vypdev
diff --git a/‎build/github_action/src/data/repository/branch_repository.d.ts‎
Lines changed: 1 addition & 1 deletion b/‎build/github_action/src/data/repository/branch_repository.d.ts‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs.json‎
Lines changed: 30 additions & 0 deletions b/‎docs.json‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎docs/bugbot/autofix.mdx‎
Lines changed: 114 additions & 0 deletions b/‎docs/bugbot/autofix.mdx‎
Lines changed: 114 additions & 0 deletions
diff --git a/‎docs/bugbot/configuration.mdx‎
Lines changed: 149 additions & 0 deletions b/‎docs/bugbot/configuration.mdx‎
Lines changed: 149 additions & 0 deletions
@@ -33,7 +33,7 @@ export declare class BranchRepository {
         totalCommits: number;
         files: {
             filename: string;
-            status: "modified" | "added" | "removed" | "renamed" | "copied" | "changed" | "unchanged";
+            status: "added" | "removed" | "modified" | "renamed" | "copied" | "changed" | "unchanged";
             additions: number;
             deletions: number;
             changes: number;
 
@@ -177,6 +177,36 @@
           "title": "Overview",
           "href": "/bugbot",
           "icon": "bug"
+        },
+        {
+          "title": "Detection",
+          "href": "/bugbot/detection",
+          "icon": "search"
+        },
+        {
+          "title": "Autofix",
+          "href": "/bugbot/autofix",
+          "icon": "wrench"
+        },
+        {
+          "title": "Do user request",
+          "href": "/bugbot/do-user-request",
+          "icon": "edit"
+        },
+        {
+          "title": "Configuration",
+          "href": "/bugbot/configuration",
+          "icon": "gear"
+        },
+        {
+          "title": "How it works",
+          "href": "/bugbot/how-it-works",
+          "icon": "cpu"
+        },
+        {
+          "title": "Examples",
+          "href": "/bugbot/examples",
+          "icon": "file-code"
         }
       ]
     },
 
@@ -0,0 +1,114 @@
+---
+title: Autofix
+description: How to ask the bot to fix one or more Bugbot findings from an issue or PR comment.
+---
+
+# Autofix
+
+**Bugbot autofix** lets you ask the bot to **fix** one or more of the findings it previously reported. You write a **comment** on the issue or on the pull request (or reply in a review thread); OpenCode figures out **which** findings you mean and applies the fixes. The action then runs your **verify commands** (e.g. build, test, lint) and, if they pass, **commits and pushes** and marks those findings as resolved.
+
+This page explains how to trigger autofix, who can do it, and what the action does under the hood.
+
+---
+
+## How to ask for a fix
+
+### From the issue
+
+Add a **comment** on the issue that references the findings you want fixed. OpenCode receives your comment plus the list of **unresolved findings** (id, title, short description) and returns whether it’s a fix request and which finding ids to fix.
+
+**Example phrases (English):**
+
+- “fix it”
+- “fix this”
+- “fix all”
+- “fix the first one”
+- “fix finding abc-123”
+- “please fix the null reference and the off-by-one”
+
+**Example phrases (Spanish):**
+
+- “arregla”
+- “arregla este”
+- “arregla todos”
+- “fix it” (also understood)
+
+You don’t have to use exact wording; the Plan agent interprets intent. Be clear when you want only **some** findings (e.g. “fix the first two” or “fix the one about the login handler”).
+
+**Important:** On **issue comments**, the action needs an **open pull request** that references the issue so it can determine which **branch** to checkout and push to. If there is no such PR, autofix is skipped (the action cannot push without a branch). See [Troubleshooting → Bugbot autofix](/troubleshooting#bugbot-autofix).
+
+### From the pull request
+
+You can trigger autofix from the PR in two ways:
+
+1. **Reply in a review thread** — Reply to the **review comment** that contains the finding. The action sends your reply plus the **parent comment** (the finding text) to OpenCode so it can match the finding and run the fix.
+2. **Comment on the PR** — Add a **general comment** on the PR (e.g. “fix all” or “fix the one about X”). Same as on the issue: OpenCode gets the list of unresolved findings and your comment and returns target finding ids.
+
+In both cases, the action runs on the PR’s **head branch** (it already has the branch from the event), so no extra “resolve branch from issue” step is needed.
+
+---
+
+## Permissions
+
+Only **certain users** can trigger file-modifying actions (autofix and [do user request](/bugbot/do-user-request)):
+
+- **Organization repositories:** The comment author must be a **member of the organization** (checked via GitHub’s `orgs.checkMembershipForUser`). If the author is not a member, the action does **not** run autofix; it can still run **Think** and reply with an answer.
+- **User (personal) repositories:** Only the **repository owner** can trigger autofix. Other users get a Think response only.
+
+This avoids random contributors or external users pushing commits via comments. There is no separate “Bugbot role”; the same rule applies to both autofix and do-user-request.
+
+---
+
+## Workflow permissions
+
+The action must be able to **commit and push** to the branch. Your workflow that runs on **`issue_comment`** or **`pull_request_review_comment`** must grant:
+
+```yaml
+permissions:
+  contents: write
+```
+
+Without `contents: write`, the action cannot push. Detection (and posting findings) does not require this; only **autofix** and **do-user-request** do.
+
+Example: see [Examples → Issue comment workflow](/bugbot/examples#issue-comment-workflow-for-autofix).
+
+---
+
+## Verify commands
+
+After OpenCode applies the fixes in its workspace, the action runs **verify commands** in the runner (e.g. build, test, lint). These are configured with **`bugbot-fix-verify-commands`** (comma-separated). For example:
+
+```yaml
+bugbot-fix-verify-commands: "npm run build, npm test, npm run lint"
+```
+
+- If **all** commands succeed, the action runs `git add`, **commit**, and **push** with a message like `fix(#123): bugbot autofix - resolve finding-1, finding-2`.
+- If **any** command fails, the action **does not commit**. No push happens, and the findings are not marked as resolved.
+
+So verify commands act as a gate: only passing runs produce a commit. If you leave `bugbot-fix-verify-commands` empty, only OpenCode’s own run is used (the action may still commit if there are file changes). See [Configuration](/bugbot/configuration#bugbot-fix-verify-commands).
+
+---
+
+## What happens after a successful fix
+
+1. OpenCode **Build** agent applies the code changes in its workspace.
+2. The action runs the **verify commands** in the runner; if any fails, it stops.
+3. The action runs **git add**, **commit** (message: `fix(#N): bugbot autofix - resolve <finding ids>`), and **push** to the branch.
+4. The action **marks** the fixed findings as **resolved**: it updates the corresponding issue and PR comments (hidden marker set to `resolved: true`) and, on the PR, **resolves the review threads** for those comments.
+
+So the next time detection runs (e.g. on the next push), OpenCode will see those findings as resolved and not suggest them again.
+
+---
+
+## Troubleshooting
+
+- **Bot didn’t run autofix:** Check that OpenCode is configured, the comment is interpreted as a fix request (e.g. “fix it”, “fix all”), and there is at least one **unresolved** finding. On **issue comments**, ensure there is an **open PR** that references the issue so the action can resolve the branch. See [Troubleshooting → Bugbot autofix](/troubleshooting#bugbot-autofix).
+- **Commit not made:** Verify commands run after the fix; if any fails, no commit is made. If OpenCode didn’t change any files, there’s nothing to commit. If push failed (e.g. conflict or missing `contents: write`), check workflow permissions and token scope.
+
+---
+
+## Next steps
+
+- **[Do user request](/bugbot/do-user-request)** — Ask for general code changes (not tied to a specific finding).
+- **[Configuration](/bugbot/configuration)** — `bugbot-fix-verify-commands` and related inputs.
+- **[Examples](/bugbot/examples)** — Comment examples and workflow snippets.
@@ -0,0 +1,149 @@
+---
+title: Configuration
+description: All Bugbot-related action inputs: severity, comment limit, verify commands, and ignore files.
+---
+
+# Configuration
+
+This page lists every **Bugbot-related** input: what it does, default value, and example usage. For the full list of Copilot inputs (branches, labels, projects, etc.), see [Configuration](/configuration).
+
+---
+
+## OpenCode (required for Bugbot)
+
+Bugbot depends on OpenCode for both **detection** (Plan agent) and **autofix / do-user-request** (Build agent). These inputs are shared with other AI features (progress, Think, AI PR description).
+
+| Input | Default | Description |
+|-------|---------|-------------|
+| **`opencode-server-url`** | `http://localhost:4096` | URL of the OpenCode server. The runner must be able to reach it (e.g. same job if you use `opencode-start-server: true`). |
+| **`opencode-model`** | `opencode/kimi-k2.5-free` | Model in `provider/model` format (e.g. `anthropic/claude-3-5-sonnet`, `openai/gpt-4o-mini`). |
+| **`opencode-start-server`** | `true` | If `true`, the action starts an OpenCode server at job start and stops it at job end. Requires provider API keys (e.g. `OPENAI_API_KEY`) passed as env. If you run OpenCode yourself, set to `false` and pass `opencode-server-url`. |
+
+Without a valid `opencode-server-url` and `opencode-model`, Bugbot **detection** is skipped (no findings posted). **Autofix** and **do-user-request** also require OpenCode and a running server (or `opencode-start-server: true`) so the Build agent can apply changes in the workspace.
+
+---
+
+## bugbot-severity
+
+**Default:** `low`
+
+**Description:** Minimum severity for findings to be **published** as comments on the issue and PR. Findings with severity **below** this threshold are filtered out before publishing.
+
+| Value | Findings published |
+|-------|---------------------|
+| `info` | info, low, medium, high |
+| `low` | low, medium, high |
+| `medium` | medium, high |
+| `high` | high only |
+
+**Example:**
+
+```yaml
+# Only report medium and high (skip low and info)
+bugbot-severity: "medium"
+```
+
+```yaml
+# Report everything including info
+bugbot-severity: "info"
+```
+
+---
+
+## bugbot-comment-limit
+
+**Default:** `20`
+
+**Description:** Maximum number of findings to publish as **individual** comments on the issue and PR. If OpenCode returns more findings (after severity and ignore filters), only the first N are posted one per comment; the rest are summarized in a **single overflow comment** on the issue (e.g. “X additional findings were not posted; consider reviewing the branch locally”).
+
+The value is clamped between **1** and **200** (or your docs’ stated range). Use a higher limit if you want more findings visible at the cost of more comments.
+
+**Example:**
+
+```yaml
+# Default: up to 20 individual comments + 1 overflow if needed
+bugbot-comment-limit: "20"
+
+# Stricter: only 10 individual comments
+bugbot-comment-limit: "10"
+
+# Allow up to 50 individual comments
+bugbot-comment-limit: "50"
+```
+
+---
+
+## bugbot-fix-verify-commands
+
+**Default:** `""` (empty)
+
+**Description:** Comma-separated list of **commands** to run **after** OpenCode applies changes (autofix or do-user-request) and **before** the action commits and pushes. Typically: build, test, lint. If **any** command fails, the action **does not commit**; no push happens and findings are not marked as resolved.
+
+- Commands are parsed (e.g. with shell-quote) and run in the runner; there is a **maximum of 20** commands.
+- If left **empty**, only OpenCode’s own execution is used; the action may still commit if there are file changes.
+
+**Example:**
+
+```yaml
+# Run build, test, and lint before committing
+bugbot-fix-verify-commands: "npm run build, npm test, npm run lint"
+```
+
+```yaml
+# Single command
+bugbot-fix-verify-commands: "npm test"
+```
+
+```yaml
+# From a repo/organization variable (recommended for secrets or env-specific commands)
+bugbot-fix-verify-commands: ${{ vars.BUGBOT_AUTOFIX_VERIFY_COMMANDS }}
+```
+
+Use this in workflows that run on **`issue_comment`** or **`pull_request_review_comment`** so autofix and do-user-request only commit when your checks pass.
+
+---
+
+## ai-ignore-files
+
+**Default:** `""` (empty)
+
+**Description:** Comma-separated list of **paths or patterns** to **exclude** from AI operations that analyze file content or paths. For Bugbot:
+
+- **Detection:** These paths are passed to OpenCode in the prompt (“do not report findings in files matching …”) and findings in matching files are **filtered out** before publishing.
+- **Autofix / do-user-request:** The ignore list is not used to restrict which files the Build agent can edit; it mainly affects **detection** and reporting.
+
+Common use: exclude generated code, vendored deps, or noisy directories.
+
+**Example:**
+
+```yaml
+# Ignore build output and lockfiles
+ai-ignore-files: "build/*, dist/*, package-lock.json"
+```
+
+```yaml
+# Ignore specific dirs and patterns
+ai-ignore-files: "**/node_modules/**, **/vendor/**, *.min.js"
+```
+
+---
+
+## Summary table
+
+| Input | Default | Used by |
+|-------|---------|---------|
+| `opencode-server-url` | `http://localhost:4096` | Detection, autofix, do-user-request |
+| `opencode-model` | `opencode/kimi-k2.5-free` | Detection, autofix, do-user-request |
+| `opencode-start-server` | `true` | All AI features |
+| `bugbot-severity` | `low` | Detection (filter before publish) |
+| `bugbot-comment-limit` | `20` | Detection (max individual comments) |
+| `bugbot-fix-verify-commands` | `""` | Autofix, do-user-request (before commit) |
+| `ai-ignore-files` | `""` | Detection (exclude paths from findings) |
+
+---
+
+## Next steps
+
+- **[Detection](/bugbot/detection)** — How severity and comment limit affect published findings.
+- **[Autofix](/bugbot/autofix)** — How verify commands gate commits.
+- **[Configuration](/configuration)** — Full Copilot configuration reference.