fix(issue-sync): prevent invalid @mentions for non-GitHub assignees#1
Merged
superdav42 merged 479 commits intomainfrom Mar 16, 2026
Merged
fix(issue-sync): prevent invalid @mentions for non-GitHub assignees#1superdav42 merged 479 commits intomainfrom
superdav42 merged 479 commits intomainfrom
Conversation
marcusquinn#4711) Addresses Gemini cross-PR review feedback (PR marcusquinn#1253): local var="$1" combined form masks exit codes; use separate declare+assign per styleguide. Closes marcusquinn#3170
…mail-signature-parser-helper.sh (marcusquinn#4724) Address 3 Gemini review findings from PR marcusquinn#3055: - merge_toon_contact: replace 6 grep calls with one while/case pass over $existing (HIGH) - resolve_contact_filename: replace 2 grep calls with one while/case pass over file (MEDIUM) - list_contacts: replace 2 grep calls per file with one while/case pass per file (MEDIUM) All three sites now parse fields in a single read loop, eliminating redundant subshell forks and grep invocations. ShellCheck: zero new violations. Closes marcusquinn#3161
…ng (marcusquinn#4726) - Pass pre-computed protocol to build_curl_args() in both cron-dispatch.sh and cron-helper.sh, eliminating the redundant get_protocol() subshell call inside the function when callers already have the value - Add log_warn when OPENCODE_INSECURE=1 in cron-helper.sh to match the existing warning in cron-dispatch.sh (operator visibility parity) - Use log_warn (stderr) instead of log_info (stdout) for the SSL warning in cron-dispatch.sh for correct severity routing Addresses gemini review feedback from PR marcusquinn#305. Closes marcusquinn#3529
…arcusquinn#4728) - Clarify credential transport: keys embedded as export lines in uploaded shell script, not via AcceptEnv/SendEnv (which cannot silently fail) - Add /proc/<pid>/environ exposure note for security-conscious deployments - Add mitigation guidance: restrict host access or use short-lived tokens - Add opencode-ai as preferred npm install option; keep @anthropic-ai/claude-code as the claude CLI alternative Closes marcusquinn#3445
…TATE_DIR and move timestamp after success (marcusquinn#4729) - Use ${SUPERVISOR_STATE_DIR:-/var/lib/supervisor} instead of SUPERVISOR_DIR for task_creation_cooldown_file to guard against unset variable under set -u/-e - Add mkdir -p before writing the cooldown timestamp to ensure directory exists - Move date +%s write to AFTER confirming TODO.md exists and task creation runs, preventing the cooldown from throttling retries when prerequisites are missing Addresses PR marcusquinn#1170 review feedback (issue marcusquinn#3526).
) - Move NODE_PATH snippet from build-agent.md into node-helpers.md and replace with a file:line reference (CodeRabbit feedback) - Add FTS5 capability probe to sqlite3 status check in onboarding-helper.sh so partial installs (sqlite3 present, FTS5 missing) are correctly reported as 'partial' rather than 'ready' (CodeRabbit + Gemini feedback) - Add fts5 field to JSON output using jq for type-safe boolean construction Closes marcusquinn#3528
…reviews (marcusquinn#4731) Replace 2>/dev/null with 2>>"${SUPERVISOR_LOG:-/dev/null}" on three jq commands in the dismiss_bot_reviews function and check_pr_status function. This aligns with the repository style guide (no blanket stderr suppression) and allows jq parsing errors from malformed gh api responses to be captured in the supervisor log for debugging, rather than silently discarded. Closes marcusquinn#3564 Addresses gemini-code-assist review feedback on PR marcusquinn#952
…arcusquinn#4734) Change the error string written on auto-rebase failure from the human-readable 'Merge conflict — auto-rebase failed' to the machine-readable token 'merge_conflict:auto_rebase_failed'. This aligns with the case-match in evaluate.sh:718 and dispatch.sh:673 which filter on 'merge_conflict' — without this fix, tasks blocked by auto-rebase failure were not picked up for retry. Fix 2 (git add before diff --check) was already present in deploy.sh at line 2248 from a prior refactor — no change needed there. Closes marcusquinn#3524
…arcusquinn#4735) Addresses Gemini code review suggestion from PR marcusquinn#134: store the dynamic and hardcoded badge grep patterns in local variables to improve maintainability and avoid repeating the pattern strings. Closes marcusquinn#3522
…le violations (marcusquinn#4737) When markdownlint fails due to bad config, invalid arguments, or other non-rule errors, the output won't match the MD[0-9] pattern, causing violation_count=0 and a false success return—even in blocking mode. Capture lint_exit separately (|| lint_exit=$?) and treat non-zero exit codes as blocking errors in changed-file mode and advisory warnings in full-scan mode. Covers both cases: output present (non-rule error message) and no output (silent config parse failure). Closes marcusquinn#3505 Addresses CodeRabbit review on PR marcusquinn#271
…arcusquinn#4736) Merge the redundant `pro` case into `sonnet | eval | health | pro` since both resolve to the same model (anthropic/claude-sonnet-4-6). Reduces duplication and improves maintainability as suggested in PR marcusquinn#799 review. Closes marcusquinn#3519
…4741) Replace comma-separated string iteration with bash arrays in: - supervisor-archived/issue-sync.sh: ALL_STATUS_LABELS constant + sync_issue_status_label() loop - issue-sync-helper.sh: _DONE_REMOVE_LABELS constant + _mark_issue_done() Eliminates IFS manipulation and here-string splitting for safer, more idiomatic bash iteration. Addresses Gemini review feedback on PR marcusquinn#1375. ShellCheck: zero new violations.
