Skip to content

v0.8.64: Add natural-language auto-review policy and a pre-push review gate #3144

Open
Open
v0.8.64: Add natural-language auto-review policy and a pre-push review gate#3144
Labels
enhancementNew feature or requestreliabilityReliability, flaky behavior, retries, fallbacks, and robustnesssecuritySecurity, isolation, permissions, or trust-boundary worktoolsTool execution, tool schemas, tool UX, and built-in tool behaviortuiTerminal UI behavior, rendering, or interactionv0.8.64Targeting v0.8.64
Milestone
v0.8.64
@Hmbown

Description

@Hmbown
Hmbown
opened on Jun 12, 2026

Research signal

Cursor's recent SDK and review work points at a useful middle ground between manual approvals and unchecked autonomous execution.

Sources checked:

Two ideas are especially relevant:

  1. Local/headless agents can route tool calls through auto-review instead of blindly running everything.
  2. /review can run before a push and then sync with PR review state so duplicate review work is avoided.

CodeWhale substrate

CodeWhale has stronger local-first safety primitives already:

The missing layer is a policy-driven review gate that decides what can run automatically, what needs human review, and what must be blocked or converted to a question.

Proposal

Add an AutoReviewPolicy layer for tool calls and a pre-push review gate.

Policy inputs:

Policy outputs:

/review gate

Make /review useful before a push or PR, not only after the fact:

  • Review the current diff or target branch.
  • Run configured local checks where safe.
  • Emit a durable review receipt with diff fingerprint, checks run, findings, and unresolved risk.
  • If a PR is later created from the same diff, expose the receipt in the PR body/comment or through a local handoff so reviewers know what was already checked.

Acceptance criteria

  • AutoReviewPolicy has a typed evaluation API and is covered by unit tests for allow, hold-for-review, block, and ask-user outcomes.
  • Policy can be configured with explicit allow/block rules plus optional natural-language guidance, with deterministic fallback when classification is unavailable.
  • Headless/background runs cannot bypass policy just because no TUI approval prompt exists.
  • Tool-call review decisions are logged with enough context to debug why something ran or paused.
  • /review can run against the current diff before push and write a durable review receipt.
  • The receipt includes diff fingerprint, model/provider, checks run, findings, and unresolved risk.
  • Tests cover a destructive shell command, a read-only inspection, an MCP call, a git push/publish-like action, and a pre-push diff review.
  • Documentation explains how this relates to existing approval modes, Proposal: universal PreToolUse/PostToolUse hook layer for Cancel/Pause/Resume across all action types #1917 hooks, and human PR review.

Non-goals

  • Do not auto-merge or auto-push from /review.
  • Do not claim a review receipt replaces human maintainer review.
  • Do not send private code to hosted review services by default.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestreliabilityReliability, flaky behavior, retries, fallbacks, and robustnesssecuritySecurity, isolation, permissions, or trust-boundary worktoolsTool execution, tool schemas, tool UX, and built-in tool behaviortuiTerminal UI behavior, rendering, or interactionv0.8.64Targeting v0.8.64

    Projects

    CodeWhale
    Status
    Backlog

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions