From beef6edf59d8ffd182580e423bb7127028fbfbca Mon Sep 17 00:00:00 2001 From: "intentsolutions.io" Date: Sat, 14 Feb 2026 10:51:03 -0600 Subject: [PATCH 1/6] ci: add Qodo PR-Agent for automated review --- .github/workflows/pr-agent.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/workflows/pr-agent.yml diff --git a/.github/workflows/pr-agent.yml b/.github/workflows/pr-agent.yml new file mode 100644 index 00000000000..e585dab08c6 --- /dev/null +++ b/.github/workflows/pr-agent.yml @@ -0,0 +1,24 @@ +name: PR Agent +on: + pull_request: + types: [opened, reopened, ready_for_review] + issue_comment: + types: [created] + +permissions: + issues: write + pull-requests: write + contents: read + +jobs: + pr_agent: + if: ${{ github.event.sender.type != 'Bot' }} + runs-on: ubuntu-latest + name: Run PR Agent + steps: + - name: PR Agent action step + id: pragent + uses: qodo-ai/pr-agent@main + env: + OPENAI_KEY: ${{ secrets.OPENAI_API_KEY }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 3e432481c07896e28644ea3b83fd2bdcb2a6d676 Mon Sep 17 00:00:00 2001 From: "intentsolutions.io" Date: Sat, 14 Feb 2026 10:51:12 -0600 Subject: [PATCH 2/6] ci: add CodeQL security scanning --- .github/workflows/codeql.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 00000000000..552a597d237 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,28 @@ +name: CodeQL +on: + pull_request: + branches: [main] + +permissions: + security-events: write + contents: read + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + language: [javascript-typescript] + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 From 52145b9c743ecc1cb56c3a7748cc094f57ce03c3 Mon Sep 17 00:00:00 2001 From: "intentsolutions.io" Date: Sat, 14 Feb 2026 10:51:28 -0600 Subject: [PATCH 3/6] ci: update Dependabot config for dependency scanning --- .github/dependabot.yml | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index e38c2152a2d..ba55fdd4684 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,21 +1,12 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file - version: 2 updates: - package-ecosystem: "npm" directory: "/" schedule: interval: "weekly" - - - package-ecosystem: "npm" - directory: "/cli" - schedule: - interval: "weekly" - + open-pull-requests-limit: 5 - package-ecosystem: "github-actions" directory: "/" schedule: interval: "weekly" + open-pull-requests-limit: 3 From a7476f105d07c258848e53c1f5f0245e1a34a3ba Mon Sep 17 00:00:00 2001 From: "intentsolutions.io" Date: Sat, 14 Feb 2026 11:09:39 -0600 Subject: [PATCH 4/6] ci: add Greptile config with kilocode conventions --- greptile.json | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 greptile.json diff --git a/greptile.json b/greptile.json new file mode 100644 index 00000000000..f2c343ca411 --- /dev/null +++ b/greptile.json @@ -0,0 +1,89 @@ +{ + "commentTypes": ["logic", "syntax", "style"], + "strictness": 1, + "fixWithAI": true, + "triggerOnUpdates": true, + "summarySection": { + "included": true, + "collapsible": false, + "defaultOpen": true + }, + "issuesTableSection": { + "included": true, + "collapsible": false, + "defaultOpen": true + }, + "confidenceScoreSection": { + "included": true, + "collapsible": false, + "defaultOpen": true + }, + "sequenceDiagramSection": { + "included": true, + "collapsible": true, + "defaultOpen": false + }, + "ignorePatterns": [ + "*.lock", + "*.snap", + "pnpm-lock.yaml", + "src/i18n/locales/**" + ], + "customContext": [ + { + "type": "rules", + "value": "This is a pnpm monorepo using Turbo. Packages: src/ (VSCode extension), webview-ui/ (React frontend), cli/ (CLI), packages/ (shared types, ipc, telemetry), jetbrains/ (Kotlin plugin), apps/ (docs, e2e, storybook)." + }, + { + "type": "rules", + "value": "All code changes that modify Kilo Code behavior MUST include kilocode_change markers in comments explaining what was changed and why." + }, + { + "type": "rules", + "value": "PRs that touch UI or settings MUST include i18n translation strings. A GUI-based change with settings typically involves 12-13 files plus ~18 more for i18n." + }, + { + "type": "rules", + "value": "PRs SHOULD include a .changeset/ file for version bumping. Exception: docs-only changes in apps/kilocode-docs/ do not require changesets." + }, + { + "type": "rules", + "value": "New provider additions follow a pattern: handler in src/api/providers/, model info, types in packages/types/, i18n strings, and tests. Check existing providers like anthropic or openai for the pattern." + }, + { + "type": "rules", + "value": "TypeScript strict mode. No any types without justification. Use Zod schemas for runtime validation at system boundaries." + }, + { + "type": "rules", + "value": "Security: No hardcoded credentials, API keys, or secrets. Validate all user inputs. No command injection in ExecuteCommand tool. No XSS in webview-ui." + }, + { + "type": "rules", + "value": "Test expectations: Unit tests for business logic, integration tests for API handlers, e2e tests for critical user flows. Tests live alongside source files or in __tests__ directories." + }, + { + "type": "files", + "path": "AGENTS.md", + "description": "Project structure, architecture overview, agent runtime details, and coding conventions" + }, + { + "type": "files", + "path": "CONTRIBUTING.md", + "description": "Contribution guidelines, PR requirements, commit message format" + }, + { + "type": "files", + "path": ".github/pull_request_template.md", + "description": "Expected PR format: Context, Implementation, Screenshots, How to Test" + }, + { + "type": "other", + "value": "This repo has 50+ AI provider integrations. When reviewing provider changes, check for: correct error handling, proper streaming support, model capability declarations, and consistent patterns with existing providers." + }, + { + "type": "other", + "value": "The docs site is a Next.js app using Markdoc at apps/kilocode-docs/. Docs PRs only need Build Markdoc Site and check-translations CI checks to pass." + } + ] +} From 7c4b6f08ed27ddb42793327666a3d11b999634c9 Mon Sep 17 00:00:00 2001 From: "intentsolutions.io" Date: Sat, 14 Feb 2026 11:39:46 -0600 Subject: [PATCH 5/6] infra: add SSHD feature for Codespace CLI access --- .devcontainer/devcontainer.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 97ec581e892..91d9a36d4f6 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -5,7 +5,10 @@ "features": { "ghcr.io/devcontainers/features/git:1": {}, - "ghcr.io/devcontainers/features/github-cli:1": {} + "ghcr.io/devcontainers/features/github-cli:1": {}, + "ghcr.io/devcontainers/features/sshd:1": { + "version": "latest" + } }, "customizations": { @@ -54,15 +57,12 @@ "remoteUser": "root", "containerUser": "root", - // Mounts for persisting Kilo Code state across container rebuilds - // These mounts preserve threads, settings, and caches "mounts": [ "source=${localWorkspaceFolder}/.git,target=/workspace/.git,type=bind,consistency=cached", "source=kilocode-global-storage,target=/root/.vscode-remote/data/User/globalStorage/kilocode.kilo-code,type=volume", "source=kilocode-settings,target=/root/.vscode-remote/data/User,type=volume" ], - // Configure custom properties for workspace storage "workspaceMount": "source=${localWorkspaceFolder},target=/workspace,type=bind", "workspaceFolder": "/workspace" } From a05438cdf64881d0f51e3f3b0696fdcaac6793d7 Mon Sep 17 00:00:00 2001 From: romeoscript Date: Sat, 31 Jan 2026 17:35:02 +0100 Subject: [PATCH 6/6] fix: override context window for MiniMax/Kimi free models Enforces a 200k context window for and to prevent aggressive truncation caused by incorrect API limitations. --- src/api/providers/fetchers/openrouter.ts | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/api/providers/fetchers/openrouter.ts b/src/api/providers/fetchers/openrouter.ts index d2ab5ff435a..d1a23f53856 100644 --- a/src/api/providers/fetchers/openrouter.ts +++ b/src/api/providers/fetchers/openrouter.ts @@ -315,5 +315,11 @@ export const parseOpenRouterModel = ({ modelInfo.maxTokens = 32768 } + // kilocode_change start + if (id.includes("minimax-2.1:free") || id.includes("kimi-2.5:free")) { + modelInfo.contextWindow = 200000 + } + // kilocode_change end + return modelInfo }