-hold warning codes or a multi-warning join so this branch-counted helper is not only validated through the guardrail case.
  • nit: src/queue/processors.ts:2763 records `guardrailMatches` for every `agent.action.hold`, including non-guardrail holds; that is harmless, but document or test the empty-array shape so downstream audit readers do not infer the field only exists for `guardrail_hold`.
  • src/review/unified-comment-bridge.ts:148 can avoid malformed output with `if (!title) return detail || ""; return detail.length > 0 ? `${title}: ${detail}` : title;`.
  • src/review/unified-comment-bridge.ts:154 should get a focused regression for `oversized_pr` or `ai_review_inconclusive` plus the fallback to summary when only non-manual warnings are present.
Signal Result Evidence
Code review ✅ No blockers 1 reviewer
Linked issue ⚠️ Missing No linked issue or no-issue rationale found.
Related work ✅ No active overlap found No same-issue or scoped active PR overlap found.
Change scope ✅ 20/20 Low review scope from cached public metadata (no linked issue context).
Validation posture ✅ 25/25 PR body includes validation/test evidence.
Contributor workload ✅ 10/10 Author activity: 56 registered-repo PR(s), 46 merged, 416 issue(s).
Contributor context ✅ Confirmed Gittensor contributor JSONbored; Gittensor profile; 56 PR(s), 416 issue(s).
Gate result ✅ Passing No configured blocker found.
Review context
  • Author: JSONbored
  • Role context: owner (maintainer lane)
  • Public audience mode: oss maintainer
  • Lane context: Repository registration is not available in the local Gittensory cache.
  • Public profile languages: not available
  • Official Gittensor activity: 56 PR(s), 416 issue(s).
  • PR-specific overlap: none found.
Contributor next steps
  • Treat this as maintainer-lane context rather than normal contributor-lane activity.
  • Explain no-issue PR.
  • No action.
  • Link the issue being solved, or explicitly explain why this is a no-issue PR.
Signal definitions
  • Related work = same linked issue, overlapping active PRs, or title/path similarity.
  • Change scope = cached public metadata such as size labels, draft state, and review-burden hints.
  • Validation posture = whether the PR provides enough public validation/test evidence for maintainer review.
  • Contributor workload = public contributor activity and cleanup pressure, not a repo-wide quality failure.
  • Contributor context = public GitHub/Gittensor identity context; non-Gittensor status is not a blocker.

🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed


💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →.

Checked by Gittensory, a quiet PR intelligence layer for OSS maintainers.

  • Re-run Gittensory review

@gittensory-orb gittensory-orb Bot added the manual-review Gittensor contributor context label Jul 4, 2026
JSONbored added 2 commits July 4, 2026 21:16
Closes the codecov/patch gap on PR #3255: gateVerdictReason's final
"|| undefined" arm (no matching manual-hold warning, blank gate
summary, blank gate title) had no test, so the HELD verdict's
no-reason-bullet rendering path was unexercised.

@gittensory-orb gittensory-orb Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gittensory approves — the gate is satisfied and CI is green.

@gittensory-orb gittensory-orb Bot merged commit 169f7e3 into main Jul 5, 2026
10 checks passed
@gittensory-orb gittensory-orb Bot deleted the codex/fix-guardrail-audit-rerun branch July 5, 2026 04:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

gittensor:bug Gittensor-scored bug fix — scores a 0.5x multiplier. manual-review Gittensor contributor context

Development

Successfully merging this pull request may close these issues.

1 participant