BUG: Code-Review missing review markers #4038
Comments
|
We do try and detect Phabricator review links: scorecard/checks/raw/code_review.go Lines 95 to 105 in 71aed95 Where the regex we currently use is: scorecard/checks/raw/code_review.go Lines 27 to 28 in 71aed95 I see many commits with content like: We do get matches on some of the commits, including freebsd/freebsd-src@1b74875 But our regex doesn't handle the link, so all of these changes count as 1 revision ("https"). So unrelated commits are getting grouped as one, leading to an under reporting of freebsd's code review practices. |
|
Phabricator wants the full URL for auto-closing - see e.g. LLVM's (now obsolete) Phabricator documentation: https://releases.llvm.org/14.0.0/docs/Phabricator.html, so the regex should be changed to match any non-space characters. Unfortunately I couldn't find a canonical reference for the full URL with a quick look. We used just the D#### tag when we first started using Phabricator but Phabricator was only adding a reference to a commit, not auto-closing the review. FWIW our commit message template has: |
|
What do you think about: So it matches the D### on the same line as Which when run against the repo detects more code review activity: go run main.go --repo freebsd/freebsd-src --checks Code-Review --format json --show-details | jq
{
"date": "2024-05-02T12:39:59-07:00",
"repo": {
"name": "github.com/freebsd/freebsd-src",
"commit": "4510f2ca9170927309a423274e03f1eb8e27da27"
},
"scorecard": {
"version": "devel",
"commit": "unknown"
},
"score": 5.0,
"checks": [
{
"details": null,
"score": 5,
"reason": "Found 16/29 approved changesets -- score normalized to 5",
"name": "Code-Review",
"documentation": {
"url": "https://github.com/ossf/scorecard/blob/main/docs/checks.md#code-review",
"short": "Determines if the project requires human code review before pull requests (aka merge requests) are merged."
}
}
],
"metadata": null
} |
|
That RE lgtm, and 16/29 seems plausible for the fraction of recent commits with evidence of review based on a quick look in the repo. |
|
I'm curious how multiple commits with the same phabricator review link are handled, though -- it's possible that the same code review may be shared by multiple commits (e.g., there may be a bugfix and new functionality that are closely related and make sense to review altogether, but the two parts are committed separately). |
Under the hood they get grouped into the same changeset, in this case by Phabricator revision ID scorecard/checks/raw/code_review.go Lines 155 to 175 in b9c1f3f So if you have 4 commits, 2 of which come from the same Phabricator review, and 2 commits which don't have reviews. this will get grouped into 3 groups, (phabricator revision, unreviewed commit 1, unreviewed commit 2), and be considered 1/3 reviewed. |
|
Another scenario is when a commit references more than one review (like the commit you linked): I think the regex would only associate it with |
Describe the bug
Code-Review misses review indicators used by FreeBSD.
Reproduction steps
Steps to reproduce the behavior:
Reviewed by:tags and/or Phabricator URLs indicating review took place, e.g. freebsd/freebsd-src@1b74875Expected behavior
Reviewed by:as a synonym forReviewed-by:as evidence of reviewAdditional context
I suspect FreeBSD may be one of the more significant remaining open source users of Phabricator, and for us review evidence should be included in the commit message directly (via
Reviewed by:). It may or may not be worth the effort to parse Phabricator state for other projects that use Phabricator and do not indicate the review state in the commit message. LLVM used to be an example of such a project, but they use a completely GitHub-based workflow now.The text was updated successfully, but these errors were encountered: