fix: scope TTSR read-before-edit rule to existing files only

[alex-solovyev]

Summary

Fixes #2487

The read-before-edit TTSR rule fired false positive ERROR-level violations when creating new files via the Write tool. The Write tool itself only requires a prior Read for existing files, but the aidevops rule layer did not distinguish new vs. existing files.

Changes

• build.txt:91: Replace blanket "No exceptions" with scoped guidance — Read is required before Edit/Write to an existing file. For new files, verify the parent directory exists instead.
• index.mjs:1493-1498: Add negative lookahead (?!.*(?:creat|new file|new \w+ file|generat)) to the TTSR regex so it skips new file creation contexts.
• Updated correction and systemPrompt text to mention the new-file exception.

Verification

Tested the updated regex against 13 cases:

• 7 false positive cases (new file creation) — all correctly excluded (no longer trigger)
• 4 true positive cases (existing file edit without read) — all correctly detected (still trigger)
• 2 true negative cases (edit with prior read mention) — pre-existing behavior, unchanged

Impact

• Eliminates false ERROR-level violations on every new file creation
• Stops agents from wasting tool calls "reading" nonexistent files to satisfy the rule
• Removes confusing self-correction HTML comments injected into conversation for new files
• Aligns the rule layer with the Write tool's actual behavior

Summary by CodeRabbit

• Improvements
  • Updated file operation rules to better distinguish between editing existing files and creating new files with refined applicability conditions
  • Enhanced verification requirements: parent directory verification for new file creation and read-before-edit validation for existing file modifications
  • Improved clarity and accuracy in handling guidance across different file operation scenarios

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses and resolves an issue where the read-before-edit rule in the aidevops plugin incorrectly triggered error-level violations when agents attempted to create new files. By refining the rule's application to only existing files and updating associated prompts, the change eliminates false positives, improves agent efficiency by preventing unnecessary "read" attempts on non-existent files, and aligns the rule layer with the actual behavior of the Write tool.

Highlights

• TTSR Rule Scoping: The read-before-edit TTSR rule is now scoped to apply only to existing files, preventing false positive errors during new file creation.
• Regex Modification: The rule's regex in index.mjs was updated with a negative lookahead to explicitly ignore contexts related to creating or generating new files.
• Guidance Updates: User-facing correction and systemPrompt messages, as well as the build.txt prompt, were updated to reflect the new behavior and provide clear guidance for handling new files versus existing ones.

Changelog

• .agents/plugins/opencode-aidevops/index.mjs
  • Updated the description of the read-before-edit rule to specify "existing files".
  • Modified the pattern regex for read-before-edit to include a negative lookahead (?!.*(?:creat|new file|new \w+ file|generat)) to prevent matching new file creation scenarios.
  • Revised the correction message to explicitly state that the rule does not apply when creating new files.
  • Updated the systemPrompt to instruct agents to verify parent directories for new files instead of reading them.
• .agents/prompts/build.txt
  • Adjusted the "File Operations (CRITICAL)" section to clarify that the "ALWAYS Read a file before Edit or Write" rule applies to existing files, and for new files, agents should verify the parent directory.

Activity

• No human activity (comments, reviews, etc.) has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 36 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Fri Feb 27 21:28:56 UTC 2026: Code review monitoring started
Fri Feb 27 21:28:57 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 36

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 36
• VULNERABILITIES: 0

Generated on: Fri Feb 27 21:28:59 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0d38dc2 and 6dab5c4.

📒 Files selected for processing (2)

• .agents/plugins/opencode-aidevops/index.mjs
• .agents/prompts/build.txt

---

Walkthrough

Refines the read-before-edit TTSR rule to differentiate between existing files and new file creation. Pattern extended with negative lookahead to exclude new file keywords. Build.txt policy updated to require parent directory verification for new files instead of enforcing read-first.

Changes

Cohort / File(s)	Summary
TTSR Rule Refinement .agents/plugins/opencode-aidevops/index.mjs	Updated read-before-edit rule description, pattern (added negative lookahead for creat, new file, generat), and correction text to explicitly target existing files only. SystemPrompt now instructs parent directory verification for new files.
File Operation Policy .agents/prompts/build.txt	Changed policy statement from "ALWAYS Read before Edit/Write. No exceptions." to scope read-first requirement to existing files only; new files require parent directory verification instead.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• t1304: Soft TTSR — wire rules into OpenCode plugin hooks #2139: Modifies the same read-before-edit TTSR rule content and messaging in index.mjs
• t1281: Deduplicate shared rules across context chain (pass 1) #2039: Updates file-operation and read-before-edit rule wording in prompts/build.txt
• t1283: Context optimisation pass 3 — tighten language across always-loaded files #2048: Tightens file-operations sequencing and distinguishes read-edit-write phrasing in build.txt

Poem

🎯 No false alarms when creating new files, no more—
A regex pattern now knows what files are for.
Parent paths verified, not contents that don't exist,
The agent rewarded: one less confusing gist. ✨

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bugfix/ttsr-read-before-edit-false-positives

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[gemini-code-assist]

Code Review

This pull request aims to fix a false positive in the read-before-edit rule by refining its trigger condition. The changes to the prompt in build.txt and the descriptive fields in index.mjs are clear and align with the goal. However, the updated regular expression in index.mjs, while addressing the original problem, introduces a risk of false negatives due to overly broad keywords. I've provided a suggestion to make the pattern more specific and robust.

[gemini-code-assist]

The keywords creat and generat are too broad and could lead to false negatives. For instance, if an agent's response is "I will edit file X, then create a pull request", the keyword creat will match "create", causing this rule to be incorrectly skipped. The read-before-edit check should still apply to file X in this scenario.

To make this more robust, the keywords should be more specific to file creation, for example by tying creat and generat to the word file.

Suggested change

	pattern: "(?:I'll edit|Let me edit|I'll write to|Let me write)(?!.*(?:creat|new file|new \\w+ file|generat))(?:(?!I'll read|let me read|I've read|already read).){0,200}$",
	pattern: "(?:I'll edit|Let me edit|I'll write to|Let me write)(?!.*(?:creat.*file|new file|new \\w+ file|generat.*file))(?:(?!I'll read|let me read|I've read|already read).){0,200}$",