diff --git a/.coderabbit.yaml b/.coderabbit.yaml new file mode 100644 index 0000000..cc92bd8 --- /dev/null +++ b/.coderabbit.yaml @@ -0,0 +1,61 @@ +# CodeRabbit configuration — portwing +language: en-US + +reviews: + profile: chill + auto_review: + enabled: true + high_level_summary: true + collapse_walkthrough: false + review_status: true + poem: false + request_changes_workflow: false + + path_filters: + - "!**/node_modules/**" + - "!**/dist/**" + - "!**/build/**" + - "!**/coverage/**" + - "!**/*.min.js" + - "!**/*.min.css" + - "!**/package-lock.json" + - "!**/pnpm-lock.yaml" + - "!**/*.lock" + - "!**/*.generated.*" + - "!website/public/**" + - "!docs/public/**" + - "!CHANGELOG.md" + + path_instructions: + - path: "internal/auth/**" + instructions: | + Ed25519 per-request auth. Flag anything that weakens signature verification, timing safety, or replay protection. + - path: "internal/**" + instructions: | + Security-critical proxy path with a default-deny posture. Flag new Docker API surface or endpoints that bypass explicit filtering. + - path: "**/*_test.go" + instructions: | + Test files. Don't suggest error handling or refactors in test code. + - path: "website/**" + instructions: | + Marketing site. Light review only, skip style nitpicks. + - path: "docs/**" + instructions: | + Docs site. Review for accuracy against the code, not prose style. + +knowledge_base: + opt_out: false + learnings: + scope: local + issues: + scope: local + # Default filePatterns already cover CLAUDE.md / AGENTS.md / .cursorrules + code_guidelines: + enabled: true + web_search: + enabled: true + pull_requests: + scope: local + +chat: + auto_reply: true