Skip to content

feat(scripts): scan the AI review-pipeline source roots in selfhost-env-reference#7065

Closed
philluiz2323 wants to merge 1 commit into
JSONbored:mainfrom
philluiz2323:feat/selfhost-env-reference-ai-review-vars
Closed

feat(scripts): scan the AI review-pipeline source roots in selfhost-env-reference#7065
philluiz2323 wants to merge 1 commit into
JSONbored:mainfrom
philluiz2323:feat/selfhost-env-reference-ai-review-vars

Conversation

@philluiz2323

Copy link
Copy Markdown
Contributor

Summary

  • scripts/gen-selfhost-env-reference.mjs's DEFAULT_SOURCE_ROOTS never scanned src/services/ai-review.ts, src/queue/ai-review-orchestration.ts, or src/queue/processors.ts, so four self-host-relevant env vars actually read in those files -- AI_SUMMARIES_ENABLED, AI_PUBLIC_COMMENTS_ENABLED, AI_MAX_OUTPUT_TOKENS, AI_BYOK_DAILY_REPO_LIMIT -- never reached the generated reference, even though all four are already declared in src/env.d.ts's self-host doc-comment block.
  • Added the three files to DEFAULT_SOURCE_ROOTS.
  • Regenerated apps/loopover-ui/src/lib/selfhost-env-reference.ts via npm run selfhost:env-reference and committed the result (purely additive diff -- 70 lines added, 0 removed, no reordering of unrelated entries).
  • Added a regression test that runs collectSelfHostEnvVars() against the real repo (default rootDir/sourceRoots, not a synthetic fixture -- the point is confirming the actual new source roots are scanned) and asserts all four vars are found.

Scope

  • The PR title follows type(scope): short summary Conventional Commit format.
  • This PR is focused and does not mix unrelated backend, UI, MCP, docs, dependency, and deploy changes.
  • This follows CONTRIBUTING.md and does not reintroduce GitHub Pages, VitePress, site/, or CNAME.
  • I linked a currently open issue this PR resolves.

Closes #6993

Validation

  • git diff --check
  • npm run actionlint (no workflow changes in this PR)
  • npm run typecheck
  • npm run test:coverage (verified rather than assumed per the issue's own caution: scripts/** is explicitly in codecov.yml's ignore list, and the regenerated apps/loopover-ui/src/lib/selfhost-env-reference.ts falls under the apps/** ignore too, so neither changed file is in the Codecov patch-coverage scope; ran the new/existing test suite locally instead -- see below)
  • npm run test:workers (not applicable to this change)
  • npm run build:mcp (not applicable to this change)
  • npm run test:mcp-pack (not applicable to this change)
  • npm run ui:openapi:check (not applicable to this change)
  • npm run ui:lint (not applicable to this change)
  • npm run ui:typecheck (not applicable to this change)
  • npm run ui:build (not applicable to this change)
  • npm audit --audit-level=moderate (no dependency changes in this PR)
  • New or changed behavior has unit/integration tests for new branches, fallback paths, and sanitizer boundaries

If any required check was skipped, explain why:

  • This PR only touches a generator script's source-root list, its regenerated output, and a new test -- no API/UI/dependency surface. npm run typecheck, npm run docs:drift-check, and npm run selfhost:validate-observability all pass locally. npx vitest run test/unit/selfhost-env-reference-script.test.ts passes all 6 tests (5 pre-existing + 1 new), and npm run selfhost:env-reference:check confirms the committed generated file matches a fresh regeneration (not stale).

Safety

  • No secrets, wallet details, hotkeys, coldkeys, user PATs, private keys, raw trust scores, private rankings, or private maintainer evidence are exposed.
  • Public GitHub text stays sanitized, low-noise, and does not imply compensation guarantees or optimization tactics.
  • Auth, cookie, CORS, GitHub App, Cloudflare, or session changes include negative-path tests. (N/A -- no auth/cookie/CORS/session changes in this PR.)
  • API/OpenAPI/MCP behavior is updated and tested where needed. (N/A -- no API/OpenAPI/MCP changes in this PR.)
  • UI changes use live API data or real empty/error/loading states, not production mock/demo fallbacks. (N/A -- no UI changes in this PR; the touched apps/loopover-ui file is a generated data reference, not a rendered component.)
  • Visible UI changes include a UI Evidence section below with JPG/JPEG or PNG screenshots. (N/A -- this PR has no visual surface; it's a build-time generator + its generated output.)
  • Public docs/changelogs are updated where needed; changelogs are only edited for release-prep PRs.

