chore: update ai-review findings [ai-review-bot]

test: add bot check debug logs
2026-05-15 14:26:45 +00:00 · 2026-05-15 14:25:08 +00:00 · 2026-05-15 14:20:01 +00:00 · 2026-05-15 14:17:55 +00:00 · 2026-05-15 14:14:22 +00:00 · 2026-05-15 14:13:12 +00:00
10 changed files with 184 additions and 20 deletions
@@ -1 +1,23 @@
-[]
+[
  {
    "level": "critical",
    "role": "Maya",
    "location": "action.yaml:6, action.yaml:81",
    "suggestion": "由於 `GITEA_TOKEN` 現在被設定為 `required: true` 且移除了 `secrets.GITEA_TOKEN` 的 fallback 機制，這是一個關鍵性的行為變更。請務必新增整合測試 (integration tests) 來驗證以下情境：\n1. 當 `inputs.GITEA_TOKEN` 未提供時，Action 應如預期般失敗。\n2. 當 `inputs.GITEA_TOKEN` 有提供時，Action 應能正常執行。\n這將確保新的輸入要求和邏輯變更不會導致意外的行為或破壞現有工作流程。",
    "is_new": false
  },
  {
    "level": "critical",
    "role": "Leo",
    "location": "action.yaml:12",
    "suggestion": "建議將 `GITEA_TOKEN` 的環境變數設定改回 `GITEA_TOKEN: ${{ inputs.GITEA_TOKEN || secrets.GITEA_TOKEN }}`。目前將其設定為 `required: true` 並移除 `secrets.GITEA_TOKEN` 的 fallback 機制，會導致現有依賴 `secrets.GITEA_TOKEN` 的工作流程中斷，並降低配置的彈性。如果目的是強制透過 `inputs` 傳遞，應在文件明確說明此重大變更及其原因。",
    "is_new": false
  },
  {
    "level": "warning",
    "role": "Leo",
    "location": "action.yaml:80",
    "suggestion": "在 `runs.env` 區塊中，`GITEA_TOKEN` 現在只從 `inputs` 取得，但 `GITEA_SERVER_URL` 和 `GITEA_REPOSITORY` 仍保留從 `gitea context` 取得的備用機制。這種處理方式的不一致性可能會造成未來的維護困擾。建議統一所有 Gitea 相關變數的取得邏輯，或提供明確的註解說明此差異的原因。",
    "is_new": false
  }
 ]
@@ -1,9 +1,8 @@
 name: AI
 concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref }}
  cancel-in-progress: true
 on:
  pull_request:
    branches-ignore:
    - master
    types: [opened, synchronize]
 jobs:
  version:
@@ -38,4 +37,4 @@ jobs:
    permissions:
      contents: write
      pull-requests: write
-      issues: write
+      issues: write
@@ -2,7 +2,7 @@
 這是一個 AI Code Review Action。Gitea Workflow 可以使用此 Action 讓 AI 助理根據不同面向分析 Push Request 中變更的內容後，將問題分級 Commnet 到 Push Request 中。
-# 流程(新 Push Request、新 Commit (排除 AI 助理的 Commit) 觸發)
+# 流程(新 Push Request、新 Commit 觸發；若偵測到 AI 助理的自動提交則直接跳過)
 1. 服務名稱、模型名稱、角色資訊(個性、符合個性的英文名稱、工作內容)，Comment 到 Push Request
 2. 每個角色個別分析 Git Diff 的內容產生新問題表格(問題等級、角色名稱、問題位置或行數、修改建議)
@@ -11,8 +11,8 @@
 5. 從PR問題表格中取出所有舊問題，依照等級排序後 Comment 到 Push Request
 6. 從PR問題表格中取出所有新問題，排除嚴重等級的問題後 Comment 到 Push Request
 7. 從PR問題表格中取出所有新問題，將每個嚴重等級的問題 Comment 到 Push Request
-8. Commit 問題檔案，將 workspace 中實際存在的同步檔覆蓋到記憶區；workspace 沒有的同步檔就略過，不會刪除記憶區既有內容
+8. Commit 問題檔案，將 workspace 中實際存在的同步檔覆蓋到記憶區；workspace 沒有的同步檔就略過，不會刪除記憶區既有內容。自動提交的 commit message 會帶上 `[ai-review-bot]`，供 workflow 判斷是否要跳過重跑
-9. 如果PR問題表格中有嚴重問題，則不要讓 workflow 執行成功(exit 1)
+9. 如果 PR 問題表格中有嚴重問題，則不要讓 workflow 執行成功(exit 1)
 # 設計
@@ -33,6 +33,8 @@
 2. 在 `.gitea/workflows` 資料夾中建立 `ai-review.yaml'
 3. 在 `ai-review.yaml` 中填入以下內容(選擇一個使用)：
 > **自動提交排除說明**：此 Action 會將自己的 commit message 標記為 `[ai-review-bot]`，而且 action 執行時會先透過 Gitea API 檢查這次觸發的 PR head commit（優先用 `pull_request.head.sha`）是否含有這個 marker，若有就直接成功結束，避免 bot commit 造成重複觸發。若外層 workflow 也能先檢查一次，效果最好。
 > **權限說明**：此 Action 需要 `contents: write`（寫入 findings.json）、`pull-requests: write`（發佈 PR comment）、`issues: write`（發佈 issue comment）三項權限，為正常運作所必要，無法縮減。
 ### 1. OpenAI
@@ -54,6 +56,7 @@ jobs:
    - name: AI Code Review
      uses: https://gitea.jsc.idv.tw/actions/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
      with:
        GITEA_TOKEN: ${{ secrets.RUNNER_TOKEN }}
        OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}  # 支援逗號分隔多個 Key
        OPENAI_BASE_URL: https://api.openai.com/v1
        OPENAI_MODEL: ${{ vars.OPENAI_MODEL }}
@@ -82,6 +85,7 @@ jobs:
    - name: AI Code Review
      uses: https://gitea.jsc.idv.tw/actions/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
      with:
        GITEA_TOKEN: ${{ secrets.RUNNER_TOKEN }}
        OPENAI_API_KEY: ${{ secrets.OPENROUTER_API_KEY }},${{ secrets.OPENROUTER_API_KEY_1 }}
        OPENAI_BASE_URL: https://openrouter.ai/api/v1
        OPENAI_MODEL: ${{ vars.OPENROUTER_MODEL }}
@@ -110,6 +114,7 @@ jobs:
    - name: AI Code Review
      uses: https://gitea.jsc.idv.tw/actions/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
      with:
        GITEA_TOKEN: ${{ secrets.RUNNER_TOKEN }}
        CLAUDE_API_KEY: ${{ secrets.CLAUDE_API_KEY }}  # 支援逗號分隔多個 Key
        CLAUDE_BASE_URL: https://api.anthropic.com/v1
    permissions:
@@ -137,6 +142,7 @@ jobs:
    - name: AI Code Review
      uses: https://gitea.jsc.idv.tw/actions/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
      with:
        GITEA_TOKEN: ${{ secrets.RUNNER_TOKEN }}
        GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }},${{ secrets.GEMINI_API_KEY_1 }},${{ secrets.GEMINI_API_KEY_2 }},${{ secrets.GEMINI_API_KEY_3 }},${{ secrets.GEMINI_API_KEY_4 }},${{ secrets.GEMINI_API_KEY_5 }},${{ secrets.GEMINI_API_KEY_6 }},${{ secrets.GEMINI_API_KEY_7 }},${{ secrets.GEMINI_API_KEY_8 }},${{ secrets.GEMINI_API_KEY_9 }},${{ secrets.GEMINI_API_KEY_10 }},${{ secrets.GEMINI_API_KEY_11 }},${{ secrets.GEMINI_API_KEY_12 }},${{ secrets.GEMINI_API_KEY_13 }},${{ secrets.GEMINI_API_KEY_14 }},${{ secrets.GEMINI_API_KEY_15 }},${{ secrets.GEMINI_API_KEY_16 }},${{ secrets.GEMINI_API_KEY_17 }},${{ secrets.GEMINI_API_KEY_18 }},${{ secrets.GEMINI_API_KEY_19 }}
        GEMINI_BASE_URL: https://generativelanguage.googleapis.com/v1beta
        GEMINI_MODEL: ${{ vars.GEMINI_MODEL }}
@@ -165,6 +171,7 @@ jobs:
    - name: AI Code Review
      uses: https://gitea.jsc.idv.tw/actions/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
      with:
        GITEA_TOKEN: ${{ secrets.RUNNER_TOKEN }}
        AMAZONQ_API_KEY: ${{ secrets.AMAZONQ_API_KEY }}  # 支援逗號分隔多個 Key
        AMAZONQ_BASE_URL: https://q.api.aws
    permissions:
@@ -191,10 +198,11 @@ jobs:
    runs-on: ubuntu
    steps:
    - name: AI Code Review
-        uses: https://gitea.jsc.idv.tw/actions/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
+      uses: https://gitea.jsc.idv.tw/actions/code-review@${{ vars.ACTION_CODE_REVIEW_VERSION }}
-        with:
+      with:
-          OLLAMA_BASE_URL: https://ollama.jsc.idv.me/v1
+      GITEA_TOKEN: ${{ secrets.RUNNER_TOKEN }}
-          OLLAMA_MODEL: ${{ vars.OLLAMA_MODEL }}
+        OLLAMA_BASE_URL: https://ollama.jsc.idv.me/v1
        OLLAMA_MODEL: ${{ vars.OLLAMA_MODEL }}
    permissions:
      contents: write
      pull-requests: write
@@ -5,7 +5,7 @@ inputs:
  # Gitea 相關（可從 gitea context 自動取得）
  GITEA_TOKEN:
    description: 'Gitea API Token'
-    required: false
+    required: true
  GITEA_SERVER_URL:
    description: 'Gitea Server URL'
    required: false
@@ -80,12 +80,13 @@ runs:
  using: 'docker'
  image: 'Dockerfile'
  env:
-    # Gitea context（優先用 inputs，否則從 gitea context 取）
+    # Gitea context（改為只從 inputs 取得）
-    GITEA_TOKEN: ${{ inputs.GITEA_TOKEN || secrets.GITEA_TOKEN }}
+    GITEA_TOKEN: ${{ inputs.GITEA_TOKEN }}
    GITEA_SERVER_URL: ${{ inputs.GITEA_SERVER_URL || gitea.server_url }}
    GITEA_REPOSITORY: ${{ inputs.GITEA_REPOSITORY || gitea.repository }}
    GITEA_SKIP_TLS_VERIFY: ${{ inputs.GITEA_SKIP_TLS_VERIFY }}
    PR_NUMBER: ${{ inputs.PR_NUMBER || gitea.event.pull_request.number }}
    PR_HEAD_SHA: ${{ inputs.PR_HEAD_SHA || gitea.event.pull_request.head.sha }}
    PR_HEAD_BRANCH: ${{ inputs.PR_HEAD_BRANCH || gitea.event.pull_request.head.ref }}
    PR_BASE_BRANCH: ${{ inputs.PR_BASE_BRANCH || gitea.event.pull_request.base.ref }}
    # LLM
@@ -3,6 +3,7 @@ export const GITEA_SERVER_URL = process.env.GITEA_SERVER_URL || 'https://gitea.c
 export const GITEA_REPOSITORY = process.env.GITEA_REPOSITORY || '';
 export const GITEA_SKIP_TLS_VERIFY = process.env.GITEA_SKIP_TLS_VERIFY === 'true';
 export const PR_NUMBER = process.env.PR_NUMBER || '';
 export const PR_HEAD_SHA = process.env.PR_HEAD_SHA || '';
 export const PR_HEAD_BRANCH = process.env.PR_HEAD_BRANCH || '';
 export const PR_BASE_BRANCH = process.env.PR_BASE_BRANCH || '';
@@ -7,6 +7,7 @@ import { GITEA_SERVER_URL, GITEA_REPOSITORY, GITEA_TOKEN, PR_HEAD_BRANCH, FINDIN
 const ACTION_ROOT = path.resolve(path.dirname(fileURLToPath(import.meta.url)), '..');
 const GENERATED_SYNC_PATHS = [FINDINGS_PATH, '.gitea/ai-review/exclusions.json'];
 const remoteUrl = `${GITEA_SERVER_URL.replace(/\/$/, '')}/${GITEA_REPOSITORY}.git`;
 export const BOT_COMMIT_MARKER = '[ai-review-bot]';
 export const SYNC_PATHS = [
  '.amazonq/rules/triage-findings.md',
  '.codex/skills/triage-findings/SKILL.md',
@@ -58,6 +59,15 @@ export function getRepoState(repoDir, _spawnSync = spawnSync) {
  return { repoDir, branch, headSha, shortSha, commitTime };
 }
 export function getHeadCommitMessage(repoDir, _spawnSync = spawnSync) {
  const run = makeRunner(_spawnSync);
  return readGitOutput(run, ['show', '-s', '--format=%B', 'HEAD'], repoDir);
 }
 export function isBotAutoCommit(repoDir, _spawnSync = spawnSync) {
  return getHeadCommitMessage(repoDir, _spawnSync).includes(BOT_COMMIT_MARKER);
 }
 /**
 * Clone PR head branch to workspace/repo (idempotent)
 */
@@ -124,7 +134,7 @@ export async function commitAndPush(workspace, repoDir, _spawnSync = spawnSync,
        return;
      }
-      const out = run(['commit', '-m', 'chore: update ai-review findings [skip ci]'], repoDir);
+      const out = run(['commit', '-m', `chore: update ai-review findings ${BOT_COMMIT_MARKER}`], repoDir);
      const commitHash = out.match(/\[.+ ([a-f0-9]+)\]/)?.[1] || 'unknown';
      try {
        run(['push', remoteUrl, PR_HEAD_BRANCH], repoDir, credEnv);
@@ -3,7 +3,7 @@ import assert from 'node:assert/strict';
 import fs from 'fs';
 import os from 'os';
 import path from 'path';
-import { commitAndPush, cloneRepo, SYNC_PATHS } from './git.js';
+import { commitAndPush, cloneRepo, SYNC_PATHS, BOT_COMMIT_MARKER, getHeadCommitMessage, isBotAutoCommit } from './git.js';
 // --- helpers ---
 function makeTmpWorkspace() {
@@ -60,6 +60,15 @@ describe('commitAndPush', () => {
    }
  });
  it('tags auto commits with the bot marker for workflow filtering', async () => {
    const spawn = makeSpawn();
    await commitAndPush(workspace, path.join(workspace, 'repo'), spawn, sourceRoot);
    const commitCall = spawn.calls.find(c => c.args[0] === 'commit');
    assert.ok(commitCall, 'expected git commit to run');
    assert.ok(commitCall.args.some(arg => arg.includes(BOT_COMMIT_MARKER)), 'expected commit message to include bot marker');
  });
  it('uses GIT_ASKPASS env for network operations (fetch, push, clone)', async () => {
    const spawn = makeSpawn();
    await commitAndPush(workspace, path.join(workspace, 'repo'), spawn, sourceRoot);
@@ -232,4 +241,13 @@ describe('cloneRepo', () => {
    const result = cloneRepo(workspace, spawn);
    assert.equal(result, path.join(workspace, 'repo'));
  });
  it('reads head commit message and detects bot auto commits', () => {
    const spawn = makeSpawn({
      show: () => ({ status: 0, stdout: `chore: update ai-review findings ${BOT_COMMIT_MARKER}\n`, stderr: '', error: null }),
    });
    assert.ok(getHeadCommitMessage(workspace, spawn).includes(BOT_COMMIT_MARKER));
    assert.equal(isBotAutoCommit(workspace, spawn), true);
  });
 });
@@ -1,6 +1,6 @@
 import axios from 'axios';
 import https from 'https';
-import { GITEA_TOKEN, GITEA_SERVER_URL, GITEA_REPOSITORY, GITEA_SKIP_TLS_VERIFY, PR_NUMBER } from './config.js';
+import { GITEA_TOKEN, GITEA_SERVER_URL, GITEA_REPOSITORY, GITEA_SKIP_TLS_VERIFY, PR_NUMBER, PR_HEAD_SHA, PR_HEAD_BRANCH } from './config.js';
 const httpsAgent = GITEA_SKIP_TLS_VERIFY ? new https.Agent({ rejectUnauthorized: false }) : undefined;
 const headers = () => ({ Authorization: `token ${GITEA_TOKEN}`, 'Content-Type': 'application/json' });
@@ -25,6 +25,66 @@ export async function getPRDiff() {
  ]);
 }
 export async function getCommitMessageBySha(sha) {
  if (!sha) return '';
  try {
    const resp = await axios.get(api(`/repos/${GITEA_REPOSITORY}/git/commits/${encodeURIComponent(sha)}`), {
      headers: headers(),
      timeout: 30000,
      httpsAgent,
    });
    return resp.data?.message || '';
  } catch (e) {
    console.log(`  ⚠️  bot-check: 讀取 commit sha=${sha} 失敗: ${e.message}`);
    return '';
  }
 }
 export async function getBranchHeadCommitMessage(branch = PR_HEAD_BRANCH) {
  if (!branch) return '';
  try {
    const resp = await axios.get(api(`/repos/${GITEA_REPOSITORY}/branches/${encodeURIComponent(branch)}`), {
      headers: headers(),
      timeout: 30000,
      httpsAgent,
    });
