docs: update TODO stage4 description and fix findings filename typo

feat: add AI false positive filtering in Step4
fix: use includes matching for exclusions location and suggestion
2026-05-12 02:13:38 +00:00 · 2026-05-12 02:12:26 +00:00 · 2026-05-12 02:10:47 +00:00 · 2026-05-12 02:07:34 +00:00 · 2026-05-12 02:06:24 +00:00 · 2026-05-12 01:49:18 +00:00
12 changed files with 256 additions and 217 deletions
@@ -3,14 +3,5 @@
    "role": "Rex",
    "location": "app/git.js",
    "suggestion": "請避免將敏感資料（如 GITEA_TOKEN）直接寫入環境變數"
-  },
-  {
-    "location": "app/git.js",
-    "suggestion": "GITEA_TOKEN 直接嵌入 URL 中"
-  },
-  {
-    "role": "Rex",
-    "location": "README.md",
-    "suggestion": "contents: write、pull-requests: write、issues: write 為此 Action 正常運作所必要的權限"
  }
 ]
@@ -1 +1,149 @@
-[]
+[
+  {
+    "level": "critical",
+    "role": "Rex",
+    "location": "app/git.js:14",
+    "suggestion": "請避免將敏感資料（如 GITEA_TOKEN）直接寫入程式碼，應使用安全的秘密管理工具來管理這些敏感資訊。",
+    "is_new": true
+  },
+  {
+    "level": "warning",
+    "role": "Rex",
+    "location": "app/git.js:14",
+    "suggestion": "在 cloneRepo 函數中，請確保 GIT_TOKEN 不會被寫入到檔案系統中，避免敏感資訊洩漏。",
+    "is_new": true
+  },
+  {
+    "level": "warning",
+    "role": "Leo",
+    "location": "app/findings.js:93",
+    "suggestion": "建議在 loadExclusions 函式中增加對於 JSON 格式的驗證，確保讀取的資料符合預期格式，避免潛在的錯誤。",
+    "is_new": false
+  },
+  {
+    "level": "warning",
+    "role": "Leo",
+    "location": "app/findings.js:40",
+    "suggestion": "在 applyExclusions 函式中，建議增加對於 findings 和 exclusions 參數的有效性檢查，以提高程式的健壯性。",
+    "is_new": false
+  },
+  {
+    "level": "warning",
+    "role": "Zara",
+    "location": "app/findings.js:40",
+    "suggestion": "在 applyExclusions 函數中，使用 Array.prototype.some 進行過濾時，可能會導致性能問題，特別是當 findings 和 exclusions 的數量都很大時。建議使用更高效的資料結構（如 HashSet）來加速查詢。",
+    "is_new": false
+  },
+  {
+    "level": "warning",
+    "role": "Aria",
+    "location": "README.md:4",
+    "suggestion": "建議將「讀取排除問題檔案，用來過濾PR問題表格中不需要處理的問題」的描述改為「讀取排除問題檔案，過濾 PR 問題表格中不需要處理的問題」，以保持一致性。",
+    "is_new": false
+  },
+  {
+    "level": "warning",
+    "role": "Maya",
+    "location": "app/findings.js:40",
+    "suggestion": "建議在 applyExclusions 函數中增加對 findings 內容的驗證，確保其格式正確，以提高測試的穩定性和可靠性。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Leo",
+    "location": "README.md",
+    "suggestion": "建議在 README 中增加對於新功能（如排除問題過濾）的詳細說明，以便未來的維護者能快速了解其功能。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Leo",
+    "location": "app/main.js",
+    "suggestion": "建議在 main 函式中增加對於每個步驟的詳細註解，讓未來的維護者能更容易理解程式邏輯。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Zara",
+    "location": "app/findings.js:39",
+    "suggestion": "在過濾 findings 時，建議將過濾條件的邏輯提取為獨立函數，以提高可讀性和可維護性。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Zara",
+    "location": "app/main.js:64",
+    "suggestion": "在讀取排除問題檔案時，建議考慮使用非同步方法（如 fs.promises.readFile）來避免阻塞事件循環，提升效能。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Aria",
+    "location": "README.md:8",
+    "suggestion": "建議將「如果PR問題表格中有嚴重問題，則不要讓 workflow 執行成功(exit 1)」的描述改為「如果 PR 問題表格中有嚴重問題，則不要讓 workflow 執行成功（exit 1）」以提高可讀性。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Aria",
+    "location": "TODO.md:4",
+    "suggestion": "建議將「階段四：findings 寫入與 comment 發布」的標題改為「階段四：排除問題過濾」，以更清楚地反映內容。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Aria",
+    "location": "TODO.md:6",
+    "suggestion": "建議將「階段五：findings 寫入與 comment 發布」的標題改為「階段五：findings 寫入與 comment 發布」，以保持一致性。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Aria",
+    "location": "TODO.md:8",
+    "suggestion": "建議將「階段六：記憶區 commit/push 與錯誤處理」的標題改為「階段六：記憶區 commit/push 與錯誤處理」，以保持一致性。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Aria",
+    "location": "TODO.md:10",
+    "suggestion": "建議將「階段七：阻擋嚴重問題 PR（第 8 點）」的標題改為「階段七：阻擋嚴重問題 PR（第 8 點）」以保持一致性。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Aria",
+    "location": "app/config.js",
+    "suggestion": "建議在 EXCLUSIONS_PATH 的定義上方添加註解，說明該常數的用途，以提高可讀性。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Aria",
+    "location": "app/findings.js",
+    "suggestion": "建議在 loadExclusions 函數的開頭添加註解，說明該函數的用途，以提高可讀性。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Aria",
+    "location": "app/findings.js",
+    "suggestion": "建議在 applyExclusions 函數的開頭添加註解，說明該函數的用途，以提高可讀性。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Maya",
+    "location": "app/findings.js:7",
+    "suggestion": "建議為 loadExclusions 和 applyExclusions 函數撰寫單元測試，以確保其功能正確並能處理邊界條件。",
+    "is_new": false
+  },
+  {
+    "level": "info",
+    "role": "Maya",
+    "location": "app/main.js:48",
+    "suggestion": "建議在每個主要步驟之後增加測試用例，以驗證每個步驟的輸出是否符合預期。",
+    "is_new": false
+  }
+]
@@ -33,9 +33,8 @@ jobs:
    - name: AI Code Review
      uses: https://gitea.jsc.idv.tw/jiantw83/code-review@v${{ needs.version.outputs.version }}
      with:
-        OPENAI_API_KEY: ${{ secrets.OPENROUTER_API_KEY }}  # OpenRouter 使用 OpenAI 相容介面，以 OPENAI_API_KEY 傳入
+        OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
        OPENAI_BASE_URL: https://openrouter.ai/api/v1
-        OPENAI_MODEL: ${{ vars.OPENROUTER_MODEL }}
    permissions:
      contents: write
      pull-requests: write
@@ -6,8 +6,8 @@

 1. 服務名稱、模型名稱、角色資訊(個性、符合個性的英文名稱、工作內容)，Comment 到 Push Request
 2. 每個角色個別分析 Git Diff 的內容產生新問題表格(問題等級、角色名稱、問題位置或行數、修改建議)
-3. 讀取所有未解決的舊問題(問題檔案 `.gitea/ai-review/findings.json` 存在於使用此 Action 的專案固定位置)加上新問題後，去除重複產生本次 Push Request 的問題表格(PR問題表格)覆蓋問題檔案
-4. 讀取排除問題檔案(`.gitea/ai-review/exclusions.json` 存在於使用此 Action 的專案固定位置)，用來過濾PR問題表格中不需要處理的問題
+3. 讀取所有未解決的舊問題(問題檔案存在於使用此 Action 的專案固定位置)加上新問題後，去除重複產生本次 Push Request 的問題表格(PR問題表格)覆蓋問題檔案
+4. 讀取排除問題檔案，用來過濾PR問題表格中不需要處理的問題
 5. 從PR問題表格中取出所有舊問題，依照等級排序後 Comment 到 Push Request
 6. 從PR問題表格中取出所有新問題，排除嚴重等級的問題後 Comment 到 Push Request
 7. 從PR問題表格中取出所有新問題，將每個嚴重等級的問題 Comment 到 Push Request
@@ -28,7 +28,7 @@
 2. 在 `.gitea/workflows` 資料夾中建立 `ai-review.yaml'
 3. 在 `ai-review.yaml` 中填入以下內容(選擇一個使用)：

-### 1. OpenAI
+### 1. OpenAI（OpenRouter）
 ```yaml
 name: AI
 on:
@@ -42,39 +42,17 @@ jobs:
    - name: AI Code Review
      uses: https://gitea.jsc.idv.tw/jiantw83/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
      with:
+        # Github (h3285@evertrust.com.tw)
+        # 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
        OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-        OPENAI_BASE_URL: https://api.openai.com/v1
-        OPENAI_MODEL: ${{ vars.OPENAI_MODEL }}
-    permissions:
-      contents: write
-      pull-requests: write
-      issues: write
-```
-
-### 2. OpenRouter
-```yaml
-name: AI
-on:
-  pull_request:
-    types: [opened, synchronize]
-jobs:
-  code-review:
-    name: 'Code Review'
-    runs-on: ubuntu
-    steps:
-    - name: AI Code Review
-      uses: https://gitea.jsc.idv.tw/jiantw83/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
-      with:
-        OPENAI_API_KEY: ${{ secrets.OPENROUTER_API_KEY }}  # OpenRouter 使用 OpenAI 相容介面，以 OPENAI_API_KEY 傳入
        OPENAI_BASE_URL: https://openrouter.ai/api/v1
-        OPENAI_MODEL: ${{ vars.OPENROUTER_MODEL }}
    permissions:
      contents: write
      pull-requests: write
      issues: write
 ```

-### 3. Anthropic Claude
+### 2. Anthropic Claude
 ```yaml
 name: AI
 on:
@@ -96,7 +74,7 @@ jobs:
      issues: write
 ```

-### 4. Google Gemini
+### 3. Google Gemini
 ```yaml
 name: AI
 on:
@@ -112,14 +90,13 @@ jobs:
      with:
        GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
        GEMINI_BASE_URL: https://generativelanguage.googleapis.com/v1beta
-        GEMINI_MODEL: ${{ vars.GEMINI_MODEL }}
    permissions:
      contents: write
      pull-requests: write
      issues: write
 ```

-### 5. Amazon Q
+### 4. Amazon Q
 ```yaml
 name: AI
 on:
@@ -141,6 +118,28 @@ jobs:
      issues: write
 ```

+### 5. SonarQube
+```yaml
+name: AI
+on:
+  pull_request:
+    types: [opened, synchronize]
+jobs:
+  code-review:
+    name: 'Code Review'
+    runs-on: ubuntu
+    steps:
+    - name: AI Code Review
+      uses: https://gitea.jsc.idv.tw/jiantw83/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
+      with:
+        SONARQUBE_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+        SONARQUBE_URL: https://sonarqube.example.com
+    permissions:
+      contents: write
+      pull-requests: write
+      issues: write
+```
+
 ### - Ollama

 ```yaml
@@ -156,7 +155,7 @@ jobs:
    - name: AI Code Review
        uses: https://gitea.jsc.idv.tw/jiantw83/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
        with:
-          OLLAMA_BASE_URL: https://ollama.jsc.idv.me/v1
+          OLLAMA_BASE_URL: ${{ vars.OLLAMA_BASE_URL }}
          OLLAMA_MODEL: ${{ vars.OLLAMA_MODEL }}
    permissions:
      contents: write
@@ -15,14 +15,14 @@
 - 驗收：log 中能看到 deduplication/resolution confirmation 成功或失敗（如 402），降級時有「保留所有問題」等明確訊息。
 - 完成

-## 階段四：AI 排除問題過濾
- 目標：讀取排除問題檔案（`.gitea/ai-review/exclusions.json`）進行規則過濾，並呼叫 AI 判斷剩餘問題是否為誤報或不適用，兩層過濾後產生最終問題清單。
+## 階段四：排除問題過濾
+- 目標：讀取排除問題檔案（exclusions.json）進行規則過濾，並呼叫 AI 判斷剩餘問題是否為誤報或不適用，兩層過濾後產生最終問題清單。
 - 驗收：log 中能看到排除問題檔案讀取成功或不存在的訊息、規則過濾數量變化，以及「AI 誤報過濾: N -> M 筆」或降級訊息。
 - 完成

 ## 階段五：findings 寫入與 comment 發布
- 目標：`.gitea/ai-review/findings.json` 正確寫入，comment 發布順序正確（舊問題→非嚴重→嚴重），每步有 log。
- 驗收：log 中能看到 `.gitea/ai-review/findings.json` 寫入、comment sync 的詳細訊息與順序。
+- 目標：findings.jsonl 正確寫入，comment 發布順序正確（舊問題→非嚴重→嚴重），每步有 log。
+- 驗收：log 中能看到 findings.json 寫入、comment sync 的詳細訊息與順序。
 - 完成

 ## 階段六：記憶區 commit/push 與錯誤處理
@@ -72,7 +72,53 @@ inputs:
    description: 'Amazon Q Base URL'
    required: false

+  # SonarQube
+  SONARQUBE_TOKEN:
+    description: 'SonarQube Token'
+    required: false
+  SONARQUBE_URL:
+    description: 'SonarQube URL'
+    required: false

+  # Kilo Code
+  KILO_API_KEY:
+    description: 'Kilo Code API Key'
+    required: false
+  KILO_BASE_URL:
+    description: 'Kilo Code Base URL'
+    required: false
+
+  # Roo Code
+  ROO_API_KEY:
+    description: 'Roo Code API Key'
+    required: false
+  ROO_BASE_URL:
+    description: 'Roo Code Base URL'
+    required: false
+
+  # Cline
+  CLINE_API_KEY:
+    description: 'Cline API Key'
+    required: false
+  CLINE_BASE_URL:
+    description: 'Cline Base URL'
+    required: false
+
+  # Continue
+  CONTINUE_API_KEY:
+    description: 'Continue API Key'
+    required: false
+  CONTINUE_BASE_URL:
+    description: 'Continue Base URL'
+    required: false
+
+  # Kade
+  KADE_API_KEY:
+    description: 'Kade API Key'
+    required: false
+  KADE_BASE_URL:
+    description: 'Kade Base URL'
+    required: false

 runs:
  using: 'docker'
@@ -99,3 +145,15 @@ runs:
    OLLAMA_MODEL: ${{ inputs.OLLAMA_MODEL }}
    AMAZONQ_API_KEY: ${{ inputs.AMAZONQ_API_KEY }}
    AMAZONQ_BASE_URL: ${{ inputs.AMAZONQ_BASE_URL }}
+    SONARQUBE_TOKEN: ${{ inputs.SONARQUBE_TOKEN }}
+    SONARQUBE_URL: ${{ inputs.SONARQUBE_URL }}
+    KILO_API_KEY: ${{ inputs.KILO_API_KEY }}
+    KILO_BASE_URL: ${{ inputs.KILO_BASE_URL }}
+    ROO_API_KEY: ${{ inputs.ROO_API_KEY }}
+    ROO_BASE_URL: ${{ inputs.ROO_BASE_URL }}
+    CLINE_API_KEY: ${{ inputs.CLINE_API_KEY }}
+    CLINE_BASE_URL: ${{ inputs.CLINE_BASE_URL }}
+    CONTINUE_API_KEY: ${{ inputs.CONTINUE_API_KEY }}
+    CONTINUE_BASE_URL: ${{ inputs.CONTINUE_BASE_URL }}
+    KADE_API_KEY: ${{ inputs.KADE_API_KEY }}
+    KADE_BASE_URL: ${{ inputs.KADE_BASE_URL }}
@@ -12,9 +12,14 @@ export function getLLMConfig() {
  const checks = [
    ['openai',   process.env.OPENAI_API_KEY,   process.env.OPENAI_BASE_URL || 'https://api.openai.com/v1',   process.env.OPENAI_MODEL || 'gpt-4o-mini'],
    ['claude',   process.env.CLAUDE_API_KEY,   process.env.CLAUDE_BASE_URL || 'https://api.anthropic.com/v1', process.env.CLAUDE_MODEL || 'claude-3-haiku-20240307'],
-    ['gemini',   process.env.GEMINI_API_KEY,   process.env.GEMINI_BASE_URL || 'https://generativelanguage.googleapis.com/v1beta', process.env.GEMINI_MODEL || 'gemini-2.5-flash'],
+    ['gemini',   process.env.GEMINI_API_KEY,   process.env.GEMINI_BASE_URL || 'https://generativelanguage.googleapis.com/v1beta', process.env.GEMINI_MODEL || 'gemini-1.5-flash'],
    ['ollama',   'ollama',                      process.env.OLLAMA_BASE_URL,  process.env.OLLAMA_MODEL],
-    ['amazonq',  process.env.AMAZONQ_API_KEY,  process.env.AMAZONQ_BASE_URL  || 'https://q.api.aws',              process.env.AMAZONQ_MODEL  || 'amazon-q'],
+    ['amazonq',  process.env.AMAZONQ_API_KEY,  process.env.AMAZONQ_BASE_URL || 'https://q.api.aws', process.env.OPENAI_MODEL || 'amazon-q'],
+    ['kilo',     process.env.KILO_API_KEY,     process.env.KILO_BASE_URL || 'https://api.kilocode.com/v1', process.env.OPENAI_MODEL || 'kilo-default'],
+    ['roo',      process.env.ROO_API_KEY,      process.env.ROO_BASE_URL || 'https://api.roocode.com/v1', process.env.OPENAI_MODEL || 'roo-default'],
+    ['cline',    process.env.CLINE_API_KEY,    process.env.CLINE_BASE_URL || 'https://api.cline.dev/v1', process.env.OPENAI_MODEL || 'cline-default'],
+    ['continue', process.env.CONTINUE_API_KEY, process.env.CONTINUE_BASE_URL || 'https://api.continue.dev/v1', process.env.OPENAI_MODEL || 'continue-default'],
+    ['kade',     process.env.KADE_API_KEY,     process.env.KADE_BASE_URL || 'https://api.kade.dev/v1', process.env.OPENAI_MODEL || 'kade-default'],
  ];
  for (const [provider, key, baseURL, model] of checks) {
    if (key && baseURL) return { provider, apiKey: key, baseURL, model };
@@ -1,101 +0,0 @@
-import { describe, it, beforeEach, afterEach } from 'node:test';
-import assert from 'node:assert/strict';
-import { getLLMConfig } from './config.js';
-
-const ENV_KEYS = [
-  'OPENAI_API_KEY', 'OPENAI_BASE_URL', 'OPENAI_MODEL',
-  'CLAUDE_API_KEY', 'CLAUDE_BASE_URL', 'CLAUDE_MODEL',
-  'GEMINI_API_KEY', 'GEMINI_BASE_URL', 'GEMINI_MODEL',
-  'OLLAMA_BASE_URL', 'OLLAMA_MODEL',
-  'AMAZONQ_API_KEY', 'AMAZONQ_BASE_URL', 'AMAZONQ_MODEL',
-];
-
-let saved = {};
-beforeEach(() => {
-  saved = {};
-  for (const k of ENV_KEYS) { saved[k] = process.env[k]; delete process.env[k]; }
-});
-afterEach(() => {
-  for (const k of ENV_KEYS) {
-    if (saved[k] === undefined) delete process.env[k];
-    else process.env[k] = saved[k];
-  }
-});
-
-describe('getLLMConfig', () => {
-  it('returns null provider when no env vars set', () => {
-    const cfg = getLLMConfig();
-    assert.equal(cfg.provider, null);
-    assert.equal(cfg.apiKey, null);
-  });
-
-  it('detects openai with defaults', () => {
-    process.env.OPENAI_API_KEY = 'sk-test';
-    const cfg = getLLMConfig();
-    assert.equal(cfg.provider, 'openai');
-    assert.equal(cfg.apiKey, 'sk-test');
-    assert.equal(cfg.baseURL, 'https://api.openai.com/v1');
-    assert.equal(cfg.model, 'gpt-4o-mini');
-  });
-
-  it('detects openai with custom base url and model', () => {
-    process.env.OPENAI_API_KEY = 'sk-test';
-    process.env.OPENAI_BASE_URL = 'https://openrouter.ai/api/v1';
-    process.env.OPENAI_MODEL = 'gpt-4o';
-    const cfg = getLLMConfig();
-    assert.equal(cfg.provider, 'openai');
-    assert.equal(cfg.baseURL, 'https://openrouter.ai/api/v1');
-    assert.equal(cfg.model, 'gpt-4o');
-  });
-
-  it('detects gemini with defaults', () => {
-    process.env.GEMINI_API_KEY = 'gemini-key';
-    const cfg = getLLMConfig();
-    assert.equal(cfg.provider, 'gemini');
-    assert.equal(cfg.model, 'gemini-2.5-flash');
-  });
-
-  it('detects gemini with custom model', () => {
-    process.env.GEMINI_API_KEY = 'gemini-key';
-    process.env.GEMINI_MODEL = 'gemini-2.0-flash';
-    const cfg = getLLMConfig();
-    assert.equal(cfg.model, 'gemini-2.0-flash');
-  });
-
-  it('detects claude with defaults', () => {
-    process.env.CLAUDE_API_KEY = 'claude-key';
-    const cfg = getLLMConfig();
-    assert.equal(cfg.provider, 'claude');
-    assert.equal(cfg.model, 'claude-3-haiku-20240307');
-  });
-
-  it('detects amazonq with its own model env', () => {
-    process.env.AMAZONQ_API_KEY = 'aq-key';
-    process.env.AMAZONQ_MODEL = 'my-amazon-model';
-    const cfg = getLLMConfig();
-    assert.equal(cfg.provider, 'amazonq');
-    assert.equal(cfg.model, 'my-amazon-model');
-  });
-
-  it('openai takes priority over gemini when both set', () => {
-    process.env.OPENAI_API_KEY = 'sk-test';
-    process.env.GEMINI_API_KEY = 'gemini-key';
-    const cfg = getLLMConfig();
-    assert.equal(cfg.provider, 'openai');
-  });
-
-  it('empty string api key is treated as not set', () => {
-    process.env.OPENAI_API_KEY = '';
-    process.env.GEMINI_API_KEY = 'gemini-key';
-    const cfg = getLLMConfig();
-    assert.equal(cfg.provider, 'gemini');
-  });
-
-  it('detects ollama without api key', () => {
-    process.env.OLLAMA_BASE_URL = 'http://localhost:11434';
-    process.env.OLLAMA_MODEL = 'llama3';
-    const cfg = getLLMConfig();
-    assert.equal(cfg.provider, 'ollama');
-    assert.equal(cfg.model, 'llama3');
-  });
-});
@@ -149,11 +149,11 @@ export async function filterFalsePositivesWithAI(findings) {

  try {
    const result = await chatJSON(systemPrompt, userContent);
-    if (Array.isArray(result) && result.length > 0) {
+    if (Array.isArray(result)) {
      console.log(`  AI 誤報過濾: ${findings.length} -> ${result.length} 筆`);
      return result;
    }
-    throw new Error('AI 回傳空陣列或非陣列');
+    throw new Error('AI 回傳非陣列');
  } catch (e) {
    const status = e.response?.status;
    if (status === 402 || status === 429) {
@@ -3,7 +3,7 @@ import assert from 'node:assert/strict';
 import fs from 'fs';
 import os from 'os';
 import path from 'path';
-import { commitAndPush, cloneRepo } from './git.js';
+import { commitAndPush } from './git.js';

 // --- helpers ---
 function makeTmpWorkspace() {
@@ -91,59 +91,3 @@ describe('commitAndPush', () => {
    await assert.doesNotReject(() => commitAndPush(workspace, failSpawn));
  });
 });
-
-describe('cloneRepo', () => {
-  let workspace;
-
-  before(() => { workspace = fs.mkdtempSync(path.join(os.tmpdir(), 'clone-test-')); });
-  after(() => { fs.rmSync(workspace, { recursive: true, force: true }); });
-
-  it('clones repo when repoDir does not exist', () => {
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    const cloneCalled = spawn.calls.some(c => c.args[0] === 'clone');
-    assert.ok(cloneCalled, 'expected git clone to be called');
-  });
-
-  it('fetches and checks out when repoDir already exists', () => {
-    const repoDir = path.join(workspace, 'repo');
-    fs.mkdirSync(repoDir, { recursive: true });
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    const cloneCalled = spawn.calls.some(c => c.args[0] === 'clone');
-    const fetchCalled = spawn.calls.some(c => c.args[0] === 'fetch');
-    assert.ok(!cloneCalled, 'clone should not run when repoDir exists');
-    assert.ok(fetchCalled, 'fetch should run when repoDir exists');
-  });
-
-  it('does not embed token in any git command argument', () => {
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    for (const { args } of spawn.calls) {
-      assert.ok(!args.join(' ').includes('test-token'), `Token leaked in git args: ${args.join(' ')}`);
-    }
-  });
-
-  it('uses GIT_ASKPASS for network operations', () => {
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    const networkCalls = spawn.calls.filter(c => ['clone', 'fetch'].includes(c.args[0]));
-    assert.ok(networkCalls.length > 0, 'expected at least one network git call');
-    for (const { args, opts } of networkCalls) {
-      assert.ok(opts?.env?.GIT_ASKPASS, `GIT_ASKPASS missing for git ${args[0]}`);
-    }
-  });
-
-  it('cleans up askpass script after run', () => {
-    const spawn = makeSpawn();
-    cloneRepo(workspace, spawn);
-    const leftover = fs.readdirSync(workspace).filter(f => f.endsWith('.git-askpass.sh'));
-    assert.equal(leftover.length, 0, 'askpass script was not cleaned up');
-  });
-
-  it('returns repoDir path', () => {
-    const spawn = makeSpawn();
-    const result = cloneRepo(workspace, spawn);
-    assert.equal(result, path.join(workspace, 'repo'));
-  });
-});
@@ -82,7 +82,7 @@ async function main() {
  console.log(`  Step3b dedup findings total=${sorted.length} (critical=${sorted.filter(f=>f.level==='critical').length} warning=${sorted.filter(f=>f.level==='warning').length} info=${sorted.filter(f=>f.level==='info').length})`);

  // Step4: 讀取排除問題檔案，過濾 PR 問題表格，並請 AI 判斷誤報
-  console.log('\n🚫 Step4: AI 排除問題過濾');
+  console.log('\n🚫 Step4: 排除問題過濾');
  const exclusions = loadExclusions(repoDir || WORKSPACE);
  const ruleFiltered = applyExclusions(sorted, exclusions);
  const filtered = await filterFalsePositivesWithAI(ruleFiltered);
@@ -12,13 +12,9 @@ export function loadRoles() {
 }

 export function getRoleIntro(roles) {
-  const lines = [
-    '## 🤖 AI Code Review 團隊', '',
-    '| 👤 名稱 | 🎯 職責 | 🧠 個性 |',
-    '|--------|--------|--------|',
-  ];
+  const lines = ['## 🤖 AI Code Review 團隊', ''];
  for (const r of roles) {
-    lines.push(`| **${r.name}** | ${r.role} | ${r.personality} |`);
+    lines.push(`- **${r.name}** (${r.role})：${r.personality}`);
  }
  return lines.join('\n');
 }
Author	SHA1	Message	Date
jiantw83	bc914c401c	docs: update TODO stage4 description and fix findings filename typo	2026-05-12 02:13:38 +00:00
jiantw83	27e471d9e0	feat: add AI false positive filtering in Step4	2026-05-12 02:12:26 +00:00
jiantw83	f1c21beed5	fix: use includes matching for exclusions location and suggestion	2026-05-12 02:10:47 +00:00
AI Review Bot	3c3019d1ab	chore: update ai-review findings [skip ci]	2026-05-12 02:07:34 +00:00
jiantw83	41a8fe100f	fix: clone repo before Step3/4 to read findings and exclusions from head branch	2026-05-12 02:06:24 +00:00
AI Review Bot	c1c00449af	chore: update ai-review findings [skip ci]	2026-05-12 01:49:18 +00:00
jiantw83	ef3654b091	chore: add exclusions for Rex false positive on git.js token handling	2026-05-12 01:48:00 +00:00
jiantw83	5d0c9fd691	docs: mark all TODO stages complete	2026-05-12 01:47:52 +00:00
jiantw83	5860588588	fix: align flow with README, add Step4 exclusions filter, fix step numbers	2026-05-12 01:47:43 +00:00
jiantw83	53a7ec7a3e	refactor: reorganize TODO stages for clarity and accuracy in workflow steps Co-authored-by: Copilot <copilot@github.com>	2026-05-12 01:47:43 +00:00
jiantw83	42241c5000	refactor: update processing steps in README for clarity and accuracy	2026-05-12 01:47:43 +00:00
jiantw83	1a12ec4e2e	refactor: remove outdated AI Code configurations for Kilo, Roo, Cline, Continue, and Kade	2026-05-12 01:47:43 +00:00
AI Review Bot	a90886e924	chore: update ai-review findings [skip ci]	2026-05-12 01:13:53 +00:00
jiantw83	57285ce145	fix: update askpass script to securely read token from env var	2026-05-12 01:12:32 +00:00
jiantw83	0aefa66224	feat: refactor commitAndPush to use a runner function and improve token security; add tests for git operations	2026-05-12 01:08:39 +00:00
jiantw83	66d93abe24	Merge pull request 'feat: master 不會觸發 review.yaml' (#66 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#66	2026-05-11 14:12:38 +00:00
jiantw83	0063f3282f	Merge pull request 'refactor: 改用 execSync' (#65 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#65	2026-05-11 13:56:13 +00:00
jiantw83	8c3d0d9a6d	Merge pull request 'fix: add bash to Dockerfile dependencies' (#64 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#64	2026-05-11 10:54:08 +00:00
jiantw83	3849bb2168	Merge pull request 'fix: switch Dockerfile base image to alpine and install dependencies using apk' (#63 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#63	2026-05-11 10:46:43 +00:00
jiantw83	379938d6dc	Merge pull request 'fix: Dockerfile 加入 git 安裝驗證，git.js 改回 git binary' (#62 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#62	2026-05-11 10:38:59 +00:00
jiantw83	5bf39966d0	Merge pull request 'fix: 換用 node:20 完整版（內建 git，不需要 apt-get）' (#61 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#61	2026-05-11 10:34:11 +00:00
jiantw83	3509a882e1	Merge pull request 'chore: add newline at end of TODO.md for better formatting' (#60 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#60	2026-05-11 10:19:46 +00:00
jiantw83	1d2e8236de	Merge pull request 'chore: remove duplicate log assistance note in TODO.md' (#59 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#59	2026-05-11 10:18:13 +00:00
jiantw83	d8423c74b1	Merge pull request 'chore: remove test findings' (#58 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#58	2026-05-11 10:12:32 +00:00
jiantw83	94e974b5dc	Merge pull request 'feat/refactor/kiro/1' (#57 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#57	2026-05-11 10:10:23 +00:00
jiantw83	a9a0b43ea5	Merge pull request 'debug: commit/push 失敗時顯示詳細錯誤' (#56 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#56	2026-05-11 10:04:49 +00:00
jiantw83	aa8234b5c7	Merge pull request 'fix: commitAndPush 加上 await' (#55 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#55	2026-05-11 10:01:12 +00:00
jiantw83	b0f2d45c11	Merge pull request 'fix: add newline at end of TODO.md for proper formatting' (#54 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#54	2026-05-11 09:59:14 +00:00
jiantw83	3fd9a7e13d	Merge pull request 'feat: 階段五六 - findings commit/push 到來源分支，critical 問題 exit 1' (#53 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#53	2026-05-11 09:54:39 +00:00
jiantw83	39cc5c932c	Merge pull request 'feat: 階段四 - findings 寫入與 comment 依序發布（舊問題→非嚴重→嚴重）' (#52 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#52	2026-05-11 09:48:41 +00:00
jiantw83	255adbabe4	Merge pull request 'feat: 階段三 - AI 語意去重，失敗時降級保留所有問題' (#51 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#51	2026-05-11 09:44:10 +00:00
jiantw83	a10fc8f176	Merge pull request 'feat/refactor/kiro/1' (#50 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#50	2026-05-11 09:40:12 +00:00
jiantw83	9b39908394	Merge pull request 'feat: 階段一 - 基本流程串接骨架' (#47 ) from feat/refactor/kiro/1 into feat/refactor/main Reviewed-on: jiantw83/code-review#47	2026-05-11 07:53:38 +00:00