Skip to content

fix(cli): propagate availableDependencies to plan layer (#802 Phase 3 A2-fix-2)#869

Merged
s977043 merged 1 commit into
mainfrom
fix/802-phase3-available-dependencies-propagation
May 21, 2026
Merged

fix(cli): propagate availableDependencies to plan layer (#802 Phase 3 A2-fix-2)#869
s977043 merged 1 commit into
mainfrom
fix/802-phase3-available-dependencies-propagation

Conversation

@s977043

@s977043 s977043 commented May 21, 2026

Copy link
Copy Markdown
Owner

Summary

Close the next item on Codex silent-skip list (follow-up to #865 A2-fix-1): runReviewPlan never forwarded availableDependencies to buildExecutionPlan. The plan layer ignored dependency declarations entirely, which masked the same silent-skip class of bugs that #865 fixed for contexts.

Changes

File What
src/lib/utils.mjs Move resolveAvailableDependencies + dependencyStubs to the shared module
src/lib/local-runner.mjs Import shared helper (legacy call sites unchanged)
src/lib/review-plan.mjs New availableDependencies option, forwarded to buildExecutionPlan
src/cli.mjs Pass parsed.availableDependencies through on the exec path
tests/cli-review-plan.test.mjs 4 new unit tests (null default, explicit arg, env var, stubs)
runners/github-action/dist/ Rebuilt with Node 22.22.2

Behavior

  • Default: null sentinel (= dependency-based skipping disabled, backward-compatible).
  • --dependency code_search,test_runner: forwarded verbatim.
  • RIVER_DEPENDENCY_STUBS=1: enables the default stub set (code_search / test_runner / coverage_report / adr_lookup / repo_metadata / tracing).
  • RIVER_AVAILABLE_DEPENDENCIES=...: parsed and merged when no arg is passed.

Out of scope (remaining silent-skip risks)

Codex flagged:

These should follow the same pattern when their use cases land.

Test plan

  • node --test tests/cli-review-plan.test.mjs (46/46 green, 4 new)
  • npm test (full suite green)
  • markdownlint + prettier green
  • npm run build:action with Node 22.22.2

Follows: #864 (A2-1), #865 (A2-fix-1).

🤖 Generated with Claude Code

… A2-fix-2)

Same silent-skip pattern as A2-fix-1: runReviewPlan never forwarded
`availableDependencies` to buildExecutionPlan, so any skill that declared
a dependency (e.g. `code_search`, `test_runner`) was always selectable
regardless of whether the dependency was actually wired in the runtime.

What changed
- Move resolveAvailableDependencies + dependencyStubs to src/lib/utils.mjs
  so the helper is now shared between local-runner and review-plan
  (mirrors the A2-fix-1 split of resolveAvailableContexts).
- runReviewPlan accepts a new availableDependencies option and forwards
  the resolved value (or null = disabled sentinel) to buildExecutionPlan.
- CLI passes parsed.availableDependencies through so `--dependency` and
  RIVER_AVAILABLE_DEPENDENCIES / RIVER_DEPENDENCY_STUBS=1 work on the
  exec path.
- 4 new unit tests cover null default, explicit arg, env var, and stubs.
- runners/github-action/dist rebuilt with Node 22.22.2.

Out of scope (Codex silent-skip list, follow-ups remaining):
- fileTypes / relatedADRs / reviewMode propagation
- --plan replay context-snapshot drift

Follows: #864 (A2-1) and #865 (A2-fix-1).

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
@vercel

vercel Bot commented May 21, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
ai-review-kit Ready Ready Preview, Comment May 21, 2026 9:17pm

@github-actions

Copy link
Copy Markdown
Contributor

River Reviewer

  • フェーズ: midstream
  • LLM: skipped (dry-run enabled)
  • Planner: off
  • Impact tags: javascript, observability, reliability, tests
  • 変更ファイル数: 9
  • トークン見積もり: 1228040

選択されたスキル (1)

  • rr-midstream-logging-observability-001
スキップされたスキル (82)
  • adversarial-review: routing skill: not an executable review skill
  • river-reviewer-architecture: routing skill: not an executable review skill
  • river-reviewer-code: routing skill: not an executable review skill
  • river-reviewer-performance: routing skill: not an executable review skill
  • river-reviewer-security: routing skill: not an executable review skill
  • river-reviewer-testing: routing skill: not an executable review skill
  • river-reviewer: routing skill: not an executable review skill
  • rr-downstream-review-policy-standard-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-downstream-coverage-gap-001: phase mismatch: downstream !== midstream; missing inputContext: tests
  • rr-downstream-flaky-test-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-downstream-test-existence-001: phase mismatch: downstream !== midstream; missing inputContext: tests
  • rr-downstream-test-naming-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-downstream-test-plan-review-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-downstream-test-review-sample-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-a11y-accessible-name-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-nextjs-app-router-boundary-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-review-policy-standard-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-agent-skill-bridge-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-api-compatibility-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-config-json-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-gh-address-comments-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-hello-skill-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-i18n-unused-key-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-loading-state-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-logic-torturing-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-normalization-consistency-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-nullability-contract-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-review-automation-boundary-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-review-comment-triage-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-security-basic-001: applyTo did not match any changed file
  • rr-midstream-suppression-feedback-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-type-driven-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-typescript-nullcheck-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-typescript-strict-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-war-game-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-code-quality-sample-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-review-policy-standard-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-nextjs-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-php-laravel-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-react-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-remix-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-unit-python-pytest-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-unit-ts-jest-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-vue-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-adr-decision-quality-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-api-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-api-versioning-compat-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-boundaries-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-diagrams-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-risk-register-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-traceability-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-validation-plan-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-availability-architecture-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-bounded-context-language-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-cache-strategy-consistency-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-capacity-cost-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-change-communication-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-context-budget-tuning-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-create-plan-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-data-flow-state-ownership-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-data-model-db-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-dr-multiregion-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-eval-driven-skill-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-event-driven-semantics-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-external-dependencies-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-failure-modes-observability-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-integration-contracts-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-migration-rollout-rollback-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-multitenancy-isolation-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-openapi-contract-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-operability-slo-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-exec-conformance-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-gc-deterministic-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-plan-integrity-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-rule-promotion-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-verification-audit-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-pr-template-qa-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-pre-mortem-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-requirements-acceptance-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-security-privacy-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-trust-boundaries-authz-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-sample-001: dry-run: LLM必須スキル(ヒューリスティック未対応)

優先度サマリー

  • P1 (must fix before merge): 0 件
  • P2 (should fix or waive): 0 件
  • P3 (recommended improvement): 0 件
  • P4 (informational): 0 件

スコア (参考値)

結果(スコア): 100/100
判定: auto-approve

内訳:

  • 可読性: 100/100
  • 拡張性: 100/100
  • パフォーマンス: 100/100
  • セキュリティ: 100/100
  • 保守性: 100/100

スコアは severity と axis から決定論的に算出された 参考値 (derived: true)。HITL レビューと併用してください。

指摘

No findings.

@github-actions

Copy link
Copy Markdown
Contributor

PlanGate Review

  • decision: pass
  • plan status: skipped-by-label
  • exec status: skipped-by-label

PlanGate review decision: pass

severity count policy
critical 0 fail
major 0 fail-if-required / warn
minor 0 comment-only
info 0 skipped

ポリシー: critical=fail / major=fail-if-required (warn) / minor=comment-only / info=skipped — spec: pages/reference/cli-review-plan-spec.md

@s977043 s977043 merged commit 40a01bb into main May 21, 2026
16 checks passed
@s977043 s977043 deleted the fix/802-phase3-available-dependencies-propagation branch May 21, 2026 21:21

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

このプルリクエストは、runReviewPlan 関数および CLI に availableDependencies オプションを導入し、依存関係に基づくスキルのスキップ機能を実装するものです。また、resolveAvailableDependencies ヘルパーを src/lib/utils.mjs に集約して共有化し、テストコードを拡充しました。レビューでは、依存関係リストが空([])の場合に環境変数へフォールバックされる現在のロジックを改善し、明示的な空リストを正しく処理するための修正が提案されています。

Comment thread src/lib/utils.mjs
Comment on lines +85 to +87
if (inputDependencies?.length) return [...new Set(inputDependencies)];
if (envDeps.length) return [...new Set(envDeps)];
if (stubEnabled) return [...dependencyStubs];

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The current implementation conflates an empty dependency list ([]) with a missing one (null/undefined). If a user explicitly provides an empty list (e.g., via --dependency ""), inputDependencies?.length evaluates to 0 (falsy), causing the function to fall back to environment variables or return null.

In the planning layer, null is the sentinel that disables dependency-based skipping (meaning no skills are skipped due to missing dependencies). However, an explicit empty list should likely enable skipping for all skills that declare dependencies, as none of them are available.

To allow users to explicitly override environment variables with an empty list, consider checking for non-nullity instead of length.

Suggested change
if (inputDependencies?.length) return [...new Set(inputDependencies)];
if (envDeps.length) return [...new Set(envDeps)];
if (stubEnabled) return [...dependencyStubs];
if (inputDependencies) return [...new Set(inputDependencies)];
if (envDeps.length) return [...new Set(envDeps)];
if (stubEnabled) return [...dependencyStubs];

s977043 added a commit that referenced this pull request May 21, 2026
…802 Phase 3 A2-fix-3) (#871)

Continue the Codex silent-skip cleanup after #865 (availableContexts)
and #869 (availableDependencies). The plan layer's
`buildExecutionPlan` already derives fileTypes, relatedADRs, and
reviewMode (review-runner.mjs:212-217), but runReviewPlan never read
them off the plan return and never forwarded them to generateReview.

Impact (silent, no error)
- fileTypes: generateReview's verifier file-phase coherence check fell
  back to "lenient when fileTypes not provided". On exec, phase
  mismatch checks were effectively disabled.
- relatedADRs: ADR cross-references were never injected into the prompt
  on the exec path. Skill outputs lost the "ADR-001 says X" anchors
  that `river run` produced.
- reviewMode: the diff-size-driven context budget preset was always the
  generateReview default rather than the calibrated 'tiny|medium|large'
  the plan layer determined.

Fix
- Pull `plan.fileTypes`, `plan.relatedADRs`, `plan.reviewMode` off the
  buildExecutionPlan return and pass them to generateReview alongside
  the existing diff/plan/phase/config. Optional chaining (`?? undefined`)
  keeps backward-compat: tests that mock buildExecutionPlan with a
  minimal shape continue to work.

Tests
- 2 new unit tests in tests/cli-review-plan.test.mjs cover the forward
  path and the undefined-fallback path.
- runners/github-action/dist rebuilt with Node 22.22.2.

Follows: #864 (A2-1), #865 (A2-fix-1), #869 (A2-fix-2).

Remaining silent-skip risks
- --plan replay context-snapshot drift (deferred to A2-3).

Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
s977043 added a commit that referenced this pull request May 22, 2026
…872)

* docs(troubleshooting): close out silent-skip cleanup through v0.51.1

Codex-recommended docs follow-up after the v0.51.1 release. The
existing troubleshooting page only documented the v0.51.0
availableContexts fix; v0.51.1 closed two more silent-skip failure
modes (#869 availableDependencies, #871 fileTypes/relatedADRs/reviewMode)
that were not yet reflected.

What this adds
- "Skill appears in skippedSkills with reason missing dependency": new
  section describing the v0.51.1 fix and the --dependency /
  RIVER_AVAILABLE_DEPENDENCIES / RIVER_DEPENDENCY_STUBS=1 knobs.
- "Finding output looks generic / missing ADR references": new section
  explaining the three derived-context fields the exec path was
  silently dropping, and confirming the fix is automatic in v0.51.1+.
- "Where the plan layer forwards each context": small reference table
  that maps each forwarded field to the PR / release that wired it.
- "Residual gap: --plan replay does not yet run skills": explicit
  pointer to the remaining #802 A2-3 work so adopters know the boundary
  of v0.51.x.

No code changes.

Follows: #864 (A2-1), #865 (A2-fix-1), #869 (A2-fix-2), #871 (A2-fix-3).

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

* docs: link the #802 issue reference (Gemini PR #872 nit)

Make the introductory mention of #802 a real GitHub link, matching the
style of the residual-gap section. No content change.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

---------

Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
s977043 added a commit that referenced this pull request May 22, 2026
…A2-fix-4) (#877)

The final remaining silent-skip identified by the multi-perspective
session review (Codex + Gemini): runReviewPlan was hard-coding
riskMap: undefined when calling buildExecutionPlan, so the
riskAssessment that buildExecutionPlan would have produced never
appeared on the artifact, and never reached generateReview's prompt
on the exec path.

What changed
- runReviewPlan loads the optional risk map via loadRiskMap (default
  path .river/risk-map.yaml). Missing file => null (no behaviour
  change). Malformed file => ReviewPlanError so it fails loudly
  instead of dropping the risk signal silently.
- The loaded riskMap is forwarded to buildExecutionPlan, which already
  knew how to compute riskAssessment when given a non-null riskMap.
- plan.riskAssessment is forwarded to generateReview alongside
  fileTypes / relatedADRs / reviewMode (the analysis-context bundle
  finalised in A2-fix-3).
- loadRiskMapImpl is injectable so tests can drive the path without a
  fixture file on disk.

Tests
- 5 new unit tests cover happy path forwarding, null sentinel, load
  failure, generateReview hand-off, and the undefined-fallback when
  the plan omits riskAssessment.
- runners/github-action/dist rebuilt with Node 22.22.2.

Silent-skip cleanup status (post-A2-fix-4)
- availableContexts (#865)
- availableDependencies (#869)
- fileTypes / relatedADRs / reviewMode (#871)
- riskAssessment (this PR)
- --plan replay context-snapshot drift is the only remaining item,
  deferred to A2-3.

Multi-perspective review reference
- Codex 86/100: "riskAssessment が runReviewPlan で riskMap: undefined
  固定で実質ドロップ" 指摘
- Gemini 95/100: "riskAssessment の伝播漏れのみが唯一の明確な減点
  対象"
- 両者が独立に同じ点を 6 番目の silent-skip として指摘した。

Follows: #864 (A2-1), #865 (A2-fix-1), #869 (A2-fix-2), #871 (A2-fix-3).

Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant