Skip to content

Commit 297494b

Browse files
authored
chore(tooling): automate ship review and validation (#2176)
* chore(tooling): automate ship review and validation * refactor(tooling): tighten ship review guidance * fix(tooling): commit ship review fixes before confirmation * fix(tooling): isolate ship review context
1 parent 51199d9 commit 297494b

3 files changed

Lines changed: 47 additions & 41 deletions

File tree

.codex/skills/ship/SKILL.md

Lines changed: 21 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -30,10 +30,12 @@ For browser-observable changes, read and use the available Chrome-control skill.
3030
1. Open a fresh local tab and exercise the golden path.
3131
2. Derive 2–4 edge cases from the diff: boundaries, new conditionals, state transitions, and the exact bug reproduction. Avoid generic cases unrelated to the change.
3232
3. Check browser console and network failures when exposed.
33-
4. Record reviewer-facing steps while testing: URL/view, user action, and observable result. Use these unchanged as unchecked PR manual-test steps.
33+
4. Record completed validation evidence: URL/view, user action, observable result, and console or network status when relevant. Evidence is a record of work already performed, not a checklist for the user.
3434

3535
For changes not observable in the browser, run and record an equivalent CLI or API scenario. Never silently skip this validation record. Re-run the affected scenario after a user-visible fix.
3636

37+
Do not ask the user to repeat validation per PR. The owner's normal daily use of staging is a separate confidence loop, not a merge gate or an itemized acceptance pass.
38+
3739
## 3. Review correctness
3840

3941
Review the full branch diff, not only unstaged files. Look for state/race/cleanup errors, boundaries, keyboard/pointer/scroll/focus regressions, accessibility, security/privacy/auth/data-loss risks, and missing regression coverage.
@@ -58,7 +60,18 @@ Use `codex-simplify-code` on the diff from the base branch. Reduce duplication,
5860
- Revalidate user-visible behavior after behavior-adjacent cleanup.
5961
- Capture what changed, or that no simplification opportunity existed, and justify any retained or new `useEffect`, `useRef`, or `useState` for the PR.
6062

61-
## 6. Final local gate
63+
## 6. Independent review and final local gate
64+
65+
Run a fresh, read-only reviewer agent against the final branch diff after simplification. Spawn it without inherited conversation context (`fork_turns: "none"`) and provide a self-contained task with the worktree path, base ref, task intent, and repository instructions. This review is internal to `ship`: the user should not need another command, approval, or review step.
66+
67+
Give the reviewer the task intent, applicable `AGENTS.md`, and the complete base-to-head diff without the implementation agent's conclusions. Direct it to:
68+
69+
1. Start from changed lines and form concrete risk questions.
70+
2. Narrow with `rg` or file discovery before reading the smallest relevant caller, contract, and test ranges.
71+
3. Report only confirmed, actionable defects with severity, path/line, impact, and supporting evidence; omit style preferences and speculative findings.
72+
4. Cover correctness, regression coverage, performance, accessibility, security/privacy/data loss, simplicity, and maintainability as applicable.
73+
74+
Fix confirmed findings, revalidate them, and commit the review fixes separately with a conventional message before running a fresh confirmation review. Repeat only when a confirmed finding changed the diff. Stop if a fresh reviewer is unavailable, a finding is uncertain, or confidence remains incomplete; do not substitute self-review or hand validation back to the user.
6275

6376
Run checks chosen from the actual diff and repository guidance. At minimum run focused regression tests, affected type checking, and lint; run broader package tests for shared contracts. Use `bun run verify` only after inspecting its selected checks. Confirm the diff and worktree are clean except for intentional, committed work; distinguish new failures from existing warnings.
6477

@@ -73,14 +86,14 @@ Use these sections in order:
7386

7487
## Simplicity
7588

76-
## Manual Testing Steps
77-
- [ ] Reviewer-visible golden-path and diff-derived edge-case steps
89+
## Automated validation
90+
91+
## Independent review
7892

7993
## Test plan
80-
- [x] Commands actually run
8194
```
8295

83-
Write manual steps in user-observable language—never function, variable, or file names. Close the originating issue only when unambiguous.
96+
Under automated validation, record the completed browser, CLI, or API scenarios and their observed results. Under independent review, record the final reviewer result and any confirmed findings fixed. Under test plan, list commands actually run. Do not include manual-testing sections, unchecked boxes, or tasks for the user. Close the originating issue only when unambiguous.
8497

8598
## 8. Monitor CI and feedback
8699

@@ -90,7 +103,7 @@ Inspect unresolved review threads or requested changes. Address actionable feedb
90103

91104
## 9. Squash merge
92105

93-
Merge only when required checks and reviews are satisfied, the PR targets the expected base, and local validation supports confidence. Compass normally squash-merges; use the repository’s observed strategy and delete the remote branch only when normal. Never merge on a guess.
106+
Merge only when required checks and the independent review gate are satisfied, the PR targets the expected base, and local validation supports confidence. Compass normally squash-merges; use the repository’s observed strategy and delete the remote branch only when normal. Never merge on a guess.
94107

95108
## 10. Monitor main release
96109

@@ -100,4 +113,4 @@ Treat tag, publication, deployment, migration, or health-check failures as incid
100113

101114
## Report
102115

103-
Lead with the shipped result. Include the PR and merge result, implementation and simplification commits, local/manual validation, PR CI, post-merge release/deployment result and tag, plus pre-existing warnings or follow-up risks. Emit git directives only for actions that actually succeeded.
116+
Lead with the shipped result. Include the PR and merge result, implementation and simplification commits, automated/browser validation, independent review, PR CI, post-merge release/deployment result and tag, plus pre-existing warnings or follow-up risks. Emit git directives only for actions that actually succeeded.

.github/PULL_REQUEST_TEMPLATE.md

Lines changed: 11 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -2,23 +2,18 @@
22

33
<!-- What changed and why. -->
44

5-
## Test plan
5+
## Simplicity
6+
7+
<!-- What was simplified, or why the implementation is already minimal. -->
8+
9+
## Automated validation
610

7-
<!-- How you verified this: commands run, manual steps, screenshots/recordings. -->
11+
<!-- Completed browser, CLI, or API scenarios and their observed results. -->
812

9-
## Accessibility checklist
13+
## Independent review
1014

11-
Only for UI changes. Skip anything not touched by this PR - see the
12-
"Accessibility Testing" section of
13-
[docs/development/testing-playbook.md](../docs/development/testing-playbook.md)
14-
for what automation already covers.
15+
<!-- Final result from the fresh diff-first reviewer, including confirmed findings fixed. -->
16+
17+
## Test plan
1518

16-
- [ ] Keyboard-only: reached and operated the changed UI with Tab/Shift+Tab
17-
and arrow keys, with a visible focus indicator throughout
18-
- [ ] Exercised dynamic content the changed flow introduces (dialogs, menus,
19-
validation/error states) rather than just the resting page
20-
- [ ] Checked browser zoom/reflow at 200% and 400% if layout changed
21-
- [ ] Checked screen-reader names/announcements (e.g. VoiceOver) if roles,
22-
labels, or live regions changed
23-
- [ ] Checked reduced-motion / forced-colors behavior if this PR touches
24-
animation or relies on color alone
19+
<!-- Commands actually run. Do not add manual tasks or unchecked boxes. -->

docs/development/testing-playbook.md

Lines changed: 15 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -328,7 +328,7 @@ conformance:
328328
| React Testing Library | Roles, accessible names, state, focus, and keyboard behavior | Focused web tests and `bun run test:web` |
329329
| Playwright with axe | Automatically detectable issues in realistic rendered states | `bun run test:a11y`, `bun run verify web`, and E2E CI |
330330
| Targeted browser assertions | Regressions generic rules cannot reliably model, such as transient contrast or focus behavior | The relevant E2E regression test |
331-
| Manual review | Keyboard usability, zoom/reflow, screen-reader experience, and other judgment-based WCAG criteria | Major UI changes and periodic audits |
331+
| Daily staging use and periodic audits | Broad usability regressions and judgment-based WCAG criteria | Once-daily normal use and separately scoped audits, never per-PR checklists |
332332

333333
#### How Axe Coverage Works
334334

@@ -393,7 +393,8 @@ at the call site. Unexplained `incomplete` results seen in this suite today
393393
are `color-contrast` (axe cannot compute a background across an
394394
absolutely-positioned overlap or a CSS gradient, and cannot reliably sample
395395
single-character date-cell text) - these are exactly the states the
396-
datepicker's targeted contrast test and manual review already cover.
396+
datepicker's targeted contrast test covers or periodic accessibility audits
397+
must inspect.
397398

398399
#### Representative Checkpoints
399400

@@ -443,22 +444,18 @@ Test meaningful outcomes such as focus movement, updated `aria-expanded` or
443444
A successful `getByRole` query is useful pressure toward semantic markup, but
444445
it is not an accessibility audit by itself.
445446

446-
#### Manual Review
447+
#### Daily Staging Confidence
447448

448-
For a major UI change, verify the affected flow with:
449+
Once per day, use the accumulated staging build as a normal Compass user. This
450+
is an unstructured product-confidence pass, not a PR checklist: do not replay
451+
individual changes or map observations back to every merged PR. File any
452+
regression observed during normal use as a bug.
449453

450-
- keyboard-only navigation, including visible focus and a logical focus order
451-
- browser zoom and reflow at 200% and 400%
452-
- VoiceOver on macOS for names, roles, state changes, and announcements
453-
- reduced-motion and forced-colors/high-contrast settings when relevant
454-
- a free browser audit such as Accessibility Insights for Web
455-
456-
Record the states reviewed in the PR - `.github/PULL_REQUEST_TEMPLATE.md` has a
457-
short accessibility checklist for exactly the judgment calls automation can't
458-
make (keyboard reach, dynamic content exercised, zoom/reflow, screen-reader
459-
names, reduced-motion/forced-colors). Automated checks passing means no tested
460-
automated violation was found; it does not mean the page conforms to every WCAG
461-
success criterion.
454+
Per-PR confidence comes from automated tests, agent-driven browser validation,
455+
and the independent diff-first review. If those gates cannot establish
456+
correctness, `ship` pauses instead of delegating manual verification to the
457+
owner. Separately scoped accessibility audits can still examine judgment-based
458+
WCAG criteria without becoming a release requirement for each PR.
462459

463460
#### Workflow For UI Changes
464461

@@ -469,7 +466,8 @@ success criterion.
469466
4. Add a targeted browser regression only for behavior the general scan does
470467
not protect.
471468
5. Run `bun run test:web`, `bun run lint`, and `bun run verify web`.
472-
6. For major UI changes, complete and document the relevant manual checks.
469+
6. Record completed agent-driven browser validation in the PR. Do not add
470+
manual tasks; pause `ship` if the behavior cannot be confirmed.
473471

474472
Browser-based accessibility checks are appropriate for CI and pre-push
475473
verification. Keep commit hooks limited to fast static checks so normal commits

0 commit comments

Comments
 (0)