feat(reviewer): start in-app Shipwright queue#82
Open
dhamariT wants to merge 31 commits into
Open
Conversation
fix(landing): blahaj -> blåhaj to satisfy the swedes & pedantic
vandorena
reviewed
May 13, 2026
|
|
||
| event :return_for_changes do | ||
| transitions from: :under_review, to: :submitted | ||
| end |
Returns land in :needs_changes not :submitted so the user can tell what's going on and the queue doesn't immediately re-fill with the same row. submit_for_review accepts :needs_changes as a from: state and creates the pending ShipReview row so the queue actually fills. Shipwrights only have approve/reject — reject maps to ShipReview :returned and Project :needs_changes, so the user sees "Needs Changes." Project :rejected is fraud-only now, via admin force-state. Also drops the unused controller test and the Flipper gate on the reviewer route constraint.
Contributor
Author
|
on the Shipwright side the verdict button reads "Reject" - theres only two options, approve or reject. internally it maps to ShipReview status :returned, and the project lands in the new :needs_changes state, so the user sees "Needs Changes" on their project (not "Rejected"). Project :rejected is fraud-only now, set by an admin via the force-state modal (stolen repo, not their work, etc) — not something a Shipwright can do from the queue. |
Re-ships now probe demo_url + repo_url (Faraday GET, 5s timeout). Both reachable means auto-approve like before. Either fails means mark the pending ShipReview as returned with an automated failure feedback, sync hook flips the project to :needs_changes and DMs the owner. Shipwright approve also flips last_ship_event.certification_status to "approved" so voting/payout fires. Return leaves it alone so the user can re-ship without tripping the project_isnt_rejected requirement. Admin force-state syncs ship_event certification: :approved -> approved, :rejected -> rejected, anything else -> pending. Owner gets a Slack DM on approve and return verdicts.
Contributor
Author
|
so on a re-ship now we probe the demo + repo URLs and if either is dead we flip the project to needs changes and DM the owner with the reason. on a normal approve we also flip the ship event's certification_status so voting + payout actually fires, but on a return we leave it alone so the user can re-ship without getting blocked by the project_isnt_rejected check. admin force-state syncs the ship event the same way - approved/rejected pass through and anything else resets to pending. owner gets a slack DM on any terminal verdict. couldn't run tests locally bc pg_vector isn't installed on my pg, CI will. |
Shipwrights can't review ships on projects they're a member of - policy denies show/update/claim and scope filters them out. Same scope drops projects with deleted_at set so a deleted project mid-queue doesn't blow up the show view. Override available_for so next_eligible inherits the same filters, otherwise the next endpoint would still serve self-projects.
fix(edu): replace artemis patch image with misc patches image
Contributor
|
Bumping that you need to resolve conflicts. |
…0-to-1 # Conflicts: # AGENTS.md # app/assets/stylesheets/config/_variables.scss # app/controllers/projects/ships_controller.rb # app/javascript/controllers/index.js # app/models/user.rb # db/schema.rb
Brakeman flagged two weak-confidence SQL-injection warnings in state_flags.rb for interpolating column names into update_all SQL. Restrict callers to a known allowlist and pass the column through quote_column_name.
CI's db_checks job runs rails db:migrate then git diff --exit-code db/schema.rb. The reviewer-feature migrations (20260507183620_create_ship_reviews, 20260513195315_add_timeline_to_ship_reviews) were never reflected in the committed schema, so the diff failed after merging platform. Hand-write the table and foreign-key entries because the local pg_vector extension isn't installed and db:migrate can't run end-to-end.
- follow.rb, rsvp.rb, shop_order.rb: auto-merge dropped annotaterb annotations and small platform refinements (user_ref support, aasm requires_lock). Reset to platform's versions — these files don't carry reviewer-feature changes. - user/state_flags.rb: switch to a case statement with hardcoded column names in the SQL strings so brakeman can prove no SQL interpolation happens.
Same auto-merge pattern as the model files in 5209c95. follow_test.rb, follows.yml, and rsvps_controller_test.rb came from platform; the revert+merge sequence lost them. Reset to platform's versions.
The revert+merge sequence left a swath of platform files (landing redesign, user_ref RSVP flow, sidebar component, etc.) at their pre-platform state. Reset all non-reviewer-feature files to origin/platform, and add the user_ref route back to routes.rb alongside the reviewer namespace.
The bad-merge revert deleted db/migrate/20260511185822_add_user_ref_to_rsvps.rb, and git's subsequent auto-merge from platform sided with the deletion. Restore the migration file and add the user_ref column to db/schema.rb.
CI's annotaterb --frozen check requires the schema annotation block. Add the expected block based on db/schema.rb's ship_reviews definition.
upload_form_controller.js was removed in 0b62d40 but the registration in index.js was reintroduced by my conflict resolution against platform. No views reference 'upload-form' and the import would fail at runtime. file-upload stays — that controller and its callers still exist.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
We're rewriting the review page and we're integrating it with AVD.