-
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.coderabbit.yaml
More file actions
420 lines (420 loc) · 20.5 KB
/
.coderabbit.yaml
File metadata and controls
420 lines (420 loc) · 20.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
tone_instructions: >-
Security-first Rust 2024 code review. Flag vulnerabilities, enforce zero-warnings policy, optimize
for 10k+ process monitoring. Be direct like a senior security engineer. Focus on privilege
separation, performance, and operator reliability.
early_access: true
inheritance: true
reviews:
profile: assertive
high_level_summary_in_walkthrough: true
auto_title_instructions: >-
Generate PR/MR titles following Conventional Commits format: type(scope): description. Use
types: feat, fix, docs, style, refactor, perf, test, build, ci, chore. Use scopes: procmond,
daemoneye-agent, daemoneye-cli, daemoneye-lib, security-center, gui, core-feature,
process-monitoring, data-models, ipc, database, crypto, async, testing, integration,
cross-platform. Keep descriptions concise and action-oriented.
collapse_walkthrough: false
labeling_instructions:
- label: rust
instructions: >-
Apply when the PR/MR contains changes to Rust source code files (*.rs). This includes
modifications to any Rust modules, functions, structs, enums, or traits.
- label: core-feature
instructions: >-
Apply when the PR/MR implements or modifies core system functionality including procmond,
daemoneye-agent, daemoneye-cli, or daemoneye-lib components. Focus on fundamental security
monitoring capabilities.
- label: process-monitoring
instructions: >-
Apply when the PR/MR involves process enumeration, monitoring, or collection functionality.
Includes changes to process data structures, collection algorithms, or monitoring
interfaces.
- label: data-models
instructions: >-
Apply when the PR/MR modifies data structures, models, or type definitions. Includes changes
to ProcessRecord, Alert, DetectionRule, or other core data types.
- label: serialization
instructions: >-
Apply when the PR/MR involves serialization/deserialization functionality. Includes changes
to serde implementations, JSON handling, or data format conversions.
- label: ipc
instructions: >-
Apply when the PR/MR involves Inter-Process Communication between procmond, daemoneye-agent,
or daemoneye-cli components. Includes protobuf definitions, Unix sockets, or named pipes.
- label: protobuf
instructions: >-
Apply when the PR/MR involves Protocol Buffer definitions, code generation, or
protobuf-based communication. Includes .proto files or generated protobuf code.
- label: database
instructions: >-
Apply when the PR/MR involves database operations, schema changes, or data storage. Includes
redb, PostgreSQL, or other database-related functionality.
- label: crypto
instructions: >-
Apply when the PR/MR involves cryptographic functionality, hashing, digital signatures, or
security-related cryptographic operations.
- label: async
instructions: >-
Apply when the PR/MR involves asynchronous programming patterns, tokio usage, or async/await
implementations. Includes async functions, futures, or concurrent operations.
- label: testing
instructions: >-
Apply when the PR/MR adds, modifies, or improves test code. Includes unit tests, integration
tests, or test infrastructure changes.
- label: integration
instructions: >-
Apply when the PR/MR involves integration testing, component integration, or cross-component
functionality. Includes end-to-end testing or system integration work.
- label: cross-platform
instructions: >-
Apply when the PR/MR involves multi-platform compatibility features for Linux, macOS, or
Windows. Includes platform-specific code or cross-platform abstractions.
- label: daemoneye-agent
instructions: >-
Apply when the PR/MR specifically involves the daemoneye-agent component. Includes detection
orchestration, alert management, or service lifecycle management.
- label: documentation
instructions: >-
Apply when the PR/MR involves documentation changes, README updates, or code comments.
Includes rustdoc, JSDoc, or markdown documentation.
- label: dependencies
instructions: >-
Apply when the PR/MR updates dependency files like Cargo.toml, package.json, or other
dependency management files.
- label: priority:high
instructions: >-
Apply when the PR/MR addresses high priority issues requiring immediate attention. Use
sparingly for critical security fixes or blocking issues.
auto_apply_labels: true
auto_assign_reviewers: true
path_filters:
- procmond/**
- daemoneye-agent/**
- daemoneye-cli/**
- daemoneye-lib/**
- collector-core/**
- docs/src/**
- spec/**
- .kiro/**/*.md
- .cursor/**/*.mdc
- .github/**
- "!.github/workflows/release.yml"
- "*.md"
- "*.toml"
- "*.yaml"
- "*.yml"
- "*.json"
- "*.sh"
- "*.py"
- "*.js"
- "*.ts"
- "*.tsx"
- justfile
- "!target/**"
- "!dist/**"
- "!docs/book/**"
- "!node_modules/**"
- "!*.woff2"
- "!*.png"
- "!*.svg"
- "!*.ico"
- "!*.wxs"
path_instructions:
- path: procmond/**
instructions: >-
CRITICAL: Privileged process collector with minimal attack surface. Enforce principle of
least privilege, immediate privilege dropping after init, no network access, write-only
access to audit ledger. Flag any unsafe code, privilege escalation risks, or attack surface
expansions. Focus on security, performance, and minimal dependencies. Does not expose any
shared code, so any reusable code should be in daemoneye-lib or collector-core.
