claude-dev-env 1.39.0 → 1.41.0

package/skills/pr-converge/scripts/test_check_bugbot_ci.py

@@ -0,0 +1,312 @@
+"""Tests for check_bugbot_ci silent-pass detection.
+
+Covers:
+- is_bugbot_run_clean returns True for completed success / completed neutral
+- is_bugbot_run_clean returns False for completed failure, in_progress, missing
+- is_bugbot_run_clean returns None when the gh CLI fails
+- main(--check-clean) returns 0 on clean, 1 on not-clean, and
+  EXIT_CODE_GH_ERROR on gh CLI failure (with stderr diagnostics)
+"""
+
+from __future__ import annotations
+
+import importlib.util
+import json
+import subprocess
+import sys
+from collections.abc import Iterator
+from pathlib import Path
+from types import ModuleType
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+_SCRIPTS_DIRECTORY = Path(__file__).resolve().parent
+
+
+@pytest.fixture(scope="session")
+def check_bugbot_ci_module() -> Iterator[ModuleType]:
+    """Load check_bugbot_ci with full sys.path and sys.modules isolation.
+
+    Snapshots sys.path and sys.modules at session start; restores both
+    unconditionally at session teardown so sibling tests inherit a clean
+    loading environment. The production script performs its own
+    membership-guarded sys.path.insert during exec_module so its config
+    dependency resolves; that insert and any config.* modules it loads
+    are reverted on teardown.
+    """
+    module_path = _SCRIPTS_DIRECTORY / "check_bugbot_ci.py"
+    spec = importlib.util.spec_from_file_location("check_bugbot_ci", module_path)
+    assert spec is not None
+    assert spec.loader is not None
+    module = importlib.util.module_from_spec(spec)
+    sys_path_snapshot = list(sys.path)
+    sys_modules_snapshot = dict(sys.modules)
+    evicted_config_modules = {
+        each_module_name: sys.modules.pop(each_module_name)
+        for each_module_name in list(sys.modules)
+        if each_module_name == "config" or each_module_name.startswith("config.")
+    }
+    sys_modules_snapshot.update(evicted_config_modules)
+    spec.loader.exec_module(module)
+    try:
+        yield module
+    finally:
+        sys.path[:] = sys_path_snapshot
+        for each_new_module_name in list(sys.modules):
+            if each_new_module_name not in sys_modules_snapshot:
+                del sys.modules[each_new_module_name]
+        for each_module_name, each_module_value in sys_modules_snapshot.items():
+            sys.modules[each_module_name] = each_module_value
+
+
+def _make_completed_process(
+    stdout: str, returncode: int = 0
+) -> subprocess.CompletedProcess[str]:
+    process = MagicMock(spec=subprocess.CompletedProcess)
+    process.stdout = stdout
+    process.stderr = ""
+    process.returncode = returncode
+    return process
+
+
+def _build_stdout(*all_check_entries: dict[str, object]) -> str:
+    return "\n".join(json.dumps(each_entry) for each_entry in all_check_entries) + "\n"
+
+
+def test_should_return_true_when_bugbot_completed_with_success_conclusion(
+    check_bugbot_ci_module: ModuleType,
+) -> None:
+    stdout = _build_stdout(
+        {"name": "Cursor Bugbot", "status": "completed", "conclusion": "success"}
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        is_clean = check_bugbot_ci_module.is_bugbot_run_clean(
+            owner="acme", repo="repo", sha="abc"
+        )
+    assert is_clean is True
+
+
+def test_should_return_true_when_bugbot_completed_with_neutral_conclusion(
+    check_bugbot_ci_module: ModuleType,
+) -> None:
+    stdout = _build_stdout(
+        {"name": "bugbot", "status": "completed", "conclusion": "neutral"}
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        is_clean = check_bugbot_ci_module.is_bugbot_run_clean(
+            owner="acme", repo="repo", sha="abc"
+        )
+    assert is_clean is True
+
+
+def test_should_return_false_when_bugbot_completed_with_failure_conclusion(
+    check_bugbot_ci_module: ModuleType,
+) -> None:
+    stdout = _build_stdout(
+        {"name": "Cursor Bugbot", "status": "completed", "conclusion": "failure"}
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        is_clean = check_bugbot_ci_module.is_bugbot_run_clean(
+            owner="acme", repo="repo", sha="abc"
+        )
+    assert is_clean is False
+
+
+def test_should_return_false_when_bugbot_still_in_progress(
+    check_bugbot_ci_module: ModuleType,
+) -> None:
+    stdout = _build_stdout(
+        {"name": "Cursor Bugbot", "status": "in_progress", "conclusion": None}
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        is_clean = check_bugbot_ci_module.is_bugbot_run_clean(
+            owner="acme", repo="repo", sha="abc"
+        )
+    assert is_clean is False
+
+
+def test_should_return_false_when_no_bugbot_check_run_present(
+    check_bugbot_ci_module: ModuleType,
+) -> None:
+    stdout = _build_stdout(
+        {"name": "ci-other", "status": "completed", "conclusion": "success"}
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        is_clean = check_bugbot_ci_module.is_bugbot_run_clean(
+            owner="acme", repo="repo", sha="abc"
+        )
+    assert is_clean is False
+
+
+def test_should_return_false_when_first_bugbot_run_is_in_progress_even_if_later_one_clean(
+    check_bugbot_ci_module: ModuleType,
+) -> None:
+    stdout = _build_stdout(
+        {"name": "Cursor Bugbot", "status": "in_progress", "conclusion": None},
+        {"name": "Cursor Bugbot", "status": "completed", "conclusion": "success"},
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        is_clean = check_bugbot_ci_module.is_bugbot_run_clean(
+            owner="acme", repo="repo", sha="abc"
+        )
+    assert is_clean is False
+
+
+def test_should_return_false_when_first_bugbot_run_failed_even_if_later_one_clean(
+    check_bugbot_ci_module: ModuleType,
+) -> None:
+    stdout = _build_stdout(
+        {"name": "Cursor Bugbot", "status": "completed", "conclusion": "failure"},
+        {"name": "Cursor Bugbot", "status": "completed", "conclusion": "success"},
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        is_clean = check_bugbot_ci_module.is_bugbot_run_clean(
+            owner="acme", repo="repo", sha="abc"
+        )
+    assert is_clean is False
+
+
+def test_should_return_none_when_gh_cli_fails(
+    check_bugbot_ci_module: ModuleType,
+) -> None:
+    failing_process = MagicMock(spec=subprocess.CompletedProcess)
+    failing_process.stdout = ""
+    failing_process.stderr = "boom"
+    failing_process.returncode = 1
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=failing_process,
+    ):
+        is_clean = check_bugbot_ci_module.is_bugbot_run_clean(
+            owner="acme", repo="repo", sha="abc"
+        )
+    assert is_clean is None
+
+
+def test_main_check_clean_should_return_gh_error_code_when_gh_cli_fails(
+    check_bugbot_ci_module: ModuleType,
+    capsys: pytest.CaptureFixture[str],
+) -> None:
+    failing_process = MagicMock(spec=subprocess.CompletedProcess)
+    failing_process.stdout = ""
+    failing_process.stderr = "boom"
+    failing_process.returncode = 1
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=failing_process,
+    ):
+        exit_code = check_bugbot_ci_module.main(
+            ["--check-clean", "--owner", "acme", "--repo", "repo", "--sha", "abc"]
+        )
+    assert exit_code == check_bugbot_ci_module.EXIT_CODE_GH_ERROR
+    captured = capsys.readouterr()
+    assert "gh api error: boom" in captured.err
+
+
+def test_main_check_clean_should_return_zero_when_bugbot_clean(
+    check_bugbot_ci_module: ModuleType,
+    capsys: pytest.CaptureFixture[str],
+) -> None:
+    stdout = _build_stdout(
+        {"name": "Cursor Bugbot", "status": "completed", "conclusion": "success"}
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        exit_code = check_bugbot_ci_module.main(
+            ["--check-clean", "--owner", "acme", "--repo", "repo", "--sha", "abc"]
+        )
+    assert exit_code == 0
+    captured = capsys.readouterr()
+    assert "not clean" not in captured.out
+
+
+def test_main_check_clean_should_return_one_when_bugbot_not_clean(
+    check_bugbot_ci_module: ModuleType,
+    capsys: pytest.CaptureFixture[str],
+) -> None:
+    stdout = _build_stdout(
+        {"name": "Cursor Bugbot", "status": "completed", "conclusion": "failure"}
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        exit_code = check_bugbot_ci_module.main(
+            ["--check-clean", "--owner", "acme", "--repo", "repo", "--sha", "abc"]
+        )
+    assert exit_code == 1
+    captured = capsys.readouterr()
+    assert "not clean" in captured.out
+
+
+def test_main_check_active_should_return_zero_when_bugbot_in_progress(
+    check_bugbot_ci_module: ModuleType,
+) -> None:
+    stdout = _build_stdout(
+        {"name": "Cursor Bugbot", "status": "in_progress", "conclusion": None}
+    )
+    with patch.object(
+        check_bugbot_ci_module,
+        "_run_check_runs_api",
+        return_value=_make_completed_process(stdout),
+    ):
+        exit_code = check_bugbot_ci_module.main(
+            ["--check-active", "--owner", "acme", "--repo", "repo", "--sha", "abc"]
+        )
+    assert exit_code == 0
+
+
+def test_main_should_reject_check_clean_and_check_active_together(
+    check_bugbot_ci_module: ModuleType,
+    capsys: pytest.CaptureFixture[str],
+) -> None:
+    with pytest.raises(SystemExit):
+        check_bugbot_ci_module.main(
+            [
+                "--check-clean",
+                "--check-active",
+                "--owner",
+                "acme",
+                "--repo",
+                "repo",
+                "--sha",
+                "abc",
+            ]
+        )
+    captured = capsys.readouterr()
+    assert "not allowed with" in captured.err or "mutually exclusive" in captured.err

package/skills/qbug/SKILL.md

@@ -31,6 +31,12 @@ Shared artifacts with /bugteam are referenced below by path, using the `${CLAUDE
 
 Refusals — first match wins; respond with the quoted line exactly and stop:
 
+- **Disabled via environment.** When `CLAUDE_REVIEWS_DISABLED` contains the
+  token `bugteam` (comma-separated, case-insensitive, whitespace-tolerant):
+  `/qbug is disabled via CLAUDE_REVIEWS_DISABLED.` `/qbug` is the bugteam
+  baseline review and shares the `bugteam` token with `/bugteam`; the shared
+  pre-flight script also exits 7 in this case so any caller invoking it
+  directly halts on the same signal.
 - **No PR or upstream diff.** `No PR or upstream diff. /qbug needs a target.`
 - **Dirty tree.** `Uncommitted changes detected. Stash, commit, or revert before /qbug.`
 - **Missing subagent.** Before Step 2, confirm `clean-coder` exists. Else: `Required subagent type clean-coder not installed. /qbug needs clean-coder available.`
@@ -222,14 +228,33 @@ The subagent receives this prompt and loops internally — the lead does not re-
        `[]` and pass `--state CLEAN`; one or more anchored findings →
        pass `--state DIRTY` with the full list.
 
-       **Self-PR precondition.** GitHub rejects both `APPROVE` and
-       `REQUEST_CHANGES` reviews when the authenticated identity matches
-       the PR author with HTTP 422; `post_audit_thread.py` retries and
-       then exits 2. To run qbug on a PR you authored, switch `gh auth`
-       to an alternate reviewer identity (a separate GitHub account)
-       BEFORE invoking the skill. Without this switch, exit 2 is a hard
-       halt — there is no automated fallback path. The script does not
-       auto-downgrade on the self-PR case.
+       **Self-PR auto-toggle.** GitHub rejects both `APPROVE` and
+       `REQUEST_CHANGES` reviews with HTTP 422 when the authenticated
+       identity matches the PR author ("Cannot approve/request changes
+       on your own pull request"). `post_audit_thread.py` detects this
+       case via `gh api user` + `gh api repos/<o>/<r>/pulls/<n>` and
+       auto-resolves an alternate gh account's token for the reviews
+       POST — the active `gh auth` account is not mutated; only the
+       bearer token sent on the request changes. After the POST the
+       active account is still whoever it was before, so no "swap back"
+       step is needed.
+
+       Configuration:
+
+       - `GH_TOKEN` / `GITHUB_TOKEN` env vars take precedence over the
+         toggle. Set them when you need to pin a specific reviewer
+         identity by token rather than by account login.
+       - `BUGTEAM_REVIEWER_ACCOUNT` env var names which authenticated
+         alternate to prefer when a toggle is needed (for example,
+         `BUGTEAM_REVIEWER_ACCOUNT=jl-cmd`). The env var name is shared
+         across every skill that invokes `post_audit_thread.py`. When
+         unset, the script falls back to the first alternate account
+         `gh auth status` reports.
+       - The named alternate must be logged in (`gh auth login -h
+         github.com -u <login>`) before the audit skill runs. The
+         script exits 1 with a pointing-at-`gh auth login` message
+         when self-PR is detected and no usable alternate is
+         authenticated.
 
        ```
        python "${CLAUDE_SKILL_DIR}/../../_shared/pr-loop/scripts/post_audit_thread.py" \