Skip to content

feat(review): viewport x theme completeness matrix for the screenshot-table gate#4545

Merged
JSONbored merged 3 commits into
mainfrom
feat/screenshot-completeness-matrix
Jul 10, 2026
Merged

feat(review): viewport x theme completeness matrix for the screenshot-table gate#4545
JSONbored merged 3 commits into
mainfrom
feat/screenshot-completeness-matrix

Conversation

@JSONbored

Copy link
Copy Markdown
Owner

Summary

  • The deterministic screenshot-table gate only checked that a PR body contained some markdown table with any image inside it, with no concept of viewport or color-mode coverage -- even though metagraphed's own contributor skill file (.claude/skills/metagraphed/SKILL.md, Phase C2, feat(mcp): add gittensory_check_test_evidence tool (#2235) #3770) documents an exact 3-viewport x 2-theme x before/after = 12-image contract. metagraphed PR fix(github): allow self-host TRUSTED_SCANNER_BOT_LOGINS override #4661 shipped with 4/12 images and passed AI review, because the private review-context copy the AI reviewer's instructions come from was never updated to mention viewport/theme completeness.
  • screenshotTableGate config gains requireViewports/requireThemes (string arrays, empty by default -- opt-in per repo, byte-identical for a repo that doesn't set them). When requireViewports is non-empty, the evaluator matches every required (viewport, theme) pair against a labeled table row (case-insensitive substring match on the row's first cell, e.g. "Desktop · Light") and requires at least two image-bearing cells in that row (before + after). Missing pairs are named in the rejection reason.
  • action gains a real advisory value, distinct from the request_changes/comment values feat(review): wire bot-generated visual captures into screenshotTableGate #4110 removed as dead/unwired config -- this one is actually wired: advisory computes the violation but the caller (processors.ts) only ever folds a result into the close-triggering planner match when action === "close", so advisory is a real no-op on merge/close by construction.
  • Full config-as-code wiring, same pattern as every other per-repo gate field: DB migration + Drizzle schema + settings resolver + .gittensory.yml manifest parser (both the Worker copy and the hand-duplicated gittensory-engine package copy, kept in sync per engine-parity:drift-check) + OpenAPI.

Closes #4540

Scope

  • The PR title follows type(scope): short summary Conventional Commit format.
  • This PR is focused and does not mix unrelated backend, UI, MCP, docs, dependency, and deploy changes.
  • This follows CONTRIBUTING.md and does not reintroduce GitHub Pages, VitePress, site/, or CNAME.
  • I linked a currently open issue this PR resolves.

Validation

  • git diff --check
  • npm run typecheck
  • npm run db:migrations:check, npm run db:schema-drift:check, npm run cf-typegen:check
  • npm run manifest:drift-check, npm run engine-parity:drift-check (Worker/engine screenshot-table-gate.ts + manifest-deps-types.ts copies confirmed in sync)
  • npm run ui:openapi (regenerated) + npm run ui:openapi:check (no drift) + npm run ui:openapi:settings-parity
  • npm run test --workspace @jsonbored/gittensory-engine (325/325 passing)
  • npm run test:coverage (full unsharded local run, 12830+ tests passing, 0 failures)
  • npm audit --audit-level=moderate -- 0 vulnerabilities
  • npm run docs:drift-check, npm run selfhost:env-reference:check, npm run command-reference:check
  • New/changed behavior has unit/integration tests for every new branch (viewport-only vs viewport×theme matrix mode, case-insensitive row matching, missing-pair naming, advisory vs close dispatch, sparse-override parsing both directions) plus a regression test reproducing the exact metagraphed PR fix(github): allow self-host TRUSTED_SCANNER_BOT_LOGINS override #4661 shape in both the Worker and engine-package copies.
  • npm run actionlint, npm run test:workers, npm run build:mcp, npm run test:mcp-pack, npm run build:miner, npm run test:miner-pack, npm run rees:test, npm run ui:lint, npm run ui:typecheck, npm run ui:test, npm run ui:build -- not run locally; this diff touches no UI/MCP/miner/REES/workers surface, so CI's full test:ci gate covers these as a backstop.

Safety

  • No secrets, wallet details, hotkeys, coldkeys, user PATs, private keys, raw trust scores, private rankings, or private maintainer evidence are exposed.
  • Public GitHub text stays sanitized, low-noise, and does not imply compensation guarantees or optimization tactics.
  • No auth/cookie/CORS/GitHub App/Cloudflare/session changes.
  • API/OpenAPI updated and tested (screenshotTableGate schema gains requireViewports/requireThemes/advisory).
  • No UI changes.
  • No public docs/changelog changes needed.

Notes

This PR builds the detection engine and config surface only. A follow-up (tracked separately, not in this PR) syncs the private per-repo review-context files on the self-host server so the AI reviewer's own instructions mention the matrix requirement too, and turns the gate on for metagraphed with action: close.

JSONbored added 2 commits July 9, 2026 17:45
…-table gate (#4540)

The deterministic screenshot-table gate only checked that a PR body contained
some markdown table with any image inside it, with no concept of viewport or
color-mode coverage -- even though metagraphed's own contributor skill file
documents an exact 3-viewport x 2-theme x before/after = 12-image contract.
metagraphed PR #4661 shipped 4/12 images and passed AI review, which had no
way to know the completeness requirement existed.

screenshotTableGate gains requireViewports/requireThemes (string arrays,
empty by default -- opt-in per repo, byte-identical otherwise). When set, the
evaluator matches each required (viewport, theme) pair against a labeled
table row and requires two image-bearing cells (before + after) in that row;
missing pairs are named in the rejection reason. action gains a real advisory
value, distinct from the request_changes/comment values #4110 removed as
dead/unwired config -- this one is actually wired: an advisory violation is
computed but never reaches the close-triggering planner match.

Full config-as-code wiring: DB migration + Drizzle schema + settings
resolver + .gittensory.yml manifest parser (both the Worker copy and the
hand-duplicated gittensory-engine package copy) + OpenAPI.

Closes #4540
@superagent-security

Copy link
Copy Markdown
Contributor

Superagent didn't find any vulnerabilities or security issues in this PR.

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 10, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
gittensory-ui 5a34d00 Commit Preview URL

Branch Preview URL
Jul 10 2026, 01:03 AM

@codecov

codecov Bot commented Jul 10, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.08%. Comparing base (8061b65) to head (5a34d00).
⚠️ Report is 2 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #4545      +/-   ##
==========================================
+ Coverage   94.07%   94.08%   +0.01%     
==========================================
  Files         425      425              
  Lines       37757    37827      +70     
  Branches    13790    13814      +24     
==========================================
+ Hits        35519    35589      +70     
  Misses       1583     1583              
  Partials      655      655              
Files with missing lines Coverage Δ
packages/gittensory-engine/src/focus-manifest.ts 99.10% <100.00%> (+<0.01%) ⬆️
...tensory-engine/src/review/screenshot-table-gate.ts 100.00% <100.00%> (ø)
src/db/repositories.ts 96.73% <ø> (ø)
src/db/schema.ts 72.43% <ø> (ø)
src/openapi/schemas.ts 100.00% <ø> (ø)
src/review/screenshot-table-gate.ts 100.00% <100.00%> (ø)
src/settings/agent-actions.ts 97.72% <ø> (ø)
src/signals/focus-manifest.ts 99.64% <100.00%> (+<0.01%) ⬆️
src/types.ts 100.00% <ø> (ø)
🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@gittensory-orb gittensory-orb Bot added the gittensor:feature Gittensor-scored feature linked to a feature issue — scores a 1.25x multiplier. label Jul 10, 2026
@gittensory-orb

Copy link
Copy Markdown

Important

🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪🟪

🔍 Gittensory is reviewing…

AI analysis is in progress. This comment will update when the review is complete.

🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed · 🟪 Reviewing

@JSONbored JSONbored merged commit afd731e into main Jul 10, 2026
14 checks passed
@JSONbored JSONbored deleted the feat/screenshot-completeness-matrix branch July 10, 2026 01:14
JSONbored added a commit that referenced this pull request Jul 10, 2026
… PRs)

origin/main has since merged #4545 (0131_screenshot_table_gate_matrix.sql)
and #4554 (0132_impact_map_query_cache.sql, itself a collision fix); rebase
onto current main and take the next free number.
JSONbored added a commit that referenced this pull request Jul 10, 2026
… PRs)

origin/main has since merged #4545 (0131_screenshot_table_gate_matrix.sql)
and #4554 (0132_impact_map_query_cache.sql, itself a collision fix); rebase
onto current main and take the next free number.
JSONbored added a commit that referenced this pull request Jul 10, 2026
… PRs)

origin/main has since merged #4545 (0131_screenshot_table_gate_matrix.sql)
and #4554 (0132_impact_map_query_cache.sql, itself a collision fix); rebase
onto current main and take the next free number.
JSONbored added a commit that referenced this pull request Jul 10, 2026
… PRs)

origin/main has since merged #4545 (0131_screenshot_table_gate_matrix.sql)
and #4554 (0132_impact_map_query_cache.sql, itself a collision fix); rebase
onto current main and take the next free number.
JSONbored added a commit that referenced this pull request Jul 10, 2026
… PRs)

origin/main has since merged #4545 (0131_screenshot_table_gate_matrix.sql)
and #4554 (0132_impact_map_query_cache.sql, itself a collision fix); rebase
onto current main and take the next free number.
JSONbored added a commit that referenced this pull request Jul 10, 2026
…-wide for confirmed miners (#4546)

