@yemi33/minions 0.1.2017 → 0.1.2018

package/docs/pr-review-fix-loop.md

@@ -32,7 +32,7 @@ How the engine manages the lifecycle of a PR from creation through review, fix,
 5. Build failure (`buildStatus === 'failing'`)
 6. Merge conflict (`_mergeConflict`)
 
-When multiple problems coexist, earlier triggers get the first chance to enqueue work. The local `fixDispatched` flag is declared before the fix triggers and set after human-feedback, review-feedback, and build-failure dispatches. Conflict fixes run last and explicitly require `!fixDispatched`, so any earlier successful fix dispatch suppresses the conflict fix for that PR in the same discovery pass. Build fixes are evaluated after human and minion review feedback, but the build-fix condition itself is not gated by `!fixDispatched`.
+When multiple problems coexist, earlier triggers get the first chance to enqueue work. The local `fixDispatched` flag is declared before the initial review trigger and set after first-review, human-feedback, review-feedback, and build-failure dispatches. Conflict fixes run last and explicitly require `!fixDispatched`, so any earlier successful review/fix dispatch suppresses the conflict fix for that PR in the same discovery pass. Build fixes are evaluated after human and minion review feedback, but the build-fix condition itself is not gated by `!fixDispatched`.
 
 The engine does not cap review→fix cycles or build-fix attempts. Each trigger evaluates its own gates on every discovery pass; loops stop only when the underlying condition clears (reviewer approves, build passes, conflict resolves, human feedback handled). Operators who need to halt automation on a runaway PR should disable the relevant feature flag (`evalLoop`, `autoFixBuilds`, `autoFixConflicts`) or close the PR.
 

package/engine/ado.js

@@ -10,6 +10,7 @@ const { exec, execAsync, getAdoOrgBase, log, ts, dateStamp, PR_STATUS, createThr
 const { getPrs } = require('./queries');
 const { mutateJsonFileLocked } = shared;
 const { acquireAdoToken } = require('./ado-token');
+const { isPreviewStatusBody, hasMinionsMarker, hasVerdictPrefix } = require('./comment-classifier');
 const { wrapUntrusted, buildSource } = require('./untrusted-fence');
 
 // Lazy require to avoid circular dependency — only needed for engine().handlePostMerge
@@ -1490,6 +1491,32 @@ async function pollPrHumanComments(config) {
     const allCommentDates = [];
     const ignoredAuthors = (config.engine?.ignoredCommentAuthors || []).map(a => a.toLowerCase());
 
+    // P-f23classifier (F3, security note): ADO has no `viewerDidAuthor`
+    // equivalent. A human pasting our `<!-- minions:agent=... -->` marker
+    // (e.g. by copy-paste from a fix-summary) would otherwise be
+    // misclassified as agent-authored. Cross-check marker-presence against
+    // the configured Minions identity (uniqueName / displayName / id /
+    // descriptor) so marker-presence alone NEVER suffices on ADO. When
+    // `minionsAdoIdentities` is empty (default), marker-presence is ignored
+    // entirely on ADO — the body still has to match one of the legacy
+    // regexes (Minions(...), by Minions, [minions], VERDICT:) to classify
+    // as agent-authored.
+    const minionsAdoIdentities = new Set(
+      (Array.isArray(config.engine?.minionsAdoIdentities) ? config.engine.minionsAdoIdentities : [])
+        .map(s => String(s || '').toLowerCase())
+        .filter(Boolean)
+    );
+    const isAdoMinionsAuthor = (comment) => {
+      if (minionsAdoIdentities.size === 0) return false;
+      const author = comment?.author || {};
+      const candidates = [author.uniqueName, author.displayName, author.id, author.descriptor];
+      for (const cand of candidates) {
+        if (typeof cand !== 'string' || !cand) continue;
+        if (minionsAdoIdentities.has(cand.toLowerCase())) return true;
+      }
+      return false;
+    };
+
     for (const thread of threads) {
       // P-8c6a4f2d: collect comments from ALL threads regardless of status.
       // Previously we skipped resolved/closed threads here, which dropped
@@ -1504,25 +1531,31 @@ async function pollPrHumanComments(config) {
         // Track date for cutoff BEFORE author/body filters so bot/CI/ignored
         // comments still advance the cutoff.
         if (comment.publishedDate) allCommentDates.push(comment.publishedDate);
-        // Skip explicitly ignored authors and CI-report bodies, but do not ignore bot authors by default.
+        // Skip explicitly ignored authors.
         const authorName = (comment.author?.displayName || '').toLowerCase();
         if (ignoredAuthors.some(a => authorName.includes(a))) continue;
-        if (/^#{1,3}\s*(Coverage|Build|Test|Deploy|Pipeline)\s*(Report|Status|Result|Summary)/i.test(content)) continue;
-        // Detect agent comments (included in context, but don't trigger fix).
-        // W-mpbhnaim000q9ed3: also match the VERDICT-prefixed review body. The
-        // `Review by Minions (...)` sign-off can be skipped by a review agent
-        // (Ripley on PR ado:office/iss/constellation#5056697, 2026-05-18: posted
-        // a 1100-char APPROVE body with no sign-off → engine treated it as
-        // human feedback → fix-dispatch loop spammed "Skipping human-feedback
-        // fix ... noop on the same head" once a minute for 9+ hours). The
-        // VERDICT prefix is itself an engine-owned structured-output contract
-        // (parseReviewVerdict, playbooks/review.md:69-72) — humans don't write
-        // it as the first line of a comment. The `^` + /m anchor keeps quoted
-        // verdict text inside a human reply from matching.
-        const isAgent = /\bMinions\s*\(/i.test(content)
+        // P-f23classifier (F2): filter preview-status / CI-report bot bodies
+        // (Firebase / Appetize / Deploy / Preview / Coverage-Build-Test
+        // headings / shields.io badges) for parity with engine/github.js
+        // _isPreviewStatusComment. ADO has no `user.type === 'bot'` flag,
+        // so the filter is body-only — same behavior the inline ADO CI
+        // filter had before extraction, now broadened to include the GH
+        // preview signatures so a Firebase/Appetize bot comment on an ADO
+        // PR no longer advances pendingFix.
+        if (isPreviewStatusBody(content)) continue;
+        // P-f23classifier (F3): detect agent comments (included in context
+        // but don't trigger fix). Structurally symmetric to
+        // engine/github.js _isAgentComment + _isMinionsAuthoredComment:
+        //   - marker-presence + ADO identity cross-check (spoof guard), OR
+        //   - legacy body patterns (Minions(...), by Minions, [minions]), OR
+        //   - hasVerdictPrefix(content) — engine-owned structured-output
+        //     contract emitted by playbooks/review.md.
+        const markerAuthored = hasMinionsMarker(content) && isAdoMinionsAuthor(comment);
+        const isAgent = markerAuthored
+          || /\bMinions\s*\(/i.test(content)
           || /\bby\s+Minions\b/i.test(content)
           || /\[minions\]/i.test(content)
-          || /^\s*VERDICT:\s*(APPROVE|REQUEST_CHANGES)\b/im.test(content);
+          || hasVerdictPrefix(content);
 
         const entry = {
           threadId: thread.id,

package/engine/comment-classifier.js

@@ -0,0 +1,138 @@
+/**
+ * engine/comment-classifier.js — P-f23classifier (F2 + F3)
+ *
+ * Host-agnostic PR-comment body classifiers shared by engine/github.js and
+ * engine/ado.js pollers. Three pure body-only predicates:
+ *
+ *   isPreviewStatusBody(body) — Firebase / Appetize / Deploy / Preview bot
+ *     signatures + Coverage/Build/Test/Deploy/Pipeline report headings +
+ *     shields.io-style badge images. Ported from engine/github.js
+ *     `_isPreviewStatusComment` body checks. ADO has no `user.type === 'bot'`
+ *     equivalent, so the GH-side bot-author gate stays in github.js — this
+ *     module's body match is what both pollers consume.
+ *
+ *   hasMinionsMarker(body) — structural `<!-- minions:agent=… kind=… -->`
+ *     check using gh-comment.MINIONS_COMMENT_MARKER_RE. Strict: marker must
+ *     occupy the body's first line entirely (no leading content, no trailing
+ *     content on the same line). Same semantics as the GH-side
+ *     `_isMinionsAuthoredComment` body check.
+ *
+ *   hasVerdictPrefix(body) — `VERDICT: APPROVE | REQUEST_CHANGES` prefix
+ *     check. Tightened in P-f4verdictregex (F4, Wave 3): requires a line
+ *     that starts (under /m) with optional whitespace, an optional bold
+ *     (`**` / `__`) or heading (`#+ `) marker, the literal `VERDICT:` token,
+ *     whitespace, and `APPROVE` or `REQUEST_CHANGES` ending on a word
+ *     boundary. Case-sensitive; legacy lowercase / `REQUEST-CHANGES` /
+ *     `REQUEST CHANGES` variants no longer match. Strict body-position-0 is
+ *     NOT required — real verdict bodies have preambles ~1/3 of the time,
+ *     so any line-start position counts. Quoted (`> VERDICT:`) and inline
+ *     mid-paragraph mentions are rejected (line-start anchor + only `**`,
+ *     `__`, `#+` allowed before `VERDICT:`).
+ *
+ * IMPORTANT — author identity is intentionally NOT consulted here. These are
+ * body-only predicates. Callers MUST combine them with their own identity
+ * gates before treating a comment as agent-authored:
+ *
+ *   GitHub: `comment.viewerDidAuthor === true`, backfilled via `gh api user`
+ *           by engine/github.js `_backfillViewerDidAuthor`. The combined
+ *           gate (`viewerDidAuthor && hasMinionsMarker`) is what makes the
+ *           marker non-spoofable on GH.
+ *
+ *   ADO:    `comment.author.uniqueName` (or displayName / id / descriptor)
+ *           matched case-insensitively against
+ *           `config.engine.minionsAdoIdentities`. ADO has no
+ *           `viewerDidAuthor` equivalent, so a human pasting our marker
+ *           would otherwise be misclassified as agent-authored. The combined
+ *           gate (`isMinionsAdoAuthor && hasMinionsMarker`) is the
+ *           structural complement that prevents marker spoofing.
+ *
+ * Marker-presence ALONE never classifies a comment as agent on either
+ * platform — that contract is enforced at the caller, not here.
+ */
+
+const { MINIONS_COMMENT_MARKER_RE } = require('./gh-comment');
+
+// ── Preview / status / CI-report body patterns ──────────────────────────────
+// Coverage / Build / Test / Deploy / Pipeline report headings (level-1-to-3).
+const _CI_REPORT_HEADING_RE =
+  /^#{1,3}\s*(Coverage|Build|Test|Deploy|Pipeline)\s*(Report|Status|Result|Summary)/i;
+
+// shields.io / similar badge images.
+const _BADGE_RE = /!\[.*\]\(https?:\/\/.*badge/i;
+
+// Firebase App Distribution / Appetize / Preview / Deploy headings.
+const _PREVIEW_HEADING_RE =
+  /^#{1,3}\s*(Firebase(?:\s+App\s+Distribution)?|Appetize|Preview|Deploy(?:ment)?|Status)\b/i;
+
+const _FIREBASE_BRAND_RE = /\bFirebase\s+App\s+Distribution\b/i;
+const _FIREBASE_URL_RE = /\bappdistribution\.firebase\b/i;
+const _APPETIZE_URL_RE = /\bappetize\.io\b/i;
+
+// "deploy ready", "deployment available", "preview succeeded", etc.
+const _DEPLOY_READY_RE =
+  /\b(?:deploy|deployment|preview)\s+(?:ready|available|succeeded|complete|completed)\b/i;
+
+function isPreviewStatusBody(body) {
+  const text = String(body || '');
+  if (!text) return false;
+  if (_CI_REPORT_HEADING_RE.test(text)) return true;
+  if (_BADGE_RE.test(text)) return true;
+  if (_PREVIEW_HEADING_RE.test(text)) return true;
+  if (_FIREBASE_BRAND_RE.test(text)) return true;
+  if (_FIREBASE_URL_RE.test(text)) return true;
+  if (_APPETIZE_URL_RE.test(text)) return true;
+  if (_DEPLOY_READY_RE.test(text)) return true;
+  return false;
+}
+
+// ── Structural Minions marker ──────────────────────────────────────────────
+//
+// MINIONS_COMMENT_MARKER_RE uses the /m flag so its `^` anchor matches the
+// start of ANY line. For body classification we additionally require the
+// marker to occupy the FIRST line of the body entirely — no leading text, no
+// trailing content on the same line. That matches the body-only contract
+// gh-comment.buildMinionsCommentBody produces (marker, \n\n, body) and
+// prevents quoted/blockquoted markers in human replies from triggering the
+// classifier.
+function hasMinionsMarker(body) {
+  const text = String(body || '');
+  if (!text) return false;
+  const m = MINIONS_COMMENT_MARKER_RE.exec(text);
+  if (!m) return false;
+  if (m.index !== 0) return false;
+  const lineEnd = text.indexOf('\n');
+  const firstLine = lineEnd === -1 ? text : text.slice(0, lineEnd);
+  return firstLine.trim() === m[0].trim();
+}
+
+// ── VERDICT prefix ─────────────────────────────────────────────────────────
+//
+// P-f4verdictregex (F4, Wave 3): tightened from the GH-flavored permissive
+// regex to a strict line-start form. The body must contain a line that
+// starts with optional whitespace, an optional bold (`**` / `__`) or
+// heading (`#+ `) marker, the literal `VERDICT:` token, whitespace, and
+// `APPROVE` or `REQUEST_CHANGES` ending on a word boundary. Case-sensitive
+// (no /i flag) — playbooks/review.md emits the canonical uppercase form.
+// /m flag lets a verdict appear after a preamble (~1/3 of real bodies have
+// a preamble before the verdict line). Quoted (`> VERDICT:`) and inline
+// mid-paragraph mentions are rejected because nothing other than
+// whitespace + `**` / `__` / `#+ ` is allowed before `VERDICT:`.
+//
+// The optional trailing `(?:\*\*|__)?` group lets `__bold__` markdown close
+// cleanly — `_` is a word character, so without consuming the closing
+// `__` the trailing `\b` would not match `__VERDICT: APPROVE__`. The
+// alternation backtracks for `**...**` bodies (trailing `**` consumed then
+// `\b` fails, engine retries with 0-width trailing match and `\b` succeeds
+// at the `E` → `*` transition).
+const _VERDICT_PREFIX_RE =
+  /^\s*(?:\*\*|__|#+\s*)?VERDICT:\s+(APPROVE|REQUEST_CHANGES)(?:\*\*|__)?\b/m;
+
+function hasVerdictPrefix(body) {
+  return _VERDICT_PREFIX_RE.test(String(body || ''));
+}
+
+module.exports = {
+  isPreviewStatusBody,
+  hasMinionsMarker,
+  hasVerdictPrefix,
+};

