Skip to content

GH#18539: fix review-followup findings in new-task-helper.sh#18725

Merged
marcusquinn merged 1 commit intomainfrom
bugfix/GH-18539-new-task-helper-v2
Apr 13, 2026
Merged

GH#18539: fix review-followup findings in new-task-helper.sh#18725
marcusquinn merged 1 commit intomainfrom
bugfix/GH-18539-new-task-helper-v2

Conversation

@marcusquinn
Copy link
Copy Markdown
Owner

@marcusquinn marcusquinn commented Apr 13, 2026

Summary

Addresses all 4 actionable review bot findings from PR #18416 on .agents/scripts/new-task-helper.sh, re-applied against the post-refactor structure from #18724.

  1. HIGH — TODO.md insertion position: _append_todo_entry was appending to EOF with >>, landing new tasks after ## Done and TOON blocks. Now scans for ## Ready (falling back to ## Backlog), tracks the last - [ ] task line within that section, and inserts after it via awk. Empty-section, no-header (EOF fallback with warning), and Backlog-only cases are all handled.

  2. MEDIUM — Destructive # stripping: _read_titles_stream used ${line%%#*} which destroyed titles like "Fix bug feat(plan+): add granular bash permissions for file discovery #123" or "Add PR fix(worktree): prevent removal of unpushed branches and uncommitted changes #42 handler". Changed to skip only lines that START with # (after whitespace trim), preserving inline # references.

  3. MEDIUM — Redundant TODO.md check: The file existence check was inside _append_todo_entry (called once per task). Moved to cmd_batch — validated once before the allocation loop starts. _append_todo_entry now assumes the caller validated (documented in the header comment).

  4. MEDIUM — Suppressed stderr: 2>/dev/null on claim-task-id.sh hid auth failures, network errors, and lock contention. Removed so allocation diagnostics surface properly.

Why fresh PR instead of rebasing #18604

PR #18604 was created before two substantial refactors landed on main: #18724 (cmd_batch decomposed into focused helpers under 100 lines) and #18607+#18610 (post-merge-review-scanner.sh gained full inline bodies, file:line refs, [View inline comment] links, comprehensive Worker Guidance, and needs-maintainer-review gating). The rebase conflicts were too intrusive to resolve cleanly, and the scanner changes in #18604 were obsolete relative to current main. Closed #18604 with explanation; this PR applies just the 4 new-task-helper.sh fixes to the current refactored structure, no obsolete scanner changes.

Bash regex fix

While implementing, hit Bash Pitfall #46 — inline regex with backslash-brackets (\\[[[:space:]]\\]) parses ambiguously against POSIX char classes. Moved all three regexes (header_re, next_header_re, task_re) into variables, per the standard workaround. Smoke-tested with 4 TODO.md layouts (populated Ready, Backlog fallback, empty section, no matching header).

Files Changed

.agents/scripts/new-task-helper.sh

Runtime Testing

  • Risk level: Low (agent prompts / infrastructure scripts)
  • Verification: - shellcheck .agents/scripts/new-task-helper.sh — clean
  • bash -n syntax check — clean
  • Unit smoke tests for _append_todo_entry: Ready/Backlog/empty-section/EOF-fallback all pass
  • Unit smoke test for _read_titles_stream: inline #123, #42, #issue-18539 all preserved; full-line and indented # comments all skipped
  • End-to-end batch --dry-run against a throwaway repo: allocates, prints summary, preserves inline # in titles
  • Missing TODO.md check fires with clear error and exit 1

Risk: low (batch task creation helper, no critical paths, planning-only script)
Verification: self-assessed

Resolves #18539

aidevops.sh v3.8.8 plugin for OpenCode v1.4.3 with claude-opus-4-6 spent 10m and 1,175 tokens on this as a headless worker.

@marcusquinn marcusquinn added the origin:interactive Auto-created from TODO.md tag label Apr 13, 2026
@marcusquinn
Copy link
Copy Markdown
Owner Author

marcusquinn commented Apr 13, 2026

Completion Summary

  1. HIGH — TODO.md insertion position: _append_todo_entry was appending to EOF with >>, landing new tasks after ## Done and TOON blocks. Now scans for ## Ready (falling back to ## Backlog), tracks the last - [ ] task line within that section, and inserts after it via awk. Empty-section, no-header (EOF fallback with warning), and Backlog-only cases are all handled.

  2. MEDIUM — Destructive # stripping: _read_titles_stream used ${line%%#*} which destroyed titles like "Fix bug feat(plan+): add granular bash permissions for file discovery #123" or "Add PR fix(worktree): prevent removal of unpushed branches and uncommitted changes #42 handler". Changed to skip only lines that START with # (after whitespace trim), preserving inline # references.

  3. MEDIUM — Redundant TODO.md check: The file existence check was inside _append_todo_entry (called once per task). Moved to cmd_batch — validated once before the allocation loop starts. _append_todo_entry now assumes the caller validated (documented in the header comment).

  4. MEDIUM — Suppressed stderr: 2>/dev/null on claim-task-id.sh hid auth failures, network errors, and lock contention. Removed so allocation diagnostics surface properly.

Why fresh PR instead of rebasing #18604

PR #18604 was created before two substantial refactors landed on main: #18724 (cmd_batch decomposed into focused helpers under 100 lines) and #18607+#18610 (post-merge-review-scanner.sh gained full inline bodies, file:line refs, [View inline comment] links, comprehensive Worker Guidance, and needs-maintainer-review gating). The rebase conflicts were too intrusive to resolve cleanly, and the scanner changes in #18604 were obsolete relative to current main. Closed #18604 with explanation; this PR applies just the 4 new-task-helper.sh fixes to the current refactored structure, no obsolete scanner changes.

Bash regex fix

While implementing, hit Bash Pitfall #46 — inline regex with backslash-brackets (\\[[[:space:]]\\]) parses ambiguously against POSIX char classes. Moved all three regexes (header_re, next_header_re, task_re) into variables, per the standard workaround. Smoke-tested with 4 TODO.md layouts (populated Ready, Backlog fallback, empty section, no matching header).

Risk: low (batch task creation helper, no critical paths, planning-only script)
Verification: self-assessed

Chose variable regexes over inline ones because inline ^-[[:space:]]\\[[[:space:]]\\] parsed ambiguously in bash's ERE handler (matched in isolation, failed in the loop context — a well-known bash gotcha). Variable regexes are the standard workaround.

@gemini-code-assist
Copy link
Copy Markdown

gemini-code-assist bot commented Apr 13, 2026

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Apr 13, 2026
edited
Loading

Important

Review skipped

Auto reviews are limited based on label configuration.

🚫 Review skipped — only excluded labels are configured. (1)
  • no-review

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: d61201f7-779b-4ad4-a882-c1fb61047fb4

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch bugfix/GH-18539-new-task-helper-v2

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions github-actions bot added the bug Auto-created from TODO.md tag label Apr 13, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 13, 2026

🔍 Code Quality Report

�[0;35m[MONITOR]�[0m Code Review Monitoring Report

SonarCloud: 0 bugs, 0 vulnerabilities, 226 code smells

Mon Apr 13 21:09:37 UTC 2026: Code review monitoring started
Mon Apr 13 21:09:37 UTC 2026: SonarCloud - Bugs: 0, Vulnerabilities: 0, Code Smells: 226

📈 Current Quality Metrics

  • BUGS: 0
  • CODE SMELLS: 226
  • VULNERABILITIES: 0

Generated on: Mon Apr 13 21:09:40 UTC 2026

Generated by AI DevOps Framework Code Review Monitoring

@alex-solovyev alex-solovyev mentioned this pull request Apr 13, 2026
Open
@codacy-production
Copy link
Copy Markdown

codacy-production bot commented Apr 13, 2026

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

TIP This summary will be updated as you push new changes. Give us feedback

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 13, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@marcusquinn marcusquinn merged commit 18c5bf6 into main Apr 13, 2026
42 checks passed
@marcusquinn marcusquinn deleted the bugfix/GH-18539-new-task-helper-v2 branch April 13, 2026 21:18
This was referenced Apr 13, 2026
Closed
Closed
marcusquinn added a commit that referenced this pull request Apr 13, 2026
@marcusquinn
feat(full-loop): add --admin/--auto pass-through to cmd_merge (GH#18731)
c380781 
Extends cmd_merge arg parser to accept --admin and --auto flags and
pass them through to gh pr merge. Enables workers and interactive
sessions to use gh's native branch-protection escape hatches without
bypassing the sanctioned merge wrapper.

