Harden LLM role/task alignment and PR review feedback discovery #169
No Reviewers
Labels
Clear labels
allocator
anti-stomp
architecture
bug
chore
codex
concurrency
contamination
control-plane
dashboard
database
design
documentation
enhancement
gitea
glitchtip
important
incident
incident-bridge
integration
jenkins
labels
leases
mcp
mcp-health
mcp-menu
multi-project
mutating
nice-to-have
observability
portability
preflight
protected-branch
queue
read-only
reconnect
recovery
refactor
release
reliability
resumable-review
reviewer
roadmap
safety
security
self-hosted
sentry
stale-runtime
status:blocked
status:in-progress
status:pr-open
status:ready
terminal-lock
testing
tracker
type:bug
type:feature
type:feature
type:guardrail
visibility
workflow
workflow-hardening
workflow-hardening
Controller-owned work allocator
Prevent concurrent LLM session stomping
Architecture / structural design
OpenAI Codex client / workflow session surface
Concurrent session safety
Workflow or session contamination incident
MCP control-plane coordination and allocation authority
MCP operational dashboard/queue view
Internal coordination storage (SQLite/Postgres)
Design / investigation, no implementation
Docs / runbooks
New feature or improvement
Gitea MCP workflow
GlitchTip integration
Operational or process incident requiring durable audit trail
Sentry-to-Gitea incident bridging
Integration testing
Jenkins integration
Label taxonomy management
Lease adopt/release/expire lifecycle
MCP server / tooling
MCP namespace and runtime health
MCP menu surface
Work spanning multiple monitoring projects or Gitea repos
Mutating action; requires gating
Observability, metrics, traces, error reporting
Cross-platform / portability
Shared preflight gates before mutation
Protected branch / stable-branch policy concern
Work queue visibility and allocation
Read-only, no mutation
MCP client reconnect/reload recovery path
Recovery paths for stale/foreign leases
Code refactor / restructure
Release / versioning
Reliability / failure handling
Persist and resume prepared review verdicts across sessions
Reviewer workflow tooling
Roadmap / umbrella issue
Safety rails and fail-closed mutation guards
Security / trust boundary
Self-hosted infrastructure integration
Sentry error monitoring integration
Stale backend daemon / runtime-vs-master parity failures
Issue is blocked
Issue is being worked on
Issue has an open pull request
Issue is ready for work
Terminal review lock (#332) path
Tests / test coverage
Issue tracker hygiene / meta
Bug or defect
Feature or enhancement
Feature or enhancement
Safety gate or guardrail
Workflow state visibility for LLMs/operators
Cross-tool workflow
LLM workflow coordination hardening
LLM workflow coordination hardening
No labels
Milestone
No items
No Milestone
Projects
Clear projects
No projects
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Scaled-Tech-Consulting/Gitea-Tools#169
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Summary
gitea_get_pr_review_feedbackreads Gitea's formal review endpoints (GET /pulls/{n}+GET /pulls/{n}/reviews) so LLMs never infer review state from issue comments. Reports each submitted review (reviewer, verdict, redacted body, timestamp, reviewed head SHA, dismissed, stale),latest_review_state_by_reviewer(PENDING drafts and COMMENT reviews never drive verdict state),has_blocking_change_requests(dismissed reviews do not block),approval_visible,current_head_shavslatest_reviewed_head_sha,review_feedback_stale, andauthor_pushed_after_request_changes. COMMENT reviews never advance the reviewed-head marker, so a drive-by comment on the current head cannot mask a stale REQUEST_CHANGES.gitea.read; a permission block returnsfeedback_not_attempted: truewith reasons and a structured #142permission_reportand makes zero API calls — deliberately distinct from a successful "no reviews yet" result.gitea_resolve_task_capabilitynow returnsstop_requiredandtask_role_guidance, and gains a distinct author taskaddress_pr_change_requests(requiresgitea.branch.push). A review/merge task under an author profile gets explicit STOP guidance (no author-side commits/pushes/edits/comments unless the operator re-tasks); author-side remediation is explicitly barred from review verdicts and merges. All changes additive; no permission broadened;gitea.pr.commentstill does not implygitea.issue.comment.build_validation_reporthelper distinguishespassed/failed/skipped/not-run, requires the exact output for failures, rejects vague statuses (fail closed), and reportsfull_suite_passedas a strict tri-state so full-suite success is never implied.docs/llm-workflow-runbooks.mdgains three sections — a task/role alignment table (review PR / address change requests / merge / comment on issue / comment on PR / author implementation, each with required identity, allowed/forbidden actions, and stop conditions), MCP-native review feedback discovery, and validation reporting discipline.tests/test_review_feedback.py(24 tests) covers discovery, per-reviewer latest state, staleness after new commits, COMMENT-masking prevention, dismissed REQUEST_CHANGES/APPROVED handling, PENDING exclusion, body redaction, URL hiding without the reveal opt-in, fail-closed gating with zero API calls, role guards for author and reviewer profiles, and validation report semantics.Safety
Validation
python3 -m py_compile mcp_server.py tests/*.py— passed.venv/bin/python3 -m unittest tests.test_review_feedback— passed (24 tests).venv/bin/python3 -m unittest discover -s tests— passed (626 tests, OK).git diff --check— passed (clean).Closes #167
APPROVE at head
a4060c59cc.Reviewed against issue #167 requirements (all six covered):
Gate integrity: diff is purely additive (0 deletions in mcp_server.py); existing review/merge/comment gates untouched; new tool requires gitea.read and fails closed with zero API calls on a permission block; bodies redacted; endpoint URLs only behind GITEA_MCP_REVEAL_ENDPOINTS.
Validation at pinned head: local checkout ==
a4060c5exactly; tests/test_review_feedback.py 24 passed; full suite 633 passed / 6 skipped; python3 -m py_compile mcp_server.py clean; git diff --check clean; secret sweep clean (matches are synthetic test fixtures only).Scope note for the record: PR #169 implements issue #167. It does NOT address the mcp-control-plane #66 comment-2817 blocker (PR #168 missing tests for the five issue-#166 Requirement-5 conflict/staleness scenarios); no tests matching those scenarios exist on this head. That remains an open follow-up against merged #168, tracked separately.
Reviewed by sysadmin/prgs-reviewer; author jcwalker3.