This roadmap defines what must be true before CodeAgora can be treated as production-ready for real users and CI pipelines.
It is intentionally narrower than a product wishlist. The goal is not to add more surfaces; it is to make the supported surfaces boring, observable, secure, and repeatable.
CodeAgora is production-ready when all of these are true:
- The CLI can review local diffs, staged diffs, patch files, and GitHub PRs with stable contracts and predictable exit codes.
- The GitHub Action can run safely on normal PRs, fork PRs, large diffs, missing-secret scenarios, and provider failures.
- The MCP server exposes the same review behavior as the CLI through schema-validated tools and structured errors.
- The Desktop app can launch as a packaged app, inspect setup/readiness, start/cancel local reviews, browse sessions, export evidence, and pass visual QA.
- Benchmark evidence proves the current reviewer stack catches seeded high-value bugs while keeping false positives bounded.
- Packaging, installation, first-run setup, docs, and release workflows work from a clean checkout.
- Security boundaries hold for prompt injection, untrusted model output, secret redaction, filesystem paths, and GitHub token permissions.
The current stable-readiness surfaces are CLI, GitHub Actions, MCP, and Desktop.
Production readiness gates apply to these supported product surfaces:
CLI
GitHub Actions
MCP
DesktopThe desktop app is an official supported local UI surface. It must consume stable core/CLI behavior without defining new review semantics, config formats, or release promises that diverge from CLI, GitHub Action, or MCP.
Retired surfaces remain out of scope:
web dashboard
terminal TUI
notification packageFreeze the production target so reliability work does not keep expanding sideways.
- Declare CLI, GitHub Actions, and MCP as the production gates.
- Keep desktop documented as the official human-facing local UI, with package launch, E2E, visual QA, and evidence gates tracked alongside the automation surfaces.
- Inventory commands, action inputs, MCP tools, config files, output formats, and environment variables.
- Mark every undocumented or unsupported behavior as either production scope or explicitly non-goal.
README.md,docs/for-agents/ARCHITECTURE.md, and this roadmap agree on supported surfaces.- Every supported command/tool/action input has documented behavior, failure behavior, and ownership.
- No root or docs page describes retired web/TUI/notification surfaces as current production surfaces.
Make the CLI the stable executable contract that all other surfaces can rely on.
- Harden diff ingestion for stdin, patch files, staged changes, branch ranges, and PR fetches.
- Make config loading deterministic across
.ca/config.json,.ca/config.yaml, defaults, and invalid config cases. - Normalize provider failure behavior: missing keys, auth failure, rate limits, transient network failure, model failure, timeout, and reviewer forfeits.
- Preserve stable
codeagora.review.v1JSON and NDJSON behavior. - Ensure text output remains useful without breaking machine-readable modes.
- Redact secrets from logs, errors, session artifacts, and provider diagnostics.
- CLI fixtures cover empty diff, malformed diff, ignored files, large diff, provider outage, missing API key, invalid config, and successful review.
agora review --output jsonandagora review --json-streamemit only valid contract output in machine-readable modes.- Exit codes match
docs/for-agents/AGENT_CONTRACT.mdfor success, review gate failure, setup error, and runtime failure. - No unhandled promise rejection or raw provider exception reaches users in targeted failure tests.
- Manual QA verifies
agora review --help, stdin review, patch-file review, invalid config, and missing-key behavior through the real CLI.
Make PR automation safe enough to be the default real-user workflow.
- Verify PR diff acquisition for same-repo PRs, fork PRs, rebased PRs, and force-pushed PRs.
- Keep fetched
baseSha,headSha, repository names, and fork metadata attached to review sessions and posting decisions. - Harden permission behavior for
GITHUB_TOKENscopes, read-only fork contexts, missing secrets, and disabled posting. - Ensure review comments, summary comments, commit statuses, SARIF, and check output are deduplicated and head-SHA-safe.
- Make large-diff truncation transparent through priority-file, oversized-hunk, and token-budget metadata.
- Action smoke workflow passes on a representative PR with comments/status enabled.
- Fork PR test path does not leak secrets and produces a clear skipped/degraded result when secrets are unavailable.
- Force-push or rebase changes the recorded
headSha; stale posting is blocked or clearly marked. - Large-diff dry run exposes retained priority files and truncation decisions.
