fix: supervisor identity matching — prefer GitHub username, fuzzy compare

[marcusquinn]

Summary

• get_aidevops_identity() now prefers GitHub username (via gh api user, cached per session) over user@host format
• check_task_claimed() now does fuzzy matching: compares against full identity, username portion (before @), local whoami, and GitHub username
• cmd_claim() and cmd_unclaim() delegate to check_task_claimed() for consistent matching

Root Cause

The supervisor was skipping t166 and t167 during dispatch because:

• TODO.md had assignee:marcusquinn (GitHub username, set manually)
• get_aidevops_identity() returned marcusquinn@Marcus-MacBook-Pro (user@host)
• Exact string comparison failed, so the supervisor treated them as "claimed by someone else"

This is a single-user system where the repo owner, the GitHub user, and the supervisor are all the same person. The identity system needs to recognize that.

Changes

Function	Before	After
get_aidevops_identity()	Always user@host	GitHub username (cached) > user@host
check_task_claimed()	Exact match only	Fuzzy: full identity, username portion, whoami, gh username
cmd_claim()	Inline comparison	Delegates to check_task_claimed()
cmd_unclaim()	Inline comparison	Delegates to check_task_claimed()

Testing

• ShellCheck: zero new violations
• GitHub username cached via _CACHED_GH_USERNAME to avoid repeated API calls
• Falls back gracefully when gh is unavailable (uses user@host)

Summary by CodeRabbit

Release Notes

• Bug Fixes

  • Improved task claiming and unclaiming to support multiple identity formats and reduce redundant API calls through session caching.
  • Enhanced identity resolution with fuzzy matching to handle username variations more reliably.

• Chores

  • Updated internal task status tracking.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

This PR refines identity resolution and task-claim validation in the supervisor helper script by introducing GitHub username-based identity caching and replacing direct string equality checks with fuzzy matching. This normalizes different identity representations (user, user@host, GitHub username) for consistent claim/unclaim behavior. TODO.md updated with blocking status.

Changes

Cohort / File(s)	Summary
Identity Resolution & Fuzzy Claim Matching .agents/scripts/supervisor-helper.sh	Enhanced get_aidevops_identity to prioritize AIDEVOPS_IDENTITY and cache GitHub login; expanded check_task_claimed to recognize multiple identity representations; updated cmd_claim and cmd_unclaim to use fuzzy matching instead of direct string equality for claim validation.
Task Status TODO.md	Marked task t169 as BLOCKED with error annotation "Re-prompt dispatch failed: ambiguous_skipped_ai".

Estimated Code Review Effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly Related PRs

• feat: distributed task claiming via GitHub Issue assignees (t164) #621 — Overlaps on identity resolution and check_task_claimed logic; this PR refines GitHub-identity caching and fuzzy matching patterns introduced there.
• feat: provider-agnostic task claiming via TODO.md (t165) #627 — Modifies identical functions (get_aidevops_identity, check_task_claimed, claim/unclaim paths) in supervisor-helper.sh; coordinate review scope.

Poem

🔐 Identity fuzzy now takes its bow,
GitHub logins cached, no repeated API calls,
User, user@host—all treated the same,
Claims match with grace, not brittle strings,
DevOps logic cleaner, scripts standing tall ✨

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch bugfix/identity-matching

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @marcusquinn, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request resolves an issue where the supervisor system failed to correctly recognize task ownership due to rigid identity matching. By introducing a preference for GitHub usernames in identity retrieval and implementing fuzzy comparison logic for task assignees, the system can now accurately determine if a task is claimed by the current user, regardless of the identity format used in the task assignment. This significantly improves the reliability of task dispatch and claiming operations.

Highlights

• Identity Resolution Priority: The get_aidevops_identity() function now prioritizes the GitHub username (cached for performance) over the traditional user@host format, aligning with how assignees are typically noted in TODO.md.
• Fuzzy Matching for Task Claiming: The check_task_claimed() function has been enhanced to perform fuzzy matching, allowing it to correctly identify tasks claimed by the current user even if the assignee format differs (e.g., GitHub username vs. user@host).
• Consistent Claiming Logic: The cmd_claim() and cmd_unclaim() functions now delegate their assignee comparison logic to the new fuzzy-matching check_task_claimed() function, ensuring consistent and robust task management.

Changelog

• .agents/scripts/supervisor-helper.sh
  • The get_aidevops_identity function was updated to first check for AIDEVOPS_IDENTITY environment variable, then attempt to retrieve and cache the GitHub username using gh api user, and finally fall back to the user@hostname format.
  • The cmd_claim function was refactored to utilize check_task_claimed for determining if a task is already claimed by the current user, replacing a direct string comparison.
  • The cmd_unclaim function was similarly updated to use check_task_claimed for verifying task ownership before allowing an unclaim operation.
  • The check_task_claimed function was significantly enhanced to perform fuzzy matching, comparing the current_assignee against the full identity, the local whoami username, the cached GitHub username, and the username portion of the identity.
• TODO.md
  • A note for task t169 was updated to include a BLOCKED status message: "Re-prompt dispatch failed: ambiguous_skipped_ai".

Activity

• The pull request aims to fix an issue with supervisor identity matching, specifically preferring GitHub usernames and implementing fuzzy comparison.
• The author has provided a detailed summary, root cause analysis, and a clear breakdown of changes in the PR description.
• The changes involve modifications to core supervisor logic in a shell script to improve identity recognition and task claiming.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

�[0;34m[INFO]�[0m Latest Quality Status:
SonarCloud: 0 bugs, 0 vulnerabilities, 37 code smells

�[0;34m[INFO]�[0m Recent monitoring activity:
Sun Feb 8 18:18:47 UTC 2026: Code review monitoring started
Sun Feb 8 18:18:48 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 37

📈 Current Quality Metrics

• BUGS: 0
• CODE SMELLS: 37
• VULNERABILITIES: 0

Generated on: Sun Feb 8 18:18:50 UTC 2026

---

Generated by AI DevOps Framework Code Review Monitoring

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[gemini-code-assist]

Code Review

This pull request introduces a more robust identity matching system for task claiming. It correctly prioritizes the GitHub username for identity, falls back gracefully, and implements fuzzy matching to handle discrepancies between different identity formats (e.g., username vs. user@host). The refactoring of cmd_claim and cmd_unclaim to use the new centralized check_task_claimed function is a good improvement for code consistency and maintainability. I've found one high-severity issue with the new fuzzy matching logic that could cause it to fail in certain scenarios, for which I've provided a suggested fix.

[gemini-code-assist]

The fuzzy matching logic may not work as expected if the AIDEVOPS_IDENTITY environment variable is set. In that scenario, get_aidevops_identity() returns early, and the _CACHED_GH_USERNAME variable is never populated. Consequently, the check against gh_user inside check_task_claimed() will always fail unless the assignee is an empty string.

To ensure fuzzy matching against the GitHub username works reliably in all cases, the GitHub username should be fetched within this function if it hasn't been cached already.

Suggested change

	local gh_user="${_CACHED_GH_USERNAME:-}"
	local identity_user="${identity%%@*}" # Strip @host portion
	# Ensure GitHub username is cached for fuzzy matching, even if AIDEVOPS_IDENTITY is set.
	if [[ -z "${_CACHED_GH_USERNAME:-}" ]]; then
	_CACHED_GH_USERNAME=$(gh api user --jq '.login' 2>/dev/null || echo "")
	fi
	local gh_user="${_CACHED_GH_USERNAME:-}"
	local identity_user="${identity%%@*}" # Strip @host portion