docs: journey-traceability + iconography implementation#40
Conversation
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
|
Warning You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again! |
|
CodeAnt AI is reviewing your PR. Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
|
Warning Rate limit exceeded
To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: ⛔ Files ignored due to path filters (20)
📒 Files selected for processing (4)
✨ Finishing Touches🧪 Generate unit tests (beta)
✨ Simplify code
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Review rate limit: 0/1 reviews remaining, refill in 6 minutes and 38 seconds.Comment |
|
codeant-ai
Bot
added
the
size:L
![codeant-ai[bot]](https://avatars.githubusercontent.com/in/646884?s=60&v=4){kind=small}
| manifest_path: | ||
| description: 'Glob pattern for manifests (default: "**/manifest.verified.json")' | ||
| required: false | ||
| default: '**/manifest.verified.json' | ||
| strict_mode: | ||
| description: 'Run assertions in --strict mode (fail on violations)' | ||
| required: false | ||
| default: 'true' | ||
| type: boolean | ||
| live_verification: | ||
| description: 'Use --live mode (requires ANTHROPIC_API_KEY secret)' | ||
| required: false | ||
| default: 'false' | ||
| type: boolean | ||
|
|
||
| env: | ||
| PHENOTYPE_JOURNEY_STRICT: ${{ inputs.strict_mode || 'true' }} | ||
|
|
||
| jobs: | ||
| journey-gate: | ||
| name: Journey Verification | ||
| runs-on: ubuntu-latest | ||
| timeout-minutes: 15 | ||
|
|
||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
|
|
||
| # --------------------------------------------------------------------- | ||
| # 1. Install runtime dependencies | ||
| # --------------------------------------------------------------------- | ||
| - name: Install tesseract OCR | ||
| run: | | ||
| sudo apt-get update -qq | ||
| sudo apt-get install -y -qq tesseract-ocr \ | ||
| || { echo "WARNING: tesseract install failed — assertions will skip"; } | ||
|
|
||
| - name: Check tesseract availability | ||
| run: | | ||
| if command -v tesseract &>/dev/null; then | ||
| echo "tesseract: $(tesseract --version | head -1)" | ||
| else | ||
| echo "tesseract: NOT FOUND — OCR assertions will be skipped" | ||
| fi | ||
|
|
||
| # --------------------------------------------------------------------- | ||
| # 2. Install phenotype-journey CLI | ||
| # --------------------------------------------------------------------- | ||
| - name: Install phenotype-journey | ||
| run: | | ||
| if command -v phenotype-journey &>/dev/null; then | ||
| echo "phenotype-journey: $(phenotype-journey --version 2>/dev/null || phenotype-journey --help 2>&1 | head -1)" | ||
| else | ||
| echo "Installing phenotype-journey..." | ||
| # Install via cargo if available, else download binary | ||
| if command -v cargo &>/dev/null; then | ||
| cargo install phenotype-journey --locked \ | ||
| || { echo "ERROR: phenotype-journey install failed"; exit 1; } | ||
| else | ||
| # Download latest release binary (adjust URL as needed) | ||
| curl -fsSL https://github.com/KooshaPari/phenotype-journeys/releases/latest/download/phenotype-journey-x86_64-unknown-linux-gnu \ | ||
| -o /usr/local/bin/phenotype-journey \ | ||
| && chmod +x /usr/local/bin/phenotype-journey \ | ||
| || { echo "ERROR: phenotype-journey download failed"; exit 1; } | ||
| fi | ||
| fi | ||
|
|
||
| # --------------------------------------------------------------------- | ||
| # 3. Find all manifest.verified.json files | ||
| # --------------------------------------------------------------------- | ||
| - name: Discover manifests | ||
| id: discover | ||
| run: | | ||
| GLOB="${MANIFEST_PATH:-**/manifest.verified.json}" | ||
| echo "Glob pattern: $GLOB" | ||
|
|
||
| MANIFESTS=$(find . \ | ||
| -name "manifest.verified.json" \ | ||
| -not -path "*/node_modules/*" \ |
There was a problem hiding this comment.
🟠 Architect Review — HIGH
The workflow defines a manifest_path workflow_dispatch input and derives a GLOB variable but the Discover manifests step ignores both, always running find with a hard-coded -name "manifest.verified.json", so the documented override knob has no effect and alternate manifest layouts cannot be gated via this input.
Suggestion: Map the manifest_path input to an environment variable (e.g., MANIFEST_PATH) and use it in the Discover manifests step (for example via the GLOB variable in the find invocation) so manual runs and repo-specific manifest paths behave as documented.
Fix in Cursor | Fix in VSCode Claude
(Use Cmd/Ctrl + Click for best experience)
Prompt for AI Agent 🤖
This is an **Architect / Logical Review** comment left during a code review. These reviews are first-class, important findings — not optional suggestions. Do NOT dismiss this as a 'big architectural change' just because the title says architect review; most of these can be resolved with a small, localized fix once the intent is understood.
**Path:** .github/workflows/journey-gate.yml
**Line:** 32:110
**Comment:**
*HIGH: The workflow defines a `manifest_path` workflow_dispatch input and derives a `GLOB` variable but the Discover manifests step ignores both, always running `find` with a hard-coded `-name "manifest.verified.json"`, so the documented override knob has no effect and alternate manifest layouts cannot be gated via this input.
Validate the correctness of the flagged issue. If correct, How can I resolve this? If you propose a fix, implement it and please make it concise.
If a suggested approach is provided above, use it as the authoritative instruction. If no explicit code suggestion is given, you MUST still draft and apply your own minimal, localized fix — do not punt back with 'no suggestion provided, review manually'. Keep the change as small as possible: add a guard clause, gate on a loading state, reorder an await, wrap in a conditional, etc. Do not refactor surrounding code or expand scope beyond the finding.
Once fix is implemented, also check other comments on the same PR, and ask user if the user wants to fix the rest of the comments as well. if said yes, then fetch all the comments validate the correctness and implement a minimal fix
|
CodeAnt AI finished reviewing your PR. |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 5 potential issues.
Bugbot Autofix is ON, but it could not run because on-demand usage is turned off. To enable Bugbot Autofix, turn on on-demand usage and set a spend limit in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 7f27cd7. Configure here.
| @@ -0,0 +1 @@ | |||
| <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="24" height="24" role="img" aria-label="search" focusable="false" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"><path d="M21 21l-4.35-4.35M11 19a8 8 0 1 0-16 8 8 8 0 0 0 16z"/></svg> No newline at end of file | |||
There was a problem hiding this comment.
Search icon SVG path has malformed arc data
Medium Severity
The search icon's circle arc path a8 8 0 1 0-16 8 8 8 0 0 0 16z is missing a 0 dx value in both arcs. The correct path for a circle centered at (11,11) is a8 8 0 1 0 0-16 8 8 0 0 0 0 16z. Without the 0 dx, the first arc goes to (-5, 27) instead of (11, 3), rendering the circle entirely outside the 24×24 viewBox. Both the Fluent and Material versions are affected.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 7f27cd7. Configure here.
| @@ -0,0 +1 @@ | |||
| <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="24" height="24" role="img" aria-label="workflow" focusable="false" fill="none" stroke="currentColor" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round"><path d="M16 18l6-6-6-6M8 6l-6 6 6 12"/></svg> No newline at end of file | |||
There was a problem hiding this comment.
Workflow icon has asymmetric left chevron path
Low Severity
The workflow icon's second chevron path segment l-6 6 6 12 draws the bottom leg to (8, 24) instead of (8, 18), making it twice as long as the top leg. The right chevron uses l6-6-6-6 (symmetric with dy=6 each leg), but the left chevron has 6 12 instead of 6 6, creating a visually lopsided icon.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 7f27cd7. Configure here.
| @@ -0,0 +1 @@ | |||
| <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" width="24" height="24" role="img" aria-label="branch" focusable="false" fill="currentColor"><path d="M6 3v12M18 6a3 3 0 0 1 0 6M6 18a3 3 0 0 1 0-6M18 9a9 9 0 0 1 0 9"/></svg> No newline at end of file | |||
There was a problem hiding this comment.
Material icons use stroke paths with fill rendering
Medium Severity
The Material icons use fill="currentColor" with no stroke, but their path data is identical to the Fluent (stroke-based) icons. Open paths like straight lines (M6 3v12, M4 17l6-6-6-6M12 19h8) have no enclosed area for fill to render, so icons like branch, terminal, and workflow will be invisible. Filled icon variants need different closed-shape path data.
Additional Locations (2)
Reviewed by Cursor Bugbot for commit 7f27cd7. Configure here.
| name: Journey Gate — No Manifests Found | ||
| runs-on: ubuntu-latest | ||
| needs: journey-gate | ||
| if: needs.journey-gate.result == 'failure' && needs.journey-gate.outputs.MANIFEST_COUNT == '0' |
There was a problem hiding this comment.
Stub-mode job can't access journey-gate outputs
Medium Severity
The stub-mode job references needs.journey-gate.outputs.MANIFEST_COUNT, but the journey-gate job never declares an outputs: mapping at the job level. Step-level outputs (from steps.discover.outputs.MANIFEST_COUNT) are not automatically promoted to job-level outputs in GitHub Actions. The condition == '0' will always evaluate to false, so the stub-mode job will never execute.