- Action bundle build and clean checkout action execution are verified before release.
Keep MCP as a thin agent/IDE adapter over the same review engine, not a divergent product path.
- Validate every MCP tool input with zod schemas and return structured errors.
- Keep filesystem access bounded to explicit repository paths.
- Align MCP compact output with the CLI contract when
output_format: "json"is requested. - Add parity fixtures comparing CLI and MCP behavior for the same diff/config.
- Exercise MCP startup, tool listing, quick review, full review, PR review, dry run, config get, and config set.
- MCP server starts from the published rc package command:
npx -y @codeagora/mcp@rc. - Each MCP tool has documented parameters, output shape, and failure behavior.
- Parity tests prove CLI and MCP reach equivalent decisions/issues for fixture diffs under the same config.
- Invalid tool input and inaccessible repo paths return structured errors without crashing the server.
Make quality claims evidence-based instead of anecdotal.
- Maintain a labeled benchmark corpus with recall fixtures and false-positive regression fixtures.
- Include security bugs, logic bugs, API-contract bugs, clean diffs, generated/noisy files, large diffs, and multi-file interaction cases.
- Track TP, FP, FN, precision, recall, F1, recall@3/@5/@10, FP clean-rate, latency, and cost when available.
- Keep ambiguous-case research separate from production pass/fail gates.
- Require benchmark deltas before changing severity semantics, L2/L3 behavior, model pools, or large-diff strategy.
- Benchmark methodology and latest production candidate results are published in docs; the current stable-candidate capture is
docs/archived/live-benchmark-report.md. - High-severity seeded findings meet the agreed recall threshold before release.
- FP regression fixtures remain clean within the agreed tolerance.
- No accepted production candidate fabricates files, line ranges, or code quotes in benchmark output.
- CI blocks benchmark schema regressions and flags material quality regressions with
pnpm bench:ci, a provider-free gate that validates fixture schemas and the 20-fixture reference file.
- Deterministic gate:
pnpm bench:ci, validating 20 fixtures againstbenchmarks/references/phase2-quality-gate.json. - Stable-candidate live run: GitHub Actions run 25317360402, documented in
docs/archived/live-benchmark-report.md. - Live result summary: 20/20 fixtures completed, 87.5% recall, 82.4% precision, 84.8% F1, and 0/6 FP regressions.
Treat model output, repository contents, PR text, and external inputs as untrusted data.
- Preserve untrusted-data wrapping across L1->L2, supporter->moderator, and L2->L3 prompt paths.
- Test delimiter spoofing, role override, output-format manipulation, JSON breakout, hidden-prompt requests, and premature verdict injection.
- Redact API keys, tokens, repo credentials, and provider auth errors in logs and sessions.
- Bound path access for config, diff context, MCP repo paths, and session reads.
- Keep GitHub token permissions minimal and document fork-secret behavior.
- Prompt-injection boundary tests pass for every LLM-to-LLM handoff.
- Secret redaction tests cover CLI logs, JSON output, session files, GitHub comments, and MCP responses.
- Path traversal tests cover diff context reads, session reads, config edits, and MCP repo paths.
- Security-sensitive large-diff files are prioritized before non-sensitive files.
Make install, first run, upgrade, and release boring.
- Finalize
@codeagora/reviewpackage metadata, files list, bin paths, and npm publish workflow. - Verify
@codeagora/mcppackage startup independently. - Keep GitHub Action examples aligned with the published package and bundled action entrypoint.
- Update
README.md,docs/for-users/CLI_REFERENCE.md,docs/for-users/CONFIGURATION.md,docs/for-users/PROVIDERS.md,docs/for-users/TROUBLESHOOTING.md, and.env.examplefor first-run success. - Add a release checklist for clean checkout install, build, test, package dry-run, CLI smoke, MCP smoke, and action smoke.
- Clean checkout:
pnpm install,pnpm build,pnpm typecheck,pnpm test, andpnpm bench:cipass. - Package dry-run includes only intended files and working binaries.
- Global install smoke runs
agora --help,agora init --yes, and a minimal review path. - MCP smoke starts via package command and lists tools.
- GitHub Action smoke validates bundled action execution.
- Changelog and release notes state production status, known limits, and migration path from
codeagora@2.x.
Make the official human-facing local UI reliable, testable, and contract-aligned with the automation surfaces.
- Keep desktop grounded in existing session files, config schemas, and CLI/MCP contracts.
- Support setup/readiness, session browsing, review history, result exploration, local review launch/cancel, model/cost visibility, and export flows.
- Avoid new review semantics, new config formats, or desktop-only execution behavior.
- Add local notifications only inside desktop, not as a separate package surface.
- Keep signing, notarization, updater, distribution, and support policy explicit in release evidence.
- Desktop can browse sessions generated by the CLI without migration.
- Desktop config editing round-trips through the same schemas used by CLI and MCP.
- Desktop does not change review outcomes compared with CLI for the same diff/config.
- Packaged app launch, WebDriver E2E, visual QA, bundle smoke, and desktop evidence manifest pass before release readiness is claimed.
A beta release requires all of the following. Passing this gate does not imply a stable release; stable readiness requires keeping the contracts and evidence above green over a release-candidate cycle:
- Phase 0 through Phase 6 acceptance gates complete.
pnpm typecheck,pnpm build,pnpm test, and action bundle build pass on clean checkout.- CLI, GitHub Action, MCP, and Desktop manual QA pass through their real user surfaces.
- Latest benchmark report is linked from README or release notes, and live
bench:fn:runresult directories are treated as uploaded artifacts rather than committedbench-out*directories. - Known limits are documented, especially provider nondeterminism, cost variance, language coverage, and fork-secret behavior.
- No retired surface is required for setup, review execution, or result inspection.
Use this queue after a beta release and before calling a stable candidate:
- Keep the public docs beta-first: README, onboarding, and release notes must say CLI, GitHub Actions, MCP, and Desktop are the supported surfaces.
- Freeze the stable contract: CLI JSON/NDJSON schemas, exit codes, MCP tool output, GitHub Action inputs, and documented config behavior must not change without a migration note.
- Keep
pnpm bench:cias the deterministic offline release gate, separate from livebench:fn:runevidence artifacts. - Attach at least one stable-candidate live benchmark report with provider/model set, TP/FP/FN, latency, cost or token availability, and provider failure notes.
- Keep research and paper drafts labeled as evidence-needed until they include result tables, repeated runs, or an explicit benchmark/test anchor.
- Run clean-checkout release validation: install, build, typecheck, test,
bench:ci, package dry-runs, CLI smoke, MCP smoke, Action bundle smoke, and Desktop gate. - Only after the above stays green through a release-candidate cycle should
latestdist-tag promotion or stable release wording be considered.
- Hosted service, billing, teams, or enterprise admin features.
- Desktop-only product launch that bypasses CLI/GitHub Action/MCP contracts.
- Reintroducing web dashboard, TUI, or notification package surfaces.
- Broad language-expansion claims beyond demonstrated benchmark coverage.
- Public claims of reviewer accuracy without benchmark evidence.
- Major provider abstraction rewrites unless current provider handling blocks the gates above.
| Risk | Impact | Mitigation |
|---|---|---|
| LLM nondeterminism | Flaky quality and hard-to-debug CI results | Use labeled benchmarks, structured contracts, confidence gates, and regression thresholds instead of exact prose snapshots |
| CI secret exposure | Token/API key leakage in fork PRs or logs | Redact secrets, document fork behavior, minimize GitHub token permissions, and test missing-secret paths |
| Surface drift | CLI, GitHub Action, and MCP produce different behavior | Keep shared core APIs and add cross-surface parity fixtures |
| Benchmark overfitting | Good scores without real utility | Keep clean-diff FP fixtures, multi-file cases, large diffs, and periodic live PR dogfooding |
| Packaging drift | Published package differs from repository behavior | Require package dry-run, global-install smoke, MCP package smoke, and action bundle smoke before release |
0. Surface freeze
1. CLI reliability
2. GitHub Action path
3. MCP parity
4. Benchmark gates
5. Security hardening
6. Packaging and onboarding
7. Desktop MVPPhases 4 and 5 should run continuously once Phase 1 is stable enough to measure. Phase 7 should not block the first production-ready CLI/GitHub/MCP release.