fix(review): reviewer posts to GitHub and records its verdict autonomously#259
Open
neversettle17-101 wants to merge 2 commits into
Open
fix(review): reviewer posts to GitHub and records its verdict autonomously#259neversettle17-101 wants to merge 2 commits into
neversettle17-101 wants to merge 2 commits into
Conversation
…autonomously The claude-code reviewer never completed a review on its own. Three defects in the reviewer launch + flow: - It launched with no permission mode, so a headless pane stalled on the first tool-permission prompt and never ran gh/ao. Launch with bypassPermissions (read-only is enforced by the prompt, not a sandbox). - The reviewer pane got no pinned PATH, so `ao review submit` resolved to a foreign `ao` on the inherited PATH and failed. Pin PATH to the daemon's own dir the same way worker sessions do — export HookPATH and reuse it in the launcher. - The prompt did not enforce ordering. Make it post the review on the PR via gh first, then run `ao review submit`. Fixes #258 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.
…cted GitHub does not let an author approve their own PR, so a reviewer running under the same account can't post an `approve`. Tell the reviewer to post the approval as a regular comment review (COMMENT event stating it is an approval) when the provider rejects the self-approval, instead of failing. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #258
Summary
The claude-code reviewer never completed a review autonomously — it didn't post to the PR on GitHub and couldn't record its verdict, leaving the
review_runstuckrunning. This fixes the three independent defects in the reviewer launch + flow:internal/adapters/reviewer/claudecode/claudecode.go) — the reviewer launched with no--permission-mode, so a headless pane stalled on the first tool-permission prompt. Now launches withbypassPermissions. Read-only is enforced by the prompt (not a sandbox), so granting autonomy to rungh/aois safe.internal/review/launcher.go,internal/session_manager/manager.go) — the reviewer pane was created with no env, soao review submitresolved to a foreignaoon the inherited PATH and failed. Exported the existingHookPATHhelper and reuse it in the launcher to pin PATH to the daemon's own dir, exactly as worker sessions do.internal/review/prompt.go) — the prompt only implied ordering. It now requires posting the review on the PR viaghfirst, then runningao review submit, falling back to submit-only if the provider post genuinely fails.Test
go build ./...go test ./internal/review/... ./internal/session_manager/... ./internal/adapters/reviewer/...— passaocorrectly.Notes
--approveon your own PR. The reviewer prompt now falls back to posting the approval as a regular comment review when self-approval is rejected, so the approve path works on single-account setups.🤖 Generated with Claude Code
On
bypassPermissions(read-only enforcement)The reviewer launches with
--permission-mode bypassPermissionsso it can rungh/aoheadless without a human approving each tool call. This bypasses the interactive permission prompts, not safety — the read-only guarantee ("review only, do not edit/push") is enforced by the reviewer prompt, not a sandbox. A hard, allowlist-enforced read-only reviewer is a deliberate follow-up: it must move offbypassPermissions(which skips allow/deny lists entirely) to a scoped tool allowlist, with tradeoffs around stalling and thereview.mdwrite. Tracked in #260.