[Contribution Check Report] Contribution Check — 2026-03-31

[github-actions]

We looked at 3 open PRs — 2 look great and are ready for review, and 1 needs a closer look before it's ready.

(Note: pr-filter-results.json was not found; PRs were sourced directly from the open PR list.)

---

Ready to review 🟢

These PRs passed all contribution checks and are looking good for maintainer eyes.

PR	Title	Author	Lines	Quality
#23608	feat: add trusted-users to MCP Gateway guard policy	@Copilot	401	lgtm ✨
#23509	feat: add shared/apm.md shared workflow with Microsoft APM support	@Copilot	4985	lgtm ✨

---

Needs a closer look 🟡

These PRs are aligned with the project but have gaps that should be addressed first.

PR	Title	Author	Lines	Quality
#23611	MCP Gateway: Add upstream OIDC authentication to schema, spec, compiler	@Copilot	211	needs-work

#23611 details: Great direction — OIDC auth for HTTP MCP servers is well in scope. Missing test coverage for the new auth field parsing/rendering, and two correctness gaps: auth on stdio servers is silently ignored (should be a validation error), and auth.type is not validated against the "github-oidc" enum. Feedback posted to the PR.

---

Evaluated: 3 · Skipped: unknown · Run: 23775795700

Generated by Contribution Check · ◷

• expires on Apr 1, 2026, 1:24 AM UTC

[github-actions]

We looked at 2 new PRs — 1 looks great and 1 needs a small follow-up before it's ready for review.

---

Ready to review 🟢

PR	Title	Author	Lines	Quality
#23647	fix: correct YAML indentation for detection job	@Copilot	82	lgtm ✨

---

Needs a closer look 🟡

PR	Title	Author	Lines	Quality
#23644	chore: bump @playwright/mcp 0.0.68→0.0.69 and MCP Gateway	@Copilot	716	needs-work

#23644 — Well-scoped version bump with 178 auto-recompiled lock files. The needs-work flag is mechanical (no test changes), but the only action needed is to verify whether any existing tests assert the old version constants and update them if so.

---

Evaluated: 2 · Skipped: n/a (pre-filter file not present) · Run: #23782002966

Generated by Contribution Check · ◷

• expires on Apr 1, 2026, 5:34 AM UTC

[github-actions]

Contribution Check — 2026-03-31

No PRs were available for evaluation in this run. The pre-filter step did not produce a pr-filter-results.json file, which indicates either no new PRs matched the configured filters, or the pre-filter step encountered an issue.

---

Evaluated: 0 · Skipped: 0 · Run: 23789719794

Generated by Contribution Check · ◷

• expires on Apr 1, 2026, 9:17 AM UTC

[github-actions]

We looked at 4 new PRs — 3 look great and are ready for review, and 1 needs a small follow-up before it's ready.

---

Ready to review 🟢

PR	Title	Author	Lines	Quality
#23720	Skip update_cache_memory job when agent job is skipped	@Copilot	318	lgtm ✨
#23706	Improve test quality: scripts/lint_error_messages_test.go	@Copilot	279	lgtm ✨
#23695	fix: Gemini CLI exits 41 in AWF sandbox — missing API key and ~/.gemini dir	@Copilot	41	lgtm ✨

---

Needs a closer look 🟡

PR	Title	Author	Lines	Quality
#23707	Refactor semantic function clustering for better code organization	@Copilot	253	needs-work

#23707: Great refactor overall — eliminates a duplicate semanticVersion struct and a passthrough findGitRoot() wrapper. One gap: two new public methods (IsPreciseVersion(), IsNewer()) on semverutil.SemanticVersion lack direct unit tests in pkg/semverutil/semverutil_test.go. CLI-level tests cover them indirectly, but standalone coverage is needed.

---

Evaluated: 4 · Skipped: 0 · Run: #23799315978

Generated by Contribution Check · ◷

• expires on Apr 1, 2026, 1:24 PM UTC