Skip to content

docs(examples): add risk-map.yaml example + adoption guide#896

Merged
s977043 merged 2 commits into
mainfrom
docs/risk-map-example
May 24, 2026
Merged

docs(examples): add risk-map.yaml example + adoption guide#896
s977043 merged 2 commits into
mainfrom
docs/risk-map-example

Conversation

@s977043

@s977043 s977043 commented May 24, 2026

Copy link
Copy Markdown
Owner

Summary

Close item #2 of 3 from Codex's final-pass drift review: docs and guides reference .river/risk-map.yaml but the repo had no concrete example for adopters to copy from. Add one under examples/risk-map/ with a README explaining the three action values and the apply / verify flow.

Contents

File What
examples/risk-map/risk-map.yaml Sample with 10 rules covering all 3 actions (require_human_review / escalate / comment_only) with reason strings
examples/risk-map/README.md Adoption guide pointing at schema, user guide, execution-context-contract, and PR #877
examples/README.md Link to the new directory

Sample rule coverage

Action Patterns
require_human_review src/lib/secret-redactor.mjs, **/*.{key,pem,p12}, .github/workflows/**
escalate src/lib/review-engine.mjs, src/config/**, runners/github-action/dist/**, package.json
comment_only docs/**, pages/**, tests/**, plus defaults.action: comment_only

Validation

End-to-end against the real loadRiskMap + evaluateRisk implementation in src/lib/risk-map.mjs:

loaded ok, rules= 10 defaults= { action: 'comment_only' }
file: src/lib/secret-redactor.mjs → require_human_review (matched rule)
file: src/lib/review-engine.mjs → escalate (matched rule)
file: docs/foo.md → comment_only (matched rule)
file: unknown/path.ts → comment_only (defaults.action)
aggregateAction: require_human_review
escalatedFiles: [src/lib/review-engine.mjs]
humanReviewFiles: [src/lib/secret-redactor.mjs]

Test plan

  • markdownlint + prettier + dashes green
  • npm test (1087/1087)
  • End-to-end load via loadRiskMap + evaluateRisk
  • CI green

Refs: PR #877 (riskAssessment forwarding), Codex final-pass review.

🤖 Generated with Claude Code

Codex's final-pass review (post-25-PR) flagged that docs/guides
reference .river/risk-map.yaml but the repo carries no concrete
example for adopters to copy. Add one under examples/risk-map/ with
a README explaining the three action values and the apply / verify
flow.

Contents
- examples/risk-map/risk-map.yaml — sample with 10 rules covering
  require_human_review (security-sensitive files, credentials, CI
  workflows), escalate (LLM call path, config, action dist,
  package.json), and comment_only (docs, pages, tests). Each rule
  has a reason string so adopters see the intent, not just the
  pattern.
- examples/risk-map/README.md — adoption guide pointing at
  schemas/risk-map.schema.json, the user guide
  pages/guides/repo-wide-review.md, the execution-context-contract
  doc, and PR #877 (riskAssessment forwarding on the exec path).
- examples/README.md — link to the new directory.

The example was validated end-to-end with the real loadRiskMap +
evaluateRisk implementation: 10 rules parse cleanly, sample paths
classify correctly (require_human_review hit on secret-redactor.mjs,
escalate on review-engine.mjs, comment_only on docs/, fall-through
on unknown paths).

No code or runtime change. 1087/1087 tests green.

Refs: #800 (Codex final-pass review item #2 of 3).

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
@vercel

vercel Bot commented May 24, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
ai-review-kit Ready Ready Preview, Comment May 24, 2026 10:21pm

@github-actions

github-actions Bot commented May 24, 2026

Copy link
Copy Markdown
Contributor

River Reviewer

  • フェーズ: midstream
  • LLM: skipped (dry-run enabled)
  • Planner: off
  • Impact tags: none
  • 変更ファイル数: 1
  • トークン見積もり: 636

選択されたスキル (0)

  • none
スキップされたスキル (87)
  • adversarial-review: routing skill: not an executable review skill
  • river-reviewer-architecture: routing skill: not an executable review skill
  • river-reviewer-code: routing skill: not an executable review skill
  • river-reviewer-performance: routing skill: not an executable review skill
  • river-reviewer-security: routing skill: not an executable review skill
  • river-reviewer-testing: routing skill: not an executable review skill
  • river-reviewer: routing skill: not an executable review skill
  • rr-downstream-review-policy-standard-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-downstream-coverage-gap-001: phase mismatch: downstream !== midstream; applyTo did not match any changed file; missing inputContext: tests
  • rr-downstream-flaky-test-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-downstream-test-existence-001: phase mismatch: downstream !== midstream; applyTo did not match any changed file; missing inputContext: tests
  • rr-downstream-test-naming-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-downstream-test-plan-review-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-downstream-test-review-sample-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-a11y-accessible-name-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-modern-web-a11y-interactive-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-modern-web-browser-compat-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-modern-web-performance-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-modern-web-semantic-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-nextjs-app-router-boundary-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-review-policy-standard-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-agent-skill-bridge-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-api-compatibility-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-config-json-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-gh-address-comments-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-hello-skill-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-i18n-unused-key-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-loading-state-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-logging-observability-001: applyTo did not match any changed file
  • rr-midstream-logic-torturing-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-normalization-consistency-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-nullability-contract-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-review-automation-boundary-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-review-comment-triage-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-security-basic-001: applyTo did not match any changed file
  • rr-midstream-suppression-feedback-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-type-driven-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-typescript-nullcheck-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-typescript-strict-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-war-game-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-midstream-code-quality-sample-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-review-policy-standard-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-nextjs-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-php-laravel-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-react-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-remix-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-unit-python-pytest-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-unit-ts-jest-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-test-code-vue-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-adr-decision-quality-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-api-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-api-versioning-compat-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-boundaries-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-diagrams-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-risk-register-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-traceability-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-validation-plan-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-availability-architecture-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-bounded-context-language-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-cache-strategy-consistency-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-capacity-cost-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-change-communication-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-context-budget-tuning-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-create-plan-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-data-flow-state-ownership-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-data-model-db-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-dr-multiregion-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-eval-driven-skill-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-event-driven-semantics-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-external-dependencies-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-failure-modes-observability-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-integration-contracts-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-migration-rollout-rollback-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-multitenancy-isolation-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-openapi-contract-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-operability-slo-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-exec-conformance-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-gc-deterministic-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-plan-integrity-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-rule-promotion-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-plangate-verification-audit-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-pr-template-qa-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-pre-mortem-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-requirements-acceptance-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-security-privacy-design-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-trust-boundaries-authz-001: dry-run: LLM必須スキル(ヒューリスティック未対応)
  • rr-upstream-architecture-sample-001: dry-run: LLM必須スキル(ヒューリスティック未対応)

優先度サマリー

  • P1 (must fix before merge): 0 件

  • P2 (should fix or waive): 1 件

  • P3 (recommended improvement): 0 件

  • P4 (informational): 0 件

  • 抑制済み: 1 件 (主な理由: low_confidence(1))

スコア (参考値)

結果(スコア): 96/100
判定: human-review-recommended

内訳:

  • 可読性: 100/100
  • 拡張性: 100/100
  • パフォーマンス: 100/100
  • セキュリティ: 100/100
  • 保守性: 80/100

スコアは severity と axis から決定論的に算出された 参考値 (derived: true)。HITL レビューと併用してください。

指摘

  • examples/README.md:9
    • Finding: マッチするスキルがなく自動指摘を生成できなかった
    • Evidence: LLM: dry-run enabled
    • Impact: 重要なリスクを見落とす可能性がある
    • Fix: このファイル種別に対応するスキルを追加するか、手動レビューを実施する
    • Severity: warning
    • Confidence: low

1 件の指摘を抑制しました (主な理由: low_confidence(1))

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

このプルリクエストでは、パスごとのリスク分類を可能にする .river/risk-map.yaml のサンプル設定と解説ドキュメントが追加されました。これには comment_onlyescalaterequire_human_review の各アクションの具体例が含まれています。レビューでは、READMEに記載された検証コマンドや jq パスが現在の実装と一致していない点、およびYAMLファイル内の相対リンクが他リポジトリで利用する際に機能しなくなる点について、具体的な修正の指摘が行われています。

Comment thread examples/risk-map/README.md Outdated
1. Copy `examples/risk-map/risk-map.yaml` to `.river/risk-map.yaml` at your repo root.
2. Edit the rules: add patterns that match your security-sensitive files; remove the example patterns that do not apply.
3. Commit. The next `river review exec` run picks it up automatically via `runReviewPlan`'s `loadRiskMap` (#877 wired this through on the exec path).
4. To verify the loaded map: run `river review exec --debug --output json --output-file /tmp/r.json`, then `jq '.plan.riskAssessment' /tmp/r.json` — the `aggregateAction` / `escalatedFiles` / `humanReviewFiles` reflect your rules.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The verification command and jq path provided here appear to be incorrect based on the current implementation in src/lib/review-plan.mjs:

  1. Command Error: river review exec will currently throw a ReviewPlanError because runReviewPlan (line 314) only supports planOnly: true at this stage. You likely meant river review plan --plan-only.
  2. Path Error: The jq path .plan.riskAssessment will not return any data because runReviewPlan does not include the riskAssessment object in the final artifact.plan output. It only extracts selectedSkills and skippedSkills (lines 420-424).

Please update the instructions to match the current capabilities or ensure the implementation is updated to include the risk assessment in the output artifact.

Comment thread examples/risk-map/risk-map.yaml Outdated
Comment on lines +6 to +7
# Schema: ../../schemas/risk-map.schema.json
# Spec: ../../pages/guides/repo-wide-review.md §「.river/risk-map.yaml」

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

These relative paths to internal repository files will break when an adopter copies this file to their own repository as instructed in the README. Consider using absolute URLs to the documentation on GitHub or removing these references to ensure the example remains valid for external use.

@github-actions

github-actions Bot commented May 24, 2026

Copy link
Copy Markdown
Contributor

PlanGate Review

  • decision: pass
  • plan status: skipped-by-label
  • exec status: skipped-by-label

PlanGate review decision: pass

severity count policy
critical 0 fail
major 0 fail-if-required / warn
minor 0 comment-only
info 0 skipped

ポリシー: critical=fail / major=fail-if-required (warn) / minor=comment-only / info=skipped — spec: pages/reference/cli-review-plan-spec.md

…ink (gemini PR #896)

Apply both gemini PR #896 comments.

HIGH: the README's verify step claimed
"jq .plan.riskAssessment /tmp/r.json"
would show aggregateAction / escalatedFiles. End-to-end test against
the real runReviewPlan + loadRiskMap confirmed this is wrong: the
artifact's `plan` schema only carries selectedSkills / skippedSkills /
plannerMode. riskAssessment is computed internally and only forwarded
to generateReview's prompt context. Rewrite step 4 to (a) verify file
parses by any river review command succeeding and (b) state honestly
that risk classification is not echoed on the artifact.

MEDIUM: the YAML header comments referenced ../../schemas/...
relative paths that break the moment an adopter copies this file to
.river/risk-map.yaml. Replace with absolute GitHub URLs so the
references stay resolvable after the copy.

No code change; user-facing accuracy fix only.

Refs: PR #896 (gemini review).

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
@s977043 s977043 merged commit 6e75d2a into main May 24, 2026
17 checks passed
@s977043 s977043 deleted the docs/risk-map-example branch May 24, 2026 22:23
s977043 added a commit that referenced this pull request May 25, 2026
* docs(runbook): add release-smoke.md (codex final-pass review item #3)

Close the third drift item from Codex's final-pass review (after the
v0.51.0–v0.55.0 sprint). Items #1 and #2 already landed:
- #1 README Epic 1 status drift (PR #889)
- #2 risk-map example (PR #896)
- #3 release smoke runbook (this PR)

Add docs/runbook/release-smoke.md as a sibling to docs/runbook/dev.md.
It is not a release runbook (release-please handles tagging), but the
smoke test that confirms a fresh tag installs cleanly for an adopter.

Sections
- When to run: post release-please merge, post dependabot prod-dep
  bump, pre announcement.
- What it verifies: lint/tests/skills validate, river run dry-run,
  npm pack --dry-run, npm audit --omit=dev, GitHub Release presence.
- Smoke sequence: single bash block, all commands must exit 0.
- Release confirmation via gh: tagName / publishedAt / changelog body.
- When the smoke fails: concrete recovery moves for the 5 common
  failure modes (lockfile drift, dist staleness, audit vuln, release
  404, skill loader error), pointing at the existing docs and PRs
  that document each fix.
- Out of scope: cross-platform install, npx river try, real LLM, Vercel.

No code change.

Refs: PRs #889, #896 (sibling Codex final-pass items),
docs/development/npm-distribution-design.md, AGENT_LEARNINGS.md
gh-api empty-commit entry.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

* docs(runbook): apply gemini PR #897 review on release-smoke

Both gemini comments are valid; apply.

1. Resolve TAG via the upstream GitHub Release instead of the local
   package.json. The previous form trusted that the operator had
   already pulled main after the release-please merge; if they had
   not, the local package.json could point at the previous
   version and the smoke would run against the wrong commit. Use
   `gh release view --json tagName --jq .tagName` so the upstream
   release is the source of truth.

2. The "feedback_release_please_workflow_race.md memory if available"
   pointer was misleading — that file is Claude's internal memory,
   not a repo doc. Replace with a concrete pointer to the
   AGENT_LEARNINGS.md 2026-05-24 entry that actually carries the
   gh-api empty-commit pattern in the repo.

No content change beyond these two clarifications.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

---------

Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant