Add ez-assistant and kerberos service folders
This commit is contained in:
kelin
@@ -0,0 +1,168 @@
|
||||
# PR Review + Auto-Fix
|
||||
#
|
||||
# A self-healing code review pipeline. Reviews a PR from multiple angles,
|
||||
# identifies issues, and automatically fixes them in a loop until the
|
||||
# review passes. Satisfying to watch as issues get knocked down one by one.
|
||||
#
|
||||
# Usage: Run against any open PR in your repo.
|
||||
|
||||
agent reviewer:
|
||||
model: sonnet
|
||||
prompt: """
|
||||
You are a senior code reviewer. You review code for:
|
||||
- Correctness and logic errors
|
||||
- Security vulnerabilities
|
||||
- Performance issues
|
||||
- Code style and readability
|
||||
|
||||
Be specific. Reference exact file paths and line numbers.
|
||||
Return a structured list of issues or "APPROVED" if none found.
|
||||
"""
|
||||
|
||||
agent security-reviewer:
|
||||
model: opus # Security requires deep reasoning
|
||||
prompt: """
|
||||
You are a security specialist. Focus exclusively on:
|
||||
- Injection vulnerabilities (SQL, command, XSS)
|
||||
- Authentication/authorization flaws
|
||||
- Data exposure and privacy issues
|
||||
- Cryptographic weaknesses
|
||||
|
||||
If you find issues, they are HIGH priority. Be thorough.
|
||||
"""
|
||||
|
||||
agent fixer:
|
||||
model: opus # Fixing requires understanding + execution
|
||||
prompt: """
|
||||
You are a code fixer. Given an issue report:
|
||||
1. Understand the root cause
|
||||
2. Implement the minimal fix
|
||||
3. Verify the fix addresses the issue
|
||||
4. Create a clean commit
|
||||
|
||||
Do NOT over-engineer. Fix exactly what's reported, nothing more.
|
||||
"""
|
||||
|
||||
agent captain:
|
||||
model: sonnet # Orchestration role
|
||||
persist: true
|
||||
prompt: """
|
||||
You coordinate the PR review process. You:
|
||||
- Track which issues have been found and fixed
|
||||
- Decide when the PR is ready to merge
|
||||
- Escalate to human if something is unfixable
|
||||
"""
|
||||
|
||||
# Get the PR diff
|
||||
let pr_diff = session "Fetch the PR diff"
|
||||
prompt: """
|
||||
Read the current PR:
|
||||
1. Run: gh pr diff
|
||||
2. Also get: gh pr view --json title,body,files
|
||||
3. Return the complete diff and PR metadata
|
||||
"""
|
||||
|
||||
# Phase 1: Parallel multi-perspective review
|
||||
session: captain
|
||||
prompt: "Starting PR review. I'll coordinate multiple reviewers."
|
||||
|
||||
parallel:
|
||||
general_review = session: reviewer
|
||||
prompt: "Review this PR for correctness, logic, and style issues"
|
||||
context: pr_diff
|
||||
|
||||
security_review = session: security-reviewer
|
||||
prompt: "Security audit this PR. Flag any vulnerabilities."
|
||||
context: pr_diff
|
||||
|
||||
test_check = session "Check test coverage"
|
||||
prompt: """
|
||||
Analyze the PR:
|
||||
1. What code changed?
|
||||
2. Are there tests for the changes?
|
||||
3. Run existing tests: npm test / pytest / cargo test
|
||||
Return: test status and coverage gaps
|
||||
"""
|
||||
context: pr_diff
|
||||
|
||||
# Phase 2: Captain synthesizes and prioritizes
|
||||
let issues = resume: captain
|
||||
prompt: """
|
||||
Synthesize all review feedback into a prioritized issue list.
|
||||
Format each issue as:
|
||||
- ID: issue-N
|
||||
- Severity: critical/high/medium/low
|
||||
- File: path/to/file.ts
|
||||
- Line: 42
|
||||
- Issue: description
|
||||
- Fix: suggested approach
|
||||
|
||||
If all reviews passed, return "ALL_CLEAR".
|
||||
"""
|
||||
context: { general_review, security_review, test_check }
|
||||
|
||||
# Phase 3: Auto-fix loop
|
||||
loop until **all issues are resolved or unfixable** (max: 10):
|
||||
|
||||
if **there are no remaining issues**:
|
||||
resume: captain
|
||||
prompt: "All issues resolved! Summarize what was fixed."
|
||||
else:
|
||||
# Pick the highest priority unfixed issue
|
||||
let current_issue = resume: captain
|
||||
prompt: "Select the next highest priority issue to fix."
|
||||
context: issues
|
||||
|
||||
# Attempt the fix
|
||||
try:
|
||||
session: fixer
|
||||
prompt: """
|
||||
Fix this issue:
|
||||
{current_issue}
|
||||
|
||||
Steps:
|
||||
1. Read the file
|
||||
2. Understand the context
|
||||
3. Implement the fix
|
||||
4. Run tests to verify
|
||||
5. Commit with message: "fix: [issue description]"
|
||||
"""
|
||||
context: current_issue
|
||||
retry: 2
|
||||
backoff: exponential
|
||||
|
||||
# Mark as fixed
|
||||
resume: captain
|
||||
prompt: "Issue fixed. Update tracking and check remaining issues."
|
||||
context: current_issue
|
||||
|
||||
catch as fix_error:
|
||||
# Escalate unfixable issues
|
||||
resume: captain
|
||||
prompt: """
|
||||
Fix attempt failed. Determine if this is:
|
||||
1. Retryable with different approach
|
||||
2. Needs human intervention
|
||||
3. A false positive (not actually an issue)
|
||||
|
||||
Update issue status accordingly.
|
||||
"""
|
||||
context: { current_issue, fix_error }
|
||||
|
||||
# Phase 4: Final verification
|
||||
let final_review = session: reviewer
|
||||
prompt: "Final review pass. Verify all fixes are correct and complete."
|
||||
|
||||
resume: captain
|
||||
prompt: """
|
||||
PR Review Complete!
|
||||
|
||||
Generate final report:
|
||||
- Issues found: N
|
||||
- Issues fixed: N
|
||||
- Issues requiring human review: N
|
||||
- Recommendation: MERGE / NEEDS_ATTENTION / BLOCK
|
||||
|
||||
If ready, run: gh pr review --approve
|
||||
"""
|
||||
context: final_review
|
||||
Reference in New Issue
Block a user