When a file was renamed on the target branch, ocr review emitted
'[ocr] WARNING: cannot read file <old path> at ref <to>: exit status 128'.
Two compounding bugs:
1. The parser required 'a/'/'b/' prefixes when matching '--- /dev/null' /
'+++ /dev/null', but git emits these lines without prefixes, so
IsNew/IsDeleted were never set and deleted files fell through to a
doomed 'git show ref:<old path>'.
2. 'rename from' / 'rename to' extended headers were never parsed, and
git diff/show call sites did not force rename detection, so renames
degraded to delete+add whenever the user had diff.renames=false.
Fixes:
- Parse 'rename from'/'rename to', 'new file mode', 'deleted file mode'
and unprefixed /dev/null markers in ParseDiffText.
- Pass --find-renames to all git diff/show invocations so rename
detection no longer depends on user config.
- Add IsRenamed to model.Diff (json: is_renamed) and prefer it in
diffStatus.
- Add parser unit tests and a range-mode rename regression test.
Fixes#99
The cpAuth text input width was 40, which truncated the 51-character
placeholder "optional, leave empty for default (Authorization)".
Increased to 55 so the full text is visible.
* ci: use self-hosted runners with container images for build and deploy workflows
- deploy-pages: switch to self-hosted runner with node:20 container, remove redundant setup-node
- release: use self-hosted runner with golang:1.26.4 container for build job, remove redundant setup-go
- release: use self-hosted runner with ubuntu:24.04 container for release job
- release: use self-hosted runner with node:20 container for npm-publish job, remove redundant setup-node
- release: add jq installation step for version injection in npm-publish
* ci: fix dubious ownership in self-hosted container jobs
- Add git safe.directory trust step after checkout in release.yml build and npm-publish jobs
- Add git safe.directory trust step after checkout in deploy-pages.yml build job
- Switch deploy-pages deploy job from ubuntu-latest to self-hosted with node:20 container
Add README.ru-RU.md and CONTRIBUTING.ru-RU.md following the existing
localization pattern (zh-CN, ja-JP, ko-KR), and add the Русский link to
the language switcher line in all README and CONTRIBUTING variants.
Also add the previously missing 한국어 link to the CONTRIBUTING.zh-CN.md
and CONTRIBUTING.ja-JP.md switchers.
Closes#100
Add safe.directory '*' to git config before running git operations.
Self-hosted runners may run jobs under a different OS user than the
one that owns the workspace, causing git to refuse operations with a
'dubious ownership' error.
Previously --max-tools only took effect when greater than the template
default (30), making it impossible to reduce iterations for large diffs.
Now any non-zero value overrides the default, clamped to a floor of 10
with a stderr warning when the input is below the minimum.
The --background/-b flag was missing from the ocr review flags
documentation across all four README translations (EN, ZH-CN, JA-JP,
KO-KR). Added the flag entry and a usage example.
- Add REVIEW_FILTER_TASK template and LLM conversation config
- Implement executeReviewFilter to post-process comments per file
- Add CommentsForPath and RemoveByPathAndIndices to CommentCollector
- Apply timeout from template config to review filter LLM call
- Await CommentWorkerPool before running filter to prevent race condition
- Include raw response preview in filter JSON parse error logs
Add --src-prefix=a/ --dst-prefix=b/ to all git diff/show calls so that
user config (diff.noprefix, diff.mnemonicPrefix) cannot alter the prefix
format the parser depends on. Also add missing ModeCommit test coverage.
When a user has configured a global external diff tool (diff.external /
GIT_EXTERNAL_DIFF) or a textconv filter, git diff/show emit the tool's
output instead of unified diff text. The provider's parser keys off
`diff --git` headers, so it parses zero diffs and the review silently
reports "No files changed".
Add --no-ext-diff --no-textconv to all four git diff/show call sites in
internal/diff/git.go (ModeRange diff, ModeCommit show, and both
workspaceTrackedDiff calls). merge-base and ls-files are left untouched
since they don't run the diff machinery.
Adds an integration test that initializes a real git repo, activates a
garbage GIT_EXTERNAL_DIFF script, and asserts the provider still parses
a non-empty diff (fails before this change, passes after).
Closes#82
AI-assisted contribution.
* docs(examples): add concurrency control to CI workflow examples
- GitHub Actions: add concurrency group with cancel-in-progress to avoid
redundant review runs on rapid pushes
- GitLab CI: add interruptible and resource_group to cancel outdated
review jobs when new commits are pushed to the same MR
* docs(examples): improve GitLab CI example with fork MR and concurrency support
- Support forked MR pipelines by using CI_COMMIT_SHA as --to target
- Fall back to CI_JOB_TOKEN when GITLAB_API_TOKEN is unavailable
- Use appropriate auth header (JOB-TOKEN vs PRIVATE-TOKEN) based on token source
- Add --audience agent flag for machine-consumable review output
- Make diff_refs required for inline comments, simplify post_discussion signature
- Improve summary with inline vs fallback comment breakdown
- Add documentation comments for fork MR setup requirements
* docs(examples): use pull_request_target and SHA refs for fork PR support
- Switch trigger from pull_request to pull_request_target so secrets
are available for PRs from forks
- Use head SHA instead of branch ref for checkout and ocr --to, since
fork branches don't exist on the origin remote
- Add explicit fetch step to ensure fork commits are available
- Update condition checks and comments to reflect the new event name
* docs: sync READMEs with CI script changes for fork PR/MR support
- Propagate json.Unmarshal error in buildAnthropicParams when parsing
tool call arguments, preventing silent empty-map fallback on malformed JSON
- Return explicit error message in ParseComments when comments JSON
string fails to unmarshal, instead of silently ignoring
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Move auth_header out of the main config example to avoid implying it is
required. Add a dedicated section explaining it is optional, its default
value, and when users need to set it explicitly.
Export NormalizeAuthHeader from the llm package and remove the duplicate
normalizeConfigAuthHeader in config_cmd.go. Invalid auth_header values
now return an error at configuration time instead of being silently
accepted and causing opaque 401s at runtime.
Document the include/exclude configuration in rule.json files, explaining
the filter decision priority, how layers interact, and listing built-in
default exclude patterns.
Anthropic models with extended thinking return type:"thinking" content
blocks which were silently dropped, causing empty assistant content in
conversation history. Extract thinking blocks into ReasoningContent so
the existing Content() fallback works correctly.
The session page was showing significantly lower token counts than the console
summary because it used local tiktoken estimation while the console used actual
API-reported usage data. Now SetResponse prefers resp.Usage when available
(falling back to tiktoken), persists cache token fields to JSONL, and the
viewer displays cache read/write stats alongside prompt/completion totals.
Replace os.ReadFile + strings.Split with bufio.Reader streaming in
FileReadProvider, so only the requested window (up to 500 lines) is kept
in memory instead of the entire file. Adds Runner.Stream for semaphore-
aware stdout piping, FileReader.ReadLines for line-windowed reading, and
validates invalid line ranges. Reduces per-goroutine memory from ~8MB to
~44KB for large files under concurrent workloads.
Subtask errors are already printed in real-time when they occur in agent.go.
The final outputTextWithWarnings was printing them again after comments were displayed.
Introduce gitcmd.Runner with channel-based semaphore to cap concurrent
git subprocesses (default 16, configurable via --max-git-procs). Route
all tool-layer and diff-layer git calls through the shared runner.
Also fix diff.Provider.runGit lacking context.Context — now the full
chain (GetDiff → MergeBase → ParseDiffText → finalizeDiff) propagates
the caller's context for proper cancellation and timeout support.
Registry was a plain map alias and DiffMap a shared map[string]string,
both relying on implicit write-before-read ordering with no compile-time
safety. Refactor Registry into an encapsulated struct with Freeze() that
panics on post-freeze writes, and wrap DiffMap as an immutable value type
with defensive copy on construction. Move DiffMap injection to before
filterDiffs to preserve the original behavior of exposing all file diffs.
Add cache_control ephemeral breakpoints on system prompt and tool
definitions to activate Anthropic prompt caching for multi-turn
agent loops. Fix token double-counting by removing the redundant
totalTokensUsed accumulator and computing it from sub-items. Surface
cache read/write statistics in both text and JSON summary output.
Add ctx parameter to Provider.Execute interface and propagate it through
FileReader.Read, code_search.gitGrep/runGitGrep, and file_find.listGitFiles.
This ensures parent task cancellation/timeout properly terminates running
git subprocesses (grep, show, ls-files, ls-tree). Also adds 10s timeout
to file_find and fixes context.Canceled handling in code_search.
Rule doc files were translated from Chinese to English but tests still
expected Chinese substrings. Also added HOME isolation to prevent the
user's ~/.opencodereview/rule.json from interfering with system-default
rule assertions.
Migrated internal/llm from manual net/http implementation to anthropic-sdk-go v1.47.0
and openai-go/v3 v3.39.0, reducing ~400 lines of retry, request-building, and streaming
code. Simplified LLMClient interface to single CompletionsWithCtx method. Fixed Anthropic
auth to use WithAuthToken (Bearer) instead of WithAPIKey (X-Api-Key) for proxy compatibility.
Fixed OpenAI message builder to use ExtractText() for proper []ContentBlock handling.
* ci: add GitHub Actions workflow for automated PR review
- Trigger on PR opened and issue_comment (/open-code-review)
- Install OCR via npm, configure LLM secrets, run review
- Post inline review comments via GitHub PR review API
- Fallback to individual comments if batch posting fails
- Use commit SHA instead of branch ref to support fork PRs
* ci: use pull_request_target to support fork PR secret access
- Switch from pull_request to pull_request_target trigger
- Add synchronize and reopened event types
- Explicitly checkout PR head SHA (pull_request_target defaults to base)
- This ensures secrets are available for PRs from forked repos
* ci: fix pull_request_target handling for fork PRs
- Narrow trigger types to 'opened' only to reduce redundant runs
- Add explicit fetch of PR head ref to ensure fork commits are available
- Fix event name check from 'pull_request' to 'pull_request_target'