… stale pulse (marcusquinn#4749) When a script fix is merged without a version bump, the deployed copy in ~/.aidevops/ stays stale until setup.sh is run manually. The auto-update stale check only compared VERSION files, missing intra-version script changes. Add a sentinel-based script drift check: compare SHA-256 of gh-failure-miner-helper.sh between repo and deployed. If they differ, re-deploy all agents via setup.sh --non-interactive. Root cause of GH#4727: PR marcusquinn#4704 fixed gh-failure-miner-helper.sh (merged 07:43) but the pulse ran at 08:40 using the old deployed version, which still treated Codacy ACTION_REQUIRED as a CI failure and produced a false systemic cluster, causing the pulse LLM to create a duplicate issue. Closes marcusquinn#4727
…ve-review filters (marcusquinn#4748) Closes marcusquinn#4733 Adds --include-positive to quality-feedback-helper.sh scan-merged to bypass the positive-review suppression filters (summary-only, approval-only, no-actionable-sentiment). Intended for use with --dry-run to audit which reviews are being suppressed and verify the filters are working correctly. Changes: - cmd_scan_merged: parse --include-positive flag, pass to _scan_single_pr - _scan_single_pr: accept include_positive arg; bypass summary_only filter and approval/sentiment select() when true; use select() pattern instead of pipe-through-boolean to avoid jq object-construction errors - Help text: document --include-positive with usage example - Tests: 5 new tests covering flag unit behaviour and _scan_single_pr integration (27/27 passing, 0 shellcheck violations)
…ction refactoring (marcusquinn#4926) Extract printUsage, runDiscoveryIfNeeded, guardCredits, buildRetryConfig from main() to reduce function-complexity smells. Add makeFeatureHandler factory to eliminate 5 duplicate inline lambdas in COMMAND_REGISTRY (boolean-logic/return-statements). No behaviour changes — pure structural refactoring. Syntax verified: node --check.
…4927) Change backoff granularity from provider-level to model-level so that rate-limiting one model (e.g. claude-sonnet) doesn't block other models from the same provider (e.g. claude-opus). Auth errors still back off at provider level since credentials are shared. Key changes: - record_provider_backoff() accepts model param, keys on model for rate_limit/provider_error, on provider for auth_error - New model_backoff_active() checks both model-level and provider-level - choose_model() uses model_backoff_active() instead of provider-level - cmd_backoff CLI accepts both model IDs and provider names - Fix file_mtime() stat order (Linux stat -f returns filesystem info) - Tests: set AIDEVOPS_HEADLESS_MODELS for self-contained runs, disable sandbox (strips STUB_* env vars), add 4 model-level backoff tests Closes marcusquinn#4925
…arcusquinn#4931) Replace ${!env_var:-} with eval-based equivalent at 3 locations in config-helper.sh. The ${!var:-default} syntax causes 'bad substitution' on macOS /bin/bash 3.2.57, making config_get fail silently during pulse-wrapper.sh startup. Closes marcusquinn#4929
* fix: add sqlite3 to setup.sh required dependencies sqlite3 is used by 700+ callsites across the framework (memory system, worktree registry, supervisor, observability) but was never installed during setup. On Linux systems without sqlite3 pre-installed, these features fail silently. Adds sqlite3 to check_requirements() with correct package name mapping: sqlite3 for Debian/Ubuntu/brew, sqlite for Fedora/Arch/Alpine. * fix: use canonical brew formula name 'sqlite' instead of alias 'sqlite3' Homebrew's formula is 'sqlite' (sqlite3 is an alias). While the alias works, using the canonical name is more robust. Separate apt case from the wildcard fallback which now correctly handles brew, dnf, pacman, and apk. Addresses CodeRabbit review feedback on PR marcusquinn#4935. --------- Co-authored-by: Alexey <1556417+alex-solovyev@users.noreply.github.com>
…e clarity (marcusquinn#4936) * fix: correct contribution metrics — remove double-counting and improve clarity - Remove --all from git log to count only default-branch commits, fixing ~12% inflation from squash-merged PR commits being counted twice (once as branch originals, once as the squash-merge on main) - Rename 'Contributions' sections to 'Commits' for accuracy - Rename 'Contributor output' to 'GitHub activity' and move to top of dashboard (most meaningful metric: issues, PRs, merges, comments) - Clarify column headers: 'Direct' → 'Direct Pushes', 'PR Merges' → 'PRs Merged' - Reorder dashboard: GitHub activity → AI sessions → Commits (most to least meaningful) * fix: resolve default branch explicitly for worktree robustness Address Gemini review feedback — git log without --all and without an explicit branch name walks the current branch, which is wrong when called from a worktree on a feature branch. Add _resolve_default_branch() helper that tries origin/HEAD, then main/master, then HEAD as fallback. Apply to all three git log call sites.
…g swallowed (marcusquinn#4938) Login shell startup files (~/.bash_profile, ~/.bashrc) on remote servers (Cloudways, Hetzner, Cloudron, Hostinger, Closte) can redirect or close stdout before wp runs. Dropping the -l flag avoids sourcing those files while still executing the cd+wp command correctly. Also redirect the [INFO] diagnostic line in run_wp_command to stderr so callers can capture clean WP-CLI stdout without mixing it with log output. Fixes marcusquinn#4937
…les (marcusquinn#4941) When a subprocess needs a secret value, pass it as an environment variable, never as a command argument. Command arguments appear in error messages, ps output, and logs -- even when the command's intent is safe. This was learned from an incident where wp db query echoed a secret in its error output. Adds section 8.2 (prevention) and 8.3 (post-execution detection) to prompts/build.txt. Updates opsec.md, gopass.md, and cloudron.md with cross-references to the new pattern. Closes marcusquinn#4939
…tter (marcusquinn#4948) * fix: prevent duplicate dispatch across runners via assignee check + jitter Root cause: multiple pulse runners evaluating the same issue simultaneously create duplicate PRs. Process-based dedup (has_worker_for_repo_issue, is-duplicate) only sees local processes — invisible across machines. Fix 1: Add is-assigned command to dispatch-dedup-helper.sh that queries GitHub assignees before dispatch. If another runner already self-assigned, skip the issue. This is the primary cross-machine dedup guard. Fix 2: Add 0-30s random startup jitter to pulse-wrapper.sh so concurrent launchd-triggered pulses don't evaluate issues at the same instant. Configurable via PULSE_JITTER_MAX (set to 0 to disable). Fix 3: Update pulse.md dispatch instructions to enforce the assignee check as a mandatory step alongside existing local process dedup. Observed: PR marcusquinn#4940 duplicated PR marcusquinn#4938 for issue marcusquinn#4937 because alex-solovyev's pulse dispatched 2 min after marcusquinn self-assigned, interpreting the in-progress worker as 'failed'. * fix: validate PULSE_JITTER_MAX as numeric, use read -ra for assignee parsing Address Gemini review feedback: - Validate PULSE_JITTER_MAX is numeric before arithmetic (prevents set -e failures from non-integer env var values) - Use read -ra for comma-separated assignee parsing instead of IFS word splitting (more robust against whitespace edge cases)
…requirements (marcusquinn#4949) Call detect_package_manager once at the top of the dependency-check block and reuse the result for both sqlite package-name resolution and the install prompt. Previously it was called twice: once inside the sqlite3 check and again when installing missing deps. Closes marcusquinn#4946
…lback (marcusquinn#4951) Addresses review feedback from PR marcusquinn#4941 (Gemini Code Assist) by making the temporary file pattern more specific: recommend mktemp for file creation and trap for guaranteed cleanup on exit or error. Closes marcusquinn#4943
…in wp_args log (marcusquinn#4953) * fix: use printf '%q' for wp_args logging to handle spaces in arguments Closes marcusquinn#4944 * fix: use shell parameter expansion to trim trailing space in wp_args log Replace subshell-in-string $(printf '%q ' ...) with a two-step pattern: local args_str; args_str=$(printf '%q ' "${wp_args[@]}") ... ${args_str% } This avoids spawning an extra subshell inside the double-quoted string and uses pure shell parameter expansion (${args_str% }) to strip the trailing space left by printf '%q '. Applied to all three logging sites: run_wp_command (line 383), run_on_category (line 404), run_on_all (line 447). Addresses Gemini Code Assist suggestion on PR marcusquinn#4950. --------- Co-authored-by: Alexey <1556417+alex-solovyev@users.noreply.github.com>
…acking (marcusquinn#4955) Every autonomous process that creates GitHub issues now adds a source:* label identifying which process created it. This makes auto-created work filterable and traceable — you can see at a glance whether an issue came from the review scanner, quality sweep, CI failure miner, etc. Labels added: - source:review-feedback (quality-feedback-helper.sh) - source:review-scanner (post-merge-review-scanner.sh) - source:quality-sweep (stats-functions.sh — quality-review + simplification-debt) - source:health-dashboard (stats-functions.sh — supervisor/contributor health) - source:ci-failure-miner (gh-failure-miner-helper.sh) - source:circuit-breaker (circuit-breaker-helper.sh) - source:mission-validation (milestone-validation-worker.sh) - source:findings-to-tasks (findings-to-tasks-helper.sh) - source:self-evolution (self-evolution-helper.sh) All labels use color #C2E0C6 (light green) for visual consistency. Existing type labels (quality-debt, bug, etc.) are preserved — source:* is an orthogonal dimension.
…al detection (marcusquinn#4956) * fix(security): add section 8.4 column-level query discipline and URL credential detection (marcusquinn#4954) Add layered defense (Option C) against credential exposure from application config tables that store secrets in URL query parameters. Layer 1 - Prompt rule (build.txt section 8.4): - Never fetch raw record values from webhook/integration/OAuth config tables - Query schema/keys first, then extract only non-credential fields - Treat any URL field in application config as potentially containing credentials Layer 2 - Output redaction tooling: - Add credential_exposure category to prompt-guard-helper.sh (inline + YAML) - Detect secrets in URL query params: secret=, token=, api_key=, password=, access_token=, auth=, client_secret=, webhook_secret= - Redact matched values in sanitize function (replaces 8+ char values with [REDACTED]) - 9 new tests (7 detection + 2 sanitization), all passing, zero regressions Closes marcusquinn#4954 * fix(tests): replace real-looking credential formats with FAKE_ prefixes and fix short-value threshold test - Lines 1497-1501: prefix test literals with FAKE_SK_LIVE_, FAKE_AKIA_, FAKE_JWT_, FAKE_CS_ to make it unambiguous these are test fixtures, not real credentials (CodeRabbit CHANGES_REQUESTED) - Line 1502: change 'key=abc' to 'secret=abc' — 'key' is not a tracked parameter so the test never validated the short-value threshold; 'secret' is tracked (line 330) and 'abc' (3 chars) is below the 8-char minimum, correctly producing no match Closes marcusquinn#4954 --------- Co-authored-by: marcusquinn <6428977+marcusquinn@users.noreply.github.com>
…arcusquinn#4957) Two gaps in the full-loop workflow: 1. After merging a PR on the aidevops repo, no release was cut — fixes sat on main until someone manually released. Contributors running aidevops update got nothing. Now the full-loop auto-bumps a patch version, tags, and creates a GitHub release after every merge. 2. Issue closing comments didn't tell the reporter which version contained the fix. Now the template includes a 'Released in: vX.Y.Z' line with 'run aidevops update to get this fix' so reporters know exactly when and how to pick up the solution. Auto-release is aidevops-repo-only and always uses patch (workers can't determine if a change is minor/major — that requires human judgment).
The issue-sync-lib.sh was adding '@' prefix to ALL assignee values in GitHub issue bodies. This caused problems when the assignee was not a GitHub username but rather: - A Linux username like 'dave' (user@host format from whoami) - An email-like identity Now we only add '@' if the assignee matches the GitHub username pattern (alphanumeric + . _ -) without '@' characters. Fixes incorrect @dave mentions in issues created by workers.
|
Important Review skippedAuto reviews are limited based on label configuration. 🚫 Review skipped — only excluded labels are configured. (1)
Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
📝 Coding Plan
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
🔍 Code Quality Report�[0;35m[MONITOR]�[0m Code Review Monitoring Report �[0;34m[INFO]�[0m Latest Quality Status: �[0;34m[INFO]�[0m Recent monitoring activity: 📈 Current Quality Metrics
Generated on: Mon Mar 16 02:43:40 UTC 2026 Generated by AI DevOps Framework Code Review Monitoring |
|
🙏🙏🙏 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The issue-sync-lib.sh was adding '@' prefix to ALL assignee values in GitHub issue bodies. This caused problems when the assignee was not a GitHub username but rather a Linux username (e.g., 'dave') or email-like identity.
Changes
Related
Fixes incorrect @dave mentions when workers use Linux usernames instead of GitHub usernames.