fix(ci): review-hinweise fachlich abarbeiten und governance haerten#97
Merged
tomtastisch merged 2 commits intomainfrom Feb 18, 2026
Merged
Conversation
github-actions
bot
added
area:pipeline
area:docs
area:tooling
area:tests
feature
tomtastisch
deleted the
codex/fix/review-findings-qodana-archive-guards
branch
Contributor
There was a problem hiding this comment.
Pull request overview
This PR addresses review feedback by hardening CI governance and eliminating code duplication in archive handling. The changes focus on three main areas: correcting the Qodana workflow to properly handle untrusted PR contexts (forks and dependabot), consolidating duplicate SharpCompress helper functions into a shared compatibility class, and strengthening governance rules around review thread resolution.
Changes:
- Added fork/dependabot guard to Qodana workflow to exclude untrusted PR contexts from secret-dependent checks while maintaining fail-closed behavior for trusted contexts
- Refactored duplicate SharpCompress helper functions (
OpenArchive,OpenArchiveForContainer,HasGZipMagic,OpenGZipArchive) into sharedArchiveSharpCompressCompatclass - Removed unused dead code (
TryProbeEntrySizeWithinLimit) and updated all references acrossArchiveTypeResolverandSharpCompressArchiveBackendclasses - Added inline documentation explaining coverage threshold baseline and test project framework requirements
- Strengthened AGENTS.md governance to require substantive work (code/test/doc changes with evidence or justified rebuttal) before resolving review threads
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/qodana.yml |
Added job-level condition to exclude fork and dependabot PRs from Qodana execution; updated comment to clarify fail-closed behavior applies to trusted contexts only |
src/FileTypeDetection/Infrastructure/ArchiveInternals.vb |
Introduced ArchiveSharpCompressCompat class to centralize duplicate SharpCompress helper functions; removed duplicate implementations from ArchiveTypeResolver and SharpCompressArchiveBackend; deleted unused TryProbeEntrySizeWithinLimit function |
docs/ci/101_PIPELINE_CI.MD |
Updated English documentation to reflect Qodana workflow changes and clarify trusted vs untrusted context behavior |
docs/ci/001_PIPELINE_CI.MD |
Updated German documentation to match English changes for consistency |
AGENTS.md |
Added explicit rule requiring substantive response before resolving review threads to prevent procedural-only resolutions |
tools/run-coverage.sh |
Added comment explaining coverage threshold baseline and future improvement plan |
tests/PackageBacked.Tests/PackageBacked.Tests.csproj |
Added comment explaining net10.0 framework requirement for package-backed xUnit v3 execution |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Ziel & Scope
Diese PR arbeitet die zutreffenden Review-Hinweise fachlich ab und haertet den Workflow/Code ohne Scope-Drift:
ArchiveInternals.vbbereinigt,AGENTS.mdverbindlich verschaerft (kein sinnfreies Resolven).Umgesetzte Aufgaben (abhaken)
.github/workflows/qodana.ymlwiederhergestellt.ArchiveInternals.vbin gemeinsame Kompat-Klasse extrahiert.HasGZipMagic,OpenArchiveCompat) entfernt.TryProbeEntrySizeWithinLimitentfernt.Nachbesserungen aus Review (iterativ)
ArchiveInternals.vbumgesetzt.PackageBacked.TestsTFM-Wahl (net10.0) im.csprojdokumentiert.AGENTS.mderweitert: Threads nur nach fachlicher Bearbeitung resolven.Security- und Merge-Gates
security/code-scanning/tools: Zielzustand vor Merge ist 0 offene Alerts.Evidence (auditierbar)
python3 tools/check-docs.py->Doc check OKdotnet build FileClassifier.sln -c Release --no-restore->0 Fehler,0 Warnung(en)dotnet test tests/FileTypeDetectionLib.Tests/FileTypeDetectionLib.Tests.csproj -c Release --no-restore --filter "FullyQualifiedName~ArchiveInternals|FullyQualifiedName~SharpCompressArchiveBackendUnitTests|FullyQualifiedName~UnifiedArchiveBackendUnitTests"->65/65 erfolgreichdotnet test tests/PackageBacked.Tests/PackageBacked.Tests.csproj -c Release --no-restore -f net10.0->2/2 erfolgreichDoD (mindestens 2 pro Punkt)
AGENTS.mdverbietet unfachliches Thread-Resolven explizit