@mechanai/deepreview 2.1.3 → 2.1.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -8,6 +8,9 @@ permission:
|
|
|
8
8
|
"git log*": allow
|
|
9
9
|
"git blame*": allow
|
|
10
10
|
"git show*": allow
|
|
11
|
+
"*--help*": allow
|
|
12
|
+
"*--version*": allow
|
|
13
|
+
"man *": allow
|
|
11
14
|
"*": deny
|
|
12
15
|
---
|
|
13
16
|
|
|
@@ -23,11 +26,12 @@ For each finding in all 3 reviews:
|
|
|
23
26
|
|
|
24
27
|
1. Read the source file and line referenced in the finding
|
|
25
28
|
2. Determine if the claimed issue actually exists in the code
|
|
26
|
-
3.
|
|
27
|
-
4.
|
|
29
|
+
3. If the finding makes claims about external tool behavior (CLI flags, API parameters, library methods), **verify those claims**. Run `--help`, check man pages, or use WebFetch to check documentation. If the claimed behavior doesn't exist, classify as disproved.
|
|
30
|
+
4. Check if the issue is already handled elsewhere (error handling, validation, guards)
|
|
31
|
+
5. Classify the finding:
|
|
28
32
|
- **confirmed** (high confidence): you verified the issue exists in the code
|
|
29
33
|
- **plausible** (medium confidence): the issue might exist but you cannot fully verify
|
|
30
|
-
- **disproved** (low confidence): the code already handles this,
|
|
34
|
+
- **disproved** (low confidence): the code already handles this, the claim is wrong, or the finding assumes external tool/API behavior that doesn't exist
|
|
31
35
|
|
|
32
36
|
Discard all low-confidence (disproved) findings entirely.
|
|
33
37
|
|
|
@@ -18,16 +18,55 @@ Check if input.txt is empty (0 bytes). If empty, tell the user "Nothing to revie
|
|
|
18
18
|
Get and store the PR head SHA:
|
|
19
19
|
Run `gh pr view $ARGUMENTS --json headRefOid --jq .headRefOid` and save the output as PR_HEAD_SHA.
|
|
20
20
|
|
|
21
|
-
|
|
21
|
+
STEP 3: DISPATCH STAGE 1 — INITIAL REVIEW (5 parallel tasks)
|
|
22
|
+
Dispatch ALL FIVE of these Task tool calls simultaneously in a single message:
|
|
22
23
|
|
|
23
|
-
|
|
24
|
+
Task 1 — Use the Task tool with subagent_type="deepreview-correctness":
|
|
25
|
+
"You are reviewing a PR diff (code changes). Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-correctness.md."
|
|
24
26
|
|
|
25
|
-
-
|
|
26
|
-
|
|
27
|
+
Task 2 — Use the Task tool with subagent_type="deepreview-security":
|
|
28
|
+
"You are reviewing a PR diff (code changes). Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-security.md."
|
|
29
|
+
|
|
30
|
+
Task 3 — Use the Task tool with subagent_type="deepreview-architecture":
|
|
31
|
+
"You are reviewing a PR diff (code changes). Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-architecture.md."
|
|
32
|
+
|
|
33
|
+
Task 4 — Use the Task tool with subagent_type="deepreview-docs":
|
|
34
|
+
"You are reviewing a PR diff (code changes). Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-docs.md."
|
|
35
|
+
|
|
36
|
+
Task 5 — Use the Task tool with subagent_type="deepreview-compatibility":
|
|
37
|
+
"You are reviewing a PR diff (code changes). Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-compatibility.md."
|
|
38
|
+
|
|
39
|
+
Wait for all 5 to return. Record which succeeded and which failed.
|
|
40
|
+
|
|
41
|
+
STEP 4: DISPATCH STAGE 2 — CROSS-VALIDATION (5 parallel tasks)
|
|
42
|
+
Only proceed with reviews that exist. Dispatch ALL FIVE simultaneously:
|
|
43
|
+
|
|
44
|
+
Task 6 — Use the Task tool with subagent_type="deepreview-validator":
|
|
45
|
+
"Your perspective: correctness. Read all review files at: $SESSION_DIR/review-correctness.md, $SESSION_DIR/review-security.md, $SESSION_DIR/review-architecture.md, $SESSION_DIR/review-docs.md, $SESSION_DIR/review-compatibility.md. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-correctness.md."
|
|
46
|
+
|
|
47
|
+
Task 7 — Use the Task tool with subagent_type="deepreview-validator":
|
|
48
|
+
"Your perspective: security. Read all review files at: $SESSION_DIR/review-correctness.md, $SESSION_DIR/review-security.md, $SESSION_DIR/review-architecture.md, $SESSION_DIR/review-docs.md, $SESSION_DIR/review-compatibility.md. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-security.md."
