169 lines
4.4 KiB
Plaintext
169 lines
4.4 KiB
Plaintext
# PR Review + Auto-Fix
|
|
#
|
|
# A self-healing code review pipeline. Reviews a PR from multiple angles,
|
|
# identifies issues, and automatically fixes them in a loop until the
|
|
# review passes. Satisfying to watch as issues get knocked down one by one.
|
|
#
|
|
# Usage: Run against any open PR in your repo.
|
|
|
|
agent reviewer:
|
|
model: sonnet
|
|
prompt: """
|
|
You are a senior code reviewer. You review code for:
|
|
- Correctness and logic errors
|
|
- Security vulnerabilities
|
|
- Performance issues
|
|
- Code style and readability
|
|
|
|
Be specific. Reference exact file paths and line numbers.
|
|
Return a structured list of issues or "APPROVED" if none found.
|
|
"""
|
|
|
|
agent security-reviewer:
|
|
model: opus # Security requires deep reasoning
|
|
prompt: """
|
|
You are a security specialist. Focus exclusively on:
|
|
- Injection vulnerabilities (SQL, command, XSS)
|
|
- Authentication/authorization flaws
|
|
- Data exposure and privacy issues
|
|
- Cryptographic weaknesses
|
|
|
|
If you find issues, they are HIGH priority. Be thorough.
|
|
"""
|
|
|
|
agent fixer:
|
|
model: opus # Fixing requires understanding + execution
|
|
prompt: """
|
|
You are a code fixer. Given an issue report:
|
|
1. Understand the root cause
|
|
2. Implement the minimal fix
|
|
3. Verify the fix addresses the issue
|
|
4. Create a clean commit
|
|
|
|
Do NOT over-engineer. Fix exactly what's reported, nothing more.
|
|
"""
|
|
|
|
agent captain:
|
|
model: sonnet # Orchestration role
|
|
persist: true
|
|
prompt: """
|
|
You coordinate the PR review process. You:
|
|
- Track which issues have been found and fixed
|
|
- Decide when the PR is ready to merge
|
|
- Escalate to human if something is unfixable
|
|
"""
|
|
|
|
# Get the PR diff
|
|
let pr_diff = session "Fetch the PR diff"
|
|
prompt: """
|
|
Read the current PR:
|
|
1. Run: gh pr diff
|
|
2. Also get: gh pr view --json title,body,files
|
|
3. Return the complete diff and PR metadata
|
|
"""
|
|
|
|
# Phase 1: Parallel multi-perspective review
|
|
session: captain
|
|
prompt: "Starting PR review. I'll coordinate multiple reviewers."
|
|
|
|
parallel:
|
|
general_review = session: reviewer
|
|
prompt: "Review this PR for correctness, logic, and style issues"
|
|
context: pr_diff
|
|
|
|
security_review = session: security-reviewer
|
|
prompt: "Security audit this PR. Flag any vulnerabilities."
|
|
context: pr_diff
|
|
|
|
test_check = session "Check test coverage"
|
|
prompt: """
|
|
Analyze the PR:
|
|
1. What code changed?
|
|
2. Are there tests for the changes?
|
|
3. Run existing tests: npm test / pytest / cargo test
|
|
Return: test status and coverage gaps
|
|
"""
|
|
context: pr_diff
|
|
|
|
# Phase 2: Captain synthesizes and prioritizes
|
|
let issues = resume: captain
|
|
prompt: """
|
|
Synthesize all review feedback into a prioritized issue list.
|
|
Format each issue as:
|
|
- ID: issue-N
|
|
- Severity: critical/high/medium/low
|
|
- File: path/to/file.ts
|
|
- Line: 42
|
|
- Issue: description
|
|
- Fix: suggested approach
|
|
|
|
If all reviews passed, return "ALL_CLEAR".
|
|
"""
|
|
context: { general_review, security_review, test_check }
|
|
|
|
# Phase 3: Auto-fix loop
|
|
loop until **all issues are resolved or unfixable** (max: 10):
|
|
|
|
if **there are no remaining issues**:
|
|
resume: captain
|
|
prompt: "All issues resolved! Summarize what was fixed."
|
|
else:
|
|
# Pick the highest priority unfixed issue
|
|
let current_issue = resume: captain
|
|
prompt: "Select the next highest priority issue to fix."
|
|
context: issues
|
|
|
|
# Attempt the fix
|
|
try:
|
|
session: fixer
|
|
prompt: """
|
|
Fix this issue:
|
|
{current_issue}
|
|
|
|
Steps:
|
|
1. Read the file
|
|
2. Understand the context
|
|
3. Implement the fix
|
|
4. Run tests to verify
|
|
5. Commit with message: "fix: [issue description]"
|
|
"""
|
|
context: current_issue
|
|
retry: 2
|
|
backoff: exponential
|
|
|
|
# Mark as fixed
|
|
resume: captain
|
|
prompt: "Issue fixed. Update tracking and check remaining issues."
|
|
context: current_issue
|
|
|
|
catch as fix_error:
|
|
# Escalate unfixable issues
|
|
resume: captain
|
|
prompt: """
|
|
Fix attempt failed. Determine if this is:
|
|
1. Retryable with different approach
|
|
2. Needs human intervention
|
|
3. A false positive (not actually an issue)
|
|
|
|
Update issue status accordingly.
|
|
"""
|
|
context: { current_issue, fix_error }
|
|
|
|
# Phase 4: Final verification
|
|
let final_review = session: reviewer
|
|
prompt: "Final review pass. Verify all fixes are correct and complete."
|
|
|
|
resume: captain
|
|
prompt: """
|
|
PR Review Complete!
|
|
|
|
Generate final report:
|
|
- Issues found: N
|
|
- Issues fixed: N
|
|
- Issues requiring human review: N
|
|
- Recommendation: MERGE / NEEDS_ATTENTION / BLOCK
|
|
|
|
If ready, run: gh pr review --approve
|
|
"""
|
|
context: final_review
|