diff options
| -rw-r--r-- | todo.org | 22 |
1 files changed, 7 insertions, 15 deletions
@@ -770,9 +770,9 @@ Each item below is a one-line summary of a sub-TODO further down. Tick the box w - [ ] [#B] =codify=: stale-entry review + privacy checks before writing project =CLAUDE.md= **** Code review -- [ ] [#A] =review-code=: resolve local-verification vs CI boundary -- [ ] [#B] =review-code=: =CLAUDE.md= citation scope for public artifacts -- [ ] [#B] =review-code=: relax three-strengths rule for tiny/failing diffs +- [X] [#A] =review-code=: resolve local-verification vs CI boundary +- [X] [#B] =review-code=: =CLAUDE.md= citation scope for public artifacts +- [X] [#B] =review-code=: relax three-strengths rule for tiny/failing diffs **** PR / review responses - [ ] [#A] =respond-to-review=: remove review-process language from commit messages @@ -945,21 +945,13 @@ private context, and team-visible leakage before appending. Add "would this be safe if the project were public?" and "does this belong in private memory instead?" as mandatory checks, not just table background. -*** TODO [#A] =review-code=: resolve the local-verification vs CI boundary +*** 2026-05-22 Fri @ 14:06:41 -0500 Scoped review-code's CI-trust rule to reviewing, not shipping -=review-code= says "Trust CI for lint, typecheck, test runs; don't re-run -them." =verification.md= and =finish-branch= require fresh local evidence -before completion. Clarify: code review should not duplicate CI while reading a -PR, but pre-commit/pre-push workflows still need local verification or a clear -"not run because..." statement. +Expanded the False-Positive Filter bullet in =review-code/SKILL.md=: "trust CI, don't run builds" applies to reading a diff, not producing one. A pre-commit/pre-push flow still owes the local verification =verification.md= requires (run the suite or state "not run because..."). Closes the apparent contradiction with =verification.md= / =finish-branch=. -*** TODO [#A] =review-code=: handle public-artifact scope when citing =CLAUDE.md= +*** 2026-05-22 Fri @ 14:06:41 -0500 Added private-vs-public CLAUDE.md citation modes to review-code -The skill requires auditing and reporting =CLAUDE.md= adherence, while -=commits.md= says personal tooling files should not be cited as authority in -public artifacts. Add two output modes: private/internal review may cite -=CLAUDE.md= directly; public/team review should translate the rule into the -underlying engineering reason without naming personal rulesets. +Expanded the Content scope section in =review-code/SKILL.md= with two modes: a private/internal review cites =CLAUDE.md= directly; a public/team review translates the rule into the engineering reason it encodes and doesn't name the rules file (a teammate can act on the reason, not on a file they can't reach). Same principle =commits.md= states for personal tooling in public artifacts. *** 2026-05-22 Fri @ 13:48:14 -0500 Relaxed review-code "three strengths" to up-to-three-or-none |