fix: governance ID check must ignore code blocks (review #415)
REQ/TASK/TEST ID 패턴 매칭을 _strip_code_segments() 결과에 적용하여 코드 펜스/인라인 코드 안에만 ID를 넣어 검증을 우회하는 케이스를 차단. 회귀 테스트 추가: test_validate_pr_body_text_rejects_governance_ids_in_code_block_only Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
agentson
@@ -50,11 +50,13 @@ def validate_pr_body_text(text: str, *, check_governance: bool = True) -> list[s
|
||||
if not LIST_ITEM_PATTERN.search(text):
|
||||
errors.append("body is missing markdown list items")
|
||||
if check_governance:
|
||||
if not REQ_ID_PATTERN.search(text):
|
||||
# Check governance IDs against code-stripped text so IDs hidden in code
|
||||
# blocks or inline code are not counted (prevents spoof via code fences).
|
||||
if not REQ_ID_PATTERN.search(searchable):
|
||||
errors.append("body is missing REQ-ID traceability (e.g. REQ-OPS-001)")
|
||||
if not TASK_ID_PATTERN.search(text):
|
||||
if not TASK_ID_PATTERN.search(searchable):
|
||||
errors.append("body is missing TASK-ID traceability (e.g. TASK-OPS-001)")
|
||||
if not TEST_ID_PATTERN.search(text):
|
||||
if not TEST_ID_PATTERN.search(searchable):
|
||||
errors.append("body is missing TEST-ID traceability (e.g. TEST-OPS-001)")
|
||||
return errors
|
||||
|
||||
|
||||
Reference in New Issue
Block a user