agent: 添加代码评审 Agent 示例#160
Open
ghost613bb wants to merge 4 commits into
Open
Conversation
Add design docs and a Skill scaffold for the code review Agent proposal. Updates trpc-group#92 RELEASE NOTES: Added design documentation and example scaffold for a Skill-based code review Agent.
|
CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅ |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #160 +/- ##
==========================================
Coverage ? 87.54280%
==========================================
Files ? 467
Lines ? 44103
Branches ? 0
==========================================
Hits ? 38609
Misses ? 5494
Partials ? 0 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
Author
|
I have read the CLA Document and I hereby sign the CLA |
Rook1ex
added a commit
to trpc-group/cla-database
that referenced
this pull request
Jul 11, 2026
This change adds a deterministic code review Agent example that can parse diffs, run fake-model review rules, apply sandbox governance, simulate sandbox execution, persist review data to SQLite, and render JSON and Markdown reports. It includes fixtures and tests for clean diffs, hard-coded secrets, async task handling, database lifecycle issues, missing tests, duplicate findings, sandbox failures, and secret redaction. Updates trpc-group#92 RELEASE NOTES: Added a code review Agent dry-run example with fake sandbox execution and SQLite-backed reports.
This change adds allowlisted sandbox script examples and committed sample review reports for the code review Agent example. The scripts provide deterministic diff summary and static-rule smoke checks that can be executed by a sandbox runtime, while the sample reports show the redacted JSON and Markdown output generated from the hard-coded secret fixture. It also updates the example README to document the sample reports and script layout. Updates trpc-group#92 RELEASE NOTES: NONE
This change adds an optional Container sandbox runtime for the code review Agent example. The runtime reuses the existing ContainerClient to execute allowlisted sandbox scripts with diff input through stdin, network access disabled, timeout enforcement, output truncation, and structured sandbox run records. The fake sandbox remains the default deterministic runtime for local tests and CI, while the container runtime provides an isolated execution path for diff summary and static rule scripts. Updates trpc-group#92 RELEASE NOTES: NONE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
概要
本 PR 为 #92 新增代码评审 Agent 示例,用于演示 diff 解析、规则检查、沙箱治理、结构化报告、SQLite 持久化和审计记录等能力。
示例支持从
--diff-file或--repo-path读取变更,解析 unified diff 中的文件、hunk、变更行和行号锚点;通过确定性规则生成结构化 findings;在执行沙箱脚本前进行 Filter 治理;支持默认 fake sandbox 和可选 Container sandbox;最终输出 JSON / Markdown 报告,并可将任务、finding、sandbox run、Filter 决策、审计事件和最终报告写入 SQLite。Fixes #92
主要内容
examples/code_review_agent/示例目录。code-reviewSkill 包,包含:SKILL.mdContainerClient执行白名单脚本,并默认禁用网络访问。review_report.json和review_report.md示例输出。测试
结果:
42 passed
已手动验证:
--sandbox-runtime fake运行并生成报告。duplicate_secret中重复 finding 被合并。sandbox_failurefixture 验证模拟的沙箱脚本失败会被记录,且不会中断评审流程。sensitive_redaction中的 token、password、private key 等敏感信息不会出现在报告或 SQLite 查询结果中。hardcoded_secret.diff可通过--sandbox-runtime container --container-image python:3-slim使用 Container runtime 执行白名单脚本。Release notes
RELEASE NOTES: 新增代码评审 Agent 示例,支持沙箱治理、Container 执行、SQLite 持久化和结构化报告。