Conversation
All file reads/writes are from controlled paths (.beads/, .git/, or git root).
Add #nosec comments to suppress G304 and G204 warnings.
- cmd/bd/doctor.go:664 - ReadFile from .beads/config.yaml
- cmd/bd/main.go:645 - ReadFile from .beads/{issues,beads}.jsonl
- cmd/bd/doctor/fix/database_config.go:166 - ReadFile from git root .gitattributes
- cmd/bd/doctor/fix/untracked.go:61 - exec Command with whitelisted JSONL files
|
Caution Review failedThe pull request is closed. WalkthroughSecurity linter suppression directives (nosec comments) were added across multiple files to address gosec warnings for file path operations. A tracking issue was created, and a working log was documented. No functional logic was modified. Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~8 minutes
Poem
✨ Finishing touches
🧪 Generate unit tests (beta)
📜 Recent review detailsConfiguration used: CodeRabbit UI Review profile: CHILL Plan: Pro 📒 Files selected for processing (6)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
maphew
pushed a commit
that referenced
this pull request
Jan 21, 2026
/{cmd,internal}: get dolt backend init working and allow issue creation
maphew
pushed a commit
that referenced
this pull request
Feb 2, 2026
P0 #1: Conflict detection now happens BEFORE push to prevent data loss. Previously: Pull -> Push -> Detect conflicts (wrong - conflicts overwritten) Now: Pull -> Detect conflicts -> Push (skip conflicting issues) P0 #2: Added SyncContext struct for thread-safe sync operations. - SyncContext holds store, actor, dbPath, issueIDCounter - WithContext variants of all sync functions - globalContextIDCounter for cross-context uniqueness - Enables concurrent sync operations without race conditions Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Executed-By: beads/crew/emma Rig: beads Role: crew
maphew
pushed a commit
that referenced
this pull request
Feb 6, 2026
Add atomic transaction counter to track active transactions and ensure reconnect() waits for in-flight transactions to complete. This prevents data loss when the database file is replaced during an active write. Security fixes from SECURITY_AUDIT.md: - Issue #2: Reconnect closing connection while transaction is active - Issue #5: Daemon crash leaving stale lock files Changes: - Add activeTxCount atomic counter to SQLiteStorage struct - Update RunInTransaction to increment/decrement counter - Update reconnect() to wait for active transactions with timeout - Add exponential backoff retry for BEGIN IMMEDIATE - Improve daemon lock file cleanup on normal shutdown - Add flock-based stale lock detection Comprehensive race condition tests: - store_race_test.go: SQLite store concurrency - daemon_lock_race_test.go: Daemon lifecycle and lock handling Co-Authored-By: SageOx <ox@sageox.ai>
maphew
added a commit
that referenced
this pull request
Apr 13, 2026
…ect support Addresses review item #2: _find_beads_project duplicated the upward directory walk but skipped .beads/redirect handling. Now delegates to _find_beads_db_in_tree, inheriting redirect, symlink, and all backend detection for free. Amp-Thread-ID: https://ampcode.com/threads/T-019d84e2-3a96-7263-a399-c3b2cc0ba6bb Co-authored-by: Amp <amp@ampcode.com>
maphew
added a commit
that referenced
this pull request
Apr 13, 2026
gastownhall#3207) * fix(mcp): detect Dolt-backed projects in workspace discovery (GH#2997) The MCP `context()` tool reported "Database: Not found" for embedded Dolt projects because `_find_beads_db()` and `_find_beads_db_in_tree()` only globbed for `*.db` files. Embedded Dolt projects keep their data under `.beads/embeddeddolt/` and declare the backend in `.beads/metadata.json` — there is no `*.db` file to find. Adds `_has_beads_project_files()` mirroring Go's `hasBeadsProjectFiles` (metadata.json, config.yaml, dolt/, embeddeddolt/, or non-backup *.db). Both Python discovery functions (and `.beads/redirect` validation) now use this check, so SQLite, embedded Dolt, and server Dolt projects are all recognized. `context()` now reports the project root and backend when no SQLite db is present, instead of the misleading "Not found". * fix: delegate _find_beads_project to _find_beads_db_in_tree for redirect support Addresses review item #2: _find_beads_project duplicated the upward directory walk but skipped .beads/redirect handling. Now delegates to _find_beads_db_in_tree, inheriting redirect, symlink, and all backend detection for free. Amp-Thread-ID: https://ampcode.com/threads/T-019d84e2-3a96-7263-a399-c3b2cc0ba6bb Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Amp <amp@ampcode.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
All file reads/writes are from controlled paths (.beads/, .git/, or git root).
Add #nosec comments to suppress false-positive G304 and G204 warnings.
Summary by CodeRabbit
✏️ Tip: You can customize this high-level summary in your review settings.