Skip to content

release: v0.1.6#96

Merged
ajianaz merged 12 commits into
developfrom
release/v0.1.6
Jun 1, 2026
Merged

release: v0.1.6#96
ajianaz merged 12 commits into
developfrom
release/v0.1.6

Conversation

@ajianaz

@ajianaz ajianaz commented Jun 1, 2026

Copy link
Copy Markdown
Collaborator

v0.1.6 Release

Added

Fixed

Stats

  • 178 tests passing
  • Clippy clean
  • Format clean
  • Cora self-review: no issues

CTO Hermes added 12 commits June 1, 2026 13:29
- Add CRITICAL CONSTRAINTS section to prevent file path hallucination
- Add explicit severity level definitions with examples
- Add 'suggestion' as valid issue_type
- Emphasize 'no markdown code fences' in both prompts
- Reference: old cora TS repo anti-hallucination patterns

Closes #95
- Add extract_file_paths_from_diff() to parse diff headers
- Inject 'Valid files in this diff:' list into review user prompt
- Add post-parse filtering of issues with invalid file paths in review.rs
- Add is_valid_file_path() with exact + partial match heuristic
- Add 7 new tests (file path extraction, prompt injection, dedup, /dev/null)

Anti-hallucination: LLM can now see exactly which files are valid,
and issues referencing non-existent files are filtered out post-parse.

Closes #93
- Refactor extract_file_paths_from_diff: early return pattern, no loop
  over prefixes (fixes overly broad matching of '--- ' prefix)
- Tighten is_valid_file_path: require '.' in suffix match to avoid
  matching single-char paths like 'a' or 'b'
- Addresses cora review findings (major x2)
- Extract basename from issue file path and compare against valid file basenames
- Prevents false matches like '.rs' matching 'main.rs'
Simplify to exact match — fuzzy matching introduces false positives.
The prompt now includes 'Valid files in this diff:' list so the LLM
should use those exact paths.
- Add ReviewSection and ScanSection to CoraFile schema
- Add response_format, review/scan system_prompt fields to Config
- Wire response_format to LLM API calls (chat_completion and streaming)
- Support custom system_prompt and system_prompt_file for review and scan
- Update all callers in review.rs, scan.rs, and llm.rs

Refs #92 #94
- Config defaults for new fields (response_format, prompt overrides)
- ReviewSection YAML parsing and merge (response_format, system_prompt, file)
- ScanSection YAML parsing and merge
- Full config file with both review and scan sections
- resolve_system_prompt priority logic (inline > file > none)
- system_prompt_file resolution from disk
- Missing file handling (returns None, logs warning)

Refs #92 #94
- Canonicalize path and check it's within project root (CWD)
- Block paths outside project root (e.g. /etc/shadow, ../../.env)
- Fix test to use project-local file instead of temp dir
- Add test for path traversal rejection

Addresses cora review finding: MAJOR arbitrary file read via config.

Security: prevents secret leakage through malicious .cora.yaml commits.
- Replace .ok()? with explicit match for canonicalize error
- Log debug message when file doesn't exist (intended behavior)
- Remove accidentally duplicated project_root line
Both the file path and project root are now canonicalized before comparison,
preventing potential bypass via symlinked project root components.

Addresses cora review finding: symlink bypass in path traversal guard.
Added:
- Custom system prompts via .cora.yaml config (#94)
- response_format: json_object opt-in (#92)
- File path injection into review prompts (#93)
- Post-parse file path filtering (#93)
- Enhanced default system prompts (#95)

Fixed:
- Path traversal in system_prompt_file (#92)
- Symlink bypass in path traversal guard
@coderabbitai

coderabbitai Bot commented Jun 1, 2026

Copy link
Copy Markdown

Warning

Review limit reached

@ajianaz, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 42 minutes and 14 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 7348bc6e-c693-4357-92ce-d0720d88cbdd

📥 Commits

Reviewing files that changed from the base of the PR and between 46ce8d2 and 946ba8a.

📒 Files selected for processing (7)
  • CHANGELOG.md
  • Cargo.toml
  • README.md
  • src/commands/scan.rs
  • src/config/schema.rs
  • src/engine/llm.rs
  • src/engine/review.rs
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch release/v0.1.6

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions

github-actions Bot commented Jun 1, 2026

Copy link
Copy Markdown

🔍 Cora AI Code Review

Blocked — critical issues found.

🔴 Error (3)

  • src/engine/review.rs:12 — The load_system_prompt_file function uses std::env::current_dir() to determine the project root. This is the process working directory, which may not be the actual project root (e.g., if the CLI is invoked from a subdirectory, or the working directory changes). The canonicalized path comparison could allow or deny files incorrectly. The project root should be explicitly passed in or derived from the config file location.
  • src/engine/review.rs:18 — While the code canonicalizes both the file path and the project root, a symlink inside the project root pointing outside would pass the starts_with check since the symlink itself is inside the project. However, canonicalize resolves the symlink, so the resolved target could be outside the project root. Wait — actually canonicalize on the file path resolves symlinks, so if a symlink inside the project points to /etc/passwd, canonical would be /etc/passwd which does NOT start with project_root. So this is actually fine. BUT: the reverse is also a concern — if the project root itself contains a symlink, canonicalize(&project_root) resolves it, but canonicalize(path) also resolves, so the comparison is consistent. This is actually handled correctly.

However, there's a TOCTOU issue: the canonicalization and the read happen at different times. An attacker could replace a valid file with a symlink between the check and the read.

  • src/engine/review.rs:261 — The is_valid_file_path function uses exact string comparison. LLMs may return file paths with slight variations (e.g., leading ./, different path separators, or relative vs absolute). This could cause legitimate issues to be filtered out. For example, the diff might contain src/main.rs but the LLM returns ./src/main.rs or src\main.rs on Windows.

Review powered by cora-cli · BYOK · MIT

@ajianaz
ajianaz merged commit 348a68f into develop Jun 1, 2026
14 checks passed
@ajianaz
ajianaz deleted the release/v0.1.6 branch June 1, 2026 06:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant