Release/v1.5.3#28
Open
supasympa wants to merge 13 commits into
Open
Conversation
Prevent 422 'Path could not be resolved' errors when creating review comments on files that don't exist in the PR's diff (e.g., deleted files). - Add ListPRFiles() to fetch PR's changed files - Filter buildReviewComments() to only include files present in PR diff - Add tests for groupFindings and buildReviewComments
- TestReport_RetryWithoutCommentsOnPositionError: verifies retry logic - TestReport_FallsBackToStickyCommentWhenBothReviewAttemptsFail - TestReport_SuccessfulReviewOnFirstTry - TestReport_UsesPRFilesFilter Also converts GitHubReporter.client to use interface for testability.
Acig Verdict: PASSRisk: low | Cost: $0.0007 | Duration: 33905ms Decision: pass | Risk: low | Findings: 0 blocking, 0 high, 0 medium, 0 low, 8 info | Cost: $0.0007 Findings[ℹ️ INFO] Workflow uses vars instead of secrets for ACIG_APP_ID
The GitHub Actions workflow now references a repository variable for the app ID, reducing the risk of accidental secret exposure. [ℹ️ INFO] Added runtime check for ACIG version retrieval
The workflow now verifies that the ACIG version was successfully fetched before proceeding, preventing silent failures. [ℹ️ INFO] New GitHubClient interface
Introduces an abstraction for GitHub operations, improving testability but adding a small surface for misuse if not implemented correctly. [ℹ️ INFO] ListPRFiles method added to client
Provides a way to retrieve PR files; no security impact but requires proper error handling in callers. [ℹ️ INFO] Review comments filtered by PR files
The reporter now skips findings not present in the PR, reducing noise but potentially missing issues if file list is incomplete. [ℹ️ INFO] Retry logic for review creation
If inline comment creation fails due to position errors, the reporter retries without comments, improving robustness. [ℹ️ INFO] Added unit tests for reporter behavior
Tests cover retry logic and PR file filtering, ensuring correctness but adding no new risk. [ℹ️ INFO] Makefile lint and test target added
Introduces a Critic Results
Generated by acig • SHA: 48b2fd3 Verdict JSON{"schema_version":"1","repo":"https://github.com/helloodokai/acig","sha":"48b2fd3ccd0077ffbedcb2d25ef006ab72f50572","base_sha":"main","risk":"low","decision":"pass","summary":"Decision: pass | Risk: low | Findings: 0 blocking, 0 high, 0 medium, 0 low, 8 info | Cost: $0.0007","findings":[{"critic":"risk_classifier","severity":"info","title":"Workflow uses vars instead of secrets for ACIG_APP_ID","detail":"The GitHub Actions workflow now references a repository variable for the app ID, reducing the risk of accidental secret exposure.","file":".github/workflows/acig.yml","line_start":4,"line_end":12},{"critic":"risk_classifier","severity":"info","title":"Added runtime check for ACIG version retrieval","detail":"The workflow now verifies that the ACIG version was successfully fetched before proceeding, preventing silent failures.","file":".github/workflows/acig.yml","line_start":15,"line_end":22},{"critic":"risk_classifier","severity":"info","title":"New GitHubClient interface","detail":"Introduces an abstraction for GitHub operations, improving testability but adding a small surface for misuse if not implemented correctly.","file":"internal/reporters/github.go","line_start":12,"line_end":34},{"critic":"risk_classifier","severity":"info","title":"ListPRFiles method added to client","detail":"Provides a way to retrieve PR files; no security impact but requires proper error handling in callers.","file":"internal/githubclient/review.go","line_start":1,"line_end":20},{"critic":"risk_classifier","severity":"info","title":"Review comments filtered by PR files","detail":"The reporter now skips findings not present in the PR, reducing noise but potentially missing issues if file list is incomplete.","file":"internal/reporters/github.go","line_start":55,"line_end":70},{"critic":"risk_classifier","severity":"info","title":"Retry logic for review creation","detail":"If