package/engine/github.js

@@ -7,7 +7,7 @@
 const shared = require('./shared');
 const { exec, execAsync, getProjects, projectPrPath, projectWorkItemsPath, safeJson, safeJsonArr, safeWrite, mutateJsonFileLocked, mutatePullRequests, MINIONS_DIR, getPrLinks, backfillPrPrdItems, log, ts, dateStamp, PR_STATUS, PR_POLLABLE_STATUSES, ENGINE_DEFAULTS, createThrottleTracker, getProjectOrg } = shared;
 const { getPrs } = require('./queries');
-const { MINIONS_COMMENT_MARKER_RE } = require('./gh-comment');
+const { isPreviewStatusBody, hasMinionsMarker, hasVerdictPrefix } = require('./comment-classifier');
 const { wrapUntrusted, buildSource } = require('./untrusted-fence');
 const ghToken = require('./gh-token');
 const path = require('path');
@@ -59,6 +59,21 @@ function _setShellSafeGhForTest(fn) {
   _shellSafeGhOverride = (typeof fn === 'function') ? fn : null;
 }
 
+// P-f1ghstale: test seam to mock ghApi at the call-site level. ghApi itself
+// always catches (returns null on failure, GH_NOT_FOUND on 404), so the inner
+// `catch` in checkLiveBuildAndConflict cannot be reached by mocking the shell
+// layer alone. This seam lets tests inject a throwing/resolving override that
+// exercises the buildStatusStale branch (parity with ADO's adoFetch testability
+// via globalThis.fetch).
+let _ghApiOverrideForTest = null;
+function _setGhApiForTest(fn) {
+  _ghApiOverrideForTest = (typeof fn === 'function') ? fn : null;
+}
+async function _ghApiViaTestSeam(endpoint, slug, opts) {
+  if (_ghApiOverrideForTest) return _ghApiOverrideForTest(endpoint, slug, opts);
+  return ghApi(endpoint, slug, opts);
+}
+
 // ─── Constants ──────────────────────────────────────────────────────────────
 
 // 10 MB — prevents maxBuffer exceeded errors on repos with many open PRs.
@@ -78,8 +93,14 @@ function getRepoSlug(project) {
   return `${org}/${repo}`;
 }
 
+// P-f23classifier (F4): delegates to the host-agnostic VERDICT prefix check
+// in engine/comment-classifier.js. The literal regex used to live here;
+// extraction allowed F4 (Wave 3) to tighten the prefix in a single place.
+// The tightened form requires `VERDICT: APPROVE|REQUEST_CHANGES` at line
+// start (under /m), optionally wrapped in `**`, `__`, or `#+ ` markers —
+// see engine/comment-classifier.js for the full contract.
 function _hasMinionsReviewVerdict(body) {
-  return /(?:^|\n)\s*\*{0,2}VERDICT[:\s]+\*{0,2}(?:APPROVE|REQUEST[_\s-]?CHANGES)\*{0,2}\b/i.test(String(body || ''));
+  return hasVerdictPrefix(body);
 }
 
 function _isAgentComment(c) {
@@ -92,29 +113,21 @@ function _isAgentComment(c) {
   return false;
 }
 
-function _isCiReportCommentBody(body) {
-  const text = String(body || '');
-  if (/^#{1,3}\s*(Coverage|Build|Test|Deploy|Pipeline)\s*(Report|Status|Result|Summary)/i.test(text)) return true;
-  if (/!\[.*\]\(https?:\/\/.*badge/i.test(text)) return true;
-  return false;
-}
-
 function _isGitHubBotComment(c) {
   const login = String(c?.user?.login || '');
   const type = String(c?.user?.type || '');
   return type.toLowerCase() === 'bot' || /\[bot\]$/i.test(login);
 }
 
+// P-f23classifier (F2): retains the GH-side bot-author gate (ADO has no
+// `user.type === 'bot'` equivalent) but delegates the body check to the
+// host-agnostic isPreviewStatusBody helper in engine/comment-classifier.js.
+// The body matcher covers Coverage/Build/Test/Deploy/Pipeline report
+// headings + Firebase App Distribution + Appetize + Deploy-ready phrases +
+// shields.io badges (same set as before the extraction).
 function _isPreviewStatusComment(c) {
   if (!_isGitHubBotComment(c)) return false;
-  const body = String(c?.body || '');
-  if (_isCiReportCommentBody(body)) return true;
-  if (/^#{1,3}\s*(Firebase(?:\s+App\s+Distribution)?|Appetize|Preview|Deploy(?:ment)?|Status)\b/i.test(body)) return true;
-  if (/\bFirebase\s+App\s+Distribution\b/i.test(body)) return true;
-  if (/\bappdistribution\.firebase\b/i.test(body)) return true;
-  if (/\bappetize\.io\b/i.test(body)) return true;
-  if (/\b(?:deploy|deployment|preview)\s+(?:ready|available|succeeded|complete|completed)\b/i.test(body)) return true;
-  return false;
+  return isPreviewStatusBody(c?.body);
 }
 
 function _isNonActionableComment(c, config = {}) {
@@ -122,8 +135,14 @@ function _isNonActionableComment(c, config = {}) {
   const login = String(c?.user?.login || '').toLowerCase();
   if (ignoredAuthors.has(login)) return true;
   if (_isAgentComment(c)) return true;
-  if (_isCiReportCommentBody(c?.body)) return true;
-  if (_isPreviewStatusComment(c)) return true;
+  // P-f23classifier (F2): body-only preview/CI-report check is now host-
+  // agnostic. The legacy `_isCiReportCommentBody` body match (Coverage /
+  // Build / Test / Deploy / Pipeline headings + shields.io badges) is the
+  // strict subset of isPreviewStatusBody, so a single call covers both
+  // pre-existing branches. Bot-author gated preview matches still go
+  // through _isPreviewStatusComment for callers that want the narrower
+  // bot-only signal exported for testing.
+  if (isPreviewStatusBody(c?.body)) return true;
   if (_isMinionsAuthoredComment(c)) return true;
   return false;
 }
@@ -151,20 +170,14 @@ function _isNonActionableComment(c, config = {}) {
 //
 // Sub-item -a populates the marker on every minions-posted comment via a helper.
 // Sub-item -c migrates existing engine call sites + playbook examples.
+//
+// P-f23classifier (F3): the body-only "structural marker on own first line"
+// check is now hasMinionsMarker in engine/comment-classifier.js. GH retains
+// the viewerDidAuthor gate as the spoof guard (ADO uses a uniqueName cross-
+// check against config.engine.minionsAdoIdentities instead — see ado.js).
 function _isMinionsAuthoredComment(c) {
   if (!c || c.viewerDidAuthor !== true) return false;
-  const body = c.body || '';
-  const m = MINIONS_COMMENT_MARKER_RE.exec(body);
-  if (!m) return false;
-  // Strict: marker must be on its OWN first line (no leading content,
-  // no trailing content on the same line). MINIONS_COMMENT_MARKER_RE uses
-  // /m so it would otherwise match the start of any line; we additionally
-  // require the match to be at index 0 AND to occupy the first line
-  // exactly (modulo surrounding whitespace).
-  if (m.index !== 0) return false;
-  const lineEnd = body.indexOf('\n');
-  const firstLine = lineEnd === -1 ? body : body.slice(0, lineEnd);
-  return firstLine.trim() === m[0].trim();
+  return hasMinionsMarker(c.body || '');
 }
 
 // ─── Viewer Login Resolution ────────────────────────────────────────────────
@@ -1371,6 +1384,8 @@ async function dismissPriorViewerChangesRequestedReviews(pr, project) {
  *   {
  *     buildStatus: 'failing' | 'passing' | 'running' | 'none' | null,
  *     mergeConflict: boolean,
+ *     buildStatusStale?: boolean,
+ *     buildStatusDetail?: string,
  *   }
  *
  * `mergeConflict` is true only when GitHub explicitly reports `mergeable: false`
@@ -1379,6 +1394,10 @@ async function dismissPriorViewerChangesRequestedReviews(pr, project) {
  *
  * `buildStatus` is null when we couldn't query check-runs or the PR isn't open;
  * caller falls back to cached value.
+ *
+ * `buildStatusStale` (+ `buildStatusDetail`) are set when the inner check-runs
+ * query throws — P-f1ghstale parity with ADO so engine.js's stale-marker branch
+ * fires for GitHub too.
  */
 async function checkLiveBuildAndConflict(pr, project) {
   try {
@@ -1386,7 +1405,7 @@ async function checkLiveBuildAndConflict(pr, project) {
     if (!slug) return null;
     const prNum = shared.getPrNumber(pr);
     if (!prNum) return null;
-    const prData = await ghApi(`/pulls/${prNum}`, slug);
+    const prData = await _ghApiViaTestSeam(`/pulls/${prNum}`, slug);
     if (!prData || prData === GH_NOT_FOUND) return null;
 
     // Conflict signal — only treat `mergeable === false` as a positive
@@ -1401,9 +1420,17 @@ async function checkLiveBuildAndConflict(pr, project) {
     // check-runs classification so the live read and cached poll agree on
     // 'failing' / 'passing' / 'running' / 'none'.
     let buildStatus = null;
+    // P-f1ghstale: stale-signal parity with ADO. When the check-runs query
+    // throws (transient gh CLI failure, network blip), surface a stale signal
+    // so engine.js's `if (live?.buildStatusStale)` branch can persist the
+    // cached state instead of treating a missing buildStatus as recovered.
+    // EXPLICIT NON-GOALS (rejected in plan): no mergeable===null branch,
+    // no wallclock/age branch, no empty check_runs branch.
+    let buildStatusStale = false;
+    let buildStatusDetail = '';
     if (prData.state === 'open' && prData.head?.sha) {
       try {
-        const checksData = await ghApi(`/commits/${prData.head.sha}/check-runs`, slug);
+        const checksData = await _ghApiViaTestSeam(`/commits/${prData.head.sha}/check-runs`, slug);
         if (checksData && Array.isArray(checksData.check_runs)) {
           const runs = checksData.check_runs;
           if (runs.length === 0) {
@@ -1417,10 +1444,18 @@ async function checkLiveBuildAndConflict(pr, project) {
             else buildStatus = 'running';
           }
         }
-      } catch (e) { log('warn', `Live build check checks query for ${pr.id}: ${e.message}`); }
+      } catch (e) {
+        buildStatusStale = true;
+        buildStatusDetail = `Live check-runs query failed: ${e.message}`;
+        log('warn', `Live build check checks query for ${pr.id}: ${e.message}`);
+      }
     }
 
-    return { buildStatus, mergeConflict };
+    return {
+      buildStatus,
+      mergeConflict,
+      ...(buildStatusStale ? { buildStatusStale, buildStatusDetail } : {}),
+    };
   } catch (e) {
     log('warn', `Live build/conflict check for ${pr.id}: ${e.message}`);
     return null;
@@ -1608,5 +1643,6 @@ module.exports = {
   _backfillViewerDidAuthor, // exported for testing (W-mp3bp0ha000997ab-b backfill)
   _setExecAsyncForTest, // W-mp5trwh60008386d: test seam to mock `gh api` shell-outs
   _setShellSafeGhForTest, // P-f2-gh-shell (F2): test seam to mock argv-form gh api calls
+  _setGhApiForTest, // P-f1ghstale: test seam to mock ghApi call sites for stale-signal branch coverage
   GH_NOT_FOUND, // W-mp5trwh60008386d: exported so tests can assert sentinel propagation
 };

package/engine/lifecycle.js

@@ -1687,11 +1687,21 @@ async function updatePrAfterReview(agentId, pr, project, config, resultSummary,
   // Actively clear the agent's prior negative on flip, then re-check live so we
   // never claim approved if some OTHER reviewer (human, different minion
   // account) still has a negative vote/review on the PR.
+  //
+  // P-f7splitgate — split the gate into two predicates:
+  //   * canDismissOwnPriorNegative: dismissal of the engine's own previously-posted
+  //     REQUEST_CHANGES on a verdict flip to APPROVE runs UNCONDITIONALLY. This is
+  //     correctness (cleaning up our own stale state), not policy, so it must NOT
+  //     be gated by autoApplyReviewVote.
+  //   * autoApplyVote: continues to gate POSITIVE auto-actions — mirroring the
+  //     live platform status into local reviewStatus below (which can promote the
+  //     PR to 'approved' based on platform-side votes).
   const prevReviewStatus = reviewPr?.reviewStatus || '';
   const wasNegative = prevReviewStatus === 'changes-requested' || prevReviewStatus === 'waiting'
     || liveStatus === 'changes-requested' || liveStatus === 'waiting';
   const autoApplyVote = config?.engine?.autoApplyReviewVote ?? ENGINE_DEFAULTS.autoApplyReviewVote;
-  if (autoApplyVote && verdictRaw === 'approved' && !isSelfReview && wasNegative && projectObjForChecks) {
+  const canDismissOwnPriorNegative = verdictRaw === 'approved' && !isSelfReview && wasNegative && projectObjForChecks;
+  if (canDismissOwnPriorNegative) {
     try {
       const reconcileFn = hostForChecks === 'github'
         ? require('./github').dismissPriorViewerChangesRequestedReviews

package/engine/shared.js

@@ -1692,7 +1692,6 @@ const ENGINE_DEFAULTS = {
   autoReviewPrs: true, // auto-dispatch review agents for newly opened agent PRs
   autoReReviewPrs: true, // auto-dispatch review agents after a PR fix is pushed
   autoFixReviewFeedback: true, // auto-dispatch fix agents for minions review changes-requested verdicts
-  autoApplyReviewVote: false, // when true, review verdicts (APPROVE / REQUEST_CHANGES) automatically flip the platform vote; when false (default), verdicts are informational only
   autoFixHumanComments: true, // auto-dispatch fix agents for actionable human PR comments
   prNoOpFixPauseAttempts: 2, // pause one PR automation cause after repeated no-op fixes for unchanged evidence
   completionReportRetentionDays: 90, // retain completion report sidecars beyond capped dispatch history
@@ -1739,6 +1738,16 @@ const ENGINE_DEFAULTS = {
   autoCompletePrs: false, // auto-merge PRs when builds green + review approved (opt-in)
   prMergeMethod: 'squash', // merge method: squash, merge, rebase
   ignoredCommentAuthors: [], // comments from these authors are auto-closed and never trigger fixes
+  // P-f23classifier (F3, security note): ADO Minions identity allow-list for
+  // the marker spoof guard in engine/ado.js pollPrHumanComments. ADO has no
+  // viewerDidAuthor equivalent, so a human pasting the <!-- minions:agent=... -->
+  // marker would otherwise be misclassified as agent-authored. The poller
+  // combines marker-presence with comment.author.{uniqueName|displayName|id|
+  // descriptor} matching one of these (case-insensitive) before treating a
+  // body as agent-authored. Empty array (default) means marker-presence alone
+  // NEVER classifies as agent on ADO — the body still has to match one of
+  // the legacy patterns (Minions(...), by Minions, [minions], VERDICT:).
+  minionsAdoIdentities: [],
   botCommentLogins: [], // P-a3f9b2c1: opt-in shared-minions GH login list — comments from these logins are suppressed ONLY when body matches positive-signal markers (Verification SUCCESS / VERDICT:APPROVE / noop:true). Narrower than ignoredCommentAuthors which suppresses all comments by login.
   // W-mp76pw7a001da7c1 — Per-slug GitHub PAT routing. Map of `<owner>` (or `<owner>/*`,
   // or `*` for fleet default) to a `gh auth` account name. `engine/gh-token.js`
@@ -1752,7 +1761,7 @@ const ENGINE_DEFAULTS = {
   ccEffort: null, // effort level for CC/doc-chat (null, 'low', 'medium', 'high')
   enablePreDispatchEval: true, // P-d2a9f6e5: cheap LLM gate before queueing — on by default. See engine/pre-dispatch-eval.js (Ripley §3 recommendation, 2026-05-11 architecture review). Validates from acceptance_criteria when present, falls back to description when criteria are absent but description is rich (≥80 chars). Fail-open on any validator error.
   completionNonceRequired: false, // P-d2a8f6c1 (agent trust boundary F8): when true, a missing `nonce` field in the completion JSON hard-fails the dispatch with failure_class:'completion-nonce-mismatch'. Default false for one release so older agents/runtime caches that haven't picked up the prompt change degrade with a warning instead of breaking. Mismatched nonces hard-fail regardless of this flag. See docs/completion-reports.md → "Trust boundary".
-  autoApplyReviewVote: false, // W-mpea9fyb0010febf: when true, review verdict flips the platform vote (ADO resetReviewerNegativeVote / GitHub dismissPriorViewerChangesRequestedReviews). When false (default), the verdict is recorded in pull-requests.json reviewStatus only — informational, no platform side-effect.
+  autoApplyReviewVote: false, // W-mpea9fyb0010febf / P-f7splitgate: gates POSITIVE auto-actions only — when true, the engine mirrors live platform vote state into local pull-requests.json reviewStatus (so platform-side approves auto-promote local status). When false (default), the verdict is recorded in pull-requests.json reviewStatus from the agent's completion only — informational. NEGATIVE-correction (dismissing the engine's own prior REQUEST_CHANGES / resetting its own prior negative ADO vote on a verdict flip to APPROVE) is correctness and runs UNCONDITIONALLY regardless of this flag.
 
   // ── Runtime fleet (P-3b8e5f1d) ──────────────────────────────────────────────
   // Single source of truth for which CLI runtime + model every spawn uses.

package/engine.js

@@ -4152,6 +4152,13 @@ async function discoverFromPrs(config, project) {
     // The poller holds reviewStatus at 'waiting' until the reviewer acts on the new code.
     const awaitingReReview = reviewStatus === 'waiting' && !!pr.minionsReview?.fixedAt;
 
+    // F8 (P-f8firstdispatch): hoisted above the first-review block so a
+    // successful initial-review dispatch suppresses downstream fix dispatches
+    // (human-feedback, review-feedback, build, conflict) in the same PR pass —
+    // matches the canonical flag pattern from the adjacent human-feedback /
+    // review-feedback / build-fix blocks below.
+    let fixDispatched = false;
+
     // PRs needing review: evalLoop gates the entire review+fix cycle; pollEnabled ensures reviewStatus is fresh
     const reviewEnabled = evalLoopEnabled && pollEnabled && autoReviewPrs;
     const reReviewEnabled = evalLoopEnabled && pollEnabled && autoReReviewPrs;
@@ -4215,11 +4222,9 @@ async function discoverFromPrs(config, project) {
         pr_id: pr.id, pr_number: prNumber, pr_title: pr.title || '', pr_branch: prBranch,
         pr_author: pr.agent || '', pr_url: pr.url || '',
       }, `Review ${pr.id}: ${pr.title}`, { dispatchKey: key, source: 'pr', pr, branch: prBranch, project: projMeta });
-      if (item) { newWork.push(item); }
+      if (item) { newWork.push(item); fixDispatched = true; }
     }
 
-    let fixDispatched = false;
-
     // Fresh reviewer comments are actionable fixes, even while the PR is otherwise
     // awaiting a stale-vote re-review or has build-fix retries escalated.
     const humanFixBaseKey = `human-fix-${project?.name || 'default'}-${prDisplayId}`;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@yemi33/minions",
-  "version": "0.1.2017",
+  "version": "0.1.2018",
   "description": "Multi-agent AI dev team that runs from ~/.minions/ — five autonomous agents share a single engine, dashboard, and knowledge base",
   "bin": {
     "minions": "bin/minions.js"