fix: resolve repository review findings#687
Conversation
|
This pull request has been ignored for the connected project Preview Branches by Supabase. |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (2)
🚧 Files skipped from review as they are similar to previous changes (2)
📝 WalkthroughWalkthroughThe pull request pins GitHub Actions to reviewed commit SHAs and centralizes validation. It also updates authenticated document-search routing, adds high-risk trigger matching to claim support, extends tests, and records a review-ledger entry. ChangesGitHub Action pinning
Document search routing
High-risk evidence matching
Review record
Estimated code review effort: 4 (Complex) | ~45 minutes Sequence Diagram(s)sequenceDiagram
participant Browser
participant ClinicalDashboard
participant SearchExecutor
Browser->>ClinicalDashboard: Request document search URL
ClinicalDashboard->>ClinicalDashboard: Wait for authStatus and private-scope readiness
ClinicalDashboard->>Browser: pushState(document search URL)
ClinicalDashboard->>SearchExecutor: executeSearch(routedSearchContext)
SearchExecutor-->>ClinicalDashboard: Update document search state
Possibly related PRs
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fbed60193f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@codex resolve actionable Codex review findings for this pull request and current head using the repository instructions. This is the pull request's single automatic repair pass: do not perform a fresh review, create new standalone findings, or request another review. Work only the existing unresolved Codex threads on the current head. Always fix P0 and P1 findings. For P2 and lower findings, fix only clear, scoped, low-risk issues; otherwise disposition them with a concise reason. After fixing or dispositioning a thread, reply in that thread with as the first line, followed by a concise summary; that marker authorizes the workflow to close that exact thread. If human input or new authorization is required, do not use the marker and leave the thread open with the blocker. Finish only after every actionable thread is fixed or dispositioned and closed, or explicitly left open for a human decision. Do not update the branch from main, address unrelated reviews, broaden scope, or create more than one scoped fix commit. Do not use external APIs, paid services, credentials, dependency changes, or broad refactors unless explicitly authorized. Add targeted tests where behavior changes and run the narrowest relevant validation. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: fbed60193f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/docker-image.yml:
- Around line 63-66: Update the docker/setup-buildx-action and
docker/build-push-action pins in the workflow to remain on their existing v4 and
v7 major versions while using immutable commit SHAs. Do not roll either action
back to v3 or v6, and keep the action configuration otherwise unchanged.
In `@scripts/github-action-pins.mjs`:
- Line 22: Update the usesPattern in github-action-pins.mjs to optionally accept
the workflow step’s leading list marker and whitespace before uses:, while
preserving existing action, ref, and inline-comment captures. Add or update the
smallest targeted test to verify standard “- uses: action@ref” lines undergo
allowlist and mutable-ref validation.
In `@src/components/ClinicalDashboard.tsx`:
- Around line 1629-1638: Track the specific restored private-scope reference
alongside the existing restoration status. In the bootstrap path around
readSearchNavigationContext and executeSearchRef, defer auto-execution until the
restored reference equals the routed scopeRef; update the auto-run guard around
routedSearchContext to require the same match, preventing stale IDs from a
previous scope. Add coverage for initial scoped URLs and back/forward scope
changes in src/components/ClinicalDashboard.tsx at the indicated sites.
In `@src/lib/rag-claim-support.ts`:
- Around line 130-152: Update highRiskTriggerTokens so each regex captures only
the condition or indication span, stopping before trailing action clauses and
selecting the intended indication rather than a later duration clause. Preserve
compatibleHighRiskTrigger’s token-matching behavior, and add regression cases
covering condition-first wording and indication-plus-duration wording.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: 0b7f5324-65ff-4ad0-a610-8838557f5135
📒 Files selected for processing (18)
.github/workflows/ci-triage.yml.github/workflows/ci.yml.github/workflows/dependency-report.yml.github/workflows/docker-image.yml.github/workflows/eval-canary.yml.github/workflows/ingestion-autopilot.yml.github/workflows/live-drift.yml.github/workflows/ops-digest.yml.github/workflows/secret-scan.yml.github/workflows/staging-tenancy.yml.github/workflows/summary.ymldocs/branch-review-ledger.mdscripts/check-github-action-pins.mjsscripts/github-action-pins.mjssrc/components/ClinicalDashboard.tsxsrc/lib/rag-claim-support.tstests/github-action-pins.test.tstests/rag-claim-support.test.ts
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/lib/rag-claim-support.ts`:
- Line 134: Update the action-first regex in the claim extraction logic to
include the high-risk verbs cease, discontinue, and escalate alongside the
existing verbs, ensuring claims such as “Discontinue clozapine for neutropenia”
produce trigger tokens. Add regression coverage for each newly supported verb
form and preserve the existing matching behavior.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro Plus
Run ID: 9dc17288-4d58-44e4-a57d-6d0f6cbd1080
📒 Files selected for processing (9)
.github/workflows/docker-image.ymlscripts/github-action-pins.mjssrc/components/ClinicalDashboard.tsxsrc/lib/rag-claim-support.tssrc/lib/search-navigation-context.tstests/github-action-pins.test.tstests/rag-claim-support.test.tstests/search-navigation-context.test.tstests/ui-smoke.spec.ts
🚧 Files skipped from review as they are similar to previous changes (4)
- tests/github-action-pins.test.ts
- scripts/github-action-pins.mjs
- tests/rag-claim-support.test.ts
- src/components/ClinicalDashboard.tsx
Summary
Verification
npm run test— passed on final headnpm run eval:rag:offline— 36 fixtures and 287 tests passednpm run test:e2e:critical— passed; targeted document-search reload regression also passednpm run check:production-readiness -- --ci— READY in offline mode; expected missing local Supabase configuration warnings onlynpm run buildcompiled successfully twice, then the wrapper exited silently during its redundant TypeScript phase; standalone TypeScript passed and the hosted Build check is required before mergeClinical Governance Preflight
Clinical KB Database(sjrfecxgysukkwxsowpy)Notes
scopeRef; no PHI/PII logging was added.Summary by CodeRabbit
Improvements
Security & Reliability
Documentation
Tests