- path: daemoneye-agent/**
instructions: >-
User-space orchestrator for detection, alerting, and procmond lifecycle management. Enforce
outbound-only network connections, read/write event store access, IPC client patterns. Focus
on SQL-to-IPC translation using sqlparser, task generation for procmond, overcollection
handling, SQL injection prevention, concurrent alert delivery, service management, and error
handling with thiserror/anyhow. Flag performance regressions in detection rule execution.
- path: daemoneye-cli/**
instructions: >-
Operator CLI interface. Enforce NO direct database access - communicates only through
daemoneye-agent. No network access, comprehensive error messages, JSON/table output support.
Focus on user experience, shell completions, color handling, and operational efficiency for
SOC environments.
- path: daemoneye-lib/**
instructions: >-
Shared library providing common functionality across all components. Enforce trait-based
abstractions, security boundaries, comprehensive error handling. Focus on modularity,
testability, and performance. Flag any unsafe code or potential panics. Ensure all public
APIs are well-documented with rustdoc comments. Stability and performance of the library is
critical.
- path: collector-core/**
instructions: >-
Shared framework library providing common functionality for collectors, such as procmond.
Enforce trait-based abstractions, security boundaries, comprehensive error handling. Focus
on modularity, testability, and performance. Flag any unsafe code or potential panics.
Ensure all public APIs are well-documented with rustdoc comments. Stability and performance
of the library is critical.
- path: daemoneye-eventbus/**
instructions: >-
Cross-platform IPC event bus for DaemonEye monitoring system. Enforce cross-platform
compatibility: PRIMARY platforms (Linux Ubuntu 20.04+ LTS, RHEL/CentOS 8+, Alma/Rocky Linux
8+, Debian 11+ LTS, macOS 14.0+, Windows 10+, Windows Server 2019+, Windows Server 2022,
Windows 11) and SECONDARY platforms (Alpine 3.16+, Amazon Linux 2+, Ubuntu 18.04, RHEL 7,
macOS 12.0+, FreeBSD 13.0+). Use Windows named pipes and Unix domain sockets. Focus on
performance (10k+ messages/sec), security (local IPC only), and reliability (at-most-once
delivery). Flag any network exposure, privilege escalation, or performance regressions.
Ensure proper error handling and resource cleanup.
- path: docs/src/**
instructions: >-
Documentation source files. Enforce clear, technical writing for cybersecurity
professionals. Focus on accuracy, completeness, and operational relevance. Flag missing
security considerations or unclear technical explanations.
- path: spec/**
instructions: >-
Project specifications and architecture documents. Enforce technical accuracy, architectural
consistency, and clear requirements. Focus on security-first design principles and
operational constraints.
- path: .kiro/**
instructions: >-
Project documentation and specifications, written in spec-driven development, used by the
Kiro AI assistant. Enforce technical accuracy, architectural consistency, and clear
requirements. Focus on security-first design principles and operational constraints.
- path: "*.md"
instructions: >-
Project documentation. Enforce clear, professional writing for security operations teams.
Focus on accuracy, completeness, and operational relevance. Flag missing security
considerations or unclear technical explanations.
- path: Cargo.toml
instructions: >-
Dependency and workspace configuration. Enforce minimal dependencies, security-focused crate
selection, proper version pinning. Flag potential security vulnerabilities in dependencies
or workspace configuration issues.
- path: justfile
instructions: >-
Task runner configuration. Enforce DRY principles, clear command organization, security
considerations in build tasks. Focus on operational efficiency and maintainability.
- path: "*.yaml"
instructions: >-
YAML configuration files. Enforce proper YAML syntax, consistent indentation, and clear
structure. Focus on configuration validation and security considerations for CI/CD
workflows.
- path: "*.yml"
instructions: >-
YAML configuration files. Enforce proper YAML syntax, consistent indentation, and clear
structure. Focus on configuration validation and security considerations for CI/CD
workflows.
- path: "*.json"
instructions: >-
JSON configuration files. Enforce valid JSON syntax, proper structure, and security
considerations. Focus on configuration validation and maintainability.
- path: "*.sh"
instructions: >-
Shell scripts. Enforce proper shell scripting practices, error handling, and security
considerations. Focus on portability, maintainability, and operational efficiency.
- path: "*.js"
instructions: >-
JavaScript files. Enforce modern JavaScript practices, security considerations, and
maintainability. Focus on performance and compatibility.
- path: "*.ts"
instructions: >-
TypeScript files. Enforce TypeScript best practices, type safety, and security
considerations. Focus on maintainability and developer experience.
- path: "*.tsx"
instructions: >-
React TypeScript files. Enforce React and TypeScript best practices, component design
patterns, and security considerations. Focus on user experience and maintainability.
slop_detection:
label: slop
auto_review:
base_branches:
- main
finishing_touches:
unit_tests:
enabled: false
simplify:
enabled: true
pre_merge_checks:
title:
mode: error
requirements: >-
Must follow Conventional Commits specification: type(scope): description. Types: feat, fix,
docs, style, refactor, perf, test, build, ci, chore. Scopes: auth, api, cli, models,
detection, alerting, etc. Breaking changes indicated with ! in header or BREAKING CHANGE: in
footer.
tools:
shellcheck:
enabled: false
ruff:
enabled: false
biome:
enabled: false
hadolint:
enabled: false
swiftlint:
enabled: false
phpstan:
enabled: false
phpmd:
enabled: false
phpcs:
enabled: false
golangci-lint:
enabled: false
detekt:
enabled: false
eslint:
enabled: false
flake8:
enabled: false
fortitudeLint:
enabled: false
rubocop:
enabled: false
regal:
enabled: false
pmd:
enabled: false
clang:
enabled: false
cppcheck:
enabled: false
circleci:
enabled: false
prismaLint:
enabled: false
pylint:
enabled: false
shopifyThemeCheck:
enabled: false
luacheck:
enabled: false
brakeman:
enabled: false
htmlhint:
enabled: false
stylelint:
enabled: false
smartyLint:
enabled: false
emberTemplateLint:
enabled: false
chat:
allow_non_org_members: false
integrations:
jira:
usage: enabled
knowledge_base:
code_guidelines:
filePatterns:
- spec/**/*.md
issues:
scope: local
jira:
usage: enabled
project_keys:
- END
pull_requests:
scope: local
mcp:
usage: enabled
code_generation:
docstrings:
path_instructions:
- path: "**/*.rs"
instructions: >-
Generate rustdoc comments following standard format: /// for public items, //! for module
docs. Include brief description, parameter docs with # Arguments, return docs with #
Returns, error docs with # Errors, and examples with # Examples. Use ```rust for runnable
examples, ```rust,no_run for non-runnable. Focus on security implications and performance
characteristics.
- path: daemoneye-cli/**
instructions: >-
Generate rustdoc comments following standard format with CLI focus: /// for public items,
//! for module docs. Include # Arguments, # Returns, # Errors, and # Examples sections.
Focus on operator workflows, error messages, and output formatting. Use ```rust,no_run for
security-sensitive CLI examples.
- path: daemoneye-lib/**
instructions: >-
Generate rustdoc comments following standard format with shared library focus: /// for
public items, //! for module docs. Include # Arguments, # Returns, # Errors, and #
Examples sections. Emphasize trait-based abstractions, security boundaries, and
cross-component usage. Use ```rust for runnable examples.
- path: gui/**
instructions: >-
Generate JSDoc comments following TypeScript/React format: /** */ for components and
functions. Include @param, @returns, @example, and @since tags. Focus on user experience,
real-time data handling, and security operations workflows. Use ```tsx for component
examples.
unit_tests:
path_instructions:
- path: "**/*.rs"
instructions: >-
Generate unit tests using standard Rust testing patterns: #[cfg(test)] mod tests,
#[tokio::test] for async, use super::*. Focus on security boundaries, error handling, and
performance. Use mock dependencies, insta for snapshot testing, and predicates for
validation. Test both success and failure paths.
- path: procmond/**
instructions: >-
Generate security-focused unit tests for privileged process collector. Test privilege
escalation scenarios, privilege dropping behavior, and attack surface boundaries. Use mock
system calls and test error conditions thoroughly.
- path: daemoneye-cli/**
instructions: >-
Generate CLI-focused unit tests using insta for snapshot testing and predicates for
validation. Test JSON/table output formatting, shell completions, error messages, and user
experience. Test both interactive and non-interactive modes.
- path: gui/**
instructions: >-
Generate React/TypeScript unit tests using Jest and React Testing Library. Test component
rendering, user interactions, state management, and API integration. Focus on
accessibility and responsive design testing.
issue_enrichment:
auto_enrich:
enabled: true
planning:
auto_planning:
enabled: false
labels:
- enhancement
- bug
labeling:
labeling_instructions:
- label: bug
instructions: >-
Apply when the issue reports something that isn't working correctly. Look for error
messages, unexpected behavior, crashes, or regressions in existing functionality.
- label: enhancement
instructions: >-
Apply when the issue requests new features or improvements. This includes new CLI options,
new LLM providers, new output formats, performance improvements, or usability
enhancements.
- label: documentation
instructions: >-
Apply when the issue is about missing, incorrect, or unclear documentation. This includes
README updates, API documentation, examples, or inline code comments.
- label: good first issue
instructions: >-
Apply when the issue is well-scoped, has clear requirements, and doesn't require deep
knowledge of the codebase. Good for newcomers to contribute.
- label: help wanted
instructions: >-
Apply when the issue needs community input, additional expertise, or the maintainers
explicitly request assistance.
- label: question
instructions: >-
Apply when the issue is asking for clarification, guidance, or discussion rather than
reporting a bug or requesting a feature.
- label: duplicate
instructions: >-
Apply when this issue duplicates an existing open or recently closed issue. Reference the
original issue.
- label: invalid
instructions: >-
Apply when the issue doesn't provide enough information, is not related to this project,
or cannot be reproduced.
- label: wontfix
instructions: >-
Apply when the issue describes behavior that is working as intended, is out of scope for
the project, or conflicts with project goals.
auto_apply_labels: true