Skip to content

chore: dispatch audits to AIAuditBridge#26

Merged
Pigbibi merged 1 commit into
mainfrom
codex/use-ai-audit-bridge
Jul 3, 2026
Merged

chore: dispatch audits to AIAuditBridge#26
Pigbibi merged 1 commit into
mainfrom
codex/use-ai-audit-bridge

Conversation

@Pigbibi

@Pigbibi Pigbibi commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Point shadow signal dispatch token allowlist at AIAuditBridge
  • Update architecture/script wording to match the canonical bridge

Verification

  • python3 -m pytest tests/test_dispatch_shadow_signal_workflow.py tests/test_post_shadow_signal_request.py
  • git diff --check

Co-Authored-By: Codex <noreply@openai.com>
@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🤖 Codex PR Review

⚠️ Review skipped: The Codex review could not be completed.

No Codex service URL or API key configured. Set CODEX_AUDIT_SERVICE_URL, ANTHROPIC_API_KEY, or OPENAI_API_KEY.

Please ensure a human reviewer checks this PR before merging.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 43b9fbce04

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines 109 to +110
repositories: |
CodexAuditBridge
AIAuditBridge

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Scope the app token to the configured bridge

When vars.CODEX_AUDIT_BRIDGE_REPOSITORY is set to a bridge other than QuantStrategyLab/AIAuditBridge, the dispatch later uses that configured BRIDGE_REPOSITORY, but this step now always creates an installation token scoped only to AIAuditBridge. The upstream actions/create-github-app-token docs define repositories as the list of repositories to grant access to, and the script prefers APP_TOKEN over CODEX_AUDIT_DISPATCH_TOKEN, so a configured bridge such as QuantStrategyLab/CodexAuditBridge will fail authorization instead of falling back. Please derive this repository entry from BRIDGE_REPOSITORY or omit it for owner-wide installation access.

Useful? React with 👍 / 👎.

@Pigbibi Pigbibi merged commit 954c241 into main Jul 3, 2026
5 of 6 checks passed
@Pigbibi Pigbibi deleted the codex/use-ai-audit-bridge branch July 3, 2026 09:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant