Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ review dimension using category as the key:
|----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| correctness | `logic-error`, `nil-deref`, `off-by-one`, `edge-case`, `api-contract`, `missing-test`, `test-inadequate`, `pattern-violation`, `test-weakened`, `test-removed`, `mock-loosened`, `assertion-weakened`, `coverage-reduced`, `test-poisoning`, `split-payload`, `stale-reference` |
| security | `auth-bypass`, `rbac-violation`, `data-exposure`, `privilege-escalation`, `injection-vuln`, `sandbox-escape`, `xss`, `ssrf`, `insecure-deserialization`, `prompt-injection`, `unicode-steganography`, `bidi-override`, `homoglyph-attack`, `instruction-smuggling`, `fail-open`, `permission-expansion`, `permission-reduction`, `role-escalation`, `workflow-permission`, `secret-exposure` |
| intent-coherence | `scope-exceeded`, `tier-mismatch`, `unauthorized-change`, `scope-creep`, `missing-authorization`, `misleading-label`, `design-direction`, `complexity-ratio`, `misplaced-abstraction`, `architectural-conflict`, `design-smell`, `over-engineering`, `under-engineering` |
| intent-coherence | `scope-exceeded`, `tier-mismatch`, `unauthorized-change`, `scope-creep`, `missing-authorization`, `misleading-label`, `design-direction`, `complexity-ratio`, `misplaced-abstraction`, `architectural-conflict`, `design-smell`, `over-engineering`, `under-engineering`, `spec-change` |
| style-conventions | `naming-convention`, `error-handling-idiom`, `api-shape`, `code-organization`, `doc-style`, `pattern-inconsistency` |
| docs-currency | `stale-doc`, `missing-doc`, `incorrect-doc`, `incomplete-doc` |
| cross-repo-contracts | `breaking-api`, `breaking-schema`, `breaking-config`, `breaking-cli`, `missing-deprecation`, `missing-version-bump`, `backward-incompatible` |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,40 @@ Calibrate investigation to the diff size and nature.
scope. If there is no linked issue, flag a `missing-authorization`
finding — non-trivial changes require explicit authorization.

## Resolving conflicts between linked issue and design specs

When the linked issue explicitly authorizes behavior that deviates from
an existing design spec, ADR, or AGENTS.md guidance, the issue represents
the current decision — the spec represents the prior state. Do not flag
this as scope creep or an architectural violation.

Instead, raise a `spec-change` finding noting which spec the issue's
decision supersedes. If the PR does not include updates to the affected
spec (or a new ADR superseding it), flag this as a medium-severity
`spec-change` finding — the PR should land with in-repo documentation
consistent with the new behavior. If the PR does update the spec, emit
the `spec-change` finding at info level for transparency. Reserve
`scope-creep` findings for changes that go beyond what the linked issue
authorized.

To distinguish the two cases:

- **Issue-authorized deviation:** The linked issue describes changing
behavior that a spec documents. The PR implements what the issue asks
for. This is not scope creep — the issue is the newer decision. Emit
a `spec-change` finding identifying the affected spec. If the PR
updates the spec to match, use info severity. If the spec is not
updated in the PR, use medium severity so the author adds the update
before merging.
- **Unauthorized deviation:** The PR changes behavior beyond what the
linked issue describes, whether or not a spec covers that behavior.
This is scope creep. Flag it at the appropriate severity.

When the issue references a spec indirectly (e.g., "change the uninstall
behavior" without naming the spec), still treat the issue as authoritative
for the behavior it describes. The `spec-change` finding should identify
which spec is affected so the PR can include the necessary updates.

## Revert PR authorization

A PR is a candidate revert if **at least two** of the following signals
Expand Down
Loading