file_find and finalizeDiff always read from the working tree, even in
range/commit mode where the review targets a specific git ref. This
caused inconsistent file versions compared to file_read and code_search
which correctly used git show. Fix file_find to use git ls-tree and
finalizeDiff to use git show when a ref is specified.
Replace the hard-coded Chinese-only empty-plan branch with a compiled
regex + helper that strips the "### Review Plan …" wrapper (any language
variant) when the plan phase produces no output.
TWO BUGS fixed:
- The wrapper was only stripped for the Chinese literal `### 审查计划`,
not the actual English `### Review Plan (Optional)` shipped in the
template, so `{{plan_guidance}}` leaked into the rendered prompt on
every review where the plan phase was skipped or failed.
- The strip ran AFTER `ReplaceAll("{{plan_guidance}}", "")`, so the
token was already gone and the regex couldn't match the wrapper.
Fixed ordering: strip BEFORE replace.
Also simplifies the regex alternation per Copilot review feedback:
`Review Plan` and `审查计划` already subsume the `(Optional)`/`(可选)`
suffixes because the trailing `[^\n]*` consumes them.
Adds unit tests for English, Chinese, and integration (production flow).
Co-authored-by: Copilot <copilot-pull-request-reviewer@github.com>
Make encodeRepoPath cross-platform by properly handling volume names, backslash separators, and drive letter colons. Add unit tests covering Unix, Windows, and edge-case inputs.
* fix(agent): skip binary files during code review
Previously, binary files were passed through the review pipeline because
shouldReview only checked path/extension rules. This caused the agent to
incorrectly attempt reviewing binary content.
- Add ExcludeBinary reason to the exclusion filter
- Change shouldReview/whyExcluded to accept model.Diff instead of path
string, enabling access to the IsBinary flag
- Check IsBinary as the first gate in whyExcluded
- Differentiate skip log messages for binary vs path-filtered files
* test: add unit tests for preview.go
* fix: normalize dash to em-dash in binary file skip log message
* test(agent): strengthen UserIncludePattern tests to cover additive semantics
- Document that include patterns are additive, not exclusive
- Add cases verifying include bypasses default-path exclusion
- Add cases for extension filter precedence over include logic
- Add TestWhyExcluded_IncludeBypassesDefaultPath for rescue semantics
- Add TestWhyExcluded_IncludeAndExcludeInteraction for priority order
The viewer's HTTP server (StartServer in internal/viewer/server.go) had no
Host-header validation, so a web page the user visits could DNS-rebind its
own origin to 127.0.0.1:5483 and read every session JSONL — which contains
LLM request messages (= source code being reviewed) and the LLM's analysis.
Adds a default-deny host guard that always allows loopback names plus the
concrete bind host. Wildcard binds and extra hostnames go through the new
OCR_VIEWER_ALLOWED_HOSTS env var, so an operator who binds the viewer on a
LAN interface has to acknowledge the exposure explicitly.
Detected by Aeon + manual review.
Severity: high
CWE-346 (Origin Validation Error), CWE-200 (Exposure of Sensitive Info)
Co-authored-by: aeonframework <aeonframework@users.noreply.github.com>
When using --audience agent --format json, the text summary line was
printed before the JSON body, causing parse failures for integrations.
Move summary data into the JSON "summary" field and skip PrintTraceSummary
in JSON mode.
Unify BUILD_PLATFORM macro with optional suffix parameter to eliminate
duplication, centralize IS_WINDOWS/BINARY_NAME exports in install.js,
add Windows-safe rename-then-replace strategy in update.js, and add
PATH guidance in README for Windows users.
* feat(build): add Windows platform support
Add windows/amd64 and windows/arm64 to CI build matrix, Makefile
cross-platform targets, and handle .exe suffix in install/update
scripts and binary wrapper. Skip chmod on Windows where unsupported.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* docs(README): add Windows download instructions
Add Windows x86_64 and ARM64 binary download commands to both
English and Chinese README install sections.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
* docs: add CI/CD integration section and examples
- Add CI/CD Integration section to README.md and README.zh-CN.md
- Add GitHub Actions workflow example (examples/github_actions/)
- Add GitLab CI pipeline example (examples/gitlab_ci/)
- Add examples README with overview of integration options
* feat(examples): enhance GitHub Actions demo with comment trigger and improved error handling
- Add issue_comment event trigger with /open-code-review and @open-code-review keywords
- Add PR context resolution for comment-triggered events via GitHub API
- Improve ref handling to support both PR events and comment events
- Add individual comment fallback with retry when batch review fails
- Add posting statistics (success/failed counts) to summary comment
- Update README with comment trigger flow and customization guide
* docs(examples): add --background flag usage guide for GitHub Actions and GitLab CI
Explain how to pass PR/MR title as background context to help OCR
provide more relevant and context-aware review comments.
* feat(examples): simplify PR trigger and add skip-existing-review guide for GitLab CI
- Reduce GitHub Actions PR trigger to 'opened' only (avoid redundant
reviews on synchronize/reopened events)
- Add GitLab CI documentation for checking existing OCR comments before
running review to save LLM tokens
Re-location LLM calls were invisible in session history and their token
consumption was unaccounted for. Refactor the code_comment handling path
to record re-location requests/responses into session JSONL, accumulate
token usage into global counters, and display them in the viewer.
Also fixes: async context cancellation risk (WithoutCancel), duplicate
telemetry recording, missing timeout enforcement, missing {existing_code}
placeholder in the re-location prompt, and renames Parse to ParseComments
for clarity.
* docs: add GitHub issue and PR templates
Add structured issue templates for bug reports, feature requests, and docs reports with YAML forms. Include a pull request template with checklist for contribution quality.
* docs: add bilingual contributing guide (EN & zh-CN)
Provide detailed contribution guidelines covering development setup, coding standards, commit conventions, PR workflow, and community conduct in both English and Chinese.
* feat: add open-code-review skill for agent integration
Add skills/open-code-review/SKILL.md that teaches coding agents
how to invoke ocr for code review, classify issues by priority,
and optionally apply fixes.
* feat: add Claude Code plugin for open-code-review
Add .claude-plugin/marketplace.json and plugins/open-code-review/
with plugin configuration and review command, enabling installation
as a Claude Code slash command plugin.
* docs: add agent integration section to README (EN/ZH)
Add 'Integration into Coding Agents' section covering three methods:
skill installation, Claude Code plugin, and direct command file copy.
Bilingual update for both README.md and README.zh-CN.md.
* docs: update manual setup curl URLs to new plugin path
Allow users to configure either a base URL (e.g. https://api.example.com/v1)
or a full endpoint URL for OpenAI-compatible services. The client now
normalizes the URL on initialization, matching the existing behavior of
the Anthropic client.
Move verbose rule definitions from system_rules.json into individual
markdown files under rule_docs/, loaded at runtime via embed.FS.
This improves maintainability by separating rule content from config
structure and merges duplicate mapper/dao XML patterns into one entry.
Unify the config folder name to `.opencodereview` across all runtime paths,
tests, docs, and i18n strings. Also make defaultConfigPath() return an error
instead of silently falling back to a current-directory file when $HOME is
unresolvable.
Allow users to configure include/exclude glob patterns in
.open-code-review/rule.json (global or project-level) to control
which files are reviewed. Exclude has highest priority, include
penetrates default path exclusions but not the extension allowlist.
Only one layer takes effect following --rule > project > global priority.
Consolidate review rules into a composedResolver that supports four layers
(--rule flag > project .open-code-review/rule.json > global ~/rule.json >
embedded system default), each with first-match-wins fall-through semantics.
This change refactors the `resolveFromHunk` function by introducing several helper functions (`extractSideLines`, `matchConsecutive`) to improve readability and maintainability. The new implementation attempts to match against both new and old sides of the diff hunk, making comment resolution more robust.
This change introduces a new configuration mechanism for excluding specific file paths during code reviews. It adds support for glob patterns including recursive directory matching (**), single-segment wildcards (*), and brace expansion ({a,b}), allowing more flexible control over which files should be reviewed or skipped based on their location within the repository.