Skip to content

CKB v8.2.0

Choose a tag to compare

@github-actions github-actions released this 22 Mar 12:06

Changelog

Features

  • daed8cf feat: Add --lint-report flag to deduplicate findings against SARIF
  • 224320a feat: Add LLM FP triage, PR posting, feedback learning, skill shipping
  • f5838af feat: Add Large PR Intelligence — Batch 3
  • d23d369 feat: Add code health, baselines, compliance, CI/CD formats — Batches 4-7
  • 22b3a8e feat: Add comment-drift, format-consistency checks and enhance existing review checks
  • de69cf1 feat: Add review engine v8.4 — HoldTheLine, bug-patterns, LLM narrative
  • f1437e4 feat: Add unified PR review engine (ckb review) — MVP Batch 1+2
  • 08f4b01 feat: Auto-resolve active repository from file paths in MCP tool params
  • a621676 feat: Reduce review noise, add multi-provider LLM, compact MCP mode
  • a5e8894 feat: Wire dead-code, test-gaps, blast-radius checks and --staged/--scope into review

Bug Fixes

  • 4550ffb fix(deps): bump the go-deps group with 2 updates
  • be97882 fix: Add missing SCORE env var in CI, omitempty on reviewers JSON field
  • 0e9fcde fix: Address review findings — health scoring, format constants, API tests
  • 1db8266 fix: Annotate all gosec G115 integer overflow false positives
  • 1e6f48c fix: Annotate remaining gosec G304/G306 path traversal false positives
  • 148c598 fix: Bump Go 1.26.0→1.26.1 (4 stdlib CVEs), fix download-artifact SHA
  • f185889 fix: Bump Go to 1.24.13 and add tests for repo resolver/engine cache
  • f13bcee fix: Bump Go to 1.26.0 and exclude G703 from gosec security gate
  • 0fbf748 fix: Eliminate O(N) GetHotspots/GetOwnership calls causing review hang
  • 06bdda6 fix: Eliminate dead-code FP, show test-gap details, fix config merge
  • 471702a fix: Fix 4 bugs found by CKB review, add marketing docs
  • fdb6503 fix: Fix lint errors, remove dead code, tighten file permissions
  • c256a69 fix: Fix non-CGO build for v8.2.0 release
  • c28bd90 fix: Harden action.yml, cap score deductions, clean up dead code
  • ecc1e49 fix: Make pr-review job resilient to upstream CI failures
  • 68139c7 fix: Make review output useful for large PRs (600+ files)
  • e9db780 fix: Overhaul review formatter output and update CI workflows
  • 5b22e63 fix: Re-enable Homebrew upload, add token validation to release workflow
  • aa0a617 fix: Reduce review noise — secrets false positives, coupling CI spam, unclamped risk
  • c59409d fix: Render Top Risks in markdown review, fix null reviewers fallback
  • 33f5896 fix: Resolve remaining gosec findings (rune bugs + annotations)
  • f50f2bb fix: Serialize tree-sitter checks, fix SARIF compliance, harden inputs
  • d8d3ed2 fix: Skip Homebrew tap upload (token expired)
  • 019ef6e fix: Sort findings by tier before budget cap, enrich reviewer routing
  • eb3a2bc fix: Update index metadata after incremental refresh and ignore untracked files in repo state
  • 65f565c fix: Use /v1/tokens endpoint for npm token validation
  • 7688190 fix: Use correct gosec rule IDs (G703/G122) for nosec annotations

Documentation

  • 3c10ef7 docs: Add review architecture SVG, update CLAUDE.md for 17 checks
  • 88cb5d1 docs: Add v8.2.0 changelog
  • 3155d99 docs: Update CLAUDE.md and fix reviewPR tool description, reuse analyzer

Others

  • f271bb8 ci(deps): bump the actions group across 1 directory with 7 updates
  • e5e2f0e ci: Add PR review to CI pipeline, add example workflow
  • 11b2765 ci: Add review engine test job to CI pipeline
  • 616184c perf: Break tree-sitter serialization, batch git ops, cache hotspot scores
  • 0d654a1 perf: Cut health check subprocess calls by ~60%, add cancellation
  • 8d7c179 security: Reject path traversal in repo IDs, sanitize error responses
  • cef1a49 security: Scope PR permissions, fix cancel-in-progress, pin action SHA
  • 8d915b4 security: Upgrade docker/cli (CVE-2025-15558) and otel/sdk (CVE-2026-24051)