inline comment creation fails due to position errors, the reporter retries without comments, improving robustness.","file":"internal/reporters/github.go","line_start":38,"line_end":53},{"critic":"risk_classifier","severity":"info","title":"Added unit tests for reporter behavior","detail":"Tests cover retry logic and PR file filtering, ensuring correctness but adding no new risk.","file":"internal/reporters/github_report_test.go","line_start":1,"line_end":120},{"critic":"risk_classifier","severity":"info","title":"Makefile lint and test target added","detail":"Introduces a `check` target that runs lint and tests, encouraging code quality but not affecting runtime security.","file":"Makefile","line_start":1,"line_end":10}],"critic_results":[{"critic":"perf_smell","model":"qwen3-coder:480b","findings":[],"cost_usd":0.00019878,"duration_ms":830,"tokens_in":3274,"tokens_out":13},{"critic":"security_smell","model":"qwen3-coder:480b","findings":[],"cost_usd":0.00020082000000000002,"duration_ms":1171,"tokens_in":3308,"tokens_out":13},{"critic":"risk_classifier","model":"gpt-oss:20b","findings":[{"critic":"risk_classifier","severity":"info","title":"Workflow uses vars instead of secrets for ACIG_APP_ID","detail":"The GitHub Actions workflow now references a repository variable for the app ID, reducing the risk of accidental secret exposure.","file":".github/workflows/acig.yml","line_start":4,"line_end":12},{"critic":"risk_classifier","severity":"info","title":"Added runtime check for ACIG version retrieval","detail":"The workflow now verifies that the ACIG version was successfully fetched before proceeding, preventing silent failures.","file":".github/workflows/acig.yml","line_start":15,"line_end":22},{"critic":"risk_classifier","severity":"info","title":"New GitHubClient interface","detail":"Introduces an abstraction for GitHub operations, improving testability but adding a small surface for misuse if not implemented correctly.","file":"internal/reporters/github.go","line_start":12,"line_end":34},{"critic":"risk_classifier","severity":"info","title":"ListPRFiles method added to client","detail":"Provides a way to retrieve PR files; no security impact but requires proper error handling in callers.","file":"internal/githubclient/review.go","line_start":1,"line_end":20},{"critic":"risk_classifier","severity":"info","title":"Review comments filtered by PR files","detail":"The reporter now skips findings not present in the PR, reducing noise but potentially missing issues if file list is incomplete.","file":"internal/reporters/github.go","line_start":55,"line_end":70},{"critic":"risk_classifier","severity":"info","title":"Retry logic for review creation","detail":"If inline comment creation fails due to position errors, the reporter retries without comments, improving robustness.","file":"internal/reporters/github.go","line_start":38,"line_end":53},{"critic":"risk_classifier","severity":"info","title":"Added unit tests for reporter behavior","detail":"Tests cover retry logic and PR file filtering, ensuring correctness but adding no new risk.","file":"internal/reporters/github_report_test.go","line_start":1,"line_end":120},{"critic":"risk_classifier","severity":"info","title":"Makefile lint and test target added","detail":"Introduces a `check` target that runs lint and tests, encouraging code quality but not affecting runtime security.","file":"Makefile","line_start":1,"line_end":10}],"cost_usd":0.00006408999999999999,"duration_ms":6326,"tokens_in":3253,"tokens_out":1052},{"critic":"style_conformance","model":"gpt-oss:20b","findings":null,"cost_usd":0.00009353,"duration_ms":12721,"tokens_in":3209,"tokens_out":2048},{"critic":"test_coverage_smell","model":"gpt-oss:20b","findings":null,"cost_usd":0.00009366999999999999,"duration_ms":12857,"tokens_in":3223,"tokens_out":2048}],"total_cost_usd":0.00065089,"total_duration_ms":33905,"budget_remaining_usd":0.24934911,"generated_at":"2026-05-07T23:16:02.431407601Z"} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.