@diffpal/diffpal 0.1.22 → 0.1.23

package/README.md

@@ -140,7 +140,7 @@ Azure Pipelines users can install the public
 [DiffPal Review extension](https://marketplace.visualstudio.com/items?itemName=diffpal.diffpal)
 from the Azure DevOps Marketplace and add the `DiffPalReview@1` task to PR
 validation pipelines. Extension source and release automation live in the
-separate [diffpal-azure-devops](https://github.com/diffpal/diffpal-azure-devops)
+separate [diffpal/azure-devops](https://github.com/diffpal/azure-devops)
 repository.
 
 The task installs `@diffpal/diffpal` by default, then runs `diffpal review ado`.
@@ -229,17 +229,8 @@ diffpal:
     block_on: high
   review:
     language: en
-    prompt_profile: v2
-    strict_evidence: true
-    strict_injection: true
-    allow_nearby_context: true
     instructions: |
       Prefer actionable findings that are directly supported by the diff.
-    checks:
-      - security
-      - bugs
-      - performance
-      - best-practices
   platforms:
     github: {}
     gitlab: {}
@@ -250,22 +241,12 @@ profiles:
     diffpal:
       gate:
         block_on: high
-      review:
-        prompt_profile: v2
-        strict_evidence: true
-        strict_injection: true
-        allow_nearby_context: true
 ```
 
-Review checks are intentionally simple. They ask the agent what to focus on;
-DiffPal does not hardcode individual signal slugs:
-
-| Check | Finding categories the agent may return |
-| --- | --- |
-| `security` | security |
-| `bugs` | correctness, reliability |
-| `performance` | performance |
-| `best-practices` | maintainability, testing, style |
+DiffPal uses a fixed finding taxonomy: security, correctness, reliability,
+performance, maintainability, testing, and style. Use review instructions to
+change or extend the review scope, for example `Review for OWASP best practices
+and authz/authn regressions.`
 
 Severity is impact-based across all categories. The full critical/high/medium/low
 matrix is in the [config reference](docs/config-reference.md#severity-matrix).
@@ -273,11 +254,6 @@ matrix is in the [config reference](docs/config-reference.md#severity-matrix).
 Use `diffpal.review.instructions`, the `instructions` action input, or
 `--instructions-file` for repository-specific review guidance.
 
-The review rollout fields are safe to canary per profile. Keep the repository
-default conservative if needed, then set `profiles.ci.diffpal.review` to
-`prompt_profile: v2`, `strict_evidence: true`, `strict_injection: true`, and
-`allow_nearby_context: true` before making the gate blocking.
-
 ## Provider Recipes and Runtime Types
 
 DiffPal delegates review to `diffpal.provider`, which points at a provider

package/package.json

@@ -14,11 +14,11 @@
   "license": "SEE LICENSE IN LICENSE",
   "name": "@diffpal/diffpal",
   "optionalDependencies": {
-    "@diffpal/diffpal-darwin-arm64": "0.1.22",
-    "@diffpal/diffpal-darwin-x64": "0.1.22",
-    "@diffpal/diffpal-linux-arm64": "0.1.22",
-    "@diffpal/diffpal-linux-x64": "0.1.22",
-    "@diffpal/diffpal-win32-x64": "0.1.22"
+    "@diffpal/diffpal-darwin-arm64": "0.1.23",
+    "@diffpal/diffpal-darwin-x64": "0.1.23",
+    "@diffpal/diffpal-linux-arm64": "0.1.23",
+    "@diffpal/diffpal-linux-x64": "0.1.23",
+    "@diffpal/diffpal-win32-x64": "0.1.23"
   },
-  "version": "0.1.22"
+  "version": "0.1.23"
 }