Handle outbound FEP-044f quote responses#32
Conversation
Send FEP-044f QuoteRequest activities for outbound quote posts and handle remote Accept, Reject, and Delete responses. Accepted requests store verified QuoteAuthorization stamps, while rejected or revoked requests strip the quote target and fallback link before sending an Update. Add repository reference storage for received authorization stamps so revocations can map back to the local quote message. Cover the memory, KV, SQLite, and PostgreSQL repositories, shared-inbox Delete routing, and the approval-state API exposed on authorized messages. Update the message, event, repository, and changelog documentation for the new outbound FEP-044f behavior expected in PR 32. Fixes fedify-dev#29 fedify-dev#27 fedify-dev#32 Assisted-by: Codex:gpt-5.5
|
@codex review |
|
Warning Review limit reached
Next review available in: 43 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (4)
📝 WalkthroughWalkthroughThis PR adds FEP-044f quote publishing, quote acceptance/rejection handling, quote authorization reference storage, and matching bot-level event hooks. It also updates repository backends, instance routing, tests, and documentation for the new quote lifecycle. ChangesConsent-respecting quote posts (FEP-044f)
Estimated code review effort: 4 (Complex) | ~75 minutes Sequence Diagram(s)sequenceDiagram
participant SessionImpl
participant TargetActor
participant BotImpl
participant Repository
SessionImpl->>TargetActor: send Create with quote
SessionImpl->>TargetActor: send QuoteRequest(objectId, instrumentId)
TargetActor-->>BotImpl: Accept or Reject QuoteRequest
alt Accept
BotImpl->>Repository: addQuoteAuthorizationReference
BotImpl->>TargetActor: send Update with quote authorization
BotImpl->>BotImpl: onQuoteAccepted(message, approver)
else Reject
BotImpl->>Repository: removeQuoteAuthorizationReference
BotImpl->>TargetActor: send Update with quote stripped
BotImpl->>BotImpl: onQuoteRejected(message, rejecter)
end
TargetActor-->>BotImpl: Delete quote authorization
BotImpl->>Repository: findQuoteAuthorizationReference
BotImpl->>Repository: removeQuoteAuthorizationReference
BotImpl->>TargetActor: send Update with quote stripped
BotImpl->>BotImpl: onQuoteRejected(message, actor)
Possibly related issues
Possibly related PRs
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Code Review
This pull request implements support for consent-respecting quote posts using FEP-044f in BotKit. It introduces new event handlers (onQuoteAccepted and onQuoteRejected), message properties (quotePolicy and quoteApprovalState), and repository methods to manage quote authorization references across PostgreSQL, SQLite, and KV backends. Additionally, it handles incoming Delete activities to strip revoked quote authorizations. A critical issue was identified in SessionImpl.publish() where options.quoteTarget is accessed without a null check, which will cause a runtime error when publishing standard messages that do not quote another post.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
Actionable comments posted: 4
🧹 Nitpick comments (4)
packages/botkit/src/message-impl.ts (1)
881-913: 🎯 Functional Correctness | 🔵 Trivial | 💤 Low value
quoteApprovalState"notRequired" check is vulnerable to a double-undefinedfalse match.
quoteTarget.actor.id?.href === actor.id?.href(Line 890) evaluates totruewhen both sides areundefined, which would mark the state"notRequired"even though the quote target's author and this message's author are not actually known to be the same actor. Low-likelihood edge case (actors without anid), but worth guarding explicitly.Proposed guard
const quoteApprovalState = !authorized || quoteTarget == null ? undefined - : quoteTarget.actor.id?.href === actor.id?.href + : quoteTarget.actor.id != null && actor.id != null && + quoteTarget.actor.id.href === actor.id.href ? "notRequired" : raw.quoteAuthorizationId == null ? "pending" : "accepted";🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@packages/botkit/src/message-impl.ts` around lines 881 - 913, The `quoteApprovalState` logic in `message-impl.ts` can incorrectly return "notRequired" when both `quoteTarget.actor.id` and `actor.id` are undefined, so tighten the `quoteTarget.actor.id?.href === actor.id?.href` check in the `AuthorizedMessageImpl`/`MessageImpl` constructor path to only treat it as the same actor when both IDs are actually present and match. Update the nested conditional near `quoteApprovalState` to explicitly guard against missing actor IDs before comparing, while keeping the existing pending/accepted branches unchanged.packages/botkit/src/session-impl.test.ts (1)
497-541: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winMissing test coverage for the self-quote skip path.
The added assertions only cover the "quote a remote author's message" path (a
QuoteRequestis sent). There's no test verifying that publishing a quote of the bot's own message does not trigger aQuoteRequest, which is the other branch of the new conditional insession-impl.ts(Line 424-428).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@packages/botkit/src/session-impl.test.ts` around lines 497 - 541, Add test coverage for the self-quote branch in session-impl.test.ts around the existing quote publishing cases. Reuse the same setup that exercises the quote flow via the session/bot activity handling, but make the quoted message belong to the bot itself and assert that no QuoteRequest is emitted in ctx.sentActivities while the quote Create activity still occurs. Use the existing identifiers QuoteRequest, Create, session.actorId, bot.identifier, and ctx.sentActivities to locate the relevant assertions and cover the new conditional path in session-impl.ts.packages/botkit/src/repository.ts (1)
997-1008: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valueUnnecessary migration category for a brand-new feature.
"quoteAuthorizationRefs"is added to the legacy migration categories, but this storage concept did not exist before bot-actor scoping, so no unscoped legacy data could ever exist under this key. The loop is harmless (no-op if the KV list is empty), but it's dead code that could confuse future maintainers into thinking there's a legacy format to preserve.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@packages/botkit/src/repository.ts` around lines 997 - 1008, The legacy migration category list in repository.ts includes quoteAuthorizationRefs even though it has no pre-scope legacy data to migrate. Remove quoteAuthorizationRefs from the categories array in the migration loop so the legacy migration only covers actual existing unscoped storage keys, keeping the logic in repository.ts and its migration helper aligned with real legacy formats.packages/botkit/src/repository.test.ts (1)
215-245: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winGood regression coverage, but only for
add.This confirms
addQuoteAuthorizationReferencedoesn't cache on underlying failure. Given the ordering concern flagged inrepository.ts(cache-before-underlying onremoveQuoteAuthorizationReference), consider adding a symmetric test here that failsremoveQuoteAuthorizationReferenceon the underlying and asserts the cache still reflects the pre-removal state (or is invalidated only after a successful underlying delete).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@packages/botkit/src/repository.test.ts` around lines 215 - 245, Add a symmetric regression test in MemoryCachedRepository covering removeQuoteAuthorizationReference failure: create a failing underlying repository for removeQuoteAuthorizationReference, pre-populate the cached state, call removeQuoteAuthorizationReference, and assert the cache is not cleared/changed when the underlying delete rejects. Use the existing MemoryCachedRepository, MemoryRepository, and addQuoteAuthorizationReference/findQuoteAuthorizationReference helpers in repository.test.ts to keep the scenario parallel to the current add failure test.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@docs/concepts/events.md`:
- Around line 321-341: Clarify the Bot.onQuoteRejected lifecycle in the events
docs by noting that it is invoked not only for a remote rejection of a quote
request, but also when a later Delete-based revocation follows the same
strip-and-update path. Update the surrounding explanation near
onQuoteAccepted/onQuoteRejected to mention this additional trigger and keep the
handler description aligned with the implementation.
In `@packages/botkit/src/bot-impl.ts`:
- Around line 800-861: In `BotImpl.onDeleted` / `#stripRejectedQuote`, the
quote-authorization reference is removed before the message update succeeds,
which can orphan a rejected quote if `updateMessage` fails. Move the
`removeQuoteAuthorizationReference` call so it happens only after
`repository.updateMessage` completes successfully, mirroring the rollback-safe
pattern used in `#onQuoteAccepted`, and keep the existing checks in `onDeleted`,
`#stripRejectedQuote`, and `repository.updateMessage` aligned so failures do not
drop the routing reference prematurely.
In `@packages/botkit/src/repository.ts`:
- Around line 2705-2718: `removeQuoteAuthorizationReference` uses the wrong
write-through delete order and can leave `cache` stale or inconsistent. Update
`Repository.removeQuoteAuthorizationReference` to follow the same pattern as
`removeQuoteAuthorization`, `removeFollowee`, and `removeSentFollow`: delete
from `underlying` first, then invalidate `cache`. Keep the method name and the
`cache`/`underlying` calls intact, just swap their execution order.
- Around line 364-401: The local quote-message deletion/unshare flow leaves
behind stale quote-authorization mappings because `message-impl.ts` deletes the
message without clearing `quoteAuthorizationRefs`. Update the delete path that
removes bot-owned quote messages to also remove the matching authorization
reference via the repository API, using `removeQuoteAuthorizationReference`
alongside the existing quote-message cleanup. Make sure the logic identifies the
correct `identifier`, `authorization`, and `messageId` for the quote message so
the mapping is cleared whenever the local quote is deleted.
---
Nitpick comments:
In `@packages/botkit/src/message-impl.ts`:
- Around line 881-913: The `quoteApprovalState` logic in `message-impl.ts` can
incorrectly return "notRequired" when both `quoteTarget.actor.id` and `actor.id`
are undefined, so tighten the `quoteTarget.actor.id?.href === actor.id?.href`
check in the `AuthorizedMessageImpl`/`MessageImpl` constructor path to only
treat it as the same actor when both IDs are actually present and match. Update
the nested conditional near `quoteApprovalState` to explicitly guard against
missing actor IDs before comparing, while keeping the existing pending/accepted
branches unchanged.
In `@packages/botkit/src/repository.test.ts`:
- Around line 215-245: Add a symmetric regression test in MemoryCachedRepository
covering removeQuoteAuthorizationReference failure: create a failing underlying
repository for removeQuoteAuthorizationReference, pre-populate the cached state,
call removeQuoteAuthorizationReference, and assert the cache is not
cleared/changed when the underlying delete rejects. Use the existing
MemoryCachedRepository, MemoryRepository, and
addQuoteAuthorizationReference/findQuoteAuthorizationReference helpers in
repository.test.ts to keep the scenario parallel to the current add failure
test.
In `@packages/botkit/src/repository.ts`:
- Around line 997-1008: The legacy migration category list in repository.ts
includes quoteAuthorizationRefs even though it has no pre-scope legacy data to
migrate. Remove quoteAuthorizationRefs from the categories array in the
migration loop so the legacy migration only covers actual existing unscoped
storage keys, keeping the logic in repository.ts and its migration helper
aligned with real legacy formats.
In `@packages/botkit/src/session-impl.test.ts`:
- Around line 497-541: Add test coverage for the self-quote branch in
session-impl.test.ts around the existing quote publishing cases. Reuse the same
setup that exercises the quote flow via the session/bot activity handling, but
make the quoted message belong to the bot itself and assert that no QuoteRequest
is emitted in ctx.sentActivities while the quote Create activity still occurs.
Use the existing identifiers QuoteRequest, Create, session.actorId,
bot.identifier, and ctx.sentActivities to locate the relevant assertions and
cover the new conditional path in session-impl.ts.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 9925af43-9efe-47ed-af41-8115270b6fcb
⛔ Files ignored due to path filters (1)
deno.lockis excluded by!**/*.lock
📒 Files selected for processing (22)
CHANGES.mddocs/concepts/events.mddocs/concepts/message.mddocs/concepts/repository.mdpackages/botkit-postgres/src/mod.test.tspackages/botkit-postgres/src/mod.tspackages/botkit-sqlite/src/mod.test.tspackages/botkit-sqlite/src/mod.tspackages/botkit/src/bot-impl.test.tspackages/botkit/src/bot-impl.tspackages/botkit/src/bot.test.tspackages/botkit/src/bot.tspackages/botkit/src/events.tspackages/botkit/src/instance-impl.tspackages/botkit/src/instance-routing.test.tspackages/botkit/src/message-impl.tspackages/botkit/src/message.tspackages/botkit/src/quote.tspackages/botkit/src/repository.test.tspackages/botkit/src/repository.tspackages/botkit/src/session-impl.test.tspackages/botkit/src/session-impl.ts
Move quote-authorization reference cleanup after the message update that strips a rejected or revoked quote. Also clear the same reference when a local quote message is deleted, and make the cached repository delete from the durable store before invalidating its cache. This keeps retries possible after transient update failures and avoids stale authorization mappings after local deletes or cache races. fedify-dev#32 (comment) fedify-dev#32 (comment) fedify-dev#32 (comment) fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request implements support for consent-respecting quote posts using FEP-044f in BotKit. It introduces new event handlers (onQuoteAccepted and onQuoteRejected), updates database schemas with quote authorization reference tables, and implements the logic to send quote requests and handle remote approvals, rejections, or deletions. Feedback on the changes suggests adding a defensive check in parseQuoteAcceptance to prevent potential runtime errors if the approvals array is null or undefined.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 137773ffe2
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Quote policy parsing now treats missing remote approval lists as absent, which keeps malformed interaction rules from aborting message parsing. Authorized messages also refresh their public quotePolicy field after an update changes the serialized interaction policy, so callers do not see stale authorization rules on the same object instance. fedify-dev#32 (comment) fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
/gemini review |
|
@codex review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: dabba58373
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Code Review
This pull request introduces support for consent-respecting quote posts using FEP-044f in BotKit. It adds new event handlers (onQuoteAccepted and onQuoteRejected), introduces quote authorization reference storage methods across PostgreSQL, SQLite, and KV/Memory repositories, and handles the processing of Accept, Reject, and Delete activities for quote requests. The feedback focuses on improving robustness by validating that incoming ID strings are valid UUIDs before executing database queries to prevent 500 errors, and wrapping asynchronous rollback operations in a try-catch block to avoid shadowing original errors during failures.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
Quote request IDs that come from local ActivityPub URLs are now checked before they reach repository lookups, so malformed public URLs do not leak storage-specific UUID errors through the inbox or object dispatcher. Quote acceptance updates now include reply target actors when they fan out the stored message update. Rollback cleanup for failed acceptance updates also logs cleanup failures without hiding the original update error. fedify-dev#32 (comment) fedify-dev#32 (comment) fedify-dev#32 (comment) fedify-dev#32 (comment) fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
@codex review |
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request implements support for consent-respecting quote posts using FEP-044f in BotKit. Key changes include adding onQuoteAccepted and onQuoteRejected event handlers, introducing quote authorization reference storage in the PostgreSQL, SQLite, and KV repositories, and updating message interfaces to expose quote approval states. Additionally, the bot implementation now handles incoming quote request acceptances, rejections, and deletions, including stripping quote targets when rejected. The feedback suggests optimizing the lookup of mentioned actors in bot-impl.ts by resolving them in parallel with Promise.all to prevent potential performance bottlenecks.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 02c0a2343d
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Quote authorization deletions now rely on the stored authorization stamp reference instead of refetching the original quote target. This lets a revocation strip the local quote even after the quoted object disappears or becomes inaccessible. Quote update fanout also resolves mentioned actors in parallel, avoiding sequential lookup latency for posts with multiple mentions. fedify-dev#32 (comment) fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
/gemini review |
|
@codex review |
There was a problem hiding this comment.
Code Review
This pull request implements support for consent-respecting quote posts using FEP-044f. It introduces QuoteRequest activities, QuoteAuthorization stamps, and corresponding event handlers (onQuoteAccepted and onQuoteRejected). To support this, new database tables and repository methods (addQuoteAuthorizationReference, findQuoteAuthorizationReference, removeQuoteAuthorizationReference) have been added across SQLite, Postgres, and KV backends to map received authorization stamps back to local quote messages. The message models have also been updated to expose quotePolicy and quoteApprovalState, and incoming Accept, Reject, and Delete activities are now handled to update or strip quote targets accordingly. There are no review comments, and I have no additional feedback to provide.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 8bb71d607c
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@packages/botkit/src/bot-impl.test.ts`:
- Line 4229: The test in bot-impl.test.ts is using an unsafe `as unknown as
RequestContext<void>` double assertion on `ctx`, which bypasses type safety
instead of resolving the mismatch. Update the mock typing around
`createMockInboxContext` and the `dispatchQuoteRequest` call so `ctx` is
assignable to `RequestContext<void>` without a double cast, or narrow the
assertion to only the specific missing member(s) needed. Keep the fix localized
around `dispatchQuoteRequest` and the mock context helper.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 2a5f8c84-698f-42d3-88cd-212e3e519313
📒 Files selected for processing (9)
docs/concepts/events.mdpackages/botkit/src/bot-impl.test.tspackages/botkit/src/bot-impl.tspackages/botkit/src/message-impl.test.tspackages/botkit/src/message-impl.tspackages/botkit/src/quote.test.tspackages/botkit/src/quote.tspackages/botkit/src/repository.test.tspackages/botkit/src/repository.ts
✅ Files skipped from review due to trivial changes (1)
- docs/concepts/events.md
🚧 Files skipped from review as they are similar to previous changes (4)
- packages/botkit/src/quote.ts
- packages/botkit/src/repository.ts
- packages/botkit/src/bot-impl.ts
- packages/botkit/src/message-impl.ts
Quote request dispatch now reuses the message visibility checker before it reconstructs the FEP-044f request object. This keeps followers-only and direct quote metadata from being exposed through a leaked request URL. The malformed ID regression test now uses a real RequestContext, so it no longer needs an unsafe double assertion around the mock inbox context. fedify-dev#32 (comment) fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
