Compare commits
base: actions/code-review:v0.2.2-beta.7
actions/code-review:v0.2.3
actions/code-review:v0.2.3-beta.9
actions/code-review:v0.2.3-beta.8
actions/code-review:v0.2.3-beta.7
actions/code-review:v0.2.3-beta.6
actions/code-review:v0.2.3-beta.5
actions/code-review:v0.2.3-beta.4
actions/code-review:v0.2.3-beta.3
actions/code-review:v0.2.3-beta.2
actions/code-review:v0.2.3-beta.1
actions/code-review:v0.2.2
actions/code-review:v0.2.2-beta.10
actions/code-review:v0.2.2-beta.9
actions/code-review:v0.2.2-beta.8
actions/code-review:v0.2.2-beta.7
actions/code-review:v0.2.2-beta.6
actions/code-review:v0.2.2-beta.5
actions/code-review:v0.2.2-beta.4
actions/code-review:v0.2.2-beta.3
actions/code-review:v0.2.2-beta.2
actions/code-review:v0.2.2-beta.1
actions/code-review:v0.2.1
actions/code-review:v0.2.1-beta.4
actions/code-review:v0.2.1-beta.3
actions/code-review:v0.2.1-beta.2
actions/code-review:v0.2.1-beta.1
actions/code-review:v0.2.0
actions/code-review:v0.2.0-beta.1
actions/code-review:v0.1.9
actions/code-review:v0.1.9-beta.1
actions/code-review:v0.1.8
actions/code-review:v0.1.8-beta.1
actions/code-review:v0.1.7
actions/code-review:v0.1.7-beta.5
actions/code-review:v0.1.7-beta.4
actions/code-review:v0.1.7-beta.3
actions/code-review:v0.1.7-beta.2
actions/code-review:v0.1.7-beta.1
actions/code-review:v0.1.6
actions/code-review:v0.1.6-beta.30
actions/code-review:v0.1.6-beta.29
actions/code-review:v0.1.6-beta.28
actions/code-review:v0.1.6-beta.27
actions/code-review:v0.1.6-beta.26
actions/code-review:v0.1.6-beta.25
actions/code-review:v0.1.6-beta.24
actions/code-review:v0.1.6-beta.23
actions/code-review:v0.1.6-beta.22
actions/code-review:v0.1.6-beta.21
actions/code-review:v0.1.6-beta.20
actions/code-review:v0.1.6-beta.19
actions/code-review:v0.1.6-beta.18
actions/code-review:v0.1.6-beta.17
actions/code-review:v0.1.6-beta.16
actions/code-review:v0.1.6-beta.15
actions/code-review:v0.1.6-beta.14
actions/code-review:v0.1.6-beta.13
actions/code-review:v0.1.6-beta.12
actions/code-review:v0.1.6-beta.11
actions/code-review:v0.1.6-beta.10
actions/code-review:v0.1.6-beta.9
actions/code-review:v0.1.6-beta.8
actions/code-review:v0.1.6-beta.7
actions/code-review:v0.1.6-beta.6
actions/code-review:v0.1.6-beta.5
actions/code-review:v0.1.6-beta.4
actions/code-review:v0.1.6-beta.3
actions/code-review:v0.1.6-beta.2
actions/code-review:v0.1.6-beta.1
actions/code-review:v0.1.5
actions/code-review:v0.1.5-beta.1
actions/code-review:v0.1.4
actions/code-review:v0.1.4-beta.3
actions/code-review:v0.1.4-beta.2
actions/code-review:v0.1.4-beta.1
actions/code-review:v0.1.3-beta.1
actions/code-review:v0.1.3
actions/code-review:v0.1.2
actions/code-review:v0.1.2-beta.1
actions/code-review:v0.1.1
actions/code-review:v0.1.1-beta.3
actions/code-review:v0.1.1-beta.2
actions/code-review:v0.1.1-beta.1
actions/code-review:v0.1.0-beta.1
actions/code-review:v0.1.0
actions/code-review:v0.0.9-beta.1
actions/code-review:v0.0.9
actions/code-review:v0.0.8
actions/code-review:v0.0.8-beta.1
actions/code-review:v0.0.7-beta.3
actions/code-review:v0.0.7
actions/code-review:v0.0.7-beta.2
actions/code-review:v0.0.7-beta.1
actions/code-review:v0.0.6
actions/code-review:v0.0.6-beta.2
actions/code-review:v0.0.6-beta.1
actions/code-review:v0.0.5
actions/code-review:v0.0.5-beta.2
actions/code-review:v0.0.5-beta.1
actions/code-review:v0.0.4
actions/code-review:v0.0.4-beta.8
actions/code-review:v0.0.4-beta.7
actions/code-review:v0.0.4-beta.6
actions/code-review:v0.0.4-beta.5
actions/code-review:v0.0.4-beta.4
actions/code-review:v0.0.4-beta.3
actions/code-review:v0.0.4-beta.2
actions/code-review:v0.0.4-beta.1
actions/code-review:v0.0.3
actions/code-review:v0.0.3-beta.2
actions/code-review:v0.0.3-beta.1
actions/code-review:v0.0.2
actions/code-review:v0.0.2-beta.10
actions/code-review:v0.0.2-beta.9
actions/code-review:v0.0.2-beta.8
actions/code-review:v0.0.2-beta.7
actions/code-review:v0.0.2-beta.6
actions/code-review:v0.0.2-beta.5
actions/code-review:v0.0.2-beta.4
actions/code-review:v0.0.2-beta.3
actions/code-review:v0.0.2-beta.2
actions/code-review:v0.0.2-beta.1
actions/code-review:v0.0.1
actions/code-review:v0.0.1-beta.111
actions/code-review:v0.0.1-beta.110
actions/code-review:v0.0.1-beta.109
actions/code-review:v0.0.1-beta.108
actions/code-review:v0.0.1-beta.107
actions/code-review:v0.0.1-beta.106
actions/code-review:v0.0.1-beta.105
actions/code-review:v0.0.1-beta.104
actions/code-review:v0.0.1-beta.103
actions/code-review:v0.0.1-beta.102
actions/code-review:v0.0.1-beta.101
actions/code-review:v0.0.1-beta.100
actions/code-review:v0.0.1-beta.99
actions/code-review:v0.0.1-beta.98
actions/code-review:v0.0.1-beta.97
actions/code-review:v0.0.1-beta.96
actions/code-review:v0.0.1-beta.95
actions/code-review:v0.0.1-beta.94
actions/code-review:v0.0.1-beta.93
actions/code-review:v0.0.1-beta.91
actions/code-review:v0.0.1-beta.92
actions/code-review:v0.0.1-beta.90
actions/code-review:v0.0.1-beta.89
actions/code-review:v0.0.1-beta.88
actions/code-review:v0.0.1-beta.87
actions/code-review:v0.0.1-beta.86
actions/code-review:v0.0.1-beta.85
actions/code-review:v0.0.1-beta.84
actions/code-review:v0.0.1-beta.83
actions/code-review:v0.0.1-beta.82
actions/code-review:v0.0.1-beta.81
actions/code-review:v0.0.1-beta.80
actions/code-review:v0.0.1-beta.79
actions/code-review:v0.0.1-beta.78
actions/code-review:v0.0.1-beta.77
actions/code-review:v0.0.1-beta.76
actions/code-review:v0.0.1-beta.75
actions/code-review:v0.0.1-beta.74
actions/code-review:v0.0.1-beta.73
actions/code-review:v0.0.1-beta.72
actions/code-review:v0.0.1-beta.71
actions/code-review:v0.0.1-beta.70
actions/code-review:v0.0.1-beta.69
actions/code-review:v0.0.1-beta.68
actions/code-review:v0.0.1-beta.67
actions/code-review:v0.0.1-beta.66
actions/code-review:v0.0.1-beta.65
actions/code-review:v0.0.1-beta.64
actions/code-review:v0.0.1-beta.63
actions/code-review:v0.0.1-beta.62
actions/code-review:v0.0.1-beta.61
actions/code-review:v0.0.1-beta.60
actions/code-review:v0.0.1-beta.59
actions/code-review:v0.0.1-beta.58
actions/code-review:v0.0.1-beta.57
actions/code-review:v0.0.1-beta.56
actions/code-review:v0.0.1-beta.55
actions/code-review:v0.0.1-beta.54
actions/code-review:v0.0.1-beta.53
actions/code-review:v0.0.1-beta.52
actions/code-review:v0.0.1-beta.51
actions/code-review:v0.0.1-beta.50
actions/code-review:v0.0.1-beta.49
actions/code-review:v0.0.1-beta.48
actions/code-review:v0.0.1-beta.47
actions/code-review:v0.0.1-beta.46
actions/code-review:v0.0.1-beta.45
actions/code-review:v0.0.1-beta.44
actions/code-review:v0.0.1-beta.43
actions/code-review:v0.0.1-beta.42
actions/code-review:v0.0.1-beta.41
actions/code-review:v0.0.1-beta.40
actions/code-review:v0.0.1-beta.39
actions/code-review:v0.0.1-beta.38
actions/code-review:v0.0.1-beta.37
actions/code-review:v0.0.1-beta.36
actions/code-review:v0.0.1-beta.35
actions/code-review:v0.0.1-beta.34
actions/code-review:v0.0.1-beta.33
actions/code-review:v0.0.1-beta.32
actions/code-review:v0.0.1-beta.31
actions/code-review:v0.0.1-beta.30
actions/code-review:v0.0.1-beta.29
actions/code-review:v0.0.1-beta.28
actions/code-review:v0.0.1-beta.27
actions/code-review:v0.0.1-beta.26
actions/code-review:v0.0.1-beta.25
actions/code-review:v0.0.1-beta.24
actions/code-review:v0.0.1-beta.23
actions/code-review:v0.0.1-beta.22
actions/code-review:v0.0.1-beta.21
actions/code-review:v0.0.1-beta.20
actions/code-review:v0.0.1-beta.19
actions/code-review:v0.0.1-beta.18
actions/code-review:v0.0.1-beta.17
actions/code-review:v0.0.1-beta.16
actions/code-review:v0.0.1-beta.15
actions/code-review:v0.0.1-beta.14
actions/code-review:v0.0.1-beta.13
actions/code-review:v0.0.1-beta.12
actions/code-review:v0.0.1-beta.11
actions/code-review:v0.0.1-beta.10
actions/code-review:v0.0.1-beta.9
actions/code-review:v0.0.1-beta.8
actions/code-review:v0.0.1-beta.7
actions/code-review:v0.0.1-beta.6
actions/code-review:v0.0.1-beta.5
actions/code-review:v0.0.1-beta.4
actions/code-review:v0.0.1-beta.3
actions/code-review:v0.0.1-beta.2
actions/code-review:v0.0.1-beta.1
..
compare: actions/code-review:v0.2.2-beta.9
actions/code-review:v0.2.3
actions/code-review:v0.2.3-beta.9
actions/code-review:v0.2.3-beta.8
actions/code-review:v0.2.3-beta.7
actions/code-review:v0.2.3-beta.6
actions/code-review:v0.2.3-beta.5
actions/code-review:v0.2.3-beta.4
actions/code-review:v0.2.3-beta.3
actions/code-review:v0.2.3-beta.2
actions/code-review:v0.2.3-beta.1
actions/code-review:v0.2.2
actions/code-review:v0.2.2-beta.10
actions/code-review:v0.2.2-beta.9
actions/code-review:v0.2.2-beta.8
actions/code-review:v0.2.2-beta.7
actions/code-review:v0.2.2-beta.6
actions/code-review:v0.2.2-beta.5
actions/code-review:v0.2.2-beta.4
actions/code-review:v0.2.2-beta.3
actions/code-review:v0.2.2-beta.2
actions/code-review:v0.2.2-beta.1
actions/code-review:v0.2.1
actions/code-review:v0.2.1-beta.4
actions/code-review:v0.2.1-beta.3
actions/code-review:v0.2.1-beta.2
actions/code-review:v0.2.1-beta.1
actions/code-review:v0.2.0
actions/code-review:v0.2.0-beta.1
actions/code-review:v0.1.9
actions/code-review:v0.1.9-beta.1
actions/code-review:v0.1.8
actions/code-review:v0.1.8-beta.1
actions/code-review:v0.1.7
actions/code-review:v0.1.7-beta.5
actions/code-review:v0.1.7-beta.4
actions/code-review:v0.1.7-beta.3
actions/code-review:v0.1.7-beta.2
actions/code-review:v0.1.7-beta.1
actions/code-review:v0.1.6
actions/code-review:v0.1.6-beta.30
actions/code-review:v0.1.6-beta.29
actions/code-review:v0.1.6-beta.28
actions/code-review:v0.1.6-beta.27
actions/code-review:v0.1.6-beta.26
actions/code-review:v0.1.6-beta.25
actions/code-review:v0.1.6-beta.24
actions/code-review:v0.1.6-beta.23
actions/code-review:v0.1.6-beta.22
actions/code-review:v0.1.6-beta.21
actions/code-review:v0.1.6-beta.20
actions/code-review:v0.1.6-beta.19
actions/code-review:v0.1.6-beta.18
actions/code-review:v0.1.6-beta.17
actions/code-review:v0.1.6-beta.16
actions/code-review:v0.1.6-beta.15
actions/code-review:v0.1.6-beta.14
actions/code-review:v0.1.6-beta.13
actions/code-review:v0.1.6-beta.12
actions/code-review:v0.1.6-beta.11
actions/code-review:v0.1.6-beta.10
actions/code-review:v0.1.6-beta.9
actions/code-review:v0.1.6-beta.8
actions/code-review:v0.1.6-beta.7
actions/code-review:v0.1.6-beta.6
actions/code-review:v0.1.6-beta.5
actions/code-review:v0.1.6-beta.4
actions/code-review:v0.1.6-beta.3
actions/code-review:v0.1.6-beta.2
actions/code-review:v0.1.6-beta.1
actions/code-review:v0.1.5
actions/code-review:v0.1.5-beta.1
actions/code-review:v0.1.4
actions/code-review:v0.1.4-beta.3
actions/code-review:v0.1.4-beta.2
actions/code-review:v0.1.4-beta.1
actions/code-review:v0.1.3-beta.1
actions/code-review:v0.1.3
actions/code-review:v0.1.2
actions/code-review:v0.1.2-beta.1
actions/code-review:v0.1.1
actions/code-review:v0.1.1-beta.3
actions/code-review:v0.1.1-beta.2
actions/code-review:v0.1.1-beta.1
actions/code-review:v0.1.0-beta.1
actions/code-review:v0.1.0
actions/code-review:v0.0.9-beta.1
actions/code-review:v0.0.9
actions/code-review:v0.0.8
actions/code-review:v0.0.8-beta.1
actions/code-review:v0.0.7-beta.3
actions/code-review:v0.0.7
actions/code-review:v0.0.7-beta.2
actions/code-review:v0.0.7-beta.1
actions/code-review:v0.0.6
actions/code-review:v0.0.6-beta.2
actions/code-review:v0.0.6-beta.1
actions/code-review:v0.0.5
actions/code-review:v0.0.5-beta.2
actions/code-review:v0.0.5-beta.1
actions/code-review:v0.0.4
actions/code-review:v0.0.4-beta.8
actions/code-review:v0.0.4-beta.7
actions/code-review:v0.0.4-beta.6
actions/code-review:v0.0.4-beta.5
actions/code-review:v0.0.4-beta.4
actions/code-review:v0.0.4-beta.3
actions/code-review:v0.0.4-beta.2
actions/code-review:v0.0.4-beta.1
actions/code-review:v0.0.3
actions/code-review:v0.0.3-beta.2
actions/code-review:v0.0.3-beta.1
actions/code-review:v0.0.2
actions/code-review:v0.0.2-beta.10
actions/code-review:v0.0.2-beta.9
actions/code-review:v0.0.2-beta.8
actions/code-review:v0.0.2-beta.7
actions/code-review:v0.0.2-beta.6
actions/code-review:v0.0.2-beta.5
actions/code-review:v0.0.2-beta.4
actions/code-review:v0.0.2-beta.3
actions/code-review:v0.0.2-beta.2
actions/code-review:v0.0.2-beta.1
actions/code-review:v0.0.1
actions/code-review:v0.0.1-beta.111
actions/code-review:v0.0.1-beta.110
actions/code-review:v0.0.1-beta.109
actions/code-review:v0.0.1-beta.108
actions/code-review:v0.0.1-beta.107
actions/code-review:v0.0.1-beta.106
actions/code-review:v0.0.1-beta.105
actions/code-review:v0.0.1-beta.104
actions/code-review:v0.0.1-beta.103
actions/code-review:v0.0.1-beta.102
actions/code-review:v0.0.1-beta.101
actions/code-review:v0.0.1-beta.100
actions/code-review:v0.0.1-beta.99
actions/code-review:v0.0.1-beta.98
actions/code-review:v0.0.1-beta.97
actions/code-review:v0.0.1-beta.96
actions/code-review:v0.0.1-beta.95
actions/code-review:v0.0.1-beta.94
actions/code-review:v0.0.1-beta.93
actions/code-review:v0.0.1-beta.91
actions/code-review:v0.0.1-beta.92
actions/code-review:v0.0.1-beta.90
actions/code-review:v0.0.1-beta.89
actions/code-review:v0.0.1-beta.88
actions/code-review:v0.0.1-beta.87
actions/code-review:v0.0.1-beta.86
actions/code-review:v0.0.1-beta.85
actions/code-review:v0.0.1-beta.84
actions/code-review:v0.0.1-beta.83
actions/code-review:v0.0.1-beta.82
actions/code-review:v0.0.1-beta.81
actions/code-review:v0.0.1-beta.80
actions/code-review:v0.0.1-beta.79
actions/code-review:v0.0.1-beta.78
actions/code-review:v0.0.1-beta.77
actions/code-review:v0.0.1-beta.76
actions/code-review:v0.0.1-beta.75
actions/code-review:v0.0.1-beta.74
actions/code-review:v0.0.1-beta.73
actions/code-review:v0.0.1-beta.72
actions/code-review:v0.0.1-beta.71
actions/code-review:v0.0.1-beta.70
actions/code-review:v0.0.1-beta.69
actions/code-review:v0.0.1-beta.68
actions/code-review:v0.0.1-beta.67
actions/code-review:v0.0.1-beta.66
actions/code-review:v0.0.1-beta.65
actions/code-review:v0.0.1-beta.64
actions/code-review:v0.0.1-beta.63
actions/code-review:v0.0.1-beta.62
actions/code-review:v0.0.1-beta.61
actions/code-review:v0.0.1-beta.60
actions/code-review:v0.0.1-beta.59
actions/code-review:v0.0.1-beta.58
actions/code-review:v0.0.1-beta.57
actions/code-review:v0.0.1-beta.56
actions/code-review:v0.0.1-beta.55
actions/code-review:v0.0.1-beta.54
actions/code-review:v0.0.1-beta.53
actions/code-review:v0.0.1-beta.52
actions/code-review:v0.0.1-beta.51
actions/code-review:v0.0.1-beta.50
actions/code-review:v0.0.1-beta.49
actions/code-review:v0.0.1-beta.48
actions/code-review:v0.0.1-beta.47
actions/code-review:v0.0.1-beta.46
actions/code-review:v0.0.1-beta.45
actions/code-review:v0.0.1-beta.44
actions/code-review:v0.0.1-beta.43
actions/code-review:v0.0.1-beta.42
actions/code-review:v0.0.1-beta.41
actions/code-review:v0.0.1-beta.40
actions/code-review:v0.0.1-beta.39
actions/code-review:v0.0.1-beta.38
actions/code-review:v0.0.1-beta.37
actions/code-review:v0.0.1-beta.36
actions/code-review:v0.0.1-beta.35
actions/code-review:v0.0.1-beta.34
actions/code-review:v0.0.1-beta.33
actions/code-review:v0.0.1-beta.32
actions/code-review:v0.0.1-beta.31
actions/code-review:v0.0.1-beta.30
actions/code-review:v0.0.1-beta.29
actions/code-review:v0.0.1-beta.28
actions/code-review:v0.0.1-beta.27
actions/code-review:v0.0.1-beta.26
actions/code-review:v0.0.1-beta.25
actions/code-review:v0.0.1-beta.24
actions/code-review:v0.0.1-beta.23
actions/code-review:v0.0.1-beta.22
actions/code-review:v0.0.1-beta.21
actions/code-review:v0.0.1-beta.20
actions/code-review:v0.0.1-beta.19
actions/code-review:v0.0.1-beta.18
actions/code-review:v0.0.1-beta.17
actions/code-review:v0.0.1-beta.16
actions/code-review:v0.0.1-beta.15
actions/code-review:v0.0.1-beta.14
actions/code-review:v0.0.1-beta.13
actions/code-review:v0.0.1-beta.12
actions/code-review:v0.0.1-beta.11
actions/code-review:v0.0.1-beta.10
actions/code-review:v0.0.1-beta.9
actions/code-review:v0.0.1-beta.8
actions/code-review:v0.0.1-beta.7
actions/code-review:v0.0.1-beta.6
actions/code-review:v0.0.1-beta.5
actions/code-review:v0.0.1-beta.4
actions/code-review:v0.0.1-beta.3
actions/code-review:v0.0.1-beta.2
actions/code-review:v0.0.1-beta.1
2 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Jeffery
|
33f1291a0f |
chore: triage preflight TLS finding 為誤報並寫入 exclusions
Maya critical(app/preflight.js:107):verifyLLM 的 axios.post 未帶 httpsAgent,認為 GITEA_SKIP_TLS_VERIFY 未套用到 LLM 請求。 判定為誤報並移入 exclusions: - GITEA_SKIP_TLS_VERIFY 為 Gitea 端(內網自簽憑證)專用設定,外部 LLM 服務(Gemini/OpenAI/Claude)應維持 TLS 驗證,套用此 flag 屬安全降級 - 與既有 app/llm.js 排除一致(已刻意移除 rejectUnauthorized:false 還原 TLS 驗證) findings.json 清空(已排除)。 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|
AI Review Bot
|
cedcb04424 | chore: update ai-review findings [ai-review-bot][failure] |
1 changed files with 5 additions and 0 deletions
@@ -376,5 +376,10 @@
|
|||||||
"role": "Aria",
|
"role": "Aria",
|
||||||
"location": "app/preflight.js:30",
|
"location": "app/preflight.js:30",
|
||||||
"suggestion": "在 `checkRequiredEnv`、`verifyGiteaToken` 和 `verifyCommentToken` 等函式中,預設參數直接引用了從 `config.js` 匯入的常數。雖然這在功能上可行,但為了提高程式碼的清晰度和一致性,建議考慮以下兩種方式之一:1. 將所有配置值作為明確的參數從呼叫端傳入。2. 讓函式直接從 `config.js` 模組中讀取這些值,而不是透過預設參數。"
|
"suggestion": "在 `checkRequiredEnv`、`verifyGiteaToken` 和 `verifyCommentToken` 等函式中,預設參數直接引用了從 `config.js` 匯入的常數。雖然這在功能上可行,但為了提高程式碼的清晰度和一致性,建議考慮以下兩種方式之一:1. 將所有配置值作為明確的參數從呼叫端傳入。2. 讓函式直接從 `config.js` 模組中讀取這些值,而不是透過預設參數。"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"role": "Maya",
|
||||||
|
"location": "app/preflight.js:107",
|
||||||
|
"suggestion": "在 `verifyLLM` 函數中,呼叫 `axios.post` 時缺少 `httpsAgent` 選項。這會導致即使設定了 `GITEA_SKIP_TLS_VERIFY`,LLM 的 API 請求仍可能因 TLS 憑證問題而失敗。請將 `httpsAgent` 傳遞給 `axios.post` 的選項物件,例如:`await axios.post(`${base}/chat/completions`, payload, { headers, timeout: 30000, httpsAgent });`"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.