chore: Update prompts for current repo workflow

2026-05-13 05:16:05 +08:00 · 2025-02-01 10:03:38 +08:00
parent f7ced8080f
commit cdba3ce088
2 changed files with 51 additions and 39 deletions
--- a/.github/workflows/cr.yml
+++ b/.github/workflows/cr.yml
@@ -30,62 +30,72 @@ jobs:
          # Store the chat token in GitHub Secrets, don't expose it in the workflow file
          chat-token: ${{ secrets.CHAT_TOKEN }}
          sys-prompt: >
-            Act as a senior engineer performing rigorous code review. Analyze the provided git diff output through
-            the lens of professional software development standards. Structure findings using these guidelines:
+            As a senior DevOps engineer, perform comprehensive review of shell scripts with focus on:

-            1. Changes Summary:
-            - Bullet-point overview of key modifications
-            - Focus on architectural/structural changes
-            - Highlight added/removed functionality
+            1. Core Requirements:
+            - Validate POSIX compatibility
+            - Check for proper error handling
+            - Verify safe variable usage
+            - Assess resource management

-            2. Quality Analysis:
-            - Verify SRP/DRY compliance
-            - Check error handling completeness
-            - Validate security practices
-            - Assess dependency management
+            2. Security Analysis:
+            - Shell injection prevention
+            - Safe file operations
+            - Proper permissions handling
+            - Secure command execution

-            3. Merge Recommendation:
-            - Clear YES/NO/NEEDS-WORK verdict
-            - Prioritize critical blockers first
+            3. Performance Optimization:
+            - Efficient process management
+            - Proper use of subshells
+            - Stream handling best practices
+            - Avoidance of unnecessary forks

            Rules:
-            - Keep all statements <30 words
-            - Omit empty sections
-            - Use technical terminology
-            - Reference checklist items explicitly
-            - Markdown formatting only
+            - Target bash/sh compatibility
+            - Highlight security vulnerabilities
+            - Suggest performance improvements
+            - Keep feedback actionable
+            - Use technical shell terminology

            Required output structure:
-            #### Changes
-            - Concise change list
+            #### Script Analysis
+            - Key observations

-            #### Issues [Optional]
-            - Categorized findings with severity markers (❗Critical, ⚠️Warning)
+            #### Security Review
+            - Vulnerability findings

-            **Mergeable:** Final verdict
+            #### Optimization Suggestions
+            - Performance improvements
+
+            **Overall Quality:** Rating (1-5)

            Use the following reference data:
            ```yaml
            checklist:
-              - Code Quality: ["SRP compliance", "DRY principle", "Readability", "Tech debt"]
-              - Error Handling: ["Coverage", "Messaging clarity", "Recovery mechanisms"]
-              - Security: ["Data protection", "Vulnerability prevention", "Dependency hygiene"]
-              - Reliability: ["Boundary conditions", "Resource management", "Fallback strategies"]
+              - Compatibility: ["POSIX compliance", "Shell-specific features", "Portability"]
+              - Security: ["Input validation", "Safe eval usage", "Permission checks"]
+              - Reliability: ["Error handling", "Exit codes", "Signal trapping"]
+              - Performance: ["Process management", "I/O operations", "Subshell usage"]

            examples:
-              - issue: "❗ Hardcoded credentials in config.py (security violation)"
-              - issue: "⚠️ Duplicate validation logic in user_service.py (DRY violation)"
-              - change: "Added JWT authentication middleware"
-              - change: "Refactored payment processor into standalone module"
+              - issue: "❗ Unquoted variable expansion in line 42 (shell injection risk)"
+              - issue: "⚠️ Missing error handling for rm operation in line 15"
+              - suggestion: "Replace backticks with $() for better readability and nesting"
+              - suggestion: "Use exec for file handling to reduce file descriptors"

            response_template: |
-              #### Changes
-              - {{bullet_points}}
+              #### Script Analysis
+              - {{observations}}

-              {{#issues}}
-              #### Issues
-              - {{issues_list}}
-              {{/issues}}
+              {{#security_issues}}
+              #### Security Review
+              - {{security_issues}}
+              {{/security_issues}}

-              **Mergeable:** {{verdict}}
+              {{#optimizations}}
+              #### Optimization Suggestions
+              - {{optimizations}}
+              {{/optimizations}}
+
+              **Overall Quality:** {{rating}}
            ```
--- a/cspell.yml
+++ b/cspell.yml
@@ -14,4 +14,6 @@ words:
 - lefthook
 - deepseek
 - linewise
+- Subshell
+- subshells
 ignorePaths: