Commit graph

125 commits

Author SHA1 Message Date
kite
c5c0c5739e test(diff): add unit tests for readWorkspaceFileForDiff
Cover all key branches: regular file read, path traversal rejection,
directory rejection, parent symlink escape, external/internal symlink
target handling, and nonexistent file error.
2026-06-15 00:12:11 +08:00
MuoDoo
4b3f41df10
Fix workspace symlink diff containment (#125)
* Fix workspace symlink diff containment

* Share repository path containment helpers
2026-06-15 00:03:36 +08:00
不许对我狗叫丶
6b8d269c0b
feat: add mimo provider (#124)
Some checks failed
Deploy Pages / build (push) Has been cancelled
Deploy Pages / deploy (push) Has been cancelled
2026-06-14 22:31:30 +08:00
ZheNing Hu
283ec8558c
fix(diff): detect renamed and deleted files correctly in diff parsing (#105)
When a file was renamed on the target branch, ocr review emitted
'[ocr] WARNING: cannot read file <old path> at ref <to>: exit status 128'.

Two compounding bugs:

1. The parser required 'a/'/'b/' prefixes when matching '--- /dev/null' /
   '+++ /dev/null', but git emits these lines without prefixes, so
   IsNew/IsDeleted were never set and deleted files fell through to a
   doomed 'git show ref:<old path>'.

2. 'rename from' / 'rename to' extended headers were never parsed, and
   git diff/show call sites did not force rename detection, so renames
   degraded to delete+add whenever the user had diff.renames=false.

Fixes:
- Parse 'rename from'/'rename to', 'new file mode', 'deleted file mode'
  and unprefixed /dev/null markers in ParseDiffText.
- Pass --find-renames to all git diff/show invocations so rename
  detection no longer depends on user config.
- Add IsRenamed to model.Diff (json: is_renamed) and prefer it in
  diffStatus.
- Add parser unit tests and a range-mode rename regression test.

Fixes #99
2026-06-14 22:29:02 +08:00
kite
689b5f185e fix(tui): widen cpAuth input to prevent placeholder truncation
The cpAuth text input width was 40, which truncated the 51-character
placeholder "optional, leave empty for default (Authorization)".
Increased to 55 so the full text is visible.
2026-06-14 21:59:21 +08:00
kite
72aad2c77c feat: add interactive provider setup with TUI and documentation 2026-06-14 10:49:33 +08:00
kite
f577742c04 ci: drop npm provenance flag incompatible with self-hosted runners
Sigstore provenance verification only supports GitHub-hosted runners,
causing E422 on publish. Remove --provenance and the unused id-token
permission.
2026-06-13 11:08:45 +08:00
kite
372802d294 ci: fix npm publish auth failure on self-hosted runners
The node:20 container lacks automatic NODE_AUTH_TOKEN mapping to npm
registry credentials. Add explicit .npmrc configuration step before
npm publish.
2026-06-13 11:08:45 +08:00
MuoDoo
64552aee9b
fix(security): block git ref option injection (#112) 2026-06-13 11:07:59 +08:00
MuoDoo
9f81cbe486
fix(tool): constrain workspace file reads to repo (#109) 2026-06-12 17:57:28 +08:00
Lei Zhang
76b4d5a3b5
ci: use self-hosted runners with container images for build and deplo… (#107)
* ci: use self-hosted runners with container images for build and deploy workflows

- deploy-pages: switch to self-hosted runner with node:20 container, remove redundant setup-node

- release: use self-hosted runner with golang:1.26.4 container for build job, remove redundant setup-go

- release: use self-hosted runner with ubuntu:24.04 container for release job

- release: use self-hosted runner with node:20 container for npm-publish job, remove redundant setup-node

- release: add jq installation step for version injection in npm-publish

* ci: fix dubious ownership in self-hosted container jobs

- Add git safe.directory trust step after checkout in release.yml build and npm-publish jobs
- Add git safe.directory trust step after checkout in deploy-pages.yml build job
- Switch deploy-pages deploy job from ubuntu-latest to self-hosted with node:20 container
2026-06-12 14:30:51 +08:00
Daniel Grießhaber
c2c7c37e0f
fix(agent): user includes should have higher priority than system supported extensions (#51) 2026-06-12 14:29:47 +08:00
Fedor
9c0c6f2393
docs: add Russian translations for README and CONTRIBUTING (#101)
Add README.ru-RU.md and CONTRIBUTING.ru-RU.md following the existing
localization pattern (zh-CN, ja-JP, ko-KR), and add the Русский link to
the language switcher line in all README and CONTRIBUTING variants.
Also add the previously missing 한국어 link to the CONTRIBUTING.zh-CN.md
and CONTRIBUTING.ja-JP.md switchers.

Closes #100
2026-06-12 11:49:04 +08:00
Lei Zhang
3239640df4
ci: fix dubious ownership error on self-hosted runners (#106)
Add safe.directory '*' to git config before running git operations.
Self-hosted runners may run jobs under a different OS user than the
one that owns the workspace, causing git to refuse operations with a
'dubious ownership' error.
2026-06-12 11:41:08 +08:00
Lei Zhang
022800c876
ci: optimize ocr-review workflow for self-hosted runners (#97) 2026-06-12 10:34:13 +08:00
zhouzhihao
c323c6b40c
fix(actions): preserve failed inline review comments (#81) 2026-06-10 17:50:08 +08:00
kite
7fcb9db6a3 fix: correct auth_header test to expect rejection of unsupported values
NormalizeAuthHeader only accepts "x-api-key" and "authorization". The
test was incorrectly expecting custom headers to be accepted and trimmed.
2026-06-09 22:24:16 +08:00
kite
dd0ebd905e feat: allow --max-tools to lower per-file tool call limit with minimum of 10
Previously --max-tools only took effect when greater than the template
default (30), making it impossible to reduce iterations for large diffs.
Now any non-zero value overrides the default, clamped to a floor of 10
with a stderr warning when the input is below the minimum.
2026-06-09 22:21:08 +08:00
kite
5050cbeef3 docs: add --background flag to README flags table and examples
The --background/-b flag was missing from the ocr review flags
documentation across all four README translations (EN, ZH-CN, JA-JP,
KO-KR). Added the flag entry and a usage example.
2026-06-09 21:39:24 +08:00
kite
01c9c85456 feat: add review filter to remove provably incorrect comments after subtask
- Add REVIEW_FILTER_TASK template and LLM conversation config
- Implement executeReviewFilter to post-process comments per file
- Add CommentsForPath and RemoveByPathAndIndices to CommentCollector
- Apply timeout from template config to review filter LLM call
- Await CommentWorkerPool before running filter to prevent race condition
- Include raw response preview in filter JSON parse error logs
2026-06-09 20:41:42 +08:00
kite
cf32900ca1 fix: force standard diff prefixes to prevent diff.noprefix/mnemonicPrefix from breaking parsing (#82)
Add --src-prefix=a/ --dst-prefix=b/ to all git diff/show calls so that
user config (diff.noprefix, diff.mnemonicPrefix) cannot alter the prefix
format the parser depends on. Also add missing ModeCommit test coverage.
2026-06-09 18:08:11 +08:00
Eldar Shlomi
c9fae8d4e9
fix: pass --no-ext-diff --no-textconv to git diff/show so external diff tools don't break parsing (#86)
When a user has configured a global external diff tool (diff.external /
GIT_EXTERNAL_DIFF) or a textconv filter, git diff/show emit the tool's
output instead of unified diff text. The provider's parser keys off
`diff --git` headers, so it parses zero diffs and the review silently
reports "No files changed".

Add --no-ext-diff --no-textconv to all four git diff/show call sites in
internal/diff/git.go (ModeRange diff, ModeCommit show, and both
workspaceTrackedDiff calls). merge-base and ls-files are left untouched
since they don't run the diff machinery.

Adds an integration test that initializes a real git repo, activates a
garbage GIT_EXTERNAL_DIFF script, and asserts the provider still parses
a non-empty diff (fails before this change, passes after).

Closes #82

AI-assisted contribution.
2026-06-09 18:02:01 +08:00
kite
48cc6a3329 feat: change default output language from Chinese to English 2026-06-09 09:57:45 +08:00
Lei Zhang
a32b8c7e30
docs(examples): add concurrency control to CI workflow examples (#60)
* docs(examples): add concurrency control to CI workflow examples

- GitHub Actions: add concurrency group with cancel-in-progress to avoid
  redundant review runs on rapid pushes
- GitLab CI: add interruptible and resource_group to cancel outdated
  review jobs when new commits are pushed to the same MR

* docs(examples): improve GitLab CI example with fork MR and concurrency support

- Support forked MR pipelines by using CI_COMMIT_SHA as --to target
- Fall back to CI_JOB_TOKEN when GITLAB_API_TOKEN is unavailable
- Use appropriate auth header (JOB-TOKEN vs PRIVATE-TOKEN) based on token source
- Add --audience agent flag for machine-consumable review output
- Make diff_refs required for inline comments, simplify post_discussion signature
- Improve summary with inline vs fallback comment breakdown
- Add documentation comments for fork MR setup requirements

* docs(examples): use pull_request_target and SHA refs for fork PR support

- Switch trigger from pull_request to pull_request_target so secrets
  are available for PRs from forks
- Use head SHA instead of branch ref for checkout and ocr --to, since
  fork branches don't exist on the origin remote
- Add explicit fetch step to ensure fork commits are available
- Update condition checks and comments to reflect the new event name

* docs: sync READMEs with CI script changes for fork PR/MR support
2026-06-08 21:33:20 +08:00
Shi Peipei
4043e9ee33
fix: handle previously swallowed json.Unmarshal errors (#78)
- Propagate json.Unmarshal error in buildAnthropicParams when parsing
  tool call arguments, preventing silent empty-map fallback on malformed JSON
- Return explicit error message in ParseComments when comments JSON
  string fails to unmarshal, instead of silently ignoring

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-06-08 21:03:00 +08:00
MuoDoo
adb9ac8b4e
feat(rules): add built-in Rust and Cargo.toml review rules (#74)
* Add Rust review rules

* Fix case-insensitive rule matching
2026-06-08 20:56:00 +08:00
KT
c6abbeec09
docs: fix Codex spelling in localized readmes (#76) 2026-06-08 20:51:46 +08:00
kite
b97382c727 docs: clarify auth_header is optional with default behavior in README
Move auth_header out of the main config example to avoid implying it is
required. Add a dedicated section explaining it is optional, its default
value, and when users need to set it explicitly.
2026-06-08 20:38:47 +08:00
kite
fa6c7d8e04 refactor(llm): deduplicate and validate auth header normalization
Export NormalizeAuthHeader from the llm package and remove the duplicate
normalizeConfigAuthHeader in config_cmd.go. Invalid auth_header values
now return an error at configuration time instead of being silently
accepted and causing opaque 401s at runtime.
2026-06-08 20:21:28 +08:00
zhouzhihao
48dc1b37d4
fix(llm): support Anthropic auth header (#77) 2026-06-08 19:35:12 +08:00
seunghun chae
fb819510ca
feat(codex): add local Codex plugin support (#69)
* feat(codex): add local Codex plugin support

* docs: add Korean documentation

* docs(codex): address plugin review feedback
2026-06-08 00:34:21 +08:00
kite
3885f499c5 docs: add path filtering documentation to all README files
Document the include/exclude configuration in rule.json files, explaining
the filter decision priority, how layers interact, and listing built-in
default exclude patterns.
2026-06-07 20:22:39 +08:00
kite
bdb83fdcab docs: add Go Report Card badge to all README files 2026-06-07 17:28:28 +08:00
kite
1b3c0ab19f fix(llm): handle Anthropic thinking content blocks in multi-turn conversations
Anthropic models with extended thinking return type:"thinking" content
blocks which were silently dropped, causing empty assistant content in
conversation history. Extract thinking blocks into ReasoningContent so
the existing Content() fallback works correctly.
2026-06-07 17:09:31 +08:00
kite
5fad9ce2fa fix(llm): use max_completion_tokens instead of deprecated max_tokens for OpenAI requests
Fixes #30 — newer OpenAI models (o1, o3, o4, gpt-5.x) reject the
deprecated max_tokens parameter with a 400 error.
2026-06-07 08:33:51 +08:00
Ikko Eltociear Ashimine
8d187f607f
docs: add Japanese document (#64)
* docs: add Japanese README

* docs: add Japanese CONTRIBUTING
2026-06-06 23:15:26 +08:00
kite
0d530f3b73 fix(viewer): use real API token usage in session page instead of tiktoken estimates
The session page was showing significantly lower token counts than the console
summary because it used local tiktoken estimation while the console used actual
API-reported usage data. Now SetResponse prefers resp.Usage when available
(falling back to tiktoken), persists cache token fields to JSONL, and the
viewer displays cache read/write stats alongside prompt/completion totals.
2026-06-06 21:17:47 +08:00
kite
f24334deb2 perf(tool): stream file reads line-by-line to avoid full-file memory allocation
Replace os.ReadFile + strings.Split with bufio.Reader streaming in
FileReadProvider, so only the requested window (up to 500 lines) is kept
in memory instead of the entire file. Adds Runner.Stream for semaphore-
aware stdout piping, FileReader.ReadLines for line-windowed reading, and
validates invalid line ranges. Reduces per-goroutine memory from ~8MB to
~44KB for large files under concurrent workloads.
2026-06-06 20:59:05 +08:00
kite
2bebc86cfc feat(config): increase default max tool call rounds from 20 to 30
Allow more thorough analysis per file by raising MAX_TOOL_REQUEST_TIMES.
2026-06-06 20:35:32 +08:00
kite
e34c634879 fix(output): skip subtask_error in final warning summary to avoid duplicate logging
Subtask errors are already printed in real-time when they occur in agent.go.
The final outputTextWithWarnings was printing them again after comments were displayed.
2026-06-06 20:31:07 +08:00
kite
5466baa16e docs: add --max-git-procs flag to website docs and bilingual READMEs 2026-06-06 20:25:18 +08:00
kite
ef46dfdac9 feat(tool): add global git subprocess concurrency limiter and propagate context.Context to diff layer
Introduce gitcmd.Runner with channel-based semaphore to cap concurrent
git subprocesses (default 16, configurable via --max-git-procs). Route
all tool-layer and diff-layer git calls through the shared runner.
Also fix diff.Provider.runGit lacking context.Context — now the full
chain (GetDiff → MergeBase → ParseDiffText → finalizeDiff) propagates
the caller's context for proper cancellation and timeout support.
2026-06-06 20:20:34 +08:00
kite
363d971916 fix(tool): make Registry and DiffMap concurrency-safe via freeze semantics
Registry was a plain map alias and DiffMap a shared map[string]string,
both relying on implicit write-before-read ordering with no compile-time
safety. Refactor Registry into an encapsulated struct with Freeze() that
panics on post-freeze writes, and wrap DiffMap as an immutable value type
with defensive copy on construction. Move DiffMap injection to before
filterDiffs to preserve the original behavior of exposing all file diffs.
2026-06-06 19:41:11 +08:00
kite
7b298230d8 docs(commit): add command /commit 2026-06-06 19:26:34 +08:00
kite
08bb28ced5 feat(llm): enable Anthropic prompt caching and fix token accounting
Add cache_control ephemeral breakpoints on system prompt and tool
definitions to activate Anthropic prompt caching for multi-turn
agent loops. Fix token double-counting by removing the redundant
totalTokensUsed accumulator and computing it from sub-items. Surface
cache read/write statistics in both text and JSON summary output.
2026-06-06 19:26:34 +08:00
kite
828fc6cae7 fix(tool): propagate context.Context to all tool providers to enable subprocess cancellation
Add ctx parameter to Provider.Execute interface and propagate it through
FileReader.Read, code_search.gitGrep/runGitGrep, and file_find.listGitFiles.
This ensures parent task cancellation/timeout properly terminates running
git subprocesses (grep, show, ls-files, ls-tree). Also adds 10s timeout
to file_find and fixes context.Canceled handling in code_search.
2026-06-06 19:26:34 +08:00
kite
261c799b40 chore(make): add go mod tidy to check target
Ensures stale or missing module dependencies are caught early alongside
fmt and vet.
2026-06-06 19:26:34 +08:00
kite
aa86d9fa60 fix(rules): align test expectations with English rule docs and isolate global config
Rule doc files were translated from Chinese to English but tests still
expected Chinese substrings. Also added HOME isolation to prevent the
user's ~/.opencodereview/rule.json from interfering with system-default
rule assertions.
2026-06-06 19:26:34 +08:00
kite
7d75c3a9d3 refactor(llm): replace hand-rolled HTTP clients with official Anthropic and OpenAI SDKs
Migrated internal/llm from manual net/http implementation to anthropic-sdk-go v1.47.0
and openai-go/v3 v3.39.0, reducing ~400 lines of retry, request-building, and streaming
code. Simplified LLMClient interface to single CompletionsWithCtx method. Fixed Anthropic
auth to use WithAuthToken (Bearer) instead of WithAPIKey (X-Api-Key) for proxy compatibility.
Fixed OpenAI message builder to use ExtractText() for proper []ContentBlock handling.
2026-06-06 19:26:34 +08:00
Lei Zhang
6b7038b3d3
ci: add GitHub Actions workflow for automated PR review (#61)
* ci: add GitHub Actions workflow for automated PR review

- Trigger on PR opened and issue_comment (/open-code-review)
- Install OCR via npm, configure LLM secrets, run review
- Post inline review comments via GitHub PR review API
- Fallback to individual comments if batch posting fails
- Use commit SHA instead of branch ref to support fork PRs

* ci: use pull_request_target to support fork PR secret access

- Switch from pull_request to pull_request_target trigger
- Add synchronize and reopened event types
- Explicitly checkout PR head SHA (pull_request_target defaults to base)
- This ensures secrets are available for PRs from forked repos

* ci: fix pull_request_target handling for fork PRs

- Narrow trigger types to 'opened' only to reduce redundant runs
- Add explicit fetch of PR head ref to ensure fork commits are available
- Fix event name check from 'pull_request' to 'pull_request_target'
2026-06-06 18:16:08 +08:00