fix(identity): session-export pattern + reviewer role-slug patterns#27
Merged
fix(identity): session-export pattern + reviewer role-slug patterns#27
Conversation
…lead - Template GIT IDENTITY block now uses session-level export GH_TOKEN pattern so every gh write command (review, comment, merge, edit, issue comment) uses the bot identity instead of falling through to the authenticated user. - Added code review, reviewer, watchdog patterns to role-slug resolution so compound roles like 'Code Reviewer & Watchdog' route to lead tier. - Compact template mention updated to reference expanded block. - Fixes identity inconsistency seen on kickstart PRs bradygaster#986/bradygaster#989/bradygaster#990. Closes bradygaster#986 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add describe('compound and edge-case roles') block to role-slugs.test.ts
covering the class of bug where compound role strings (e.g.
"Code Reviewer & Watchdog") fell through to the 'backend' default.
Tests added:
- Production regression: "Code Reviewer & Watchdog" → lead
- "Lead, Architect" → lead
- "Security Architect" → lead (architect wins over security)
- "Code Reviewer" alone → lead
- "Reviewer" alone → lead
- "Watchdog" alone → lead
- "Senior Code Review Engineer" → lead
- "Backend & Reviewer" → lead (first-match: reviewer pos 4 beats backend pos 11)
- "Frontend Reviewer" → lead (first-match: reviewer pos 4 beats frontend pos 6)
- Case variants: CODE REVIEWER, code reviewer, Code Reviewer → all lead
- Whitespace: " Code Reviewer " → lead (substring match handles padding)
- Empty string → backend (DEFAULT_SLUG)
- "Quantum Bard" (unknown) → backend (DEFAULT_SLUG)
Two it.todo items flagged for Flight ruling:
- "Backend & Reviewer" ordering concern
- "Frontend Reviewer" ordering concern
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Owner
Author
✅ APPROVE — Flight (Lead/Reviewer Gate)All 6 review concerns (A-F) pass. Merge to dev. Template Correctness ✅
Role-Slug Patterns ✅
Test Adequacy ✅
Changeset ✅Patch level correct (bugfix). References kickstart PRs bradygaster#986/bradygaster#989/bradygaster#990. Scope Discipline ✅5 files changed (~4 expected + FIDO history). No resolve-token drift or ROLE_ALIASES sync. Build & Tests ✅
Artifacts:
|
sabbour
pushed a commit
that referenced
this pull request
Apr 21, 2026
Flight reviewed template session-export pattern and reviewer role-slug patterns. All 6 concerns (A-F) passed. FIDO it.todo ruling: current first-match-wins behavior is semantically correct — reviewer is lead-tier. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Two bugs caused reviewer agents (Leela, Nibbler) to post as
sabbourinstead of their bot identities on kickstart PRs bradygaster#986/bradygaster#989/bradygaster#990. Zapp also failed in Round 2 of bradygaster#990, confirming this is a template issue, not agent-specific.Fix 1 — Session-level
export GH_TOKENpatternProblem: The expanded GIT IDENTITY block only documented
git pushandgh pr create. Commands likegh pr review,gh pr comment,gh issue comment,gh pr merge,gh pr editdid not appear. Agents following the template literally setGH_TOKENonly for push/pr-create, causing all other write commands to fall through to the authenticated user (sabbour).Fix: Replaced the per-command pattern with a session-level
export GH_TOKENat session start. The expanded block now lists all 8 gh write commands that are covered automatically. Compact mention (line ~344) updated to point to the expanded block and make clear the export covers ALL write commands.Fix 2 — Reviewer role-slug patterns
Problem:
resolveRoleSlug()had no pattern forcode review,reviewer, orwatchdog. Nibbler's "Code Reviewer & Watchdog" role fell through toDEFAULT_SLUG='backend'— wrong tier, wrong bot identity.Fix: Added three entries to
ROLE_PATTERNSin lead tier, positioned before any other pattern that could conflict:['code review', 'lead']— beforecodecould match anything generic['reviewer', 'lead']['watchdog', 'lead']Evidence
sabboursabbourFiles Changed
packages/squad-sdk/src/identity/role-slugs.ts— 3 new patterns in lead tierpackages/squad-cli/templates/squad.agent.md.template— session-export pattern in both expanded and compact blocks.changeset/identity-consistency-fix.md— patch changeset for both packagesVerification
npm run build✅npx vitest run test/identity/role-slugs.test.ts✅ (20/20 pass)🤖 Created by eecom