When a PR URL points to a different repo (e.g., other-org/other-repo),
the review would silently operate on the wrong PR in the current repo.
Now verifies URL owner/repo matches current repo before proceeding.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
If autofix pushes a new commit in Step 3.5, the PR HEAD changes.
Step 4's inline comments would then reference the autofix commit
where line numbers may have shifted, causing comments on wrong lines.
Fix: capture headRefOid in Step 1 (before autofix) and reuse in
Step 4. Also fix stale Step 5 comment about worktree/commit SHA.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Reverse audit agent already has full context (all confirmed findings +
entire diff), so its findings don't need a second opinion. This brings
the actual LLM call count to 7 (5 review + 1 verify + 1 reverse),
matching the documented claim.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
If a previous review was interrupted (Ctrl+C, crash), stale worktree
and local ref would block the next review. Now Step 1 checks for and
cleans up stale .qwen/tmp/review-pr-<N> worktree and qwen-review/pr-<N>
ref before creating new ones.
Step 5 also cleans up the local ref alongside the worktree.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Mermaid only renders on GitHub; shows as raw code on Nextra,
Docusaurus, VS Code preview, and offline viewing. Plain-text
ASCII diagram is universally compatible and includes LLM call
cost annotations on each stage.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Step 4.5: use absolute paths for reports/cache in worktree mode
(relative paths would land in worktree and be deleted)
- Step 1: fetch into qwen-review/pr-<N> ref to avoid clobbering
existing local branches
- Step 2.6: reverse audit findings use batch verification (not
one-per-finding), consistent with Step 2.5
- Doc: clarify reverse audit findings are also batch-verified
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add Token Efficiency section showing fixed 7 LLM calls breakdown
- Fix follow-up table: "fix these issues" is local-only (worktree
cleaned up after PR review)
- Update PR description with worktree, batch verification, cross-model
review, PR comment dedup, and expanded test plan
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Previously, each finding got its own independent verification agent
(N findings = N LLM calls). Now a single verification agent receives
all findings at once and verifies them in one pass.
Token cost: 6+N variable calls → 7 fixed calls (5 review + 1 verify + 1 reverse audit)
Quality: minimal impact — batch verification has fuller cross-finding context
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add model attribution to no-findings LGTM path
- Handle empty string from getModel() with .trim() || 'unknown'
- Add tests for {{model}} with args and empty model ID
- Fix doc contradiction: PR autofix pushes automatically from worktree
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1. Remove gh pr checkout --detach (modifies working tree, defeats
worktree purpose). Use git fetch only.
2. Add dependency installation step (npm ci etc.) in worktree —
without it, all TS/JS linting/building fails.
3. Cache and reports written to main project dir, not worktree
(would be deleted in Step 5).
4. "fix these issues" tip only for local reviews — worktree is
cleaned up after PR review, so interactive fixing not possible.
5. Autofix push uses explicit remote branch name from Step 1.
6. Move incremental check before dependency install to avoid
wasting time when no new changes.
7. Fix Step 3 reference: "from Steps 2.5 and 2.6" (includes
reverse audit findings).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace the stash + checkout + restore flow with an isolated git
worktree for PR reviews. This eliminates:
- Stash orphan risks (multiple early exit paths)
- Wrong-branch risks (Step 5 restore failures)
- Build cache pollution (worktree has its own state)
- All stash-related error handling complexity
New flow:
- Step 1: git worktree add .qwen/tmp/review-pr-<number>
- All agents operate in the worktree directory
- Autofix commits and pushes from the worktree
- Step 5: git worktree remove (--force for dirty worktrees)
User's working tree is never modified during PR reviews.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
run_shell_command expects timeout in milliseconds. Without explicit
ms values, implementations may pass 120/60 and time out immediately.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
For PR reviews, fetch existing inline and general comments via gh api
before launching agents. A summary of already-discussed issues is
passed to agents so they don't re-report problems that humans or other
tools have already flagged.
Added to Exclusion Criteria: "Issues already discussed in existing
PR comments."
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- commands.md: renumber 1.6→1.7→1.8→1.9 after inserting 1.5 Built-in Skills
- SKILL.md: promote Reverse audit from ### to ## Step 2.6 for consistent
step hierarchy
- _meta.ts: add code-review to Features navigation sidebar
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The incremental review cache now stores modelId alongside commitSha.
When the same PR is re-reviewed with a different model:
- Cache detects model change → runs full review (not skipped)
- Informs user: "Previous review used X. Running full review with Y
for a second opinion."
Same SHA + same model still skips as before.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add Step 2.6: after all findings are verified and aggregated, a single
reverse audit agent reviews the diff with full knowledge of what was
already found, specifically looking for important issues that all
previous agents missed.
- Only reports Critical/Suggestion level gaps (not Nice to have)
- Findings go through the same verification as other agents
- Single agent call — minimal cost overhead
- If nothing is found, initial review had strong coverage
This formalizes the "multi-round undirected audit" pattern that proved
effective during the development of this PR (14 rounds, 40+ issues).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add comprehensive user documentation for the /review command covering:
- Quick start examples for all modes (local, PR, file, --comment)
- Pipeline overview with all steps explained
- Review agents table (5 agents + their focus areas)
- Deterministic analysis (supported languages and tools)
- Severity levels and PR comment filtering rules
- Autofix workflow
- PR inline comments (what gets posted vs terminal-only)
- Follow-up actions (fix/post comments/commit)
- Project review rules (.qwen/review-rules.md etc.)
- Incremental review and caching
- Review report persistence
- Cross-file impact analysis
- Design philosophy
Also add /review and /simplify to the commands reference page
under a new "Built-in Skills" section with link to full docs.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
After review with unfixed findings (autofix declined/partial/N/A),
suggest "type fix these issues" so the LLM can interactively fix
each finding using the edit tool without re-running the review.
Follow-up tips now cover the complete post-review flow:
- Unfixed findings → "fix these issues"
- PR with findings → "post comments"
- Local all clear → "commit"
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
After local review with no critical issues, suggest "type commit to
commit your changes" — the follow-up system picks this up as ghost
text so users can Tab to commit.
PR reviews keep the existing "post comments" tip.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Comment template: replace **[{severity}]** with {prefix} placeholder
so auto-fixed prefix is not dropped
- Agent 5: run exactly one build + one test command using precedence
order to avoid duplicates (e.g., Makefile wrapping npm)
- Clarify timeout as 120000ms for run_shell_command
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Changed the tip from "/review <number> --comment" (which re-runs the
full review) to "post comments" (which reuses existing findings in
the same conversation and jumps directly to Step 4).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The tip placeholder <number> was being output literally, causing the
follow-up suggestion system to generate commands with wrong PR IDs.
Now explicitly instructs the LLM to substitute the real PR number.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace ambiguous {prefix} placeholder with concrete examples showing
the full Markdown bold + severity tag format for normal and auto-fixed
findings.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Low-confidence findings now appear only in the terminal "Needs Human
Review" section and are never posted as PR inline comments. This
resolves the contradiction between "silence > noise" and posting
uncertain findings on PRs.
Also clarified that "confirmed (low confidence)" is for issues likely
real but needing human judgment, not vague suspicions (those should
be rejected).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Deleted/renamed files in the diff would cause per-file linters to fail
on non-existent paths, producing false deterministic failures. Now uses
--diff-filter=d to exclude deletions from the changed files list.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Rename "should use unknown when model is not available" to
"when getModel returns undefined" — the mock config does define
getModel, it just returns undefined.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Copilot-instructions.md precedence: prefer .github/ path, do not
load both when both exist
- Simplify getModel() call: remove unnecessary typeof guard since
Config already defines getModel()
- Fix TS2352 type error in test: use proper mock cast pattern
- Add getModel to base mockConfig for test consistency
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add {{model}} template variable support in BundledSkillLoader. When a
skill body contains {{model}}, it is replaced with the runtime model ID
from config.getModel(). Only skills that use the variable are affected.
The /review skill now appends a model attribution footer to PR review
summaries: "Reviewed by {model} via Qwen Code /review"
This enables cross-model review workflows (e.g., develop with model A,
review with model B) with accurate attribution in PR comments.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Step 1.5 said "the diff output" (singular) but local reviews produce
two diffs (git diff + git diff --staged). Changed files list now
explicitly takes the union of both.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When deduplication merges findings with different severities (e.g.,
a Critical typecheck error with a Suggestion from LLM review), the
merged finding now uses the highest severity. Deterministic severity
is treated as authoritative and cannot be downgraded.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When PR checkout fails or incremental review finds no new changes,
restore the environment (checkout original branch, pop stash) before
stopping. Previously these early exits left the stash orphaned.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fix Source vs Issue field inconsistency: deterministic findings now
use Source field ([linter]/[typecheck]) consistently with the schema
- Add base branch ref resolution with origin/<base> fallback and
git fetch for fresh/non-standard checkouts
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
After presenting findings for a PR review, append a tip:
"Tip: run /review <number> --comment to post these as PR inline comments."
This leverages the existing follow-up suggestion system — it will
read the tip in context and likely suggest the command as ghost text,
letting users discover the feature via Tab without blocking prompts.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add Source field to Step 2 output schema (Agents 1-4: [review],
Agent 5: [build]/[test]) so Step 2.5 dedup can detect pre-confirmed
- Require Agent 5 to emit [build]/[test] tags explicitly
- Use grep -F (fixed-string) instead of -E regex for cross-file search
to avoid metacharacter issues with JS symbols like $
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fix golangci-lint: use ./... (package pattern) instead of file paths
- Unify PR comment prefix format: define canonical prefixes for normal,
auto-fixed, and low-confidence findings in the template
- Stop workflow entirely on autofix commit failure (dirty tree would
block Step 5 branch restore)
- Accept broader .gitignore patterns like .qwen/* for cache/reviews dirs
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The autofix step (Step 3.5) needs targeted text replacement to apply
fixes safely. Without the edit tool, only full-file rewrites via
write_file would be available, which is risky for partial fixes.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fix Step 1.5 intro: clarify whole-project vs per-file tool handling
and filter-then-report approach
- Fix dedup + deterministic finding ambiguity: merged findings with any
deterministic source are pre-confirmed and skip verification
- Fix autofix stash orphan: stop and let user handle commit failure
instead of silently stashing (which Step 5 wouldn't pop)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Fix filter-then-truncate ordering: capture full linter output first,
filter to changed files, then truncate (not head before filter)
- Record informational notes for skipped checks instead of silent skip
- Agent 5: capture full build/test output, keep first 50 + last 100
lines instead of tail-only (preserves error context)
- Fix [Needs Review] vs severity tag contradiction: use both
[Needs Review][Suggestion] format
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add tsc --incremental flag to speed up repeated type checks
- Increase type checker timeout to 120s (linters remain 60s)
- Improve cross-file grep patterns to cover .functionName, import { functionName }
- Don't truncate Critical pattern groups — list all locations
- Clarify pre-commit hook as a commit failure scenario in autofix
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Comprehensive improvements to the /review skill based on competitive analysis
of Copilot Code Review, Claude Code /ultrareview, and Gemini CLI async-pr-review.
Key changes (all prompt-only, no TypeScript code changes):
- P0: Integrate linter/typecheck (Step 1.5) — run project tools before LLM agents,
with error/warning severity distinction
- P1: Add Agent 5 for build & test verification with env/code failure distinction
- P1: Cross-file impact analysis for Agents 1-4 with 10-symbol prioritization limit
- P1: Project custom review rules (.qwen/review-rules.md, copilot-instructions.md,
AGENTS.md, QWEN.md) with base-branch reading for PR security
- P2: Autofix with user confirmation, PR branch commit, and verdict split
(terminal vs PR submission)
- P2: Pattern aggregation for same-type findings across locations
- P2: Confidence levels (high/low) with "Needs Human Review" section
- P2: Skip "Nice to have" from PR inline comments to reduce noise
- P3: Incremental review via .qwen/review-cache/ with rebase fallback
- P3: Report persistence to .qwen/reviews/ with timestamp filenames
Security hardening:
- PR description prompt injection defense (untrusted DATA marker)
- Base-branch rule loading prevents review-bypass injection
- Concurrency-safe temp file paths with {target} suffix
- Safe git stash handling (conditional pop)
- Argument disambiguation (integer vs URL vs file path)
Audited through 14 rounds of undirected review with 40 issues found and fixed.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
