chore(governance): harden review gate and qsl metadata#217
Conversation
|
Bugbot is not enabled for your account, so this pull request was not reviewed. Enable Bugbot in the Cursor dashboard to get automatic reviews on future PRs. |
77f69f0 to
e5b3bbd
Compare
|
Bugbot is not enabled for your account, so this pull request was not reviewed. Enable Bugbot in the Cursor dashboard to get automatic reviews on future PRs. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 77f69f066e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
|
||
| jobs: | ||
| review: | ||
| uses: QuantStrategyLab/AIAuditBridge/.github/workflows/codex_pr_review.yml@main |
There was a problem hiding this comment.
Stop enabling a reusable review workflow that cannot checkout
When this new PR workflow calls QuantStrategyLab/AIAuditBridge/.github/workflows/codex_pr_review.yml@main, the called workflow runs under the caller PR context; its Checkout bridge review scripts step currently resolves the bridge checkout ref to github.event.pull_request.base.sha, which is a FirstradePlatform commit SHA, not an AIAuditBridge ref. That makes this job fail before it can review any PR, so enabling it here adds a consistently failing PR check whenever the workflow runs.
Useful? React with 👍 / 👎.
| "max_diff_lines": 2400, | ||
| "block_on_review_failure": false | ||
| "auto_converge_after": 0, | ||
| "block_on_review_failure": true |
There was a problem hiding this comment.
Wire block_on_review_failure into the gate
Setting this to true does not actually change the existing Codex Review Gate behavior: scripts/gate_codex_app_review.py reads this policy file for static limits but never consults pr_review.block_on_review_failure, and its timeout path still unconditionally returns success. In any PR where the existing gate is the enforced check and the Codex app fails or times out, merges continue to pass despite the policy now saying review failures should block.
Useful? React with 👍 / 👎.
e5b3bbd to
660322c
Compare
|
Bugbot is not enabled for your account, so this pull request was not reviewed. Enable Bugbot in the Cursor dashboard to get automatic reviews on future PRs. |
🤖 Codex PR ReviewPlease ensure a human reviewer checks this PR before merging. |
Co-Authored-By: Codex <noreply@openai.com>
660322c to
0d42873
Compare
|
Bugbot is not enabled for your account, so this pull request was not reviewed. Enable Bugbot in the Cursor dashboard to get automatic reviews on future PRs. |
Part of the QuantStrategyLab P0-P5 hardening and convergence wave.
Highlights:
Local validation was run before push in the Codex execution session.