Compare commits
10 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 jiantw83
|
c7a2a3cfc7 | ||
|
jiantw83
|
cf8dd629b2 | ||
|
jiantw83
|
2c59ce1bc1 | ||
|
jiantw83
|
878d8a5bb4 | ||
 AI Review Bot
|
e9874e61fe | ||
|
jiantw83
|
940d03bc6e | ||
|
jiantw83
|
23ceb84073 | ||
|
AI Review Bot
|
c16e07bddd | ||
|
jiantw83
|
66a75f135f | ||
|
AI Review Bot
|
d73d360051 |
@@ -7,5 +7,10 @@
|
||||
{
|
||||
"location": "app/git.js",
|
||||
"suggestion": "GITEA_TOKEN 直接嵌入 URL 中"
|
||||
},
|
||||
{
|
||||
"role": "Rex",
|
||||
"location": "README.md",
|
||||
"suggestion": "contents: write、pull-requests: write、issues: write 為此 Action 正常運作所必要的權限"
|
||||
}
|
||||
]
|
||||
|
||||
@@ -1,51 +1 @@
|
||||
[
|
||||
{
|
||||
"level": "warning",
|
||||
"role": "Leo",
|
||||
"location": "README.md:50",
|
||||
"suggestion": "在 `2. OpenRouter` 的範例中,`with:` 區塊使用 `OPENAI_API_KEY` 參數來傳遞 `OPENROUTER_API_KEY` secret。雖然這可能是 `code-review` action 的設計,但 `OPENAI_API_KEY` 這個名稱可能會讓使用者誤解為只能用於 OpenAI。建議考慮在 `code-review` action 中提供更通用的 API key 參數(例如 `API_KEY` 或 `PROVIDER_API_KEY`),或針對 OpenRouter 提供專屬的參數(例如 `OPENROUTER_API_KEY`),以提高清晰度並減少使用者設定時的困惑。如果 action 無法修改,目前的說明已盡力澄清,但仍是一個潛在的混淆點。",
|
||||
"is_new": true
|
||||
},
|
||||
{
|
||||
"level": "warning",
|
||||
"role": "Zara",
|
||||
"location": "app/config.js:15",
|
||||
"suggestion": "將預設的 Gemini 模型從 `gemini-1.5-flash` 更新為 `gemini-2.5-flash`,這可能影響應用程式與 LLM 互動的效能和成本。建議在部署前,對 `gemini-2.5-flash` 模型進行詳細的效能基準測試,評估其在回應時間、處理速度、準確性及成本效益方面的表現,確保其符合應用程式的特定需求,並避免潛在的效能退化或不必要的成本增加。",
|
||||
"is_new": true
|
||||
},
|
||||
{
|
||||
"level": "warning",
|
||||
"role": "Rex",
|
||||
"location": ".gitea/workflows/review.yaml:33-40",
|
||||
"suggestion": "工作流程中授予了 `contents: write`, `pull-requests: write`, `issues: write` 等廣泛權限。特別是 `contents: write` 權限,若工作流程或其使用的 Action 存在漏洞,可能導致程式碼庫被惡意修改。建議審查這些權限是否都絕對必要,並遵循最小權限原則,僅授予工作流程執行所需的最少權限。",
|
||||
"is_new": true
|
||||
},
|
||||
{
|
||||
"level": "warning",
|
||||
"role": "Aria",
|
||||
"location": "app/config.js:15",
|
||||
"suggestion": "在 `app/config.js` 的 `checks` 陣列中,使用多個空格進行欄位對齊可能導致格式不一致且難以維護。建議改用單一空格分隔元素,或考慮將每個配置項重構為物件形式,以提升程式碼的可讀性與可維護性。",
|
||||
"is_new": true
|
||||
},
|
||||
{
|
||||
"level": "warning",
|
||||
"role": "Maya",
|
||||
"location": ".gitea/workflows/review.yaml",
|
||||
"suggestion": "工作流程已從使用 OpenAI 轉換為 Gemini。雖然這是一個配置變更,但應確保新的 LLM 整合能正常運作。建議在 CI/CD 中增加一個整合測試步驟,以驗證使用 Gemini 模型時,AI Code Review 功能是否能成功生成評論,例如檢查 PR 評論是否存在或特定輸出訊息。",
|
||||
"is_new": true
|
||||
},
|
||||
{
|
||||
"level": "warning",
|
||||
"role": "Maya",
|
||||
"location": "app/config.js:15",
|
||||
"suggestion": "預設的 `GEMINI_MODEL` 已從 `gemini-1.5-flash` 變更為 `gemini-2.5-flash`。請確保有對應的單元測試來驗證當 `process.env.GEMINI_MODEL` 未設定時,`getLLMConfig` 函數能正確回傳新的預設模型 `gemini-2.5-flash`。",
|
||||
"is_new": true
|
||||
},
|
||||
{
|
||||
"level": "info",
|
||||
"role": "Maya",
|
||||
"location": "app/config.js",
|
||||
"suggestion": "`getLLMConfig` 函數依賴於環境變數來配置 LLM。建議為此函數增加更全面的邊界條件測試,例如:\n1. 當只有部分 LLM 相關的環境變數被設定時(例如,只有 `GEMINI_API_KEY` 而沒有 `GEMINI_BASE_URL`)。\n2. 當沒有任何 LLM 相關的環境變數被設定時,確保函數能優雅地處理(例如,回傳 `null`、空物件或拋出特定錯誤)。\n3. 測試 API 金鑰為空字串的情況,確保其行為符合預期。",
|
||||
"is_new": true
|
||||
}
|
||||
]
|
||||
[]
|
||||
@@ -33,9 +33,9 @@ jobs:
|
||||
- name: AI Code Review
|
||||
uses: https://gitea.jsc.idv.tw/jiantw83/code-review@v${{ needs.version.outputs.version }}
|
||||
with:
|
||||
GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
|
||||
GEMINI_BASE_URL: https://generativelanguage.googleapis.com/v1beta
|
||||
GEMINI_MODEL: ${{ vars.GEMINI_MODEL }}
|
||||
OPENAI_API_KEY: ${{ secrets.OPENROUTER_API_KEY }} # OpenRouter 使用 OpenAI 相容介面,以 OPENAI_API_KEY 傳入
|
||||
OPENAI_BASE_URL: https://openrouter.ai/api/v1
|
||||
OPENAI_MODEL: ${{ vars.OPENROUTER_MODEL }}
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
|
||||
@@ -44,6 +44,7 @@ jobs:
|
||||
with:
|
||||
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
|
||||
OPENAI_BASE_URL: https://api.openai.com/v1
|
||||
OPENAI_MODEL: ${{ vars.OPENAI_MODEL }}
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
@@ -66,6 +67,7 @@ jobs:
|
||||
with:
|
||||
OPENAI_API_KEY: ${{ secrets.OPENROUTER_API_KEY }} # OpenRouter 使用 OpenAI 相容介面,以 OPENAI_API_KEY 傳入
|
||||
OPENAI_BASE_URL: https://openrouter.ai/api/v1
|
||||
OPENAI_MODEL: ${{ vars.OPENROUTER_MODEL }}
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
@@ -139,28 +141,6 @@ jobs:
|
||||
issues: write
|
||||
```
|
||||
|
||||
### 6. SonarQube
|
||||
```yaml
|
||||
name: AI
|
||||
on:
|
||||
pull_request:
|
||||
types: [opened, synchronize]
|
||||
jobs:
|
||||
code-review:
|
||||
name: 'Code Review'
|
||||
runs-on: ubuntu
|
||||
steps:
|
||||
- name: AI Code Review
|
||||
uses: https://gitea.jsc.idv.tw/jiantw83/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
|
||||
with:
|
||||
SONARQUBE_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
|
||||
SONARQUBE_URL: https://sonarqube.example.com
|
||||
permissions:
|
||||
contents: write
|
||||
pull-requests: write
|
||||
issues: write
|
||||
```
|
||||
|
||||
### - Ollama
|
||||
|
||||
```yaml
|
||||
@@ -176,7 +156,7 @@ jobs:
|
||||
- name: AI Code Review
|
||||
uses: https://gitea.jsc.idv.tw/jiantw83/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
|
||||
with:
|
||||
OLLAMA_BASE_URL: ${{ vars.OLLAMA_BASE_URL }}
|
||||
OLLAMA_BASE_URL: https://ollama.jsc.idv.me/v1
|
||||
OLLAMA_MODEL: ${{ vars.OLLAMA_MODEL }}
|
||||
permissions:
|
||||
contents: write
|
||||
|
||||
-58
@@ -72,53 +72,7 @@ inputs:
|
||||
description: 'Amazon Q Base URL'
|
||||
required: false
|
||||
|
||||
# SonarQube
|
||||
SONARQUBE_TOKEN:
|
||||
description: 'SonarQube Token'
|
||||
required: false
|
||||
SONARQUBE_URL:
|
||||
description: 'SonarQube URL'
|
||||
required: false
|
||||
|
||||
# Kilo Code
|
||||
KILO_API_KEY:
|
||||
description: 'Kilo Code API Key'
|
||||
required: false
|
||||
KILO_BASE_URL:
|
||||
description: 'Kilo Code Base URL'
|
||||
required: false
|
||||
|
||||
# Roo Code
|
||||
ROO_API_KEY:
|
||||
description: 'Roo Code API Key'
|
||||
required: false
|
||||
ROO_BASE_URL:
|
||||
description: 'Roo Code Base URL'
|
||||
required: false
|
||||
|
||||
# Cline
|
||||
CLINE_API_KEY:
|
||||
description: 'Cline API Key'
|
||||
required: false
|
||||
CLINE_BASE_URL:
|
||||
description: 'Cline Base URL'
|
||||
required: false
|
||||
|
||||
# Continue
|
||||
