@diffpal/diffpal-win32-x64 0.1.22 → 0.1.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +11 -37
  2. package/bin/diffpal.exe +0 -0
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -98,9 +98,8 @@ cp examples/ci/github-actions/codex-api-key.yml .github/workflows/diffpal.yml
98
98
 
99
99
  Expected result:
100
100
 
101
- - a `diffpal-checks` check run
102
- - a `DiffPal Review Summary` PR comment with an overview of the change
103
- - inline comments only for actionable findings
101
+ - a `DiffPal Review Summary` PR review with an overview of the change
102
+ - inline review comments for actionable findings
104
103
  - `.artifacts/diffpal/findings.json` in the job workspace
105
104
  - a failed job only when `gate: true` and blocking findings exist, or when setup
106
105
  or publishing fails
@@ -118,7 +117,7 @@ DiffPal.
118
117
 
119
118
  | CI system | Examples | Output surfaces |
120
119
  | --- | --- | --- |
121
- | GitHub Actions | [`examples/ci/github-actions`](examples/ci/github-actions) | check run, PR summary, review comments, SARIF |
120
+ | GitHub Actions | [`examples/ci/github-actions`](examples/ci/github-actions) | PR review summary, inline review comments, SARIF |
122
121
  | GitLab CI | [`examples/ci/gitlab`](examples/ci/gitlab) | MR summary, discussions, Code Quality, SARIF |
123
122
  | Azure Pipelines | [`examples/ci/azure-pipelines`](examples/ci/azure-pipelines) | PR summary thread, PR threads, PR status |
124
123
 
@@ -140,7 +139,7 @@ Azure Pipelines users can install the public
140
139
  [DiffPal Review extension](https://marketplace.visualstudio.com/items?itemName=diffpal.diffpal)
141
140
  from the Azure DevOps Marketplace and add the `DiffPalReview@1` task to PR
142
141
  validation pipelines. Extension source and release automation live in the
143
- separate [diffpal-azure-devops](https://github.com/diffpal/diffpal-azure-devops)
142
+ separate [diffpal/azure-devops](https://github.com/diffpal/azure-devops)
144
143
  repository.
145
144
 
146
145
  The task installs `@diffpal/diffpal` by default, then runs `diffpal review ado`.
@@ -168,7 +167,6 @@ jobs:
168
167
  permissions:
169
168
  contents: read
170
169
  pull-requests: write
171
- checks: write
172
170
  steps:
173
171
  - uses: actions/checkout@v6
174
172
  with:
@@ -229,17 +227,8 @@ diffpal:
229
227
  block_on: high
230
228
  review:
231
229
  language: en
232
- prompt_profile: v2
233
- strict_evidence: true
234
- strict_injection: true
235
- allow_nearby_context: true
236
230
  instructions: |
237
231
  Prefer actionable findings that are directly supported by the diff.
238
- checks:
239
- - security
240
- - bugs
241
- - performance
242
- - best-practices
243
232
  platforms:
244
233
  github: {}
245
234
  gitlab: {}
@@ -250,22 +239,12 @@ profiles:
250
239
  diffpal:
251
240
  gate:
252
241
  block_on: high
253
- review:
254
- prompt_profile: v2
255
- strict_evidence: true
256
- strict_injection: true
257
- allow_nearby_context: true
258
242
  ```
259
243
 
260
- Review checks are intentionally simple. They ask the agent what to focus on;
261
- DiffPal does not hardcode individual signal slugs:
262
-
263
- | Check | Finding categories the agent may return |
264
- | --- | --- |
265
- | `security` | security |
266
- | `bugs` | correctness, reliability |
267
- | `performance` | performance |
268
- | `best-practices` | maintainability, testing, style |
244
+ DiffPal uses a fixed finding taxonomy: security, correctness, reliability,
245
+ performance, maintainability, testing, and style. Use review instructions to
246
+ change or extend the review scope, for example `Review for OWASP best practices
247
+ and authz/authn regressions.`
269
248
 
270
249
  Severity is impact-based across all categories. The full critical/high/medium/low
271
250
  matrix is in the [config reference](docs/config-reference.md#severity-matrix).
@@ -273,11 +252,6 @@ matrix is in the [config reference](docs/config-reference.md#severity-matrix).
273
252
  Use `diffpal.review.instructions`, the `instructions` action input, or
274
253
  `--instructions-file` for repository-specific review guidance.
275
254
 
276
- The review rollout fields are safe to canary per profile. Keep the repository
277
- default conservative if needed, then set `profiles.ci.diffpal.review` to
278
- `prompt_profile: v2`, `strict_evidence: true`, `strict_injection: true`, and
279
- `allow_nearby_context: true` before making the gate blocking.
280
-
281
255
  ## Provider Recipes and Runtime Types
282
256
 
283
257
  DiffPal delegates review to `diffpal.provider`, which points at a provider
@@ -371,7 +345,7 @@ Use `feedback` for the normal user-facing shape:
371
345
 
372
346
  | Mode | Behavior |
373
347
  | --- | --- |
374
- | `summary` | One PR/MR summary plus check/status, no inline comments. |
348
+ | `summary` | One PR/MR summary. On GitHub, DiffPal still publishes actionable findings as inline PR review comments. |
375
349
  | `balanced` | Summary plus actionable high-confidence inline feedback. |
376
350
  | `inline` | Summary plus a more permissive inline threshold. |
377
351
 
@@ -386,8 +360,8 @@ with:
386
360
  review-id: github-pr-${{ github.event.pull_request.number }}-diffpal-dev
387
361
  ```
388
362
 
389
- That produces a separate `diffpal-dev-checks` check run and separate summary
390
- comment.
363
+ That produces a separate `diffpal-dev` PR review with its own summary and inline
364
+ comments.
391
365
 
392
366
  ## Local Debugging
393
367
 
package/bin/diffpal.exe CHANGED
Binary file
package/package.json CHANGED
@@ -13,5 +13,5 @@
13
13
  "os": [
14
14
  "win32"
15
15
  ],
16
- "version": "0.1.22"
16
+ "version": "0.1.24"
17
17
  }