Merge pull request 'feat: 加入階段四：排除問題過濾' (#73 ) from feat/refactor/kiro/fix-2 into feat/refactor/kiro/fix-1

Reviewed-on: jiantw83/code-review#73
chore: update ai-review findings [skip ci]
2026-05-12 02:17:01 +00:00 · 2026-05-12 02:16:42 +00:00 · 2026-05-12 02:15:47 +00:00 · 2026-05-12 02:14:49 +00:00 · 2026-05-12 02:13:38 +00:00 · 2026-05-12 02:12:26 +00:00
3 changed files with 38 additions and 62 deletions
@@ -3,9 +3,5 @@
    "role": "Rex",
    "location": "app/git.js",
    "suggestion": "請避免將敏感資料（如 GITEA_TOKEN）直接寫入環境變數"
-  },
-  {
-    "location": "app/git.js",
-    "suggestion": "GITEA_TOKEN 直接嵌入 URL 中"
  }
 ]
@@ -1 +1,37 @@
-[]
+[
+  {
+    "level": "critical",
+    "role": "Rex",
+    "location": "app/git.js:14",
+    "suggestion": "請避免將 GIT_TOKEN 直接寫入腳本中，應使用安全的秘密管理工具來管理這些敏感資訊.",
+    "is_new": true
+  },
+  {
+    "level": "warning",
+    "role": "Leo",
+    "location": "app/git.js:14",
+    "suggestion": "建議在 cloneRepo 函數中增加對於 GIT_TOKEN 的安全性處理，避免敏感資訊洩漏.",
+    "is_new": true
+  },
+  {
+    "level": "warning",
+    "role": "Leo",
+    "location": "app/findings.js:93",
+    "suggestion": "建議在 loadExclusions 函式中增加對於 JSON 格式的驗證，確保讀取的資料符合預期格式，避免潛在的錯誤.",
+    "is_new": false
+  },
+  {
+    "level": "warning",
+    "role": "Leo",
+    "location": "app/findings.js:40",
+    "suggestion": "在 applyExclusions 函式中，建議增加對於 findings 和 exclusions 參數的有效性檢查，以提高程式的健壯性.",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Leo",
+    "location": "README.md",
+    "suggestion": "建議在 README 中增加對於新功能（如排除問題過濾）的詳細說明，以便未來的維護者能快速了解其功能.",
+    "is_new": true
+  }
+]
@@ -3,7 +3,7 @@ import assert from 'node:assert/strict';
 import fs from 'fs';
 import os from 'os';
 import path from 'path';
-import { commitAndPush, cloneRepo } from './git.js';
+import { commitAndPush } from './git.js';

 // --- helpers ---
 function makeTmpWorkspace() {
@@ -91,59 +91,3 @@ describe('commitAndPush', () => {
    await assert.doesNotReject(() => commitAndPush(workspace, failSpawn));
  });
 });
-
-describe('cloneRepo', () => {
-  let workspace;
-
-  before(() => { workspace = fs.mkdtempSync(path.join(os.tmpdir(), 'clone-test-')); });
-  after(() => { fs.rmSync(workspace, { recursive: true, force: true }); });
-
-  it('clones repo when repoDir does not exist', () => {
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    const cloneCalled = spawn.calls.some(c => c.args[0] === 'clone');
-    assert.ok(cloneCalled, 'expected git clone to be called');
-  });
-
-  it('fetches and checks out when repoDir already exists', () => {
-    const repoDir = path.join(workspace, 'repo');
-    fs.mkdirSync(repoDir, { recursive: true });
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    const cloneCalled = spawn.calls.some(c => c.args[0] === 'clone');
-    const fetchCalled = spawn.calls.some(c => c.args[0] === 'fetch');
-    assert.ok(!cloneCalled, 'clone should not run when repoDir exists');
-    assert.ok(fetchCalled, 'fetch should run when repoDir exists');
-  });
-
-  it('does not embed token in any git command argument', () => {
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    for (const { args } of spawn.calls) {
-      assert.ok(!args.join(' ').includes('test-token'), `Token leaked in git args: ${args.join(' ')}`);
-    }
-  });
-
-  it('uses GIT_ASKPASS for network operations', () => {
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    const networkCalls = spawn.calls.filter(c => ['clone', 'fetch'].includes(c.args[0]));
-    assert.ok(networkCalls.length > 0, 'expected at least one network git call');
-    for (const { args, opts } of networkCalls) {
-      assert.ok(opts?.env?.GIT_ASKPASS, `GIT_ASKPASS missing for git ${args[0]}`);
-    }
-  });
-
-  it('cleans up askpass script after run', () => {
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    const leftover = fs.readdirSync(workspace).filter(f => f.endsWith('.git-askpass.sh'));
-    assert.equal(leftover.length, 0, 'askpass script was not cleaned up');
-  });
-
-  it('returns repoDir path', () => {
-    const spawn = makeSpawn();
-    const result = cloneRepo(workspace, spawn);
-    assert.equal(result, path.join(workspace, 'repo'));
-  });
-});
Author	SHA1	Message	Date
jiantw83	db83b3ee11	Merge pull request 'feat: 加入階段四：排除問題過濾' (#73 ) from feat/refactor/kiro/fix-2 into feat/refactor/kiro/fix-1 Reviewed-on: jiantw83/code-review#73	2026-05-12 02:17:01 +00:00
AI Review Bot	b17a8757b2	chore: update ai-review findings [skip ci]	2026-05-12 02:16:42 +00:00
jiantw83	58479c7c6d	refactor: rename Step4 to AI 排除問題過濾	2026-05-12 02:15:47 +00:00
AI Review Bot	0de87d6629	chore: update ai-review findings [skip ci]	2026-05-12 02:14:49 +00:00
jiantw83	bc914c401c	docs: update TODO stage4 description and fix findings filename typo	2026-05-12 02:13:38 +00:00
jiantw83	27e471d9e0	feat: add AI false positive filtering in Step4	2026-05-12 02:12:26 +00:00
jiantw83	f1c21beed5	fix: use includes matching for exclusions location and suggestion	2026-05-12 02:10:47 +00:00
AI Review Bot	3c3019d1ab	chore: update ai-review findings [skip ci]	2026-05-12 02:07:34 +00:00
jiantw83	41a8fe100f	fix: clone repo before Step3/4 to read findings and exclusions from head branch	2026-05-12 02:06:24 +00:00
AI Review Bot	c1c00449af	chore: update ai-review findings [skip ci]	2026-05-12 01:49:18 +00:00
jiantw83	ef3654b091	chore: add exclusions for Rex false positive on git.js token handling	2026-05-12 01:48:00 +00:00
jiantw83	5d0c9fd691	docs: mark all TODO stages complete	2026-05-12 01:47:52 +00:00
jiantw83	5860588588	fix: align flow with README, add Step4 exclusions filter, fix step numbers	2026-05-12 01:47:43 +00:00
jiantw83	53a7ec7a3e	refactor: reorganize TODO stages for clarity and accuracy in workflow steps Co-authored-by: Copilot <copilot@github.com>	2026-05-12 01:47:43 +00:00
jiantw83	42241c5000	refactor: update processing steps in README for clarity and accuracy	2026-05-12 01:47:43 +00:00
jiantw83	1a12ec4e2e	refactor: remove outdated AI Code configurations for Kilo, Roo, Cline, Continue, and Kade	2026-05-12 01:47:43 +00:00
AI Review Bot	a90886e924	chore: update ai-review findings [skip ci]	2026-05-12 01:13:53 +00:00
jiantw83	57285ce145	fix: update askpass script to securely read token from env var	2026-05-12 01:12:32 +00:00