continuous-intelligence/ci
2
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases 29 Wiki Activity
Files
05917b98082458783e13bf6be8ce1eca8e6eae4b
ci/opencode/ci/workflows/review.md
T
CI 05917b9808 feat(P02): add opencode integration layer — agents, workflows, commands, references, contexts 
---ci---
phase: 2
milestone: v0.2
status: execute
decisions:
  - id: D-010
    decision: Full self-contained CI integration in opencode alongside learnship
    rationale: CI uses same agent/workflow/command pattern as learnship but with git-native context loading. Commands prefixed ci- vs learnship-. Zero learnship dependencies.
    confidence: 0.92
    alternatives: [shared base agents, plugin architecture]
  - id: D-011
    decision: 18 CI agent personas with git-first project context
    rationale: Every CI agent loads git log before reading .ci/ files. This ensures the git log IS the project memory — the core v0.2.0 design principle.
    confidence: 0.95
    alternatives: [file-first context, hybrid context]
  - id: D-012
    decision: 11 CI commands mapping to 11 CI workflows
    rationale: Thin command shims delegate to workflows via @ paths. Matches learnship pattern for consistency. Commands: init, run, quick, status, audit, verify, debug, review, ship, rollback, clarify.
    confidence: 0.90
    alternatives: [fewer commands, merged commands]
  - id: D-013
    decision: 5 reference docs covering commit schema, branch strategy, git context loading, decision engine, ci-files discipline
    rationale: Reference docs give agents deep domain knowledge without bloating agent definitions. Matches learnship reference pattern.
    confidence: 0.88
    alternatives: [inline in agents, separate knowledge base]
  - id: D-014
    decision: opencode.json adds ~/.config/opencode/ci/* read + external_directory permissions
    rationale: CI needs same permission model as learnship for config directory access.
    confidence: 0.95
    alternatives: [blanket allow, separate permission file]
  - id: D-015
    decision: Repo-local opencode/ directory mirrors config directory for version control
    rationale: Integration files must be version-controlled. The opencode/ directory in the repo can be installed to ~/.config/opencode/ during setup.
    confidence: 0.85
    alternatives: [separate repo, git submodule]
---/ci---

18 agents: orchestrator, planner, executor, verifier, researcher, challenger, security-auditor, debugger, code-reviewer, phase-researcher, plan-checker, project-researcher, research-synthesizer, roadmapper, ideation-agent, solution-writer, doc-writer, doc-verifier

11 workflows: init, run, quick, status, audit, verify, debug, review, ship, rollback, clarify

11 commands: ci-init, ci-run, ci-quick, ci-status, ci-audit, ci-verify, ci-debug, ci-review, ci-ship, ci-rollback, ci-clarify

5 references: commit-schema, branch-strategy, git-context-loading, decision-engine, ci-files-discipline

3 contexts: dev, research, review
2026-05-29 13:27:00 +00:00

1.7 KiB
Raw Blame History

description
description
Review CI code changes with multi-persona analysis — auto-apply P0 fixes, flag P1+ for post-hoc review

CI Review

Multi-persona code review workflow. Reviews changes in the current phase, auto-applies P0 fixes, and flags P1+ issues for post-hoc review.

Usage: ci-review [phase_number]

Step 1: Load Changes

git log --grep="P##" --max-count=30
git diff phase/NN-slug...HEAD

Load all changes for the current or specified phase.

Step 2: Persona Reviews

For each persona (correctness, testing, security, performance, maintainability, adversarial):

Correctness

  • Logic errors, off-by-ones, missing edge cases
  • Incorrect data transformations
  • Race conditions

Testing

  • Missing test cases for new code
  • Flaky test patterns
  • Inadequate assertions

Security

  • Input validation gaps
  • Injection vectors
  • Secret exposure
  • Missing auth checks

Performance

  • Unnecessary allocations
  • O(n^2) patterns
  • Missing caching opportunities

Maintainability

  • Naming inconsistencies
  • Coupling violations
  • Missing error handling

Adversarial

  • Attack surface expansion
  • Abuse cases
  • Trust boundary violations

Step 3: Classify and Fix

For each finding:

  • P0 (blocking): Logic errors, security vulnerabilities, broken imports → auto-apply
  • P1 (important): Coverage gaps, naming issues, missing edge cases → flag
  • P2 (nit): Style, formatting, minor suggestions → flag

Step 4: Commit

verify(P##): code review — [N] P0 auto-fixed, [M] P1+ flagged

---ci---
phase: [N]
milestone: [vX.X]
status: verify
lessons:
  - [P0 fix: description]
---/ci---

Step 5: Return Result

Report findings by persona, P0 fixes applied, P1+ flags.

Reference in New Issue View Git Blame Copy Permalink