Reviewed by Cursor Bugbot for commit 7f27cd7. Configure here.
| - name: Run assertions | ||
| env: | ||
| MANIFEST_LIST: ${{ steps.discover.outputs.MANIFEST_LIST }} | ||
| PHENOTYPE_JOURNEY_STRICT: ${{ inputs.strict_mode && 'true' || 'false' }} |
There was a problem hiding this comment.
Strict mode disabled for push and PR triggers
High Severity
The expression ${{ inputs.strict_mode && 'true' || 'false' }} at the step-level env evaluates to 'false' for push and pull_request triggers because inputs.strict_mode is null/empty (inputs are only populated for workflow_dispatch). This step-level env overrides the correctly-defaulted workflow-level PHENOTYPE_JOURNEY_STRICT on line 48, so assertion violations silently pass on every push and PR — the two most common CI triggers — completely undermining the gate.
Reviewed by Cursor Bugbot for commit 7f27cd7. Configure here.
|
CodeAnt AI is running the review. Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
codeant-ai
Bot
added
size:L
Sequence DiagramThis PR adds a GitHub Actions workflow that enforces journey traceability by discovering verified journey manifests, validating them with the journey CLI, and failing CI when manifests are missing or checks do not pass. sequenceDiagram
participant Dev as Developer
participant CI as GitHub Actions
participant Gate as Journey Gate workflow
participant CLI as Journey CLI
participant Manifests as Journey manifests
Dev->>CI: Push or open pull request to main
CI->>Gate: Start Journey Gate job
Gate->>Gate: Install tesseract and Journey CLI
Gate->>Manifests: Discover manifest verified json files
alt Manifests found
Gate->>CLI: Validate and assert all manifests
CLI-->>Gate: All validations and assertions pass
Gate-->>CI: Mark Journey Gate job successful
CI-->>Dev: Report passing journey checks
else No manifests found
Gate-->>CI: Fail job in stub mode
CI-->>Dev: Require adding journey manifests to pass CI
end
Generated by CodeAnt AI |
|
CodeAnt AI finished running the review. Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
|
CodeAnt AI is running the review. Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
codeant-ai
Bot
added
size:L
Sequence DiagramThis PR adds a Journey Gate GitHub Actions workflow that runs on pushes and pull requests to enforce the presence and validity of journey manifests, failing CI in stub mode until manifests are added and then validating, asserting, and optionally live-verifying them. sequenceDiagram
participant Dev as Developer
participant GitHub as GitHub
participant Gate as Journey Gate workflow
participant CLI as Journey CLI
participant Live as Live verification API
Dev->>GitHub: Push or open pull request
GitHub->>Gate: Trigger Journey Gate workflow
Gate->>Gate: Discover manifest.verified.json files
alt No manifests found
Gate-->>Dev: Fail stub mode and instruct to add manifests
else Manifests found
Gate->>CLI: Validate and assert all manifests in strict mode
opt Live verification enabled
Gate->>Live: Verify manifests via live API
end
Gate-->>Dev: Report journey gate passed in CI
end
Generated by CodeAnt AI |
|
CodeAnt AI finished running the review. Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
1 participant
User description
Journey traceability docs + Fluent/Material iconography SVGs + CI gate. Stub manifests — populate to pass CI.
Co-authored-by: Claude Opus 4.7 noreply@anthropic.com
Note
Medium Risk
Adds a new GitHub Actions workflow that can block PRs/merges by failing when journey manifests are missing or assertions fail, so it may immediately break CI until manifests are populated.
Overview
Introduces a new
Journey GateGitHub Actions workflow (.github/workflows/journey-gate.yml) that installs dependencies, discoversmanifest.verified.jsonfiles, validates them, and runs strict assertions (with optional live verification viaANTHROPIC_API_KEY). The workflow is currently stubbed to fail when no manifests are found, forcing repos to add journey coverage before CI will pass.Adds initial journey traceability documentation (
docs/operations/journey-traceability.md), a stub journey manifest (docs/journeys/manifests/main-flow.json), and a new iconography spec plus Fluent/Material SVG icon sets underdocs/operations/iconography/.Reviewed by Cursor Bugbot for commit 7f27cd7. Bugbot is set up for automated code reviews on this repo. Configure here.
CodeAnt-AI Description
Add journey traceability docs, icon guidance, and a CI gate for journey manifests
What Changed
Impact
✅ Clearer journey coverage requirements✅ Fewer PRs missing required journey manifests✅ Earlier CI failures for incomplete traceability🔄 Retrigger CodeAnt AI Review
Details
💡 Usage Guide
Checking Your Pull Request
Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.
Talking to CodeAnt AI
Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:
This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.
Example
Preserve Org Learnings with CodeAnt
You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:
This helps CodeAnt AI learn and adapt to your team's coding style and standards.
Example
Retrigger review
Ask CodeAnt AI to review the PR again, by typing:
Check Your Repository Health
To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.