github-actions[bot] commented on code in PR #64658:
URL: https://github.com/apache/doris/pull/64658#discussion_r3448120732
##########
.claude/skills/code-review/SKILL.md:
##########
@@ -14,9 +14,13 @@ Use this when you need to review code, whether it is code
you just completed or
## How to use me
-1. **Always read and respond to Part 1** (General Principles) — it applies to
all code.
-2. For module-specific review, **read the `AGENTS.md` in the corresponding
source directory** listed in Part 2. Those files contain non-obvious
conventions and traps specific to each subsystem.
-3. Parts 3–7 cover cross-module concerns, testing, high-risk patterns,
functions, and standards — refer as needed.
+0. **MANDATORY GOAL COMPLETION REQUIREMENT:** When the review is running in
Codex goal mode, the goal is complete only after every changed file and
relevant surrounding code path has been examined, every suspicious point has
been accepted as an inline issue or dismissed with evidence, and every accepted
issue has been submitted and verified on GitHub.
+1. **MANDATORY GOAL PROCESS REQUIREMENT:** The goal's progress tracking must
cover instruction loading, subagent spawning, shared-ledger maintenance,
candidate verification/deduplication, final subagent convergence, GitHub review
submission, and GitHub API verification. The goal is not complete until every
live subagent has said `NO_NEW_VALUABLE_FINDINGS` for the same current
ledger/comment set after the last candidate update.
+2. **MANDATORY SUBAGENT REVIEW REQUIREMENT:** Use the available subagent or
multi-agent spawn tool for focused review passes; do not merely simulate
subagent output. The main agent must read the subagent results, independently
verify or dismiss every candidate with concrete code evidence, deduplicate
against existing review threads, submit the final GitHub review itself, and
summarize the subagent conclusions.
+3. **MANDATORY SHARED LEDGER REQUIREMENT:** When a shared subagent review
ledger is provided, every subagent must read the whole ledger and append
findings only to its assigned subagent section. The main agent must use the
ledger as the source of truth for merging, status updates, duplicate
suppression, proposed final comments, and the final convergence round.
Subagents must not edit another subagent section or any main-owned section;
this section-owned append-only rule avoids concurrent patch conflicts while
keeping all findings visible in one document.
Review Comment:
This requirement is in the generic `How to use me` section, but the skill is
also advertised for local/self/direct code reviews above. As written, every
code-review use now has to use a subagent tool and have the main agent submit a
GitHub review itself, which conflicts with read-only review prompts and
environments that have no GitHub submission permission or no subagent tool. The
runner prompt adds a no-subagent fallback, but the committed skill does not.
Please scope this mandatory behavior to Codex goal-mode GitHub reviews where
submission is explicitly allowed, and include the same fallback for runtimes
without subagent tooling.
##########
.github/workflows/code-review-runner.yml:
##########
@@ -73,6 +73,32 @@ jobs:
unzip -q "$tmp_dir/ossutil.zip" -d "$tmp_dir"
sudo install -m 0755 "$tmp_dir/ossutil-v1.7.19-linux-amd64/ossutil"
/usr/local/bin/ossutil
+ - name: Install Codex goal binary
+ run: |
+ codex_cmd="$(command -v codex)"
+ codex_target="$(readlink -f "$codex_cmd")"
+ tmp_dir="$(mktemp -d)"
+ trap 'rm -rf "$tmp_dir"' EXIT
+
+ downloaded=false
+ for object in "$OSS_CODEX_GOAL_OBJECT"
"$OSS_CODEX_GOAL_FALLBACK_OBJECT"; do
+ if ossutil -i "$OSS_AK" -k "$OSS_SK" -e "$OSS_ENDPOINT" cp -f
"$object" "$tmp_dir/codex-goal"; then
+ downloaded=true
Review Comment:
This downloads and immediately executes a mutable OSS object as the `codex`
binary in a privileged workflow. The only validation before execution is `exec
--help | grep -- '--goal'`, which checks CLI shape but not provenance or
integrity; if either OSS object is replaced, the binary runs in this step with
`OSS_AK`/`OSS_SK` in the environment and then later runs with `GH_TOKEN` while
the workflow has `pull-requests: write` and `issues: write`. Please pin this to
an immutable versioned object and verify a checksum/signature stored in the
repo before installing or executing it. Per `threat-model.md`, CI/dev tooling
is outside Doris runtime vulnerability scope, so this is a blocking CI workflow
hardening issue rather than a Doris runtime security vulnerability.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
