You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: BOUNTY-POLICY.md
+3-1Lines changed: 3 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -45,7 +45,7 @@ Every bounty PR must include:
45
45
- Test commands and results.
46
46
- Notes for migrations, environment variables, risk, or deployment changes.
47
47
48
-
Maintainers use these labels while reviewing bounty PRs. GitHub Copilot code review should flag missing readiness items and suggest the relevant labels in its review summary, but maintainers apply the labels manually:
48
+
Maintainers use these labels while reviewing bounty PRs. The `Gemini PR review` webhook sends new and updated PRs to the MergeOS reviewer service. That service checks repository star status, evidence, tests, bounty context, and code risk, then comments on the PR with the readiness summary:
49
49
50
50
-`evidence: missing`
51
51
-`evidence: provided`
@@ -54,6 +54,8 @@ Maintainers use these labels while reviewing bounty PRs. GitHub Copilot code rev
54
54
-`bounty: bug`
55
55
-`bounty: feature`
56
56
57
+
GitHub Copilot code review can still flag code-quality and readiness issues when quota is available, but bounty readiness must not depend on Copilot being available.
-`GITHUB_TOKEN`, `GITHUB_OWNER`, `GITHUB_OWNER_TYPE`: backend runtime values for GitHub bounty repo creation and admin PR merge actions
276
276
-`MERGEOS_GITHUB_TOKEN`: Docker Compose and GitHub Actions secret name that maps into backend `GITHUB_TOKEN`; use a personal access token with repo write access, not the automatic GitHub Actions token
277
+
-`GEMINI_API_KEYS`: comma-separated Gemini API key pool for automated PR review round-robin
-`GEMINI_REVIEW_WEBHOOK_SECRET`: GitHub webhook secret used to verify `X-Hub-Signature-256`
280
+
-`GEMINI_REVIEW_MAX_PATCH_BYTES`: max patch context sent to Gemini, default `70000`
277
281
-`GITHUB_APP_ID`, `GITHUB_APP_CLIENT_ID`, `GITHUB_APP_CLIENT_SECRET`: backend runtime values for GitHub App user authorization, login, and MRG wallet linking
278
282
-`MERGEOS_GITHUB_APP_ID`, `MERGEOS_GITHUB_APP_CLIENT_ID`, `MERGEOS_GITHUB_APP_CLIENT_SECRET`: Docker Compose and GitHub Actions secret names that map into the backend runtime values
279
283
-`GITHUB_OAUTH_CLIENT_ID`, `GITHUB_OAUTH_CLIENT_SECRET`: legacy backend aliases still accepted for older OAuth configuration
@@ -292,6 +296,7 @@ Public:
292
296
-`GET /api/public/ledger`
293
297
-`GET /api/public/marketplace`
294
298
-`POST /api/public/repo/issues`
299
+
-`POST /api/integrations/github/pr-review` GitHub webhook receiver for Gemini PR review. Configure GitHub Webhooks with Payload URL `https://uta.mergeos.shop/api/integrations/github/pr-review`, Content type `application/json`, the same secret as `GEMINI_REVIEW_WEBHOOK_SECRET`, and events `Pull requests` plus `Issue comments`.
0 commit comments