CONTINUE_API_KEY:
|
||||
description: 'Continue API Key'
|
||||
required: false
|
||||
CONTINUE_BASE_URL:
|
||||
description: 'Continue Base URL'
|
||||
required: false
|
||||
|
||||
# Kade
|
||||
KADE_API_KEY:
|
||||
description: 'Kade API Key'
|
||||
required: false
|
||||
KADE_BASE_URL:
|
||||
description: 'Kade Base URL'
|
||||
required: false
|
||||
|
||||
runs:
|
||||
using: 'docker'
|
||||
@@ -145,15 +99,3 @@ runs:
|
||||
OLLAMA_MODEL: ${{ inputs.OLLAMA_MODEL }}
|
||||
AMAZONQ_API_KEY: ${{ inputs.AMAZONQ_API_KEY }}
|
||||
AMAZONQ_BASE_URL: ${{ inputs.AMAZONQ_BASE_URL }}
|
||||
SONARQUBE_TOKEN: ${{ inputs.SONARQUBE_TOKEN }}
|
||||
SONARQUBE_URL: ${{ inputs.SONARQUBE_URL }}
|
||||
KILO_API_KEY: ${{ inputs.KILO_API_KEY }}
|
||||
KILO_BASE_URL: ${{ inputs.KILO_BASE_URL }}
|
||||
ROO_API_KEY: ${{ inputs.ROO_API_KEY }}
|
||||
ROO_BASE_URL: ${{ inputs.ROO_BASE_URL }}
|
||||
CLINE_API_KEY: ${{ inputs.CLINE_API_KEY }}
|
||||
CLINE_BASE_URL: ${{ inputs.CLINE_BASE_URL }}
|
||||
CONTINUE_API_KEY: ${{ inputs.CONTINUE_API_KEY }}
|
||||
CONTINUE_BASE_URL: ${{ inputs.CONTINUE_BASE_URL }}
|
||||
KADE_API_KEY: ${{ inputs.KADE_API_KEY }}
|
||||
KADE_BASE_URL: ${{ inputs.KADE_BASE_URL }}
|
||||
|
||||
@@ -15,11 +15,6 @@ export function getLLMConfig() {
|
||||
['gemini', process.env.GEMINI_API_KEY, process.env.GEMINI_BASE_URL || 'https://generativelanguage.googleapis.com/v1beta', process.env.GEMINI_MODEL || 'gemini-2.5-flash'],
|
||||
['ollama', 'ollama', process.env.OLLAMA_BASE_URL, process.env.OLLAMA_MODEL],
|
||||
['amazonq', process.env.AMAZONQ_API_KEY, process.env.AMAZONQ_BASE_URL || 'https://q.api.aws', process.env.AMAZONQ_MODEL || 'amazon-q'],
|
||||
['kilo', process.env.KILO_API_KEY, process.env.KILO_BASE_URL || 'https://api.kilocode.com/v1', process.env.KILO_MODEL || 'kilo-default'],
|
||||
['roo', process.env.ROO_API_KEY, process.env.ROO_BASE_URL || 'https://api.roocode.com/v1', process.env.ROO_MODEL || 'roo-default'],
|
||||
['cline', process.env.CLINE_API_KEY, process.env.CLINE_BASE_URL || 'https://api.cline.dev/v1', process.env.CLINE_MODEL || 'cline-default'],
|
||||
['continue', process.env.CONTINUE_API_KEY, process.env.CONTINUE_BASE_URL || 'https://api.continue.dev/v1', process.env.CONTINUE_MODEL || 'continue-default'],
|
||||
['kade', process.env.KADE_API_KEY, process.env.KADE_BASE_URL || 'https://api.kade.dev/v1', process.env.KADE_MODEL || 'kade-default'],
|
||||
];
|
||||
for (const [provider, key, baseURL, model] of checks) {
|
||||
if (key && baseURL) return { provider, apiKey: key, baseURL, model };
|
||||
|
||||
+2
-2
@@ -149,11 +149,11 @@ export async function filterFalsePositivesWithAI(findings) {
|
||||
|
||||
try {
|
||||
const result = await chatJSON(systemPrompt, userContent);
|
||||
if (Array.isArray(result)) {
|
||||
if (Array.isArray(result) && result.length > 0) {
|
||||
console.log(` AI 誤報過濾: ${findings.length} -> ${result.length} 筆`);
|
||||
return result;
|
||||
}
|
||||
throw new Error('AI 回傳非陣列');
|
||||
throw new Error('AI 回傳空陣列或非陣列');
|
||||
} catch (e) {
|
||||
const status = e.response?.status;
|
||||
if (status === 402 || status === 429) {
|
||||
|
||||
Reference in New Issue
Block a user