|
|
49
|
+
|
|
50
|
+
Task 8 — Use the Task tool with subagent_type="deepreview-validator":
|
|
51
|
+
"Your perspective: architecture. Read all review files at: $SESSION_DIR/review-correctness.md, $SESSION_DIR/review-security.md, $SESSION_DIR/review-architecture.md, $SESSION_DIR/review-docs.md, $SESSION_DIR/review-compatibility.md. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-architecture.md."
|
|
52
|
+
|
|
53
|
+
Task 9 — Use the Task tool with subagent_type="deepreview-validator":
|
|
54
|
+
"Your perspective: docs. Read all review files at: $SESSION_DIR/review-correctness.md, $SESSION_DIR/review-security.md, $SESSION_DIR/review-architecture.md, $SESSION_DIR/review-docs.md, $SESSION_DIR/review-compatibility.md. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-docs.md."
|
|
55
|
+
|
|
56
|
+
Task 10 — Use the Task tool with subagent_type="deepreview-validator":
|
|
57
|
+
"Your perspective: compatibility. Read all review files at: $SESSION_DIR/review-correctness.md, $SESSION_DIR/review-security.md, $SESSION_DIR/review-architecture.md, $SESSION_DIR/review-docs.md, $SESSION_DIR/review-compatibility.md. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-compatibility.md."
|
|
58
|
+
|
|
59
|
+
Wait for all 5 to return.
|
|
60
|
+
|
|
61
|
+
STEP 5: DISPATCH STAGE 3 — SYNTHESIS (1 task)
|
|
62
|
+
Task 11 — Use the Task tool with subagent_type="deepreview-synthesizer":
|
|
63
|
+
"Read the validated reviews at: $SESSION_DIR/validated-correctness.md, $SESSION_DIR/validated-security.md, $SESSION_DIR/validated-architecture.md, $SESSION_DIR/validated-docs.md, $SESSION_DIR/validated-compatibility.md (skip any that don't exist). Write the synthesis to $SESSION_DIR/synthesis.md."
|
|
64
|
+
|
|
65
|
+
Record the stats line from its return.
|
|
27
66
|
|
|
28
67
|
If stats show 0 critical, 0 warnings, 0 suggestions, tell the user "No findings to post. PR looks good!" and STOP.
|
|
29
68
|
|
|
30
|
-
STEP
|
|
69
|
+
STEP 6: FORMAT THREADS (1 task)
|
|
31
70
|
|
|
32
71
|
Get the repo owner/name:
|
|
33
72
|
Run `gh repo view --json owner,name --jq '.owner.login + "/" + .name'` and save as OWNER_REPO.
|
|
@@ -37,18 +76,18 @@ Task — Use the Task tool with subagent_type="deepreview-review-formatter":
|
|
|
37
76
|
|
|
38
77
|
Wait for it to return.
|
|
39
78
|
|
|
40
|
-
STEP
|
|
79
|
+
STEP 7: POST REVIEW
|
|
41
80
|
Use the `deepreview-post-review` tool:
|
|
42
81
|
|
|
43
82
|
- `threads_path`: The absolute path to `$SESSION_DIR/threads.md`
|
|
44
83
|
- `pr_number`: $ARGUMENTS (the PR number)
|
|
45
84
|
|
|
46
|
-
STEP
|
|
85
|
+
STEP 8: PRESENT RESULTS
|
|
47
86
|
Show the user:
|
|
48
87
|
|
|
49
88
|
- Session directory: $SESSION_DIR/
|
|
50
89
|
- Which reviewers completed (and any that failed)
|
|
51
|
-
- Stats from synthesis (the stats line from
|
|
90
|
+
- Stats from synthesis (the stats line from Step 5)
|
|
52
91
|
- Output from the posting script (how many threads posted, any demotions)
|
|
53
92
|
- Remind: "The review is PENDING. Submit it via the GitHub UI when ready."
|
|
54
93
|
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { type Plugin, type PluginInput, tool } from "@opencode-ai/plugin";
|
|
2
|
-
import { postReview } from "
|
|
2
|
+
import { postReview } from "../../src/post-review.ts";
|
|
3
3
|
|
|
4
4
|
// oxlint-disable-next-line require-await -- Why: Plugin type signature requires async but this plugin has no async initialization
|
|
5
5
|
export const server: Plugin = async (_input: PluginInput) => {
|
package/package.json
CHANGED
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
---
|
|
2
|
-
internal: true
|
|
3
|
-
description: "Shared pipeline stages for deepreview commands (review → validate → synthesize)"
|
|
4
|
-
---
|
|
5
|
-
|
|
6
|
-
# Shared Pipeline: Review → Validate → Synthesize
|
|
7
|
-
|
|
8
|
-
This template defines 3 stages used by deepreview orchestrator commands. The orchestrator must set SESSION_DIR and INPUT_DESCRIPTION before invoking these stages.
|
|
9
|
-
|
|
10
|
-
## STAGE 1: INITIAL REVIEW (one task per review perspective)
|
|
11
|
-
|
|
12
|
-
Dispatch ALL of these Task tool calls simultaneously in a single message:
|
|
13
|
-
|
|
14
|
-
Task — Use the Task tool with subagent_type="deepreview-correctness":
|
|
15
|
-
"You are reviewing $INPUT_DESCRIPTION. Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-correctness.md."
|
|
16
|
-
|
|
17
|
-
Task — Use the Task tool with subagent_type="deepreview-security":
|
|
18
|
-
"You are reviewing $INPUT_DESCRIPTION. Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-security.md."
|
|
19
|
-
|
|
20
|
-
Task — Use the Task tool with subagent_type="deepreview-architecture":
|
|
21
|
-
"You are reviewing $INPUT_DESCRIPTION. Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-architecture.md."
|
|
22
|
-
|
|
23
|
-
Task — Use the Task tool with subagent_type="deepreview-docs":
|
|
24
|
-
"You are reviewing $INPUT_DESCRIPTION. Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-docs.md."
|
|
25
|
-
|
|
26
|
-
Task — Use the Task tool with subagent_type="deepreview-compatibility":
|
|
27
|
-
"You are reviewing $INPUT_DESCRIPTION. Read the content at $SESSION_DIR/input.txt. Write your review to $SESSION_DIR/review-compatibility.md."
|
|
28
|
-
|
|
29
|
-
Wait for all 5 to return. Record which succeeded and which failed.
|
|
30
|
-
|
|
31
|
-
## STAGE 2: CROSS-VALIDATION (5 parallel tasks)
|
|
32
|
-
|
|
33
|
-
Only proceed with reviews that exist. For each validator below, replace $REVIEW_FILE_LIST with ONLY the review files that were successfully created in Stage 1. If a review file failed, omit it from the list entirely. Dispatch validators simultaneously:
|
|
34
|
-
|
|
35
|
-
Task — Use the Task tool with subagent_type="deepreview-validator":
|
|
36
|
-
"Your perspective: correctness. Read all available review files at: $REVIEW_FILE_LIST. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-correctness.md."
|
|
37
|
-
|
|
38
|
-
Task — Use the Task tool with subagent_type="deepreview-validator":
|
|
39
|
-
"Your perspective: security. Read all available review files at: $REVIEW_FILE_LIST. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-security.md."
|
|
40
|
-
|
|
41
|
-
Task — Use the Task tool with subagent_type="deepreview-validator":
|
|
42
|
-
"Your perspective: architecture. Read all available review files at: $REVIEW_FILE_LIST. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-architecture.md."
|
|
43
|
-
|
|
44
|
-
Task — Use the Task tool with subagent_type="deepreview-validator":
|
|
45
|
-
"Your perspective: docs. Read all available review files at: $REVIEW_FILE_LIST. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-docs.md."
|
|
46
|
-
|
|
47
|
-
Task — Use the Task tool with subagent_type="deepreview-validator":
|
|
48
|
-
"Your perspective: compatibility. Read all available review files at: $REVIEW_FILE_LIST. Also read the original input at $SESSION_DIR/input.txt for context. Write your validated review to $SESSION_DIR/validated-compatibility.md."
|
|
49
|
-
|
|
50
|
-
Wait for all 5 to return.
|
|
51
|
-
|
|
52
|
-
## STAGE 3: SYNTHESIS (1 task)
|
|
53
|
-
|
|
54
|
-
Task — Use the Task tool with subagent_type="deepreview-synthesizer":
|
|
55
|
-
"Read the validated reviews at: $SESSION_DIR/validated-correctness.md, $SESSION_DIR/validated-security.md, $SESSION_DIR/validated-architecture.md, $SESSION_DIR/validated-docs.md, $SESSION_DIR/validated-compatibility.md (skip any that don't exist). Write the synthesis to $SESSION_DIR/synthesis.md."
|
|
56
|
-
|
|
57
|
-
Record the stats line from its return.
|