Warning Gemini encountered an error creating the review. You can try again by commenting |
Quote approval writes can lose a race with message deletion. When the repository reports that the message was not updated, the authorization reference needs the same cleanup as thrown update failures, and the approval update should not be delivered. fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
@codex review |
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request introduces support for consent-respecting quote posts using FEP-044f, including sending quote requests, handling accepted/rejected quote approvals, and managing quote authorization references in SQLite, Postgres, and KV repositories. The review feedback highlights a high-severity issue in packages/botkit/src/bot-impl.ts where the return value of updateMessage is not checked in #stripRejectedQuote, which could lead to inconsistent state if the message update fails.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 8cf429f410
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Quote revocation updates now treat a missing message update as a failed write path: the stale authorization reference is removed, but no update activity or callback is emitted for a message that was not changed. Received quote authorization references also retain the approving actor so a later Delete must come from the actor that issued the stamp, not just from another actor on the same origin. fedify-dev#32 (comment) fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
@codex review |
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request implements support for consent-respecting quote posts using FEP-044f. It introduces automatic QuoteRequest delivery when publishing a quote post targeting a remote actor, handles incoming Accept (approval), Reject (rejection), and Delete (revocation) activities for these requests, and updates local quote messages accordingly (applying authorization stamps or stripping quote content). It also adds new event handlers (onQuoteAccepted, onQuoteRejected), properties (quotePolicy, quoteApprovalState), and repository methods to manage quote authorization references across memory, KV, SQLite, and PostgreSQL backends. I have no additional feedback to provide as there are no review comments.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3809a7f942
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Private quote requests point the quoted author at the newly published instrument, so the stored note has to authorize that actor to fetch it. Add the quoted author to followers-only and direct quote audiences unless that actor is already included by a mention. fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
/gemini review |
|
@codex review |
There was a problem hiding this comment.
Code Review
This pull request implements support for consent-respecting quote posts using FEP-044f, adding new event handlers (onQuoteAccepted, onQuoteRejected), database tables for tracking quote authorization references, and logic to handle quote approvals, rejections, and deletions. The review feedback highlights a critical bug where options.quoteTarget is accessed without a nullish check, which could throw a TypeError at runtime. Additionally, improvements are suggested to prevent duplicate activity deliveries when the quote author is also a reply target or mentioned in the post.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1bae600226
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Quote approvals now stamp the latest stored message instead of an earlier snapshot, so concurrent edits cannot be rolled back. Quote update delivery also tracks addressed actors to avoid sending the same Update more than once when quote, reply, and mention recipients overlap. Direct private quotes treat the quoted author as an intentional direct recipient and keep that author in the audience when the quote is edited. fedify-dev#32 (comment) fedify-dev#32 (comment) fedify-dev#32 (comment) fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
@codex review |
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request introduces support for consent-respecting quote posts using FEP-044f in BotKit. It adds new event handlers (onQuoteAccepted and onQuoteRejected), introduces quote authorization reference methods and database tables in SQLite and Postgres repositories, and implements the flow for sending quote requests and handling their acceptance, rejection, or deletion. Additionally, it updates message properties to expose quote policies and approval states. Feedback on the changes highlights an inconsistency in AuthorizedMessageImpl.update(), where a check is missing to prevent the bot from adding itself to the audience of a private self-quote, unlike the implementation in SessionImpl.publish().
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2561994ef7
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@packages/botkit/src/message-impl.ts`:
- Around line 476-481: Align SessionImpl.update() with SessionImpl.publish() by
adding the missing self-quote guard when computing privateQuoteAudienceIds.
