Skip to content

[AI] CodeRabbitAI Configuration#1151

Merged
RichardAnderson merged 3 commits into
vitodeploy:4.xfrom
RichardAnderson:fix/coderabbit
Jun 6, 2026
Merged

[AI] CodeRabbitAI Configuration#1151
RichardAnderson merged 3 commits into
vitodeploy:4.xfrom
RichardAnderson:fix/coderabbit

Conversation

@RichardAnderson

@RichardAnderson RichardAnderson commented Jun 6, 2026

Copy link
Copy Markdown
Member

This pull request introduces a comprehensive .coderabbit.yaml configuration file to enforce code review standards, conventions, and best practices across the codebase. The configuration covers language, review profile, workflow settings, pre-merge checks, and highly detailed path-specific coding and architectural instructions for both backend (PHP/Laravel) and frontend (React/TypeScript) code. It also specifies security, testing, and documentation requirements.

Summary by CodeRabbit

Release Notes

  • Chores
    • Updated development and review configuration to reinforce coding standards, security checks and project conventions.
    • Aligned project documentation and tooling versions with the latest framework and test-suite releases.

Note: These are internal tooling and configuration updates with no direct changes to user-facing functionality.

@coderabbitai

coderabbitai Bot commented Jun 6, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

📝 Walkthrough

Walkthrough

Populates .coderabbit.yaml with en-GB review settings, path filters, extensive path-specific conventions and security rules, enables chat.auto_reply; updates .github/copilot-instructions.md and CLAUDE.md to reference Laravel 13 and PHPUnit 12.

Changes

CodeRabbit Review Configuration and Stack Docs

Layer / File(s) Summary
Review profile and global behaviour settings
.coderabbit.yaml
Schema reference, en-GB locale, assertive review profile, high-level summary enabled, poem and request-changes workflow disabled.
Path filtering and pre-merge docstring configuration
.coderabbit.yaml
Pre-merge docstring mode disabled, finishing-touch docstring disabled, exclusion filters for build/vendor/node_modules and lockfiles.
Path-specific architectural and code conventions
.coderabbit.yaml
Adds path_instructions covering PHP backend patterns (models, enums, thin controllers, actions, policies, migrations, transactions), React/TypeScript UI/dialog patterns, CSS token guidance, Blade SSH sanitisation, PHPUnit testing constraints, and OpenAPI sync expectations.
Security rules for {app,routes} PHP files
.coderabbit.yaml
Security-focused instructions for SSH helper usage, secret/token redaction and merge rules, project-scoped API key enforcement, disallowing production-only routes/actions, and requiring SocketEvent::dispatch() with SocketEventDTO.
Chat auto-reply enablement
.coderabbit.yaml
Enables chat.auto_reply.
Copilot instructions stack bump
.github/copilot-instructions.md
Updates stack line to Laravel 13 and PHPUnit 12.
CLAUDE.md stack version bump
CLAUDE.md
Updates documented Laravel version from 12 to 13.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 4
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title '[AI] CodeRabbitAI Configuration' accurately reflects the main change—adding comprehensive CodeRabbit configuration files to enforce code review standards and conventions.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.coderabbit.yaml:
- Around line 22-35: Update the tooling config text to reflect the actual
framework version: change the description string "PHP 8.4 / Laravel 12 codebase"
to "PHP 8.4 / Laravel 13 codebase" in .coderabbit.yaml to match composer.json
which requires "laravel/framework ^13.0"; also verify and document that the
HasRolePolicies trait exists and exposes the required methods by confirming
app/Traits/HasRolePolicies.php defines hasReadAccess(), hasWriteAccess(), and
hasOwnerAccess() so the policy guidance in the instructions remains accurate.
- Around line 100-105: Update the test instructions under the path "tests/**" to
reflect PHPUnit 12 instead of "PHPUnit 11 only" (or remove the explicit version
pin); edit the instructions block that currently contains the string "PHPUnit 11
only." so it reads "PHPUnit 12 only." and keep the rest of the guidance
(RefreshDatabase, factories, assertDatabaseHas(), pre-configured TestCase,
SSH::fake(), Http::fake(), etc.) unchanged.
- Around line 58-63: Update the guidance text to be specific: replace the
current broad phrasing about “mutates DB/runtime state reflected in
GetBootstrap::configs()” with wording that says any Action that "mutates state
that affects GetBootstrap's configs-derived bootstrap payload/version" must call
GetBootstrap::forgetVersion(); reference GetBootstrap::VERSION_CACHE_KEY,
GetBootstrap::version(), GetBootstrap::computeVersion(), GetBootstrap::configs()
and the forgetVersion() method so reviewers know the exact cache key and methods
involved.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 853e0db6-f19f-4404-89d1-f0247737c772

📥 Commits

Reviewing files that changed from the base of the PR and between 51418db and 2006225.

📒 Files selected for processing (1)
  • .coderabbit.yaml

Comment thread .coderabbit.yaml
Comment thread .coderabbit.yaml
Comment thread .coderabbit.yaml

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

♻️ Duplicate comments (1)
.coderabbit.yaml (1)

58-63: 🧹 Nitpick | 🔵 Trivial

Adjust GetBootstrap invalidation guidance to match implementation.

The instruction wording should reference the specific cache key and methods involved (GetBootstrap::VERSION_CACHE_KEY, version(), computeVersion()) to help reviewers understand the exact invalidation mechanism. Consider rewording to "mutates state that affects GetBootstrap's configs-derived bootstrap payload/version" for precision.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.coderabbit.yaml around lines 58 - 63, Update the guidance text to
explicitly reference GetBootstrap::VERSION_CACHE_KEY and the methods
GetBootstrap::version() and GetBootstrap::computeVersion(), and rephrase the
invalidation rule to say that any Action which "mutates state that affects
GetBootstrap's configs-derived bootstrap payload/version" must call
GetBootstrap::forgetVersion() after mutation; locate the Action guidance block
(the section listing validation and method name rules) and replace the existing
sentence about calling GetBootstrap::forgetVersion() with this precise wording
and include the cache key/method names for clarity.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Duplicate comments:
In @.coderabbit.yaml:
- Around line 58-63: Update the guidance text to explicitly reference
GetBootstrap::VERSION_CACHE_KEY and the methods GetBootstrap::version() and
GetBootstrap::computeVersion(), and rephrase the invalidation rule to say that
any Action which "mutates state that affects GetBootstrap's configs-derived
bootstrap payload/version" must call GetBootstrap::forgetVersion() after
mutation; locate the Action guidance block (the section listing validation and
method name rules) and replace the existing sentence about calling
GetBootstrap::forgetVersion() with this precise wording and include the cache
key/method names for clarity.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 3030bbf4-1e59-49f4-a774-8d74dd7bfa6e

📥 Commits

Reviewing files that changed from the base of the PR and between 2006225 and 9078b4a.

📒 Files selected for processing (3)
  • .coderabbit.yaml
  • .github/copilot-instructions.md
  • CLAUDE.md

@RichardAnderson RichardAnderson merged commit 724268b into vitodeploy:4.x Jun 6, 2026
4 checks passed
@RichardAnderson RichardAnderson deleted the fix/coderabbit branch June 6, 2026 16:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants