Skip to content

Improve copilot instructions#3575

Merged
fmacleal merged 1 commit into
masterfrom
is/improve-copilot-instructions
Jun 19, 2026
Merged

Improve copilot instructions#3575
fmacleal merged 1 commit into
masterfrom
is/improve-copilot-instructions

Conversation

@italo-sampaio

Copy link
Copy Markdown
Collaborator

Adds targeted guidance to .github/copilot-instructions.md so the Copilot reviewer (and any agent that follows the file) stops producing confident-but-wrong findings on topics the file was previously silent about. Documentation/process only — no code changes. Four additions:

  • Versioning and release tags (new section): documents that releases are tagged CODENAME-X.Y.Z, the modifier field is that codename and is non-empty on every release tag, and that an empty modifier/SNAPSHOT is a development/local-build state only. The existing fatJar empty-modifier note now points here.
  • Containerized build and reproducible builds (new section): names /Dockerfile as the canonical container build and documents its established gpg --verify --output SHA256SUMS SHA256SUMS.asc && sha256sum --check SHA256SUMS verification of configure.sh, so it isn't flagged as broken; notes the .github/reproducible-build/ templates mirror it and should change together with /Dockerfile.
  • Two PR review priorities bullets: "Ground claims of breakage in observation" and "Review the change holistically" (don't flag a branch an earlier guard already makes unreachable).
  • A scoping caveat under Trust these instructions: for review correctness the "trust, don't explore" bias flips — a claim that existing code is defective must be backed by direct observation, not inferred from the document's silence.

Motivation and Context

While reviewing #3573 (the reproducible-build CI workflow), the Copilot reviewer raised a cluster of confident but incorrect findings:

  • that GA releases can have an empty modifier and the workflow would reject valid tags / render 9.0.3- — but the modifier is the network-upgrade codename and is always present on a release tag;
  • that the Dockerfile's gpg --verify --output … chain was broken and would never create the checksum file — but that is the exact pattern the repo's own /Dockerfile uses to build and ship every release.

Each miss traced back to the instructions being silent on that domain, so the reviewer filled the gap from general training knowledge and asserted it confidently. This change encodes the missing domain facts (release-tag/modifier convention, the canonical container-build verification pattern) plus a verify-before-claiming principle, so the same gaps don't keep generating noise on future PRs.

How Has This Been Tested?

Documentation only — no build or runtime behaviour changes. The added facts were verified directly against the repository.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • Tests for the changes have been added (for bug fixes / features)
  • Requires Activation Code (Hard Fork)

Close some gaps that let the Copilot reviewer raise confident-but-wrong
findings when the instructions are silent on a domain.
Copilot AI review requested due to automatic review settings June 18, 2026 21:32
@github-actions

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the repository’s Copilot reviewer guidance (.github/copilot-instructions.md) to reduce confident-but-incorrect review findings by documenting RSKj-specific release/versioning conventions, the canonical container build verification pattern, and a verify-before-asserting-breakage review approach.

Changes:

  • Adds a Versioning and release tags section describing the repo’s tag/version conventions and how version.properties maps into artifact versions.
  • Adds a Containerized build and reproducible builds section documenting /Dockerfile as the canonical container build and its established gpg --verify --output ... && sha256sum --check ... verification pattern.
  • Adds PR-review guidance bullets emphasizing observed evidence for breakage claims and holistic diff review, plus a scoping caveat under “Trust these instructions”.


`/Dockerfile` is the canonical container build for the node and the reference for "how RSKj is built in a container". It bootstraps with `./configure.sh` and verifies that script against a signed checksum with `gpg --verify --output SHA256SUMS SHA256SUMS.asc && sha256sum --check SHA256SUMS` (`SHA256SUMS.asc` is a cleartext-signed file; `--output` extracts the payload and the `&&` chain gates the build on a good signature). This exact pattern is established and working — do **not** flag it as broken or claim the output file "is never created".

The workflow and templates under `.github/reproducible-build/` exist to **mirror** `/Dockerfile` for a published tag, so prefer consistency with `/Dockerfile` over alternative idioms; any change to the verify/build sequence should be made in `/Dockerfile` and the templates **together**, not in one alone. Before flagging a shell or Docker idiom here as incorrect, confirm it is not already the established, working pattern in `/Dockerfile`, `build_and_test.yml`, or `lint-java-code.yml`.

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice catch, but it will be present once this lands: #3573

@sonarqubecloud

Copy link
Copy Markdown

@fmacleal fmacleal left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@fmacleal fmacleal merged commit 791caab into master Jun 19, 2026
14 checks passed
@italo-sampaio italo-sampaio deleted the is/improve-copilot-instructions branch June 24, 2026 16:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants