d5889919a9
## Thinking Path
> - Paperclip is the open source app people use to manage AI agents for
work
> - Contributor onboarding leans on a small set of CI gates
("commitperclip") that read PR metadata and enforce the rules in
CONTRIBUTING.md
> - We recently landed two new contributor rules: every PR must either
link an existing issue or inline an issue-template-shaped description,
and the author must affirm they searched for duplicate PRs first
> - The existing `check-pr-linked-issue` gate only accepted
`Fixes/Closes/Resolves #N`, and there was no gate at all for the
dedup-search affirmation, so the new rules were unenforced
> - This pull request widens the linked-issue gate (accept `Refs #N`,
accept inline template-shaped descriptions) and adds a new dedup-search
gate wired into `run-quality-gates`
> - The benefit is that the rules we ask contributors to follow are now
mechanically enforced, lowering review noise without raising contributor
friction
## Linked Issues or Issue Description
Refs #4260 — the PR cited in the original rule discussion, whose body is
the canonical example of the inline-issue-description shape this gate
now accepts.
**Problem or motivation**
The repo recently adopted two contributor rules: (1) link the issue your
PR fixes or inline a description in the issue-template shape, and (2)
confirm you searched for duplicate PRs before opening one. Neither rule
was enforced — the existing linked-issue check only matched
`Fixes/Closes/Resolves #N`, and nothing looked for the dedup-search
affirmation. Reviewers had to remember and re-state the rules by hand on
every PR.
**Proposed solution**
Widen `check-pr-linked-issue.mjs` and add a new
`check-pr-dedup-search.mjs` so commitperclip enforces the rules already
documented in CONTRIBUTING.md and the PR template:
- Accept `Refs #N` as a valid link verb alongside `Fixes`, `Closes`,
`Resolves`.
- Accept a PR body with an inline issue-template-shaped description (≥3
fields matched against the bug, feature, or adapter templates) as a
valid alternative to a linked issue.
- New `check-pr-dedup-search.mjs` looks for a checked checkbox affirming
the author searched for similar/duplicate/prior PRs, wired into
`run-quality-gates.mjs` with the same skip/override semantics as the
other gates.
**Alternatives considered**
- A single regex over the whole PR body looking for issue-template field
names — rejected, too brittle and gave no useful error message when it
failed. The per-field counter lets us tell the author exactly how many
template fields we matched and which template they're closest to.
- Making the dedup-search check live inside `check-pr-linked-issue` —
rejected, the two rules are orthogonal and a separate gate gives a
cleaner error message and respects `[skip-quality-gates]` independently.
**Roadmap alignment**
This is contributor-workflow plumbing for rules that already landed on
`master`. It is not a roadmap feature and does not overlap with planned
core work.
## What Changed
- `check-pr-linked-issue.mjs`: accept `Refs #N`; add
`hasInlineIssueDescription` (per-template field counter, ≥3 fields) so a
fully inlined description satisfies the gate.
- `check-pr-dedup-search.mjs`: new gate, looks for a checked
dedup-search checkbox in the PR body, with clear failure guidance.
- `run-quality-gates.mjs`: wire the new gate in alongside the existing
checks.
- `CONTRIBUTING.md`: "Before You Start: Search First" callout pointing
at the PR-template checkbox the gate enforces.
- Tests: unit tests for `Refs #N`, the inline-description threshold
(bolded labels, plain labels, headings), and the dedup-search gate
across checked/unchecked/missing/skip-prefix paths.
## Verification
- `node --test .github/scripts/tests/check-pr-linked-issue.test.mjs` →
all pass
- `node --test .github/scripts/tests/check-pr-dedup-search.test.mjs` →
all pass
- Full repo test matrix: 116/116 pass locally
For the gate itself, this PR exercises both new code paths: the body
inlines a feature-template-shaped description with ≥3 matched fields,
and the dedup-search checkbox below is checked.
## Risks
Low risk. The change is contributor-CI plumbing — no runtime or
migration impact. The widened linked-issue gate is strictly more
permissive (it can only flip prior FAILs to PASS), and the new
dedup-search gate honors the existing `[skip-quality-gates]` prefix, so
an author can always bypass it the same way as the other gates if
needed.
## Model Used
Claude Opus 4.7 (`claude-opus-4-7`), extended-thinking enabled, tool use
for filesystem + shell.
## Checklist
- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have checked ROADMAP.md and confirmed this PR does not duplicate
planned core work
- [x] I have searched GitHub for duplicate or related PRs and linked
them above
- [x] I have either (a) linked existing issues with `Fixes: #` / `Closes
#` / `Refs #` OR (b) described the issue in-PR following the relevant
issue template
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [ ] If this change affects the UI, I have included before/after
screenshots
- [x] I have updated relevant documentation to reflect my changes
- [x] I have considered and documented any risks above
- [ ] All Paperclip CI gates are green
- [ ] Greptile is 5/5 with no open P2s, recommendations, or follow-ups
- [x] I will address all Greptile and reviewer comments before
requesting merge
Co-authored-by: Paperclip <noreply@paperclip.ing>
149 lines
5.2 KiB
JavaScript
149 lines
5.2 KiB
JavaScript
#!/usr/bin/env node
|
|
/**
|
|
* run-quality-gates.mjs
|
|
* Orchestrates all quality gates. Fetches PR data once, runs all gates,
|
|
* posts or updates a single consolidated comment via commitperclip.
|
|
*
|
|
* Env: GH_TOKEN, GH_REPO, PR_NUMBER, PR_AUTHOR, PR_BRANCH
|
|
* Exit: 0 if all quality gates pass, 1 if any fail.
|
|
*/
|
|
import { fileURLToPath } from 'node:url';
|
|
import { ghFetch } from './get-bot-token.mjs';
|
|
import { fetchAllPullRequestFiles } from './fetch-pr-files.mjs';
|
|
import { checkTemplate } from './check-pr-template.mjs';
|
|
import { checkLinkedIssue } from './check-pr-linked-issue.mjs';
|
|
import { checkDedupSearch } from './check-pr-dedup-search.mjs';
|
|
import { checkTestCoverage } from './check-pr-test-coverage.mjs';
|
|
import { checkLockfile } from './check-pr-lockfile.mjs';
|
|
import { checkDependencies } from './check-pr-dependencies.mjs';
|
|
|
|
const COMMENT_SIGNATURE = '— commitperclip';
|
|
|
|
function buildComment(author, failures, informational) {
|
|
if (failures.length === 0 && informational.length === 0) {
|
|
return `✅ All checks passing — ready for Greptile review and maintainer approval.\n\n${COMMENT_SIGNATURE}`;
|
|
}
|
|
|
|
const lines = [
|
|
`Hey @${author}! Before this PR can be reviewed, a few things need attention:\n`,
|
|
];
|
|
|
|
if (failures.length > 0) {
|
|
lines.push('**Missing or incomplete:**');
|
|
for (const f of failures) lines.push(`- [ ] ${f}`);
|
|
}
|
|
|
|
if (informational.length > 0) {
|
|
if (failures.length > 0) lines.push('');
|
|
lines.push('**Informational:**');
|
|
for (const i of informational) lines.push(`- ${i}`);
|
|
}
|
|
|
|
lines.push(
|
|
'\nOnce updated, push a new commit and these checks will re-run automatically.\n',
|
|
COMMENT_SIGNATURE
|
|
);
|
|
|
|
return lines.join('\n');
|
|
}
|
|
|
|
export async function findExistingComment(fetchFromGitHub, token, repo, prNumber) {
|
|
for (let page = 1; ; page += 1) {
|
|
const comments = await fetchFromGitHub(
|
|
`/repos/${repo}/issues/${prNumber}/comments?per_page=100&page=${page}`,
|
|
token
|
|
);
|
|
|
|
const existing = comments.find(
|
|
c => (c.user.login === 'commitperclip[bot]' || c.user.login === 'commitperclip') &&
|
|
c.body.includes(COMMENT_SIGNATURE)
|
|
);
|
|
if (existing) return existing;
|
|
|
|
if (comments.length < 100) return null;
|
|
}
|
|
}
|
|
|
|
async function upsertComment(token, repo, prNumber, body, existing) {
|
|
if (existing) {
|
|
await ghFetch(`/repos/${repo}/issues/comments/${existing.id}`, token, {
|
|
method: 'PATCH',
|
|
headers: { 'Content-Type': 'application/json' },
|
|
body: JSON.stringify({ body }),
|
|
});
|
|
} else {
|
|
await ghFetch(`/repos/${repo}/issues/${prNumber}/comments`, token, {
|
|
method: 'POST',
|
|
headers: { 'Content-Type': 'application/json' },
|
|
body: JSON.stringify({ body }),
|
|
});
|
|
}
|
|
}
|
|
|
|
async function main() {
|
|
const { GH_TOKEN, GH_REPO, PR_NUMBER, PR_AUTHOR, PR_BRANCH } = process.env;
|
|
|
|
if (!GH_TOKEN || !GH_REPO || !PR_NUMBER) {
|
|
console.error('ERROR: GH_TOKEN, GH_REPO, PR_NUMBER env vars required');
|
|
process.exit(1);
|
|
}
|
|
|
|
// Sanitize inputs before use in URL construction (prevents SSRF)
|
|
const prNumber = parseInt(PR_NUMBER, 10);
|
|
if (!Number.isInteger(prNumber) || prNumber <= 0) {
|
|
console.error('ERROR: PR_NUMBER must be a positive integer');
|
|
process.exit(1);
|
|
}
|
|
if (!/^[a-zA-Z0-9_.-]+\/[a-zA-Z0-9_.-]+$/.test(GH_REPO)) {
|
|
console.error('ERROR: GH_REPO must be in owner/repo format');
|
|
process.exit(1);
|
|
}
|
|
|
|
// Fetch PR data once — gates use this, no redundant API calls
|
|
const [pr, files] = await Promise.all([
|
|
ghFetch(`/repos/${GH_REPO}/pulls/${prNumber}`, GH_TOKEN),
|
|
fetchAllPullRequestFiles(ghFetch, GH_REPO, prNumber, GH_TOKEN),
|
|
]);
|
|
|
|
const prBody = pr.body ?? '';
|
|
const author = PR_AUTHOR ?? pr.user.login;
|
|
const branch = PR_BRANCH ?? pr.head.ref;
|
|
|
|
// Run all quality gates (pure functions run sync, deps check is async)
|
|
const prTitle = pr.title ?? '';
|
|
const [templateResult, issueResult, dedupResult, testResult, lockfileResult, depsResult] =
|
|
await Promise.all([
|
|
Promise.resolve(checkTemplate(prBody)),
|
|
Promise.resolve(checkLinkedIssue(prBody, prTitle)),
|
|
Promise.resolve(checkDedupSearch(prBody, prTitle)),
|
|
Promise.resolve(checkTestCoverage(files, prTitle)),
|
|
Promise.resolve(checkLockfile(files, author, branch)),
|
|
checkDependencies(files, GH_TOKEN, GH_REPO, prNumber, pr.base?.ref),
|
|
]);
|
|
|
|
const allFailures = [
|
|
...templateResult.failures,
|
|
...issueResult.failures,
|
|
...dedupResult.failures,
|
|
...testResult.failures,
|
|
...lockfileResult.failures,
|
|
];
|
|
const informational = depsResult.informational ?? [];
|
|
const allPassed = allFailures.length === 0;
|
|
|
|
const commentBody = buildComment(author, allFailures, informational);
|
|
|
|
// Post comment if there are failures/informational, or update existing comment
|
|
const existing = await findExistingComment(ghFetch, GH_TOKEN, GH_REPO, prNumber);
|
|
if (allFailures.length > 0 || informational.length > 0 || existing) {
|
|
await upsertComment(GH_TOKEN, GH_REPO, prNumber, commentBody, existing);
|
|
}
|
|
|
|
console.log(JSON.stringify({ passed: allPassed, failures: allFailures, informational }));
|
|
process.exit(allPassed ? 0 : 1);
|
|
}
|
|
|
|
if (process.argv[1] === fileURLToPath(import.meta.url)) {
|
|
main().catch(e => { console.error(e.message); process.exit(1); });
|
|
}
|