Design:
- Explicit --admin / --auto skip the error-retry fallback (intent is
  already set; retrying --admin when --admin was requested is a no-op,
  retrying --admin when --auto was requested would clobber queue intent).
- No-flag path preserves the GH#18538 / PR #18748 / PR #18750 branch-
  protection error-retry fallback verbatim.
- --auto success reports 'queued for auto-merge' (correct semantics:
  gh doesn't merge now, it queues when required checks pass).
- Bash 3.2 safe: empty array expansion uses ${arr[@]+"${arr[@]}"} —
  plain "${arr[@]}" under set -u raises 'unbound variable' on macOS
  default bash.

Verification:
- shellcheck clean (SC1091 info only, pre-existing source directive).
- bash -n syntax clean.
- 21/21 runtime assertions pass in /tmp/test-cmd-merge-parsing.sh covering:
  * bash 3.2 empty-array crash regression
  * --admin, --auto, --admin --auto, --rebase --admin pass-through
  * --admin failure suppresses retry (no duplicate gh call)
  * no-flag branch-protection failure still triggers fallback (#18748/#18750)
  * unknown flag rejection
- show_help usage line updated.

Closes #18731.
Context: #18725 (fix that surfaced this), t1382 review bot gate,
GH#17541 sanctioned merge path, #18748 (--admin fallback), #18750
(set -e capture fix), #18732 (superseded stale PR on same branch).
marcusquinn added a commit that referenced this pull request Apr 13, 2026
@marcusquinn
feat(full-loop): add --admin/--auto pass-through to cmd_merge (GH#187…
2adba5f 
…31) (#18757)

Extends cmd_merge arg parser to accept --admin and --auto flags and
pass them through to gh pr merge. Enables workers and interactive
sessions to use gh's native branch-protection escape hatches without
bypassing the sanctioned merge wrapper.

Design:
- Explicit --admin / --auto skip the error-retry fallback (intent is
  already set; retrying --admin when --admin was requested is a no-op,
  retrying --admin when --auto was requested would clobber queue intent).
- No-flag path preserves the GH#18538 / PR #18748 / PR #18750 branch-
  protection error-retry fallback verbatim.
- --auto success reports 'queued for auto-merge' (correct semantics:
  gh doesn't merge now, it queues when required checks pass).
- Bash 3.2 safe: empty array expansion uses ${arr[@]+"${arr[@]}"} —
  plain "${arr[@]}" under set -u raises 'unbound variable' on macOS
  default bash.

Verification:
- shellcheck clean (SC1091 info only, pre-existing source directive).
- bash -n syntax clean.
- 21/21 runtime assertions pass in /tmp/test-cmd-merge-parsing.sh covering:
  * bash 3.2 empty-array crash regression
  * --admin, --auto, --admin --auto, --rebase --admin pass-through
  * --admin failure suppresses retry (no duplicate gh call)
  * no-flag branch-protection failure still triggers fallback (#18748/#18750)
  * unknown flag rejection
- show_help usage line updated.

Closes #18731.
Context: #18725 (fix that surfaced this), t1382 review bot gate,
GH#17541 sanctioned merge path, #18748 (--admin fallback), #18750
(set -e capture fix), #18732 (superseded stale PR on same branch).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bug Auto-created from TODO.md tag origin:interactive Auto-created from TODO.md tag

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Review followup: PR #18416 — GH#18411: guard cmd_enrich body writes with sentinel+content-diff gate; add --batch mode to /new-task

1 participant

@marcusquinn