Notes

…nv-reference

gen-selfhost-env-reference.mjs's DEFAULT_SOURCE_ROOTS never scanned src/services/ai-review.ts, src/queue/ai-review-orchestration.ts, or src/queue/processors.ts, so four self-host-relevant env vars read there -- AI_SUMMARIES_ENABLED, AI_PUBLIC_COMMENTS_ENABLED, AI_MAX_OUTPUT_TOKENS, AI_BYOK_DAILY_REPO_LIMIT -- never reached the generated reference, even though all four are already declared in src/env.d.ts's self-host doc-comment block. Added the three files to DEFAULT_SOURCE_ROOTS, regenerated apps/loopover-ui/src/lib/selfhost-env-reference.ts (npm run selfhost:env-reference), and added a regression test that scans the real repo's default source roots and asserts all four vars are found.
@philluiz2323
philluiz2323 requested a review from JSONbored as a code owner July 17, 2026 20:23
@superagent-security

Copy link
Copy Markdown
Contributor

Superagent didn't find any vulnerabilities or security issues in this PR.

@codecov

codecov Bot commented Jul 17, 2026

Copy link
Copy Markdown

❌ 7 Tests Failed:

Tests completed Failed Passed Skipped
3117 7 3110 12
View the top 3 failed test(s) by shortest run time
test/unit/miner-extension-live-fetch.test.ts > syncRankedCandidatesFromMinerUi (#4859) > responds to the SYNC_RANKED_CANDIDATES_MESSAGE runtime message with the sync result
Stack Traces | 0.0028s run time
AssertionError: expected false to be true // Object.is equality

- Expected
+ Received

- true
+ false

 ❯ test/unit/miner-extension-live-fetch.test.ts:186:33
test/unit/miner-extension-live-fetch.test.ts > syncRankedCandidatesFromMinerUi (#4859) > surfaces a thrown fetch (miner UI not running) as a typed failure without touching storage, never throwing
Stack Traces | 0.00306s run time
AssertionError: expected Object{ ok: false, …(2) } to deeply equal { ok: false, …(2) }

- Expected
+ Received

  {
-   "error": "connect ECONNREFUSED",
+   "error": "AbortSignal is not defined",
    "minerUiUrl": "http://localhost:5174",
    "ok": false,
  }

 ❯ test/unit/miner-extension-live-fetch.test.ts:173:20
test/unit/miner-extension-live-fetch.test.ts > syncRankedCandidatesFromMinerUi (#4859) > surfaces a malformed payload (candidates not an array) as a typed failure without touching storage
Stack Traces | 0.00323s run time
AssertionError: expected Object{ ok: false, …(2) } to deeply equal { ok: false, …(2) }

- Expected
+ Received

  {
-   "error": "miner UI returned an unexpected payload shape",
+   "error": "AbortSignal is not defined",
    "minerUiUrl": "http://localhost:5174",
    "ok": false,
  }

 ❯ test/unit/miner-extension-live-fetch.test.ts:153:20
test/unit/miner-extension-live-fetch.test.ts > syncRankedCandidatesFromMinerUi (#4859) > syncs once on startup and once on install when those lifecycle events are available
Stack Traces | 0.00477s run time
AssertionError: expected [] to have a length of 1 but got +0

- Expected
+ Received

- 1
+ 0

 ❯ test/unit/miner-extension-live-fetch.test.ts:220:27
test/unit/miner-extension-live-fetch.test.ts > syncRankedCandidatesFromMinerUi (#4859) > surfaces a non-2xx response as a typed failure without touching storage
Stack Traces | 0.00533s run time
AssertionError: expected Object{ ok: false, …(2) } to deeply equal { ok: false, …(2) }

- Expected
+ Received

  {
-   "error": "miner UI responded 401",
+   "error": "AbortSignal is not defined",
    "minerUiUrl": "http://localhost:5174",
    "ok": false,
  }

 ❯ test/unit/miner-extension-live-fetch.test.ts:146:20
test/unit/miner-extension-live-fetch.test.ts > syncRankedCandidatesFromMinerUi (#4859) > fetches from the configured miner UI URL and writes candidates + a savedAt timestamp into local storage
Stack Traces | 0.0137s run time
AssertionError: expected false to be true // Object.is equality

- Expected
+ Received

- true
+ false

 ❯ test/unit/miner-extension-live-fetch.test.ts:127:23
test/unit/miner-extension-live-fetch.test.ts > syncRankedCandidatesFromMinerUi (#4859) > wires an alarms-based ambient refresh when chrome.alarms is present, and only syncs for its own alarm name
Stack Traces | 0.0199s run time
AssertionError: expected [] to have a length of 1 but got +0

- Expected
+ Received

- 1
+ 0

 ❯ test/unit/miner-extension-live-fetch.test.ts:206:27

To view more test analytics, go to the Test Analytics Dashboard
📋 Got 3 mins? Take this short survey to help us improve Test Analytics.

@loopover-orb loopover-orb Bot added the gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier. label Jul 17, 2026
@loopover-orb

loopover-orb Bot commented Jul 17, 2026

Copy link
Copy Markdown

Caution

🛑 LoopOver review result - fixes required

Review updated: 2026-07-17 20:38:54 UTC

3 files · 1 AI reviewer · no blockers · CI failing · blocked

🛑 Suggested Action - Fix Blockers

Review summary
Adds three new source roots (src/services/ai-review.ts, src/queue/ai-review-orchestration.ts, src/queue/processors.ts) to DEFAULT_SOURCE_ROOTS in the env-reference scanner, closing issue #6993 where AI review-pipeline env vars were undocumented. The regenerated selfhost-env-reference.ts is purely additive (new rows inserted alphabetically, no reordering of existing entries), matching the description, and the new test correctly runs collectSelfHostEnvVars() against the real repo rather than a fixture to prove the new roots are actually scanned. The change is narrow, mechanical, and traceable end-to-end: script change -> regenerated artifact -> regression test.

Nits — 3 non-blocking
  • The new test in test/unit/selfhost-env-reference-script.test.ts only asserts the four issue-specific vars are present via toContain; it doesn't assert their firstReference value, so a future regression that reattributes one of these vars to the wrong file wouldn't be caught.
  • The generated selfhost-env-reference.ts file is now ~612 lines per the size-smell note, but since it's fully generated and marked 'Do not edit manually,' this is not a maintainability concern worth acting on.
  • Consider asserting firstReference alongside name in the new regression test (e.g. expect(collectSelfHostEnvVars().find(e => e.name === 'AI_MAX_OUTPUT_TOKENS')).toEqual({name: 'AI_MAX_OUTPUT_TOKENS', firstReference: 'src/services/ai-review.ts'})) for tighter coverage of the fix.

CI checks failing

  • validate
  • validate-tests (1)

Decision drivers

  • ✅ Code review — No blockers (1 reviewer)
  • ✅ Gate result — Passing (No configured blocker found.)
Context & advisory signals — never blocks the verdict
Signal Result Evidence
Linked issue ✅ Linked #6993
Related work ✅ No active overlap found No same-issue or scoped active PR overlap found.
Change scope ✅ 20/20 Low review scope from cached public metadata (1 linked issue).
Validation posture ✅ 25/25 PR body includes validation/test evidence.
Contributor workload ✅ 10/10 Author activity: 1092 registered-repo PR(s), 659 merged, 135 issue(s).
Contributor context ✅ Confirmed Gittensor contributor philluiz2323; Gittensor profile; 1092 PR(s), 135 issue(s).
Improvement ✅ Minor risk: clean · value: minor · LLM: moderate
Linked issue satisfaction

Addressed
The PR adds the three missing files to DEFAULT_SOURCE_ROOTS, regenerates selfhost-env-reference.ts to include all four required vars (AI_SUMMARIES_ENABLED, AI_PUBLIC_COMMENTS_ENABLED, AI_MAX_OUTPUT_TOKENS, AI_BYOK_DAILY_REPO_LIMIT), and adds a regression test asserting the generator scan picks them up.

Review context
  • Author: philluiz2323
  • Role context: outside_contributor
  • Public audience mode: oss maintainer
  • Lane context: Repository is configured for direct PR review.
  • Public profile languages: Python, JavaScript, MDX, TypeScript, CSS, Cuda, HTML, Kotlin
  • Official Gittensor activity: 1092 PR(s), 135 issue(s).
  • PR-specific overlap: none found.
Contributor next steps
  • Keep the PR focused and include validation evidence before maintainer review.
Signal definitions
  • Related work = same linked issue, overlapping active PRs, or title/path similarity.
  • Change scope = cached public metadata such as size labels, draft state, and review-burden hints.
  • Validation posture = whether the PR provides enough public validation/test evidence for maintainer review.
  • Contributor workload = public contributor activity and cleanup pressure, not a repo-wide quality failure.
  • Contributor context = public GitHub/Gittensor identity context; non-Gittensor status is not a blocker.
🧪 Chat with LoopOver

Ask LoopOver a question about this PR directly in a comment — grounded only in the same cached, public-safe facts shown above, never a new claim.

  • @loopover ask <question> answers contribution-quality Q&A with source citations and freshness.
  • @loopover chat <question> answers in natural prose from cached decision-pack facts via local inference (maintainer/collaborator; read-only).
  • A plain-language @loopover mention with a real question is routed to the closest matching read-only command automatically — no exact syntax required.

Full command reference: https://loopover.ai/docs/loopover-commands

🧪 Experimental — new and may change.

🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed


💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →.

Checked by LoopOver, a quiet PR intelligence layer for OSS maintainers.

  • Re-run LoopOver review

@loopover-orb

loopover-orb Bot commented Jul 17, 2026

Copy link
Copy Markdown

LoopOver is closing this pull request on the maintainer's behalf (CI is failing (validate, validate-tests (1))). This is an automated maintenance action — to pursue this change, please open a new pull request with the issues resolved. Closed PRs may be analyzed later to improve review accuracy, but they are not automatically reopened or re-reviewed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

gittensor:bug Gittensor-scored bug fix — scores a 0.05x multiplier.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

selfhost-env-reference generator misses AI review-pipeline env vars

1 participant