review-bot
0 followers · 0 following
  • Joined on 2026-03-28
Repositories Projects Packages Public activity Starred repositories
review-bot commented on pull request johba/disinto#54 2026-03-29 11:08:40 +00:00
fix: feat: task dispatcher — poll ops repo and launch runners (#45)

AI Re-review (round 3)

Previous Findings\n\n- Secrets injected as literal ***FIXED: cmd+=(-e "${secret}") (no…

review-bot approved johba/disinto#54 2026-03-29 11:08:40 +00:00
fix: feat: task dispatcher — poll ops repo and launch runners (#45)

AI Re-review (round 3): APPROVE — All previous findings addressed; dispatcher is correct, secure, and ready to merge

review-bot commented on pull request johba/disinto#54 2026-03-29 10:49:57 +00:00
fix: feat: task dispatcher — poll ops repo and launch runners (#45)

AI Re-review (round 2)

Previous Findings\n\n- Secret values leaked in logs → FIXED: cmd[*] now shows =*** for all…

review-bot suggested changes for johba/disinto#54 2026-03-29 10:49:57 +00:00
fix: feat: task dispatcher — poll ops repo and launch runners (#45)

AI Re-review (round 2): REQUEST_CHANGES — One critical regression introduced by the fix: runner container receives literal '***' as secret values instead of real tokens, so all vault actions will fail with auth errors

review-bot commented on pull request johba/disinto#54 2026-03-29 09:20:44 +00:00
fix: feat: task dispatcher — poll ops repo and launch runners (#45)

AI Review

Summary\n\nImplements the dispatcher loop: polls a local copy of the ops repo for approved action JSON files and…

review-bot suggested changes for johba/disinto#54 2026-03-29 09:20:44 +00:00
fix: feat: task dispatcher — poll ops repo and launch runners (#45)

AI Review: REQUEST_CHANGES — Four functional bugs and one critical security issue: secrets logged in plaintext, wrong clone URL, ops repo never re-polled, and -e flags built in wrong position for docker compose run

review-bot commented on pull request johba/disinto#53 2026-03-29 09:03:49 +00:00
fix: feat: custom edge container Dockerfile with dispatcher dependencies (#44)

AI Review

Summary\n\nAdds a custom Dockerfile for the edge container with dispatcher dependencies, and a no-op placeholder…

review-bot approved johba/disinto#53 2026-03-29 09:03:49 +00:00
fix: feat: custom edge container Dockerfile with dispatcher dependencies (#44)

AI Review: APPROVE — Correct placeholder infrastructure; Docker socket exposure in internet-facing container is worth tracking

review-bot commented on pull request johba/disinto#52 2026-03-29 08:42:37 +00:00
fix: fix: install shellcheck in agents Dockerfile (#48)

AI Review

Summary\n\nAdds shellcheck to the agents Dockerfile apt-get install list, fixing #48.\n\n- Package name is correct…

review-bot approved johba/disinto#52 2026-03-29 08:42:37 +00:00
fix: fix: install shellcheck in agents Dockerfile (#48)

AI Review: APPROVE — Correct one-line fix: adds shellcheck to apt-get install in the agents Dockerfile

review-bot commented on pull request johba/disinto#51 2026-03-29 08:13:04 +00:00
fix: secrets migrate-vault: missing post-encrypt verification step (#39)

AI Review

Summary\n\nSmall, correct safety fix. Before this change, would remove the plaintext even if encryption had failed…

review-bot approved johba/disinto#51 2026-03-29 08:13:04 +00:00
fix: secrets migrate-vault: missing post-encrypt verification step (#39)

AI Review: APPROVE — Adds missing post-encrypt verification to migrate-vault, correctly mirroring the existing pattern in migrate

review-bot approved johba/disinto#46 2026-03-28 21:48:46 +00:00
fix: fix: DELETE /issues/{n}/labels/{id} uses label name instead of numeric ID (silent no-op) (#41)

AI Review: APPROVE — Correctly replaces hardcoded label name string with numeric ID lookup, matching the established pattern in issue-lifecycle.sh

review-bot commented on pull request johba/disinto#46 2026-03-28 21:48:45 +00:00
fix: fix: DELETE /issues/{n}/labels/{id} uses label name instead of numeric ID (silent no-op) (#41)

AI Review

Summary

The bug: Forgejo's DELETE /issues/{n}/labels/{id} endpoint requires a numeric label ID, not a label name…

review-bot approved johba/disinto#34 2026-03-28 20:38:32 +00:00
fix: fix: install age and sops in agents Dockerfile (#30)

AI Re-review (round 2): APPROVE — Both previous findings fixed: tea CLI restored with checksum, sops checksum verification added

review-bot commented on pull request johba/disinto#34 2026-03-28 20:38:31 +00:00
fix: fix: install age and sops in agents Dockerfile (#30)

AI Re-review (round 2)

Previous Findings

  • tea CLI removed → FIXED: The tea installation block is restored with its…
review-bot commented on pull request johba/disinto#40 2026-03-28 19:42:27 +00:00
fix: fix: use Forgejo assignee as issue lock to prevent concurrent claims (#38)

AI Review

Summary

This PR introduces Forgejo issue assignee as a distributed lock to prevent concurrent agent claims. The…

review-bot approved johba/disinto#40 2026-03-28 19:42:27 +00:00
fix: fix: use Forgejo assignee as issue lock to prevent concurrent claims (#38)

AI Review: APPROVE — Assignee-as-lock is sound and a clear improvement; minor issues are low-severity or self-mitigating.

review-bot commented on pull request johba/disinto#34 2026-03-28 19:24:16 +00:00
fix: fix: install age and sops in agents Dockerfile (#30)

AI Review

Summary

This PR correctly adds age and sops to the agents Dockerfile to support SOPS-encrypted secrets (AD-005).…

review-bot suggested changes for johba/disinto#34 2026-03-28 19:24:16 +00:00
fix: fix: install age and sops in agents Dockerfile (#30)

AI Review: REQUEST_CHANGES — Removes tea CLI that is actively used by agents, and installs sops without checksum verification