    const sha = resp.data?.commit?.id || resp.data?.commit?.sha || '';
    return await getCommitMessageBySha(sha);
  } catch (e) {
    console.log(`  ⚠️  bot-check: 讀取 branch=${branch} head commit 失敗: ${e.message}`);
    return '';
  }
 }
 export async function shouldSkipBotCommit({ sha = PR_HEAD_SHA || process.env.GITHUB_SHA, branch = PR_HEAD_BRANCH } = {}) {
  console.log(`  🔎 bot-check: start sha=${sha || 'empty'} branch=${branch || 'empty'}`);
  const shaMessage = await getCommitMessageBySha(sha);
  if (sha) {
    console.log(`  🔎 bot-check: sha=${sha} message=${shaMessage ? 'found' : 'empty'}`);
    if (shaMessage.includes('[ai-review-bot]')) {
      console.log('  ✅ bot-check: matched commit sha marker');
      return true;
    }
  } else {
    console.log('  🔎 bot-check: skip sha lookup because sha is empty');
  }
  const branchMessage = await getBranchHeadCommitMessage(branch);
  if (branch) {
    console.log(`  🔎 bot-check: branch=${branch} head_message=${branchMessage ? 'found' : 'empty'}`);
    if (branchMessage.includes('[ai-review-bot]')) {
      console.log('  ✅ bot-check: matched branch head marker');
      return true;
    }
  } else {
    console.log('  🔎 bot-check: skip branch lookup because branch is empty');
  }
  console.log('  ℹ️  bot-check: no [ai-review-bot] marker found');
  return false;
 }
 /**
 * 過濾 diff 內容，移除路徑符合 excludePrefixes 的區塊。
 * 每個區塊以 "diff --git a/<prefix>" 開頭判斷，使用 startsWith 精確比對前綴。
@@ -1,7 +1,7 @@
 import { describe, it, afterEach, mock } from 'node:test';
 import assert from 'node:assert/strict';
 import axios from 'axios';
-import { getPRDiff, filterDiff, postComment } from './gitea.js';
+import { getPRDiff, filterDiff, postComment, getCommitMessageBySha, getBranchHeadCommitMessage, shouldSkipBotCommit } from './gitea.js';
 afterEach(() => mock.restoreAll());
@@ -56,6 +56,45 @@ describe('gitea', () => {
    mock.method(axios, 'post', async () => { throw new Error('api error'); });
    await assert.rejects(() => postComment('test'), /api error/);
  });
  it('getCommitMessageBySha reads commit message from Gitea API', async () => {
    let capturedUrl;
    mock.method(axios, 'get', async (url) => {
      capturedUrl = url;
      return { data: { message: 'chore: update ai-review findings [ai-review-bot]' } };
    });
    const message = await getCommitMessageBySha('abc123');
    assert.ok(capturedUrl.includes('/git/commits/abc123'));
    assert.ok(message.includes('[ai-review-bot]'));
  });
  it('getBranchHeadCommitMessage reads branch head commit message from Gitea API', async () => {
    const urls = [];
    mock.method(axios, 'get', async (url) => {
      urls.push(url);
      if (url.includes('/branches/feat%2Ftest')) {
        return { data: { commit: { id: 'abc123' } } };
      }
      return { data: { message: 'chore: update ai-review findings [ai-review-bot]' } };
    });
    const message = await getBranchHeadCommitMessage('feat/test');
    assert.ok(urls.some(url => url.includes('/branches/feat%2Ftest')));
    assert.ok(urls.some(url => url.includes('/git/commits/abc123')));
    assert.ok(message.includes('[ai-review-bot]'));
  });
  it('shouldSkipBotCommit returns true when either sha or branch head is bot commit', async () => {
    mock.method(axios, 'get', async (url) => {
      if (url.includes('/git/commits/sha-bot')) {
        return { data: { message: 'chore: update ai-review findings [ai-review-bot]' } };
      }
      if (url.includes('/branches/feat%2Ftest')) {
        return { data: { commit: { id: 'sha-bot' } } };
      }
      return { data: { message: 'regular commit' } };
    });
    await assert.equal(await shouldSkipBotCommit({ sha: 'sha-bot', branch: 'feat/test' }), true);
  });
 });
 describe('filterDiff', () => {
@@ -1,7 +1,7 @@
 import path from 'path';
 import { GITEA_REPOSITORY, PR_NUMBER, PR_HEAD_BRANCH, PR_BASE_BRANCH, getLLMConfig, FINDINGS_PATH, EXCLUSIONS_PATH } from './config.js';
 import { loadRoles, getRoleIntro } from './roles.js';
-import { getPRDiff, postComment } from './gitea.js';
+import { getPRDiff, postComment, shouldSkipBotCommit } from './gitea.js';
 import { analyzeWithRole, loadOldFindings, mergeFindings, sortByLevel, deduplicateWithAI, loadExclusions, applyExclusions, filterFalsePositivesWithAI } from './findings.js';
 import { saveFindings, postOldFindingsComment, postNewNonCriticalComment, postNewCriticalComments } from './comments.js';
 import { cloneRepo, commitAndPush, getRepoState } from './git.js';
@@ -15,6 +15,12 @@ async function main() {
  console.log(`  repo=${GITEA_REPOSITORY}  PR=#${PR_NUMBER}`);
  console.log(`  ${PR_HEAD_BRANCH} -> ${PR_BASE_BRANCH}`);
  if (await shouldSkipBotCommit()) {
    console.log('  🤖 偵測到 [ai-review-bot] 自動提交，直接完成 action');
    console.log('='.repeat(60));
    process.exit(0);
  }
  const { provider, baseURL, model } = getLLMConfig();
  if (!provider) {
    console.error('❌ 未設定任何 LLM API Key，請檢查 action inputs');
Author	SHA1	Message	Date
AI Review Bot	e216ca08c5	chore: update ai-review findings [ai-review-bot]	2026-05-15 14:26:45 +00:00
jiantw83	888bf0b359	test: add bot check debug logs	2026-05-15 14:25:08 +00:00
AI Review Bot	59e942f24b	chore: update ai-review findings [ai-review-bot]	2026-05-15 14:20:01 +00:00
jiantw83	82ecbd3463	fix: detect ai review bot commits via api	2026-05-15 14:17:55 +00:00
AI Review Bot	f3319b5ec4	chore: update ai-review findings [ai-review-bot]	2026-05-15 14:14:22 +00:00
AI Review Bot	ee593418f0	chore: update ai-review findings [ai-review-bot]	2026-05-15 14:13:12 +00:00
jiantw83	9012fe64d1	chore: skip ai review bot commits	2026-05-15 14:11:21 +00:00
AI Review Bot	3ae08052a3	chore: update ai-review findings [ai-review-bot]	2026-05-15 14:02:34 +00:00
jiantw83	60f3a9beba	fix: skip ai review bot commits	2026-05-15 14:00:59 +00:00
AI Review Bot	09b7be2c40	chore: update ai-review findings [skip ci]	2026-05-15 13:27:17 +00:00
jiantw83	647460ea87	docs: update review guidance	2026-05-15 13:25:39 +00:00
jiantw83	9fe85c9f72	chore: require gitea token input	2026-05-15 13:24:45 +00:00
jiantw83	ca9845af1d	fix: remove GITEA_TOKEN from AI Code Review step and ensure master branch is ignored in pull requests	2026-05-15 09:55:08 +00:00