Skip to content

feat(review): skip ignored auto-review authors#3454

Closed
joaovictor91123 wants to merge 1 commit into
JSONbored:mainfrom
joaovictor91123:feat/auto-review-ignore-authors
Closed

feat(review): skip ignored auto-review authors#3454
joaovictor91123 wants to merge 1 commit into
JSONbored:mainfrom
joaovictor91123:feat/auto-review-ignore-authors

Conversation

@joaovictor91123

Copy link
Copy Markdown
Contributor

Summary

  • Adds review.auto_review.ignore_authors so maintainers can skip AI/public review output for matching author login globs.
  • Wires ignored authors to a quiet skipped Orb review check and skipped-audit reason instead of a gate failure.
  • Updates OpenAPI, the example config, and unit/webhook coverage for matching, defaults, malformed config, and live skip behavior.

Fixes #2060

Scope

  • The PR title follows type(scope): short summary Conventional Commit format, for example fix(api): restore profile access checks.
  • This PR is focused and does not mix unrelated backend, UI, MCP, docs, dependency, and deploy changes.
  • This follows CONTRIBUTING.md and does not reintroduce GitHub Pages, VitePress, site/, or CNAME.
  • I linked an issue, or this is small enough that the summary explains why an issue is not needed.

Validation

  • git diff --check
  • npm run actionlint
  • npm run typecheck
  • npm run test:coverage locally; codecov/patch requires >=99% coverage of the lines AND branches you changed (aim for 100% on your diff so CI variance does not fail near the threshold). Global coverage is a non-blocking trend with a loose 90% backstop, not the gate.
  • npm run test:workers
  • npm run build:mcp
  • npm run test:mcp-pack
  • npm run ui:openapi:check
  • npm run ui:lint
  • npm run ui:typecheck
  • npm run ui:build
  • npm audit --audit-level=moderate
  • New or changed behavior has unit/integration tests for new branches, fallback paths, and sanitizer boundaries

If any required check was skipped, explain why:

  • npm run test:coverage exceeded the local 5-minute command window; focused changed-area coverage ran but failed the global threshold because it intentionally scoped included source files.
  • npm run test:mcp-pack is blocked locally on Windows because scripts/check-mcp-package.mjs uses spawnSync("npm", ...), which returns ENOENT instead of resolving npm.cmd in this shell.
  • npm run ui:lint was not run because this PR does not change UI source; ui:openapi:check, ui:typecheck, and ui:build passed after regenerating the OpenAPI artifact.

Safety

  • No secrets, wallet details, hotkeys, coldkeys, user PATs, private keys, raw trust scores, private rankings, or private maintainer evidence are exposed.
  • Public GitHub text stays sanitized, low-noise, and does not imply compensation guarantees or optimization tactics.
  • Auth, cookie, CORS, GitHub App, Cloudflare, or session changes include negative-path tests.
  • API/OpenAPI/MCP behavior is updated and tested where needed.
  • UI changes use live API data or real empty/error/loading states, not production mock/demo fallbacks.
  • Visible UI changes include a UI Evidence section below with JPG/JPEG or PNG screenshots arranged as organized, captioned, clickable thumbnails. SVG screenshots are not used as review evidence. Review-only screenshots or recordings are not committed to the repository.
  • Public docs/changelogs are updated where needed; changelogs are only edited for release-prep PRs.

UI Evidence

State / title JPG/PNG evidence
Not applicable No visible UI change.

Notes

  • The generated OpenAPI JSON was refreshed with npm run ui:openapi.

@superagent-security

Copy link
Copy Markdown

Superagent didn't find any vulnerabilities or security issues in this PR.

@gittensory-orb gittensory-orb Bot added the gittensor:bug Gittensor-scored bug fix — scores a 0.5x multiplier. label Jul 5, 2026
@gittensory-orb

gittensory-orb Bot commented Jul 5, 2026

Copy link
Copy Markdown

Caution

🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥🟥

🛑 Gittensory review result - reject/close recommended

Review updated: 2026-07-05 07:43:57 UTC

14 files · 1 AI reviewer · 1 blocker · readiness 62/100 · CI green · clean

🛑 Suggested Action - Reject/Close

  • AI reviewers agree on a likely critical defect: src/queue/processors.ts:7048 evaluates `review.auto_review.ignore_authors` before the existing no-visible-surface skip, so a repo with public/check output disabled and a matching ignored author records `ignored_author` instead of the preview/API's `surface_off`
  • move the ignored-author block after the existing `!gateEnabled && !autonomyNeedsGateEvaluation ...` surface-off branch, matching `src/signals/settings-preview.ts:86` where `hasVisiblePrSurface` is checked first. — Resolve the flagged defect, or override if the AI reviewers are mistaken, then re-run the gate.

Review summary
The change adds a manifest-driven `review.auto_review.ignore_authors` parser, eligibility helper, runtime skip path, API enum wiring, generated OpenAPI updates, and focused tests. The core skip path is wired through the manifest and fails open on manifest load errors, and the new helper is well covered. I do see one behavior-ordering bug: the processor evaluates ignored-author rules before the existing public-surface disabled path, while the preview logic keeps `surface_off` first, so audit/export behavior can diverge from the preview for repos with all public output disabled.

Blockers

  • src/queue/processors.ts:7048 evaluates `review.auto_review.ignore_authors` before the existing no-visible-surface skip, so a repo with public/check output disabled and a matching ignored author records `ignored_author` instead of the preview/API's `surface_off`; move the ignored-author block after the existing `!gateEnabled && !autonomyNeedsGateEvaluation ...` surface-off branch, matching `src/signals/settings-preview.ts:86` where `hasVisiblePrSurface` is checked first.
Nits — 6 non-blocking
  • src/signals/focus-manifest.ts:1701 has two adjacent doc comments where the enrichment resolver comment now documents the wrong following symbol; keep the enrichment comment attached to `resolveEnrichmentAnalyzerToggles` and put the auto-review comment only above `resolveReviewAutoReviewConfig`.
  • src/review/review-eligibility.ts:1 reuses `matchesManifestPath`, whose file-path semantics include slash/root-prefix behavior that is odd for GitHub logins; add a short comment here explaining that this reuse is intentional and that login syntax keeps the path-only cases out of normal production input.
  • In `src/queue/processors.ts:7048`, mirror `decidePublicSurface` ordering exactly: first handle no visible surface, missing author, and bot author, then apply ignored-author rules before maintainer/miner checks.
  • In `src/signals/focus-manifest.ts:1701`, split the resolver comments so generated docs and future readers do not associate enrichment behavior with auto-review resolution.
  • In `test/unit/queue.test.ts`, add the regression case for `reviewCheckMode: "disabled"`/gate off plus matching ignored author to assert the skip reason remains `surface_off`, not `ignored_author`.
  • Readiness score is below the configured threshold — Use the readiness panel as advisory maintainer context; the score does not block this PR.

Why this is blocked

  • src/queue/processors.ts:7048 evaluates `review.auto_review.ignore_authors` before the existing no-visible-surface skip, so a repo with public/check output disabled and a matching ignored author records `ignored_author` instead of the preview/API's `surface_off`; move the ignored-author block after the existing `!gateEnabled && !autonomyNeedsGateEvaluation ...` surface-off branch, matching `src/signals/settings-preview.ts:86` where `hasVisiblePrSurface` is checked first.
Signal Result Evidence
Code review ❌ 1 blocker 1 reviewer
Linked issue ✅ Linked #2060
Related work ⚠️ 3 scoped overlaps Top overlaps are listed below; lower-confidence bulk is hidden.
Change scope ❌ 8/20 High review scope from cached public metadata (1 linked issue).
Validation posture ❌ 5/25 Preflight is holding this PR: the review lane is unavailable, so it is not ready for automated review.
Contributor workload ✅ 10/10 Author activity: 108 registered-repo PR(s), 61 merged, 8 issue(s).
Contributor context ✅ Confirmed Gittensor contributor joaovictor91123; Gittensor profile; 108 PR(s), 8 issue(s).
Gate result ❌ Blocking Repo-configured hard blocker found.
Review context
  • Author: joaovictor91123
  • Role context: outside_contributor
  • Public audience mode: oss maintainer
  • Lane context: Repository registration is not available in the local Gittensory cache.
  • Public profile languages: not available
  • Official Gittensor activity: 108 PR(s), 8 issue(s).
  • Related work: Titles/paths share 9 meaningful terms. (issue #2038, issue #2059)
  • Related work: Titles/paths share 10 meaningful terms. (issue #2038, issue #2040)
  • Related work: Titles/paths share 10 meaningful terms. (issue #2059, issue #2063)
  • Additional title-only matches omitted; title-only overlap does not block.
Contributor next steps
  • Review top overlaps.
  • Add a concise scope and risk note.
  • Await review-lane availability.
  • Refresh registry data or choose a registered active repo.
  • Check active issues and PRs before submitting.
Signal definitions
  • Related work = same linked issue, overlapping active PRs, or title/path similarity.
  • Change scope = cached public metadata such as size labels, draft state, and review-burden hints.
  • Validation posture = whether the PR provides enough public validation/test evidence for maintainer review.
  • Contributor workload = public contributor activity and cleanup pressure, not a repo-wide quality failure.
  • Contributor context = public GitHub/Gittensor identity context; non-Gittensor status is not a blocker.

🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed


💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →.

Checked by Gittensory, a quiet PR intelligence layer for OSS maintainers.

  • Re-run Gittensory review

@gittensory-orb

gittensory-orb Bot commented Jul 5, 2026

Copy link
Copy Markdown

Gittensory is closing this pull request on the maintainer's behalf (AI reviewers agree on a likely critical defect: src/queue/processors.ts:7048 evaluates `review.auto_review.ignore_authors` before the existing no-visible-surface skip, so a repo with public/check output disabled and a matching ignored author records `ignored_author` instead of the preview/API's `surface_off`; move the ignored-author block after the existing `!gateEnabled && !autonomyNeedsGateEvaluation ...` surface-off branch, matching `src/signals/settings-preview.ts:86` where `hasVisiblePrSurface` is checked first.). This is an automated maintenance action — to pursue this change, please open a new pull request with the issues resolved. Closed PRs may be analyzed later to improve review accuracy, but they are not automatically reopened or re-reviewed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

gittensor:bug Gittensor-scored bug fix — scores a 0.5x multiplier.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

feat(review): skip auto-review for bot/ignored authors via review.auto_review.ignore_authors globs

1 participant