* fix(review): make submitter-reputation burst/AI-spend defense install-wide for confirmed miners

getSubmitterReputation's burst/low-sample thresholds are scoped
WHERE project = ? AND submitter = ? -- a single repo. A fleet
identity spreading a handful of gate-passing-but-low-value PRs
across dozens of repos in one self-hosted install never accumulates
enough same-repo sample density to read as "burst" or "low"
anywhere, so the reputation defense never fires for it and every one
of its submissions burns full paid AI-review spend indefinitely.

- New getSubmitterReputationAcrossInstall in submitter-reputation.ts:
  the identical quality-weighted signal derivation, scoped by
  review_targets.installation_id instead of project (that column
  already existed, migrations/0050; this adds the supporting index).
- New getEffectiveSubmitterReputation in reputation-wire.ts: the
  per-repo signal, additionally widened to the install-wide view for
  a CONFIRMED official Gittensor miner -- but only when the per-repo
  signal alone doesn't already justify caution, so an ordinary
  contributor or an already-flagged submitter pays no extra lookup.
- Extracted the miner-identity check (shared with #4512) into
  src/gittensor/miner-detection-cache.ts so both this module and
  unlinked-issue-guardrail.ts can use it without a circular import
  through processors.ts.
- Wired into both call sites: shouldSkipAiForReputation (the main
  AI-spend gate) and the vision-review reputation check.

Fixes #4513

* fix: renumber migration 0130 -> 0131 (0130 was claimed by #4538, already merged to main)

* fix(test): account for getEffectiveSubmitterReputation's miner-identity check in visual-vision tests

runVisualVisionForAdvisory now resolves reputation via getEffectiveSubmitterReputation
(#4513), which checks confirmed-official-miner identity (a fetch to
api.gittensor.io/miners) whenever the submitter's per-repo signal is
neutral -- a real, intentional behavior change this test file's existing
"no network calls at all" assertions didn't account for. Stub that one
identity check to resolve cleanly and assert precisely that no OTHER
(BYOK/vision-spend) network call happens, rather than asserting zero fetch
calls outright.

* fix(db): renumber migration 0131 -> 0133 (0131/0132 claimed by merged PRs)

origin/main has since merged #4545 (0131_screenshot_table_gate_matrix.sql)
and #4554 (0132_impact_map_query_cache.sql, itself a collision fix); rebase
onto current main and take the next free number.

* fix(db): renumber migration 0133 -> 0134 (0133 claimed by merged PR #4556)

Rebase onto current main and take the next free number now that
migrations/0133_screenshot_table_gate_skill_link.sql (from #4556) occupies
the number this branch previously took.

* fix(db): renumber migration 0134 -> 0139 (0134 has a pre-existing 3-way collision on main)

main currently has three DIFFERENT already-merged files at 0134
(#4549/#4558/#4563) -- tracked separately as its own fix (PR #4577, not yet
merged). Since that fix already claims through 0138, take 0139 here to
avoid colliding with it once it lands; this branch's own
db:migrations:check will stay red until #4577 merges (unrelated to this
branch's own changes), and will need one more rebase afterward.

* test(review): close 2 coverage gaps surfaced by the #4514 rebase-merge

getEffectiveSubmitterReputation's getRepository().catch() needed a real
read-failure test (added); its isConfirmedOfficialMiner().catch() is
unreachable (that function already catches every internal failure point
itself) and getSubmitterReputationAcrossInstall's results ?? [] fallback is
the same "D1 always populates results" case already v8-ignored elsewhere in
this codebase -- both marked accordingly.

* fix(review): isolate #4507's reputation-single-read invariant from cross-test miner-cache pollution

Several earlier tests in this file cache "contributor" as a confirmed official
Gittensor miner (5-min TTL) in the shared per-file D1 instance. That collided
with #4513's new install-wide reputation widening, which correctly detects the
stale cache and adds a 4th reputation-scan D1 read for a submitter this test
never intended to be a miner. Use a submitter login unique to this test instead.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

gittensor:feature Gittensor-scored feature linked to a feature issue — scores a 1.25x multiplier.

Development

Successfully merging this pull request may close these issues.

feat(review): viewport x theme completeness matrix for the screenshot-table gate

1 participant