Update the quoteTargetActorId/mentionedActorIds check so a self-quote does not
add the bot’s own actor URI to tos, matching the recipient set produced in
publish(). Use the existing quote/audience logic in publish() as the reference
point and keep the behavior consistent for followers/direct visibility.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: cb320b88-3df9-492c-91b2-85a2ec0cf387
📒 Files selected for processing (9)
packages/botkit-postgres/src/mod.tspackages/botkit-sqlite/src/mod.tspackages/botkit/src/bot-impl.test.tspackages/botkit/src/bot-impl.tspackages/botkit/src/instance-routing.test.tspackages/botkit/src/message-impl.tspackages/botkit/src/repository.tspackages/botkit/src/session-impl.test.tspackages/botkit/src/session-impl.ts
🚧 Files skipped from review as they are similar to previous changes (2)
- packages/botkit/src/instance-routing.test.ts
- packages/botkit/src/bot-impl.ts
Quote rejection and revocation now strip quote fields from the latest stored Create instead of an earlier snapshot, so concurrent local edits are preserved while the quote is removed. Private quote updates also keep the publish-time self-quote audience rule, avoiding a redundant self actor recipient when a bot edits its own quote. fedify-dev#32 (comment) fedify-dev#32 (comment) fedify-dev#32 (comment) Assisted-by: Codex:gpt-5.5
|
@codex review |
|
/gemini review |
|
Codex Review: Didn't find any major issues. 👍 Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
|
Warning Gemini encountered an error creating the review. You can try again by commenting |
This finishes the outbound half of FEP-044f quote handling. BotKit already had the pieces needed to decide whether another actor may quote a local message; this adds the other side of that exchange, where a BotKit bot quotes someone else and then has to keep its own stored post in sync with the remote author's answer.
Why this shape
The implementation treats a
QuoteRequestresponse as a state change on the local quote post, not as a separate notification-only event. That matters because the fallback quote link is part of the published object. If the quoted author rejects or later revokes the authorization, the stored message has to lose the FEP-044f quote fields and the visible fallback link before BotKit sends anUpdate.The revocation path also needs a durable reverse lookup from a received
QuoteAuthorizationstamp to the local message that depends on it. Without that lookup, a laterDeletefor the stamp is just an object URI with no cheap way back to the quote post. The new repository methods keep that mapping in the same actor-scoped storage model used by the rest of the 0.5.0 repository work.How it works
Session.publish()now sets the FEP-044fquoteproperty alongside the compatibilityquoteUrlvalue, then sends aQuoteRequestto the quoted message's author when the quote target is remote. The corresponding local request object can be fetched through the new dispatcher in packages/botkit/src/instance-impl.ts, using the storedCreateactivity as the source of truth.Incoming
AcceptandRejectactivities still enter through the existing follow response handlers, because Fedify dispatches them by activity type. packages/botkit/src/bot-impl.ts now detects when the object is a localQuoteRequestand switches to quote-specific validation. ForAccept, the returnedQuoteAuthorizationmust come from the quoted author, share that author's origin, point at the bot's quote post, and target the message that was quoted. Only then does BotKit store the stamp URI on the message.The storage order is deliberately conservative. BotKit writes the authorization reference before updating the message with the stamp, and rolls that reference back if the message update fails. That avoids a half-applied state where the message claims to be authorized but a later revocation cannot be routed back to it.
For
RejectandDelete(QuoteAuthorization), BotKit strips the quote fields, Misskey quote tags, and BotKit's own fallback quote paragraph from the stored object. The fallback stripping matches the URL that was actually published, so it also handles targets whose display URL differs from their ActivityPub ID. Shared-inboxDeletedelivery is routed by addressed local actors and followers collections so multi-bot instances do not miss revocations.The public API exposes the resulting state directly.
Message.quotePolicyreflects the parsed incoming interaction policy, whileAuthorizedMessage.quoteApprovalStatereports whether a local quote is still pending, accepted, or does not need approval.Bot.onQuoteAcceptedandBot.onQuoteRejectedlet applications observe the validated state changes after BotKit has updated and redelivered the message.Storage and documentation
The new authorization-reference mapping is implemented for the in-memory, KV, SQLite, and PostgreSQL repositories. The SQL backends add a
quote_authorization_refstable scoped bybot_id, matching the rest of the multi-bot repository layout.The docs in docs/concepts/message.md, docs/concepts/events.md, and docs/concepts/repository.md describe the new approval flow, event handlers, and repository responsibility. CHANGES.md records the change as part of the FEP-044f work expected for PR 32.
Validation
I tested the quote response paths at three levels: the bot implementation, the shared-inbox router, and the repository backends. The focused tests cover acceptance, rejection, remote revocation, fallback stripping when
urlandiddiffer, failed durable/cache writes, and shared-inbox delivery to one bot on a multi-bot instance.Commands run:
Summary by CodeRabbit