Skip to content

feat(report): credibility scoring pipeline for report-an-issue#35

Merged
abdout merged 2 commits into
mainfrom
feat/report-scoring
May 12, 2026
Merged

feat(report): credibility scoring pipeline for report-an-issue#35
abdout merged 2 commits into
mainfrom
feat/report-scoring

Conversation

@abdout
Copy link
Copy Markdown
Contributor

@abdout abdout commented May 12, 2026

Summary

Replaces the bare "POST to GitHub" report-an-issue action with a strict credibility scoring pipeline that filters nonsense + destructive submissions before they reach the auto-fix queue, while respecting wisdom-of-the-crowd corroboration.

Plan: /Users/abdout/.claude/plans/read-report-an-issue-glistening-wave.md

Pipeline

Zod parse → resolve reporter → hard filters (HF1-HF10) → Turnstile →
dedup search → Haiku triage → score R+Q+C+A+P → bucket → GitHub issue

Strict thresholds

Score Bucket Action
<30 silent-reject No issue created
30-54 low-confidence Issue + label, agent skips, 14d auto-close
55-74 needs-human Issue + label, human review
≥75 verified-report Issue + label, agent auto-fixes

Mkan-specifics

  • Adapter uses @/lib/auth + existing assertRateLimit + Upstash KV (zero new infrastructure)
  • Adds report + report-tenant buckets to existing rateLimiters map
  • HOST role base reputation 14, GUEST 10
  • Caught noUncheckedIndexedAccess strict-mode TS issues that other repos don't (fixes propagated)

Files

src/lib/report/                  NEW (13 files)
src/components/report-issue/     NEW directory replacing single file
src/lib/actions/report-issue.ts  REFACTORED to call pipeline
src/lib/rate-limit.ts            +report buckets in existing map

Required env

ANTHROPIC_API_KEY                  (NEW)
NEXT_PUBLIC_TURNSTILE_SITE_KEY     (NEW)
TURNSTILE_SECRET_KEY               (NEW)
REPORT_IP_SALT                     (NEW)

Upstash already configured.

Verification

pnpm typecheck — 0 errors.

Bootstrap (run once after merge)

bash /Users/abdout/codebase/scripts/bootstrap-report-labels.sh databayt/mkan

🤖 Generated with Claude Code

@claude
feat(report): credibility scoring pipeline for report-an-issue
491e13f 
Replaces the bare "POST to GitHub" report action with a strict scoring
pipeline that filters nonsense + destructive submissions before they
reach the auto-fix queue, while respecting wisdom-of-the-crowd
corroboration (3 independent reports on the same URL force verified).

Pipeline:
  Zod parse → resolve reporter → hard filters (HF1-HF10) → Turnstile →
  dedup search → Haiku triage → score R+Q+C+A+P → bucket → GitHub issue

Strict thresholds (locked in plan):
  <30   silent-reject       no issue created
  30-54 low-confidence      issue + label, agent skips, 14d auto-close
  55-74 needs-human         issue + label, human review
  ≥75   verified-report     issue + label, agent auto-fixes

Overrides:
  destructive classification → forced needs-human regardless of score
  3 corroborations on same URL → upgrade existing to verified
  AI failure → cap at needs-human (never silent-rejects legit report)
  severityHint=critical + score≥60 → promote to verified

Mkan-specifics:
  - Adapter uses @/lib/auth + existing assertRateLimit + Upstash KV
  - Adds 'report' + 'report-tenant' buckets to existing rateLimiters map
  - HOST and GUEST roles get reputation bases of 14 and 10 respectively
  - Reuses existing Upstash infrastructure (already in mkan's deps)

Anti-abuse measures:
  - 60s client-side cooldown mirrors HF9 (fixes triple-click case)
  - Symmetric success toast denies feedback to spammers
  - Anonymous requires Turnstile, capped at base reputation 4
  - Per-tenant rate limit catches coordinated abuse

Plan: /Users/abdout/.claude/plans/read-report-an-issue-glistening-wave.md

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@vercel
Copy link
Copy Markdown

vercel Bot commented May 12, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
mkan Error Error May 12, 2026 0:37am

@claude
test(report): refresh action tests for new pipeline shape
1a4a67a 
The old report-issue tests covered the pre-pipeline bare-fetch action.
The action is now a thin wrapper around runReportPipeline; the old
contract (throwing on missing token, retrying on 422, posting an ack
comment) lives inside the pipeline now and is covered by the canonical
src/lib/report/__tests__ suite.

Action tests now smoke-test the wiring:
  - input forwarding to pipeline
  - bucket-aware return shape (issueNumber surfaces only for verified-report)
  - failure pass-through

Deleted tests/components/common/report-issue.test.tsx — the ReportIssue
component is now an async server component that auth()s before rendering
the client dialog. RTL can't render async server components; component
behavior is covered by Playwright at the integration level.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@abdout abdout marked this pull request as ready for review May 12, 2026 15:35
@abdout abdout merged commit a70420a into main May 12, 2026
6 of 8 checks passed
@abdout abdout deleted the feat/report-scoring branch May 12, 2026 15:35
This was referenced May 19, 2026
Closed
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@abdout