Skip dependency review when dependency graph is unavailable#341
Conversation
There was a problem hiding this comment.
Pull request overview
OpenCode cannot approve yet because required coverage evidence did not pass.
Review outcome
1. HIGH .github/workflows/opencode-review.yml:1 - Coverage evidence did not prove required test/docstring evidence
-
Problem: The required coverage-evidence job result was
cancelled, so OpenCode cannot establish approval sufficiency for this head. -
Root cause: Automated approval is only valid when the same-head coverage-evidence job proves supported repository test suites passed and configured docstring gates passed or were advisory, or reports not applicable because no supported source files or package manifests exist. Missing, failed, skipped, unavailable, or unsupported-tooling test evidence is a blocker.
-
Fix: Install or configure the repository test/docstring evidence tooling when source files or package manifests exist, rerun the current-head coverage-evidence job, and approve only after it reports
successwith required evidence or explicit no-source not-applicable evidence. -
Regression test: Keep the approval branch checking
needs.coverage-evidence.result == successbefore posting APPROVE, and publish REQUEST_CHANGES when coverage-evidence blocker states such as cancelled, skipped, failed, unsupported-tooling, or below-100 evidence are present. -
Result: REQUEST_CHANGES
-
Reason: coverage-evidence result was
cancelled, so required test/docstring evidence was not proven for current heade8a4404dd3715e7190617e2a54b76d2c166c0f1d. -
Head SHA:
e8a4404dd3715e7190617e2a54b76d2c166c0f1d -
Workflow run: 28845644650
-
Workflow attempt: 1
Coverage evidence
Coverage evidence job did not run or did not publish coverage evidence.
Changed-File Evidence Map
flowchart LR
PR["PR changed files"] --> Evidence["OpenCode bounded evidence"]
Evidence --> S1["Workflow: security-scan.yml"]
S1 --> I1["GitHub Actions review job"]
I1 --> R1["Review risk: Workflow: security-scan.yml"]
R1 --> V1["actionlint plus required checks"]
Evidence --> S2["Test: test_required_workflow_queue_contract.py"]
S2 --> I2["regression suite"]
I2 --> R2["Review risk: Test: test_required_workflow_queue_contract.py"]
R2 --> V2["targeted test run"]
OpenCode Review Overview
Pull request overviewOpenCode cannot approve yet because required coverage evidence did not pass. Review outcome1. HIGH .github/workflows/opencode-review.yml:1 - Coverage evidence did not prove required test/docstring evidence
Coverage evidenceCoverage evidence job did not run or did not publish coverage evidence. Changed-File Evidence Mapflowchart LR
PR["PR changed files"] --> Evidence["OpenCode bounded evidence"]
Evidence --> S1["Workflow: security-scan.yml"]
S1 --> I1["GitHub Actions review job"]
I1 --> R1["Review risk: Workflow: security-scan.yml"]
R1 --> V1["actionlint plus required checks"]
Evidence --> S2["Test: test_required_workflow_queue_contract.py"]
S2 --> I2["regression suite"]
I2 --> R2["Review risk: Test: test_required_workflow_queue_contract.py"]
R2 --> V2["targeted test run"]
|
Summary
Verification
uv run --python 3.13 pytest -s -q tests/test_required_workflow_queue_contract.py.github/workflows/security-scan.ymlwith PyYAML