Commit Graph

8 Commits

Author SHA1 Message Date
Shunsuke Hayashi
319d65ccd3 refactor(lint): fix lint errors - unused imports and variables
- Add *.d.ts to oxlint ignore patterns
- Remove unused imports from test files
- Prefix unused variables with underscore
- Fix floating promises with void operator

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 13:13:29 +09:00
Shunsuke Hayashi
4d4a478758 fix(lint): resolve more ESLint errors for unused variables/imports
- Remove unused imports in test files (manager.test.ts, discord-reply.test.ts)
- Remove unused ThetaPhase import in session/types.ts
- Change unused expiresAt to _expiresAt in session/recovery.ts
- Change unused SEARCH_PROVIDERS to _SEARCH_PROVIDERS in web-search.js
- Remove unused catch parameter _error in codex-reviewer.ts
- Clean up agent-flow.test.ts and githubops.test.ts imports

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 13:02:09 +09:00
Shunsuke Hayashi
4ec77dc3f4 fix(lint): resolve ESLint errors for unused variables
- Change unused catch parameter to _error in codex-reviewer.ts
- Remove unused ArtifactFilter import in artifacts/manager.ts
- Change unused error parameter to _error in session/recovery.ts
- Remove unused saveState import in session/manager.test.ts
- Convert unknown error to string in githubops.test.ts template literal

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 12:43:15 +09:00
Shunsuke Hayashi
3c63ee1d6d fix(review): P1-9, P1-10, P2-1 from Codex review Phase 3.5
- P1-9: Add sentinel markers to separate Codex output from previous tmux content
- P1-10: Wait for end marker detection instead of fixed timeout (supports long-running reviews)
- P2-1: Fix ESM import - replace require() with proper node: imports
2026-01-26 07:54:43 +09:00
Shunsuke Hayashi
ca57901c2d fix(response, review): fix P1-6, P1-7, P1-8 from Codex review
- P1-6: Add threadId support to Discord reply (use threadId as target channel)
- P1-7: Handle long input (>4000 chars) with temp files
- P1-8: Capture tmux output with capture-pane instead of send-keys stdout
2026-01-26 07:39:14 +09:00
Shunsuke Hayashi
da1c5b26e0 fix(security): fix P0 critical bugs in agent selection and command injection
P0-1: Fix Agent Selection Bug (decide.ts)
- Move wildcard agent (conductor) to end of AVAILABLE_AGENTS array
- Update selectAgent() to prioritize specific intents over wildcard
- Previously, wildcard matched first, causing all intents to select conductor

P0-2: Fix Command Injection Vulnerability (codex-reviewer.ts)
- Add escapeShellString() function to sanitize user content
- Escape backslashes, quotes, $, backticks, newlines, carriage returns
- Apply escaping in execTmux() and buildCodexCommand()
- Previously, unescaped user content could execute arbitrary shell commands

Security: Prevents attackers from injecting malicious commands via
user-controlled content (code review input) that gets passed to tmux.
2026-01-26 07:25:36 +09:00
Shunsuke Hayashi
68a9b16c2b fix(response): resolve TypeScript compilation errors
- Add @aws-sdk/client-dynamodb dependency
- Remove non-existent LINE integration (line-reply.ts)
- Change ResponseFormat from enum to const object for type safety
- Fix Discord API imports - use inline types instead of non-existent exports
- Add CreateTableCommand import to artifacts/manager.ts
- Add tmuxTarget property to ReviewOptions
- Remove TimeToLiveSpecification from CreateTable (TTL configured separately)
- Fix timestamp type conversion in createDiscordReply

This resolves build errors when running the clawdbot command.
2026-01-26 07:16:59 +09:00
Shunsuke Hayashi
522e2a1310 feat(review): add Codex review integration via tmux
Implement automated code review using Codex:

- src/review/types.ts: Core type definitions
  * CodexReview with score, issues, suggestions
  * ReviewRequest, ReviewResult interfaces
  * ReviewScore (0-1 scale for overall/accuracy/style/security)
- src/review/codex-reviewer.ts: Codex execution via tmux
  * runCodexReview() - Execute Codex via MacBook tmux (%2)
  * parseCodexOutput() - Parse Codex JSON/Markdown output
  * evaluateReview() - Check against threshold (default: 0.8)
  * formatReview() - Convert to Markdown/JSON
  * createReviewRequest() - Build review request
  * detectLanguage() - Auto-detect from code patterns
- src/review/codex-reviewer.test.ts: Unit tests (skeleton)
- src/review/index.ts: Module exports

Features:
- tmux send-keys for Codex execution (target: %2 for Kaede)
- Score-based approval (0.8+ = approved)
- Critical issue auto-rejection
- Multi-language detection (TS, Python, Rust)
- Markdown/JSON formatted output

Co-Authored-By: Claude <noreply@anthropic.com>
2026-01-26 07:01:43 +09:00