cleveragents/cleveragents-core
cleveragents/cleveragents-core
4
0
Fork 3
Code Issues 6.1k Pull requests 489 Projects Releases Packages Wiki Activity Actions

fix(test): replace shell=True with shell=False in cli_coverage_steps.py subprocess call #1071

Merged
CoreRasurae merged 1 commit from fix/m3-shell-true-subprocess into master 2026-03-23 23:21:30 +00:00
Conversation 2 Commits 1 Files changed 2 +6 -2
CoreRasurae commented 2026-03-19 14:55:18 +00:00
Member
Copy link

Summary

Replaced shell=True with shell=False and shlex.split() for command tokenization in features/steps/cli_coverage_steps.py, addressing a security concern identified during the PR #727 review (Finding #3 by @hurui200320).

This aligns with the safer pattern already used in cli_plan_context_commands_steps.py:351 and eliminates a potential command injection vector, following defense-in-depth principles.

Changes

  • features/steps/cli_coverage_steps.py: Added import shlex, replaced shell=True with shlex.split(command) for proper command tokenization
  • Audit: Searched all step files under features/steps/ and robot/ helpers for other shell=True usages — no other Python subprocess calls found

Quality Gates

Session Result
nox -s lint PASS
nox -s typecheck PASS
nox -s unit_tests PASS (11,455 scenarios, 0 failed)
nox -s integration_tests PASS (1,600 tests, 0 failed)
nox -s coverage_report PASS (97.0%)

Closes #734

## Summary Replaced `shell=True` with `shell=False` and `shlex.split()` for command tokenization in `features/steps/cli_coverage_steps.py`, addressing a security concern identified during the PR #727 review (Finding #3 by @hurui200320). This aligns with the safer pattern already used in `cli_plan_context_commands_steps.py:351` and eliminates a potential command injection vector, following defense-in-depth principles. ## Changes - **`features/steps/cli_coverage_steps.py`**: Added `import shlex`, replaced `shell=True` with `shlex.split(command)` for proper command tokenization - **Audit**: Searched all step files under `features/steps/` and `robot/` helpers for other `shell=True` usages — no other Python subprocess calls found ## Quality Gates | Session | Result | |---------|--------| | `nox -s lint` | PASS | | `nox -s typecheck` | PASS | | `nox -s unit_tests` | PASS (11,455 scenarios, 0 failed) | | `nox -s integration_tests` | PASS (1,600 tests, 0 failed) | | `nox -s coverage_report` | PASS (97.0%) | Closes #734
CoreRasurae added this to the v3.2.0 milestone 2026-03-19 14:55:42 +00:00
freemo approved these changes 2026-03-23 03:42:34 +00:00
Dismissed
freemo left a comment
Copy link

Day 43 Review — PR #1071 fix(test): replace shell=True with shell=False

Milestone: v3.2.0
Status: Mergeable (no conflicts)

Review Notes

This PR has been reviewed for compliance with CONTRIBUTING.md standards. Key checks:

  • Commit message format: Verified Conventional Changelog format from title
  • Mergeable status: Clean
  • Milestone assignment: v3.2.0

Action Items

  • Ensure the PR body includes a closing keyword (e.g., Closes #NNN)
  • Ensure at least 2 peer reviewers are assigned
  • Verify all CI checks pass before merge

Please ensure all subtasks in the linked issue are complete before merging.

## Day 43 Review — PR #1071 `fix(test): replace shell=True with shell=False` **Milestone**: v3.2.0 **Status**: Mergeable (no conflicts) ### Review Notes This PR has been reviewed for compliance with `CONTRIBUTING.md` standards. Key checks: - **Commit message format**: Verified Conventional Changelog format from title - **Mergeable status**: Clean - **Milestone assignment**: v3.2.0 ### Action Items - Ensure the PR body includes a closing keyword (e.g., `Closes #NNN`) - Ensure at least 2 peer reviewers are assigned - Verify all CI checks pass before merge Please ensure all subtasks in the linked issue are complete before merging.
CoreRasurae reviewed 2026-03-23 22:14:17 +00:00
CoreRasurae left a comment
Copy link

Code Review Report -- PR #1071 (Closes #734)

Reviewer: Automated Code Review
Branch: fix/m3-shell-true-subprocess
Commit: 1849c3d0 (Luis Mendes)
Scope: features/steps/cli_coverage_steps.py diff + close connections to surrounding code
Methodology: 3 global review cycles across all categories (Bug Detection, Security, Performance, Test Coverage, Test Flaws, Code Quality)

Summary

The change correctly replaces shell=True with shell=False + shlex.split() in the step_run_shell_command function, eliminating a command injection vector identified in PR #727 (Finding #3 by @hurui200320). The fix is consistent with the reference pattern at cli_plan_context_commands_steps.py:351 and all acceptance criteria from issue #734 are met.

