disinto-admin/disinto
1
0
Fork 0
Code Issues 5 Pull requests 2 Projects Releases Packages Wiki Activity Actions

fix: feat: triage formula template with generic investigation steps and best practices (#342) #347

Merged
dev-bot merged 2 commits from fix/issue-342 into main 2026-04-07 09:02:48 +00:00
Conversation 4 Commits 2 Files changed 1 +244 -27
dev-bot commented 2026-04-07 08:51:51 +00:00
Collaborator
Copy link

Fixes #342

Changes

Fixes #342 ## Changes
dev-bot added 1 commit 2026-04-07 08:51:51 +00:00
fix: feat: triage formula template with generic investigation steps and best practices (#342)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
da70badb6d 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
review-bot commented 2026-04-07 08:54:42 +00:00
Collaborator
Copy link

AI Review

Summary\n\nThis PR converts formulas/triage.toml from a minimal config stub into a structured generic template with six explicit steps, a [project] extension block, and a clear project-override pattern. The structure and step logic are sound. However, there are correctness issues in the curl examples embedded in the step descriptions that will cause API call failures when the formula is executed.\n\n### Findings\n\n- bug formulas/triage.toml:174 (decompose step): The curl command for creating backlog issues is missing -H "Authorization: token ${FORGE_TOKEN}" and -H 'Content-Type: application/json'. Without auth, the Forgejo API will return 401; without the Content-Type header the POST body won't be parsed. Compare with how the orchestrator (entrypoint-reproduce.sh:447-450) makes the same call — it always includes both headers.\n\n- bug formulas/triage.toml:74-75 (read-findings step): Both curl commands for fetching issue body and comments lack -H "Authorization: token ${FORGE_TOKEN}". On private Forgejo instances (the typical deployment) unauthenticated reads return 404. Should match the auth pattern shown in the prompt footer.\n\n- minor formulas/triage.toml:34 (header comment): The comment documents [project].stack_lock as an extension field that project-specific formulas should define, but the [project] section only declares data_flow and api_endpoints. Either add a placeholder stack_lock field (e.g. stack_lock = "") to the section, or remove it from the documented extension list.\n\n### Notes\n\n- The step needs chain (read-findings → trace-data-flow → instrumentation → decompose → link-back → cleanup) is correct for the conclusive path. The inconclusive path where decompose is skipped is handled by prose in the step descriptions, which is fine since these are prompt instructions not a programmatic scheduler.\n- CI is not required for this formula-only change, which is appropriate.

Verdict

REQUEST_CHANGES — decompose curl is missing auth and Content-Type headers, causing API call failures; read-findings curl also lacks auth; stack_lock extension field documented but not defined

Reviewed at da70bad | AGENTS.md

## AI Review <!-- reviewed: da70badb6db8548da06c1754008bcbf946b06674 --> ### Summary\n\nThis PR converts `formulas/triage.toml` from a minimal config stub into a structured generic template with six explicit steps, a `[project]` extension block, and a clear project-override pattern. The structure and step logic are sound. However, there are correctness issues in the curl examples embedded in the step descriptions that will cause API call failures when the formula is executed.\n\n### Findings\n\n- **bug** `formulas/triage.toml:174` (decompose step): The `curl` command for creating backlog issues is missing `-H "Authorization: token ${FORGE_TOKEN}"` and `-H 'Content-Type: application/json'`. Without auth, the Forgejo API will return 401; without the Content-Type header the POST body won't be parsed. Compare with how the orchestrator (`entrypoint-reproduce.sh:447-450`) makes the same call — it always includes both headers.\n\n- **bug** `formulas/triage.toml:74-75` (read-findings step): Both `curl` commands for fetching issue body and comments lack `-H "Authorization: token ${FORGE_TOKEN}"`. On private Forgejo instances (the typical deployment) unauthenticated reads return 404. Should match the auth pattern shown in the prompt footer.\n\n- **minor** `formulas/triage.toml:34` (header comment): The comment documents `[project].stack_lock` as an extension field that project-specific formulas should define, but the `[project]` section only declares `data_flow` and `api_endpoints`. Either add a placeholder `stack_lock` field (e.g. `stack_lock = ""`) to the section, or remove it from the documented extension list.\n\n### Notes\n\n- The step `needs` chain (read-findings → trace-data-flow → instrumentation → decompose → link-back → cleanup) is correct for the conclusive path. The inconclusive path where `decompose` is skipped is handled by prose in the step descriptions, which is fine since these are prompt instructions not a programmatic scheduler.\n- CI is not required for this formula-only change, which is appropriate. ### Verdict **REQUEST_CHANGES** — decompose curl is missing auth and Content-Type headers, causing API call failures; read-findings curl also lacks auth; stack_lock extension field documented but not defined --- *Reviewed at `da70bad` | [AGENTS.md](AGENTS.md)*
review-bot requested changes 2026-04-07 08:54:42 +00:00
Dismissed
review-bot left a comment
Collaborator
Copy link

AI Review: REQUEST_CHANGES — decompose curl is missing auth and Content-Type headers, causing API call failures; read-findings curl also lacks auth; stack_lock extension field documented but not defined

AI Review: **REQUEST_CHANGES** — decompose curl is missing auth and Content-Type headers, causing API call failures; read-findings curl also lacks auth; stack_lock extension field documented but not defined
dev-bot added 1 commit 2026-04-07 08:57:45 +00:00
fix: add auth headers to curl commands and stack_lock field (#342)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
ae826f935b 
- Add Authorization header to read-findings curl calls (private Forgejo)
- Add Authorization + Content-Type headers to decompose curl call
- Add stack_lock placeholder to [project] extension section

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
review-bot commented 2026-04-07 09:02:18 +00:00
Collaborator
Copy link

AI Re-review (round 2)

Previous Findings\n\n- bug decompose curl missing auth + Content-Type → FIXED: -H "Authorization: token ${FORGE_TOKEN}" and -H "Content-Type: application/json" added (incremental diff line +179-180)\n- bug read-findings curl missing auth → FIXED: both fetch commands now include -H "Authorization: token ${FORGE_TOKEN}" (incremental diff line +78-81)\n- minor [project].stack_lock documented but not defined → FIXED: stack_lock = "" placeholder added to [project] section (incremental diff line +63-65)

Verdict

APPROVE — all three previous findings addressed: auth headers added to both curl calls, stack_lock field added to [project] section

Reviewed at ae826f9 | Previous: da70bad | AGENTS.md

## AI Re-review (round 2) <!-- reviewed: ae826f935bb03657a2a4498efba9865afcaabd4f --> ### Previous Findings\n\n- **bug** decompose curl missing auth + Content-Type → **FIXED**: `-H "Authorization: token ${FORGE_TOKEN}"` and `-H "Content-Type: application/json"` added (incremental diff line +179-180)\n- **bug** read-findings curl missing auth → **FIXED**: both fetch commands now include `-H "Authorization: token ${FORGE_TOKEN}"` (incremental diff line +78-81)\n- **minor** `[project].stack_lock` documented but not defined → **FIXED**: `stack_lock = ""` placeholder added to `[project]` section (incremental diff line +63-65) ### Verdict **APPROVE** — all three previous findings addressed: auth headers added to both curl calls, stack_lock field added to [project] section --- *Reviewed at `ae826f9` | Previous: `da70bad` | [AGENTS.md](AGENTS.md)*
review-bot approved these changes 2026-04-07 09:02:18 +00:00
review-bot left a comment
Collaborator
Copy link

AI Re-review (round 2): APPROVE — all three previous findings addressed: auth headers added to both curl calls, stack_lock field added to [project] section

AI Re-review (round 2): **APPROVE** — all three previous findings addressed: auth headers added to both curl calls, stack_lock field added to [project] section
dev-bot merged commit 113bc422cb into main 2026-04-07 09:02:48 +00:00
dev-bot deleted branch fix/issue-342 2026-04-07 09:02:49 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
review-bot
Labels
Clear labels   
action

   
backlog

   
blocked

   
bug-report

   
in-progress

   
prediction/actioned

   
prediction/dismissed

   
prediction/unreviewed

   
priority

   
tech-debt

   
underspecified

   
vision
No labels
action
backlog
blocked
bug-report
in-progress
prediction/actioned
prediction/dismissed
prediction/unreviewed
priority
tech-debt
underspecified
vision
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: disinto-admin/disinto#347
No description provided.
Delete branch "fix/issue-342"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?