// Fetch CodeRabbit review comments on the current PR, classify each finding, apply fixes for valid issues, and reply to each thread. Use before attempting gh pr merge when CodeRabbit has posted a review. Blocks merge on unresolved threads. Routes security-critical findings to a human.
| name | address-reviews |
| description | Fetch CodeRabbit review comments on the current PR, classify each finding, apply fixes for valid issues, and reply to each thread. Use before attempting gh pr merge when CodeRabbit has posted a review. Blocks merge on unresolved threads. Routes security-critical findings to a human. |
| argument-hint | ["pr-number","optional — defaults to PR for current branch"] |
| context | fork |
Address CodeRabbit review comments on a PR end-to-end: fetch, classify, fix, reply, commit, push. See ci/tools/coderabbit_addressor.py for the helper that drives the workflow.
Arguments: $ARGUMENTS
Fetch comments. Run:
uv run ci/tools/coderabbit_addressor.py $ARGUMENTS --plan
This prints a JSON plan listing every unresolved CodeRabbit comment, classified into one of four buckets:
valid-fix — actionable code changestyle — preference/nit; reply-onlyfalse-positive — disagree; reply with rationalesecurity-flag — flag a human; do not auto-fixReview the plan. For each valid-fix, read the file/line being flagged and decide the concrete change. For false-positive, draft the reply. Do not touch anything in security-flag — leave it for a human reviewer.
Apply fixes one comment at a time. Edit the referenced file, re-read to confirm the change is correct, and stage it.
Reply to each thread via:
uv run ci/tools/coderabbit_addressor.py $ARGUMENTS --reply <comment-id> "<message>"
Keep replies terse: either "Fixed in " or a one-sentence rationale for disagreement.
Commit and push using a conventional-commit-format message that lists each addressed comment:
fix: address CodeRabbit review feedback
- <comment-1-summary>
- <comment-2-summary>
Re-run the plan. If valid-fix count hits zero and no security-flag remains, the PR is ready to merge. Otherwise iterate — hard limit: 3 passes.
security-flag comments. The classifier routes any comment mentioning security, CVE, auth, credential, secret, RCE, injection, CRITICAL, data loss, UAF, use-after-free, buffer overflow, or out-of-bounds into this bucket.ci/hooks/check_pr_merge_reviews.py) blocks gh pr merge until all CodeRabbit threads are resolved, so you cannot accidentally ship with pending feedback.gh pr merge on a PR where CodeRabbit has posted review comments.security-flag state — defer to a human.Generate a structured multi-layer test plan for FastLED changes targeting ESP32. Covers host unit tests, WASM compile checks, platform compile checks, and hardware validation. Use after defining an implementation contract, before writing any code.
Generate a structured implementation contract before making any code changes to FastLED. Defines scope, affected files, API changes, platform impact, risk assessment, and test plan. Use before implementing any feature, bug fix, driver addition, or refactoring.
Review staged and unstaged code changes for FastLED coding standards violations, span usage mandates, and example quality. Use after making code changes to ensure compliance.
Review and implement hardware driver code — DMA safety, interrupt correctness, timing constraints, peripheral register usage, channel drivers, and peripheral mock implementations. Use when writing, modifying, or reviewing LED drivers, SPI/I2S/RMT/UART/PARLIO/LCD_CAM peripherals, GPIO configuration, or peripheral mock code.
Scan all CI builds and tests, find failures, fetch error logs, and fix the code. Prioritizes unit tests, example tests, then uno, attiny85, esp32s3, esp32c6, teensy41. Use when CI is red and you need to diagnose and repair build/test failures.
Debug GitHub Actions build failures by fetching and analyzing workflow logs. Use when CI/CD pipelines fail and you need to identify the root cause.