diff options
| author | Craig Jennings <c@cjennings.net> | 2026-05-22 14:07:44 -0500 |
|---|---|---|
| committer | Craig Jennings <c@cjennings.net> | 2026-05-22 14:07:44 -0500 |
| commit | e46174ae7ae443bbc94efcc5cc2059efa2cae5c0 (patch) | |
| tree | dc89c739827543ccd9c968bff5fa89158d651f68 | |
| parent | 5ff5088b0a3978f35b49e35c71add4764697c257 (diff) | |
| download | rulesets-e46174ae7ae443bbc94efcc5cc2059efa2cae5c0.tar.gz rulesets-e46174ae7ae443bbc94efcc5cc2059efa2cae5c0.zip | |
chore(todo): close review-code CI-trust and CLAUDE.md-citation items
| -rw-r--r-- | todo.org | 22 |
1 files changed, 7 insertions, 15 deletions
@@ -770,9 +770,9 @@ Each item below is a one-line summary of a sub-TODO further down. Tick the box w - [ ] [#B] =codify=: stale-entry review + privacy checks before writing project =CLAUDE.md= **** Code review -- [ ] [#A] =review-code=: resolve local-verification vs CI boundary -- [ ] [#B] =review-code=: =CLAUDE.md= citation scope for public artifacts -- [ ] [#B] =review-code=: relax three-strengths rule for tiny/failing diffs +- [X] [#A] =review-code=: resolve local-verification vs CI boundary +- [X] [#B] =review-code=: =CLAUDE.md= citation scope for public artifacts +- [X] [#B] =review-code=: relax three-strengths rule for tiny/failing diffs **** PR / review responses - [ ] [#A] =respond-to-review=: remove review-process language from commit messages @@ -945,21 +945,13 @@ private context, and team-visible leakage before appending. Add "would this be safe if the project were public?" and "does this belong in private memory instead?" as mandatory checks, not just table background. -*** TODO [#A] =review-code=: resolve the local-verification vs CI boundary +*** 2026-05-22 Fri @ 14:06:41 -0500 Scoped review-code's CI-trust rule to reviewing, not shipping -=review-code= says "Trust CI for lint, typecheck, test runs; don't re-run -them." =verification.md= and =finish-branch= require fresh local evidence -before completion. Clarify: code review should not duplicate CI while reading a -PR, but pre-commit/pre-push workflows still need local verification or a clear -"not run because..." statement. +Expanded the False-Positive Filter bullet in =review-code/SKILL.md=: "trust CI, don't run builds" applies to reading a diff, not producing one. A pre-commit/pre-push flow still owes the local verification =verification.md= requires (run the suite or state "not run because..."). Closes the apparent contradiction with =verification.md= / =finish-branch=. -*** TODO [#A] =review-code=: handle public-artifact scope when citing =CLAUDE.md= +*** 2026-05-22 Fri @ 14:06:41 -0500 Added private-vs-public CLAUDE.md citation modes to review-code -The skill requires auditing and reporting =CLAUDE.md= adherence, while -=commits.md= says personal tooling files should not be cited as authority in -public artifacts. Add two output modes: private/internal review may cite -=CLAUDE.md= directly; public/team review should translate the rule into the -underlying engineering reason without naming personal rulesets. +Expanded the Content scope section in =review-code/SKILL.md= with two modes: a private/internal review cites =CLAUDE.md= directly; a public/team review translates the rule into the engineering reason it encodes and doesn't name the rules file (a teammate can act on the reason, not on a file they can't reach). Same principle =commits.md= states for personal tooling in public artifacts. *** 2026-05-22 Fri @ 13:48:14 -0500 Relaxed review-code "three strengths" to up-to-three-or-none |