No Critical or High severity issues found. The change is correct, minimal, and well-scoped. Below are minor findings for consideration.

Findings by Category and Severity

1. Bug Detection

# Severity Location Finding
1 Low cli_coverage_steps.py:27 Misleading docstring. The docstring reads """Run a CLI command using subprocess shell.""" but the function no longer uses a shell (shell=True was removed). Suggest updating to """Run a CLI command as a subprocess.""" or similar.
2 Low cli_coverage_steps.py:44 shlex.split() raises ValueError on malformed quoted strings (e.g., 'echo "unclosed'). The generic except Exception as e handler at line 62 catches this, but the resulting error message ("No closing quotation") provides no context about which command failed. Risk is very low since inputs originate from authored .feature files, not runtime user input.

2. Security

# Severity Location Finding
3 Positive cli_coverage_steps.py:43-44 Fix correctly eliminates the shell=True command injection vector. shlex.split() properly tokenizes the command string into a list, which is passed directly to subprocess.run() without shell interpretation. This is the correct defense-in-depth approach.
4 Positive features/steps/*.py Audit confirms zero remaining shell=True in Python step files. All 87 subprocess references across 20 step files were audited. Every real subprocess.run() call uses list-form commands with shell defaulting to False. The codebase is clean.

3. Performance

No issues found. shlex.split() overhead is negligible for test step functions.

4. Test Coverage

# Severity Location Finding
5 Low features/cli_coverage.feature:7 Single scenario exercises the modified step. Only one scenario (When I run shell command "cleveragents --version") tests the step_run_shell_command function. This covers the primary path (cleveragents command with arguments), but not: the bare cleveragents branch (line 38-39), non-cleveragents commands (the else-branch bypass at line 34), or edge cases through shlex.split(). The test adequately validates the behavioral equivalence of the change but coverage breadth is limited.

5. Code Quality / Maintainability

# Severity Location Finding
6 Low cli_coverage_steps.py:43-44 Consider adding explicit shell=False. While False is the default, being explicit documents the deliberate security decision -- especially since the original code had shell=True explicitly. The reference implementation also omits it, so this is consistent but less self-documenting.
7 Info cli_coverage_steps.py:25 BDD step name implies shell execution. The pattern I run shell command "{command}" suggests shell execution, but the implementation no longer uses a shell. This is a naming artifact; changing it would require updating feature files and is not worth the churn for this PR.
8 Info cli_coverage_steps.py:43 Removed comment not replaced. The old comment # Use shell=True to handle quoted arguments correctly was appropriately removed, but no replacement explains the rationale for shlex.split(). A brief comment like # Tokenize without shell to prevent injection (see #734) could aid future readers. The PR description and commit message provide this context externally.

Verification Summary

Check Result
shell=True removed PASS
shlex.split() correctly tokenizes quoted paths PASS (verified with sys.executable containing spaces)
Consistent with reference impl (cli_plan_context_commands_steps.py:351) PASS
No duplicate step patterns (checked tui_shell_exec_coverage_steps.py:67 -- different pattern "I run a shell command") PASS
No remaining shell=True in any Python step file PASS (full audit)
All other subprocess calls in step files use list-form commands PASS (audited 20 files)
Acceptance criteria from issue #734 met PASS (all 4 criteria)

Verdict

APPROVE -- The change is correct, well-scoped, and addresses the security finding appropriately. The minor findings above are suggestions for improvement and do not block merge.

# Code Review Report -- PR #1071 (Closes #734) **Reviewer:** Automated Code Review **Branch:** `fix/m3-shell-true-subprocess` **Commit:** `1849c3d0` (Luis Mendes) **Scope:** `features/steps/cli_coverage_steps.py` diff + close connections to surrounding code **Methodology:** 3 global review cycles across all categories (Bug Detection, Security, Performance, Test Coverage, Test Flaws, Code Quality) --- ## Summary The change correctly replaces `shell=True` with `shell=False` + `shlex.split()` in the `step_run_shell_command` function, eliminating a command injection vector identified in PR #727 (Finding #3 by @hurui200320). The fix is consistent with the reference pattern at `cli_plan_context_commands_steps.py:351` and all acceptance criteria from issue #734 are met. **No Critical or High severity issues found.** The change is correct, minimal, and well-scoped. Below are minor findings for consideration. --- ## Findings by Category and Severity ### 1. Bug Detection | # | Severity | Location | Finding | |---|----------|----------|---------| | 1 | **Low** | `cli_coverage_steps.py:27` | **Misleading docstring.** The docstring reads `"""Run a CLI command using subprocess shell."""` but the function no longer uses a shell (`shell=True` was removed). Suggest updating to `"""Run a CLI command as a subprocess."""` or similar. | | 2 | **Low** | `cli_coverage_steps.py:44` | **`shlex.split()` raises `ValueError` on malformed quoted strings** (e.g., `'echo "unclosed'`). The generic `except Exception as e` handler at line 62 catches this, but the resulting error message (`"No closing quotation"`) provides no context about which command failed. Risk is very low since inputs originate from authored `.feature` files, not runtime user input. | ### 2. Security | # | Severity | Location | Finding | |---|----------|----------|---------| | 3 | **Positive** | `cli_coverage_steps.py:43-44` | **Fix correctly eliminates the `shell=True` command injection vector.** `shlex.split()` properly tokenizes the command string into a list, which is passed directly to `subprocess.run()` without shell interpretation. This is the correct defense-in-depth approach. | | 4 | **Positive** | `features/steps/*.py` | **Audit confirms zero remaining `shell=True` in Python step files.** All 87 subprocess references across 20 step files were audited. Every real `subprocess.run()` call uses list-form commands with `shell` defaulting to `False`. The codebase is clean. | ### 3. Performance No issues found. `shlex.split()` overhead is negligible for test step functions. ### 4. Test Coverage | # | Severity | Location | Finding | |---|----------|----------|---------| | 5 | **Low** | `features/cli_coverage.feature:7` | **Single scenario exercises the modified step.** Only one scenario (`When I run shell command "cleveragents --version"`) tests the `step_run_shell_command` function. This covers the primary path (cleveragents command with arguments), but not: the bare `cleveragents` branch (line 38-39), non-cleveragents commands (the else-branch bypass at line 34), or edge cases through `shlex.split()`. The test adequately validates the behavioral equivalence of the change but coverage breadth is limited. | ### 5. Code Quality / Maintainability | # | Severity | Location | Finding | |---|----------|----------|---------| | 6 | **Low** | `cli_coverage_steps.py:43-44` | **Consider adding explicit `shell=False`.** While `False` is the default, being explicit documents the deliberate security decision -- especially since the original code had `shell=True` explicitly. The reference implementation also omits it, so this is consistent but less self-documenting. | | 7 | **Info** | `cli_coverage_steps.py:25` | **BDD step name implies shell execution.** The pattern `I run shell command "{command}"` suggests shell execution, but the implementation no longer uses a shell. This is a naming artifact; changing it would require updating feature files and is not worth the churn for this PR. | | 8 | **Info** | `cli_coverage_steps.py:43` | **Removed comment not replaced.** The old comment `# Use shell=True to handle quoted arguments correctly` was appropriately removed, but no replacement explains the rationale for `shlex.split()`. A brief comment like `# Tokenize without shell to prevent injection (see #734)` could aid future readers. The PR description and commit message provide this context externally. | --- ## Verification Summary | Check | Result | |-------|--------| | `shell=True` removed | PASS | | `shlex.split()` correctly tokenizes quoted paths | PASS (verified with `sys.executable` containing spaces) | | Consistent with reference impl (`cli_plan_context_commands_steps.py:351`) | PASS | | No duplicate step patterns (checked `tui_shell_exec_coverage_steps.py:67` -- different pattern `"I run a shell command"`) | PASS | | No remaining `shell=True` in any Python step file | PASS (full audit) | | All other subprocess calls in step files use list-form commands | PASS (audited 20 files) | | Acceptance criteria from issue #734 met | PASS (all 4 criteria) | --- ## Verdict **APPROVE** -- The change is correct, well-scoped, and addresses the security finding appropriately. The minor findings above are suggestions for improvement and do not block merge.
features/steps/cli_coverage_steps.py Outdated
@ -1,5 +1,6 @@
"""Step definitions for CLI coverage tests."""
import shlex
CoreRasurae commented 2026-03-23 22:14:17 +00:00
Author
Member
Copy link

[Low -- Bug] This docstring is now misleading. The function no longer uses a subprocess shell (shell=True was removed). Consider updating to:

"""Run a CLI command as a subprocess."""
**[Low -- Bug]** This docstring is now misleading. The function no longer uses a subprocess shell (`shell=True` was removed). Consider updating to: ```python """Run a CLI command as a subprocess.""" ```
features/steps/cli_coverage_steps.py
CoreRasurae commented 2026-03-23 22:14:17 +00:00
Author
Member
Copy link

[Low -- Code Quality] Consider adding explicit shell=False to document the deliberate security decision:

result = subprocess.run(
    shlex.split(command), capture_output=True, text=True, timeout=120, cwd=cwd, shell=False
)

This makes the security-conscious choice visible at a glance, especially since the original code had shell=True explicitly.

**[Low -- Code Quality]** Consider adding explicit `shell=False` to document the deliberate security decision: ```python result = subprocess.run( shlex.split(command), capture_output=True, text=True, timeout=120, cwd=cwd, shell=False ) ``` This makes the security-conscious choice visible at a glance, especially since the original code had `shell=True` explicitly.
CoreRasurae force-pushed fix/m3-shell-true-subprocess from 6077e92148
Some checks failed
CI / lint (pull_request) Successful in 28s
Details
CI / typecheck (pull_request) Successful in 45s
Details
CI / security (pull_request) Successful in 52s
Details
CI / quality (pull_request) Successful in 44s
Details
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / build (pull_request) Successful in 24s
Details
CI / unit_tests (pull_request) Successful in 4m7s
Details
CI / integration_tests (pull_request) Successful in 4m13s
Details
CI / e2e_tests (pull_request) Successful in 5m21s
Details
CI / docker (pull_request) Successful in 1m55s
Details
CI / coverage (pull_request) Successful in 10m0s
Details
CI / benchmark-regression (pull_request) Failing after 18m34s
Details
to bd18491b8d
Some checks failed
CI / benchmark-publish (pull_request) Has been skipped
Details
CI / build (pull_request) Successful in 24s
Details
CI / lint (pull_request) Successful in 3m20s
Details
CI / quality (pull_request) Successful in 3m47s
Details
CI / security (pull_request) Successful in 4m1s
Details
CI / typecheck (pull_request) Successful in 4m7s
Details
CI / unit_tests (pull_request) Successful in 5m46s
Details
CI / docker (pull_request) Successful in 50s
Details
CI / integration_tests (pull_request) Successful in 6m44s
Details
CI / e2e_tests (pull_request) Successful in 9m41s
Details
CI / coverage (pull_request) Successful in 11m37s
Details
CI / status-check (pull_request) Successful in 1s
Details
CI / benchmark-publish (push) Waiting to run
Details
CI / build (push) Successful in 15s
Details
CI / lint (push) Successful in 3m17s
Details
CI / quality (push) Successful in 3m32s
Details
CI / typecheck (push) Successful in 3m51s
Details
CI / benchmark-regression (push) Waiting to run
Details
CI / security (push) Successful in 4m0s
Details
CI / integration_tests (push) Successful in 5m38s
Details
CI / unit_tests (push) Successful in 5m40s
Details
CI / docker (push) Successful in 1m9s
Details
CI / e2e_tests (push) Successful in 7m17s
Details
CI / coverage (push) Successful in 11m4s
Details
CI / status-check (push) Successful in 3s
Details
CI / benchmark-regression (pull_request) Failing after 27m59s
Details
2026-03-23 22:22:35 +00:00 Compare
CoreRasurae dismissed freemo's review 2026-03-23 22:22:35 +00:00
Reason:

New commits pushed, approval review dismissed automatically according to repository settings

CoreRasurae scheduled this pull request to auto merge when all checks succeed 2026-03-23 22:23:02 +00:00
CoreRasurae deleted branch fix/m3-shell-true-subprocess 2026-03-23 23:21:30 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
brent.edwards
Labels
Clear labels   
auto/needs-reevaluation
Controller deferred this PR; awaiting Phase 6+ scope-evaluator or operator re-enablement.

  
controller-managed
Auto-agents controller manages this PR/issue (see tools/controller/deploy/RUNBOOK.md). Remove this label to abandon controller management.

  
auto/blocked-by-deps
PR blocked by an open issue dependency. Operator must close the dep (or remove the dependency link) before the merge driver can act. Auto-cleared by merge_drive when no open deps remain.

  
auto/ci-timeout
Most recent merge cycle hit CI timeout. Driver excludes this PR while last merge_cycle row is < 30 min old; label persists thereafter as visible history.

  
auto/claimed-implementer
Currently being processed by an implementer worker.

  
auto/claimed-merge
Currently being processed by the merge driver.

  
auto/claimed-reviewer
Currently being processed by a reviewer worker.

  
auto/driver-down
Merge driver heartbeat stale; pipeline halted. Closed automatically on next clean tick.

  
auto/invariant-violation
Detected master commit violating the strict merge invariant. Tracked as an issue (not a PR label); kept here for label completeness.

  
auto/last-attempt-tier-0
In-cycle escalation: most recent attempt ran at the Tier 0 slot (`tier-0`). Slot's model defined in .opencode/models/tiers.yaml.

  
auto/last-attempt-tier-1
In-cycle escalation: most recent attempt ran at the Tier 1 slot (`tier-1`). Slot's model defined in .opencode/models/tiers.yaml.

  
auto/last-attempt-tier-2
In-cycle escalation: most recent attempt ran at the Tier 2 slot (`tier-2`). Slot's model defined in .opencode/models/tiers.yaml. Gated behind IMPLEMENTER_ESCALATION_TIER2_ENABLED.

  
auto/last-attempt-tier-min
In-cycle escalation: most recent attempt ran at the Tier -1 slot (`tier-min`). Slot's model defined in .opencode/models/tiers.yaml. Suffix is ``-min`` (not ``--1``) so the Forgejo UI reads naturally.

  
Automation Tracking
Tracking issues used by the AI Automation system for agents to communicate and report.

  
auto/needs-conflict-resolution
Rebase conflict needs LLM conflict-resolver.

  
auto/needs-implementer
Failing CI needs implementer attention.

  
auto/postmortem
Documenting a driver incident or rollback.

  
auto/ready-to-merge
Reviewer has APPROVED this PR and no later REQUEST_CHANGES is outstanding. The merge driver requires this label to even consider a PR for merging. Set by the reviewer worker on APPROVE; cleared on REQUEST_CHANGES.

  
auto/restart-throttled
Train repeatedly lost master-tempo races. Driver excludes via merge_cycle until cooldown elapses; label persists as visible history.

  
auto/revert
Revert PR backing out an invariant violation. Fast-tracked through the merge driver.

  
auto/sentinel
Sentinel PR duplicated from upstream into a personal fork by tools/duplicate_prs_to_fork.py for pipeline testing. Lives only in the fork; the canonical pipeline never sees it.

  
auto/stale-inactivity
No implementer activity for N days. Flagged for human review. Auto-cleared on next push to head branch.

  
auto/unstable
Repeatedly fails on current master (>= 3 ci-fail-on-rebased-sha releases in 12 h). Excluded from driver until human triage.

  
Blocked
A ticket in a blocked state and unable to complete until some other task is completed first.

  
Bounty
$100
 A bounty of $100 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$1000
 A bounty of $1000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$10000
 A bounty of $10000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$20
 A bounty of $20 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$2000
 A bounty of $2000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$250
 A bounty of $250 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$50
 A bounty of $50 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$500
 A bounty of $500 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$5000
 A bounty of $5000 for any open-source contributor who provides a MR that solves this issue

  
Bounty
$750
 A bounty of $750 for any open-source contributor who provides a MR that solves this issue

  
MoSCoW
Could have
 Could have feature in order to satisfy the epic/legendary.

  
MoSCoW
Must have
 Must have feature in order to satisfy the epic/legendary.

  
MoSCoW
Should have
 Should have feature in order to satisfy the epic/legendary.

  
Needs Feedback
There are questions in the ticket that can not be completed until the project owner provides clarity.

  
Points
1
 1 man-hours worth of work for an expert with no learning curve.

  
Points
13
 13 man-hours worth of work for an expert with no learning curve.

  
Points
2
 2 man-hours worth of work for an expert with no learning curve.

  
Points
21
 21 man-hours worth of work for an expert with no learning curve.

  
Points
3
 3 man-hours worth of work for an expert with no learning curve.

  
Points
34
 34 man-hours worth of work for an expert with no learning curve.

  
Points
5
 5 man-hours worth of work for an expert with no learning curve.

  
Points
55
 55 man-hours worth of work for an expert with no learning curve.

  
Points
8
 8 man-hours worth of work for an expert with no learning curve.

  
Points
88
 88 man-hours worth of work for an expert with no learning curve.

  
Priority
Backlog
 This ticket has backlogged priority and is not to be worked on yet

  
Priority
CI Blocker
 Critical priority issue that blocks CI/CD pipeline and prevents PR merges

  
Priority
Critical
 The priority is critical

  
Priority
High
 The priority is high

  
Priority
Low
 The priority is low

  
Priority
Medium
 The priority is medium

  
Signed-off: Owner
When an epic or legendary is in review it must be signed off by owner, tech lead, and scrum master before being marked as completed.

  
Signed-off: Scrum Master
When an epic or legendary is in review it must be signed off by owner, tech lead, and scrum master before being marked as completed.

  
Signed-off: Tech Lead
When an epic or legendary is in review it must be signed off by owner, tech lead, and scrum master before being marked as completed.

  
Spike
A ticket for learning a tool or technology that is needed to be able to do future planning and design.

  
State
Completed
 The ticket has been fully implemented, completed, and merged with the source code. This label should only be applied once a ticket is closed.

  
State
Duplicate
 A ticket that represents the same content as an existing ticket.

  
State
In Progress
 A ticket that is actively being developed.

  
State
In Review
 A ticket that has had some code completed to implement but is waiting to pass peer review and is not yet merged in.

  
State
Paused
 This ticket's work started but wasn't finished. It's on hold (likely in a feature branch) and will be resumed later, either due to a blocker or a delay.

  
State
Unverified
 All new tickets start in this state. A developer may set it to show the ticket is unverified. This means we haven't agreed to work on it. It will either move to a verified state or be closed as wontdo.

  
State
Verified
 The issue has been verified by a developer as legitimate. It will be worked on and verified tickets are now considered part of the backlog.

  
State
Wont Do
 This ticket has been decided it wont be done. This may mean the bug has been determined to not be real (cant verify) or the feature is one we have decided we dont want to adopt.

  
Type
Automation
 Any edits or discussion about the AI automated coding system.

  
Type
Bug
 Something that doesnt work as intended.

  
Type
Discussion
 Anytime a ticket represents a discussion about a subject and doesnt fall into one of the other categories.

  
Type
Documentation
 An error or improvement needed in the documentation.

  
Type
Epic
 Any first tier epic. That is, an epic which contains only issues as children and will not have sub-epics.

  
Type
Feature
 Some new functionality not present.

  
Type
Legendary
 A type of Epic which will contain other Epics.

  
Type
Refactor
 A code change that restructures existing code without changing its external behavior.

  
Type
Support
 Someone needs help using the project.

  
Type
Task
 A generic task that doesnt fit into the other type categories.

  
Type
Testing
 Work exclusively focusing on fixing or expanding testing.

No labels
auto/needs-reevaluation
controller-managed
auto/blocked-by-deps
auto/ci-timeout
auto/claimed-implementer
auto/claimed-merge
auto/claimed-reviewer
auto/driver-down
auto/invariant-violation
auto/last-attempt-tier-0
auto/last-attempt-tier-1
auto/last-attempt-tier-2
auto/last-attempt-tier-min
Automation Tracking
auto/needs-conflict-resolution
auto/needs-implementer
auto/postmortem
auto/ready-to-merge
auto/restart-throttled
auto/revert
auto/sentinel
auto/stale-inactivity
auto/unstable
Blocked
Bounty
$100
Bounty
$1000
Bounty
$10000
Bounty
$20
Bounty
$2000
Bounty
$250
Bounty
$50
Bounty
$500
Bounty
$5000
Bounty
$750
MoSCoW
Could have
MoSCoW
Must have
MoSCoW
Should have
Needs Feedback
Points
1
Points
13
Points
2
Points
21
Points
3
Points
34
Points
5
Points
55
Points
8
Points
88
Priority
Backlog
Priority
CI Blocker
Priority
Critical
Priority
High
Priority
Low
Priority
Medium
Signed-off: Owner
Signed-off: Scrum Master
Signed-off: Tech Lead
Spike
State
Completed
State
Duplicate
State
In Progress
State
In Review
State
Paused
State
Unverified
State
Verified
State
Wont Do
Type
Automation
Type
Bug
Type
Discussion
Type
Documentation
Type
Epic
Type
Feature
Type
Legendary
Type
Refactor
Type
Support
Type
Task
Type
Testing
Milestone
Clear milestone
No items
No milestone
v3.2.0
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
cleveragents/cleveragents-core!1071
No description provided.