Skip to content

Handle outbound FEP-044f quote responses#32

Merged
dahlia merged 12 commits into
fedify-dev:mainfrom
dahlia:fep-044f/outbound
Jul 6, 2026
Merged

Handle outbound FEP-044f quote responses#32
dahlia merged 12 commits into
fedify-dev:mainfrom
dahlia:fep-044f/outbound

Conversation

@dahlia

@dahlia dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member

This finishes the outbound half of FEP-044f quote handling. BotKit already had the pieces needed to decide whether another actor may quote a local message; this adds the other side of that exchange, where a BotKit bot quotes someone else and then has to keep its own stored post in sync with the remote author's answer.

Why this shape

The implementation treats a QuoteRequest response as a state change on the local quote post, not as a separate notification-only event. That matters because the fallback quote link is part of the published object. If the quoted author rejects or later revokes the authorization, the stored message has to lose the FEP-044f quote fields and the visible fallback link before BotKit sends an Update.

The revocation path also needs a durable reverse lookup from a received QuoteAuthorization stamp to the local message that depends on it. Without that lookup, a later Delete for the stamp is just an object URI with no cheap way back to the quote post. The new repository methods keep that mapping in the same actor-scoped storage model used by the rest of the 0.5.0 repository work.

How it works

Session.publish() now sets the FEP-044f quote property alongside the compatibility quoteUrl value, then sends a QuoteRequest to the quoted message's author when the quote target is remote. The corresponding local request object can be fetched through the new dispatcher in packages/botkit/src/instance-impl.ts, using the stored Create activity as the source of truth.

Incoming Accept and Reject activities still enter through the existing follow response handlers, because Fedify dispatches them by activity type. packages/botkit/src/bot-impl.ts now detects when the object is a local QuoteRequest and switches to quote-specific validation. For Accept, the returned QuoteAuthorization must come from the quoted author, share that author's origin, point at the bot's quote post, and target the message that was quoted. Only then does BotKit store the stamp URI on the message.

The storage order is deliberately conservative. BotKit writes the authorization reference before updating the message with the stamp, and rolls that reference back if the message update fails. That avoids a half-applied state where the message claims to be authorized but a later revocation cannot be routed back to it.

For Reject and Delete(QuoteAuthorization), BotKit strips the quote fields, Misskey quote tags, and BotKit's own fallback quote paragraph from the stored object. The fallback stripping matches the URL that was actually published, so it also handles targets whose display URL differs from their ActivityPub ID. Shared-inbox Delete delivery is routed by addressed local actors and followers collections so multi-bot instances do not miss revocations.

The public API exposes the resulting state directly. Message.quotePolicy reflects the parsed incoming interaction policy, while AuthorizedMessage.quoteApprovalState reports whether a local quote is still pending, accepted, or does not need approval. Bot.onQuoteAccepted and Bot.onQuoteRejected let applications observe the validated state changes after BotKit has updated and redelivered the message.

Storage and documentation

The new authorization-reference mapping is implemented for the in-memory, KV, SQLite, and PostgreSQL repositories. The SQL backends add a quote_authorization_refs table scoped by bot_id, matching the rest of the multi-bot repository layout.

The docs in docs/concepts/message.md, docs/concepts/events.md, and docs/concepts/repository.md describe the new approval flow, event handlers, and repository responsibility. CHANGES.md records the change as part of the FEP-044f work expected for PR 32.

Validation

I tested the quote response paths at three levels: the bot implementation, the shared-inbox router, and the repository backends. The focused tests cover acceptance, rejection, remote revocation, fallback stripping when url and id differ, failed durable/cache writes, and shared-inbox delivery to one bot on a multi-bot instance.

Commands run:

deno test -A packages/botkit/src/bot-impl.test.ts packages/botkit/src/instance-routing.test.ts packages/botkit/src/repository.test.ts packages/botkit/src/session-impl.test.ts
mise run check
mise run docs:build
POSTGRES_URL=postgresql://localhost/botkit deno test -A packages/botkit-postgres/src/mod.test.ts
deno test -A packages/botkit-sqlite/src/mod.test.ts
mise run test

Summary by CodeRabbit

  • New Features
    • Added quote authorization lifecycle events with new bot callbacks for quote accepted/rejected.
    • Quote posts now include quote policy and expose quote approval state (pending/accepted/not required), with added QuoteRequest delivery.
    • Added repository APIs and storage for quote-authorization references (including attribution metadata) so message updates stay in sync.
  • Documentation
    • Expanded quote posting and quote authorization reference documentation, including the new “quote accepted and rejected” event guidance and examples.
  • Bug Fixes
    • Improved quote cleanup and fanout/update behavior across acceptance, rejection, and deletion flows.
  • Tests
    • Added/expanded coverage for quote policy parsing and quote authorization reference persistence, caching, and lifecycle handling.

Send FEP-044f QuoteRequest activities for outbound quote posts and
handle remote Accept, Reject, and Delete responses.  Accepted requests
store verified QuoteAuthorization stamps, while rejected or revoked
requests strip the quote target and fallback link before sending an
Update.

Add repository reference storage for received authorization stamps so
revocations can map back to the local quote message.  Cover the memory,
KV, SQLite, and PostgreSQL repositories, shared-inbox Delete routing,
and the approval-state API exposed on authorized messages.

Update the message, event, repository, and changelog documentation for
the new outbound FEP-044f behavior expected in PR 32.

Fixes fedify-dev#29
fedify-dev#27
fedify-dev#32

Assisted-by: Codex:gpt-5.5
@dahlia dahlia self-assigned this Jul 6, 2026
@dahlia dahlia added the enhancement New feature or request label Jul 6, 2026
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@coderabbitai

coderabbitai Bot commented Jul 6, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@dahlia, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 43 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: deae9b03-fcd9-4cd2-bb81-bbf7321985f8

📥 Commits

Reviewing files that changed from the base of the PR and between 2561994 and a93dd0d.

📒 Files selected for processing (4)
  • packages/botkit/src/bot-impl.test.ts
  • packages/botkit/src/bot-impl.ts
  • packages/botkit/src/message-impl.ts
  • packages/botkit/src/session-impl.test.ts
📝 Walkthrough

Walkthrough

This PR adds FEP-044f quote publishing, quote acceptance/rejection handling, quote authorization reference storage, and matching bot-level event hooks. It also updates repository backends, instance routing, tests, and documentation for the new quote lifecycle.

Changes

Consent-respecting quote posts (FEP-044f)

Layer / File(s) Summary
Quote policy parsing and message contract updates
packages/botkit/src/quote.ts, packages/botkit/src/quote.test.ts, packages/botkit/src/message.ts, packages/botkit/src/message-impl.ts, packages/botkit/src/message-impl.test.ts
Adds parseQuotePolicy/parseQuoteAcceptance, extends Message/AuthorizedMessage with quotePolicy/quoteApprovalState, and updates message construction, refresh, and deletion cleanup for quote-related state and references.
Publishing QuoteRequest on quote posts
packages/botkit/src/session-impl.ts, packages/botkit/src/session-impl.test.ts
SessionImpl.publish sets the quote property, expands the audience for private quotes, and sends a QuoteRequest activity to the quote target actor.
Quote accepted/rejected event handler types
packages/botkit/src/events.ts, packages/botkit/src/bot.ts, packages/botkit/src/bot.test.ts
Adds QuoteAcceptedEventHandler/QuoteRejectedEventHandler and wires onQuoteAccepted/onQuoteRejected into BotEventHandlers.
Quote authorization reference storage
packages/botkit/src/repository.ts, packages/botkit/src/repository.test.ts, packages/botkit-postgres/src/mod.ts, packages/botkit-postgres/src/mod.test.ts, packages/botkit-sqlite/src/mod.ts, packages/botkit-sqlite/src/mod.test.ts
Adds addQuoteAuthorizationReference/findQuoteAuthorizationReference/removeQuoteAuthorizationReference to repository interfaces and implementations, and creates/uses a quote_authorization_refs table in Postgres and Sqlite.
BotImpl quote request dispatch and accept/reject/delete handling
packages/botkit/src/bot-impl.ts, packages/botkit/src/bot-impl.test.ts
Adds dispatchQuoteRequest, routes quote-related Accept/Reject/Delete activities to new internal handlers, strips rejected or revoked quotes, and wires the new handlers through wrapBotImpl, BotGroupImpl, and MigrationGatedRepository.
Instance-level QuoteRequest and Delete routing
packages/botkit/src/instance-impl.ts, packages/botkit/src/instance-routing.test.ts
Registers a QuoteRequest object dispatcher and Delete inbox handler, resolves target bots, and dispatches onDeleted.
Documentation and changelog updates
CHANGES.md, docs/concepts/events.md, docs/concepts/message.md, docs/concepts/repository.md
Documents quote publishing, quote acceptance/rejection events, quoteApprovalState, and quote-authorization reference storage.

Estimated code review effort: 4 (Complex) | ~75 minutes

Sequence Diagram(s)

sequenceDiagram
  participant SessionImpl
  participant TargetActor
  participant BotImpl
  participant Repository

  SessionImpl->>TargetActor: send Create with quote
  SessionImpl->>TargetActor: send QuoteRequest(objectId, instrumentId)
  TargetActor-->>BotImpl: Accept or Reject QuoteRequest
  alt Accept
    BotImpl->>Repository: addQuoteAuthorizationReference
    BotImpl->>TargetActor: send Update with quote authorization
    BotImpl->>BotImpl: onQuoteAccepted(message, approver)
  else Reject
    BotImpl->>Repository: removeQuoteAuthorizationReference
    BotImpl->>TargetActor: send Update with quote stripped
    BotImpl->>BotImpl: onQuoteRejected(message, rejecter)
  end
  TargetActor-->>BotImpl: Delete quote authorization
  BotImpl->>Repository: findQuoteAuthorizationReference
  BotImpl->>Repository: removeQuoteAuthorizationReference
  BotImpl->>TargetActor: send Update with quote stripped
  BotImpl->>BotImpl: onQuoteRejected(message, actor)
Loading

Possibly related issues

Possibly related PRs

  • fedify-dev/botkit#24: The quote-authorization reference storage and quote_authorization_refs table build on the repository/schema changes in this PR.
  • fedify-dev/botkit#31: The new quote accept/reject and reference-tracking flows extend the inbound quote-request and QuoteAuthorization infrastructure added there.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly matches the PR’s main change: outbound FEP-044f quote handling and response processing.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request implements support for consent-respecting quote posts using FEP-044f in BotKit. It introduces new event handlers (onQuoteAccepted and onQuoteRejected), message properties (quotePolicy and quoteApprovalState), and repository methods to manage quote authorization references across PostgreSQL, SQLite, and KV backends. Additionally, it handles incoming Delete activities to strip revoked quote authorizations. A critical issue was identified in SessionImpl.publish() where options.quoteTarget is accessed without a null check, which will cause a runtime error when publishing standard messages that do not quote another post.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread packages/botkit/src/session-impl.ts
@codecov

codecov Bot commented Jul 6, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 76.59794% with 227 lines in your changes missing coverage. Please review.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
packages/botkit/src/bot-impl.ts 72.68% 92 Missing and 41 partials ⚠️
packages/botkit/src/repository.ts 77.72% 43 Missing and 2 partials ⚠️
packages/botkit-postgres/src/mod.ts 70.58% 19 Missing and 1 partial ⚠️
packages/botkit-sqlite/src/mod.ts 67.79% 17 Missing and 2 partials ⚠️
packages/botkit/src/instance-impl.ts 66.66% 7 Missing and 1 partial ⚠️
packages/botkit/src/message-impl.ts 96.49% 1 Missing and 1 partial ⚠️
Files with missing lines Coverage Δ
packages/botkit/src/bot.ts 100.00% <ø> (ø)
packages/botkit/src/message.ts 100.00% <ø> (ø)
packages/botkit/src/quote.ts 98.83% <100.00%> (+0.92%) ⬆️
packages/botkit/src/session-impl.ts 85.60% <100.00%> (+1.26%) ⬆️
packages/botkit/src/message-impl.ts 87.74% <96.49%> (+1.84%) ⬆️
packages/botkit/src/instance-impl.ts 77.18% <66.66%> (-0.30%) ⬇️
packages/botkit-sqlite/src/mod.ts 74.21% <67.79%> (-0.57%) ⬇️
packages/botkit-postgres/src/mod.ts 89.12% <70.58%> (-1.37%) ⬇️
packages/botkit/src/repository.ts 88.30% <77.72%> (-1.38%) ⬇️
packages/botkit/src/bot-impl.ts 85.13% <72.68%> (-3.04%) ⬇️
🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

🧹 Nitpick comments (4)
packages/botkit/src/message-impl.ts (1)

881-913: 🎯 Functional Correctness | 🔵 Trivial | 💤 Low value

quoteApprovalState "notRequired" check is vulnerable to a double-undefined false match.

quoteTarget.actor.id?.href === actor.id?.href (Line 890) evaluates to true when both sides are undefined, which would mark the state "notRequired" even though the quote target's author and this message's author are not actually known to be the same actor. Low-likelihood edge case (actors without an id), but worth guarding explicitly.

Proposed guard
   const quoteApprovalState = !authorized || quoteTarget == null
     ? undefined
-    : quoteTarget.actor.id?.href === actor.id?.href
+    : quoteTarget.actor.id != null && actor.id != null &&
+        quoteTarget.actor.id.href === actor.id.href
     ? "notRequired"
     : raw.quoteAuthorizationId == null
     ? "pending"
     : "accepted";
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/botkit/src/message-impl.ts` around lines 881 - 913, The
`quoteApprovalState` logic in `message-impl.ts` can incorrectly return
"notRequired" when both `quoteTarget.actor.id` and `actor.id` are undefined, so
tighten the `quoteTarget.actor.id?.href === actor.id?.href` check in the
`AuthorizedMessageImpl`/`MessageImpl` constructor path to only treat it as the
same actor when both IDs are actually present and match. Update the nested
conditional near `quoteApprovalState` to explicitly guard against missing actor
IDs before comparing, while keeping the existing pending/accepted branches
unchanged.
packages/botkit/src/session-impl.test.ts (1)

497-541: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Missing test coverage for the self-quote skip path.

The added assertions only cover the "quote a remote author's message" path (a QuoteRequest is sent). There's no test verifying that publishing a quote of the bot's own message does not trigger a QuoteRequest, which is the other branch of the new conditional in session-impl.ts (Line 424-428).

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/botkit/src/session-impl.test.ts` around lines 497 - 541, Add test
coverage for the self-quote branch in session-impl.test.ts around the existing
quote publishing cases. Reuse the same setup that exercises the quote flow via
the session/bot activity handling, but make the quoted message belong to the bot
itself and assert that no QuoteRequest is emitted in ctx.sentActivities while
the quote Create activity still occurs. Use the existing identifiers
QuoteRequest, Create, session.actorId, bot.identifier, and ctx.sentActivities to
locate the relevant assertions and cover the new conditional path in
session-impl.ts.
packages/botkit/src/repository.ts (1)

997-1008: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Unnecessary migration category for a brand-new feature.

"quoteAuthorizationRefs" is added to the legacy migration categories, but this storage concept did not exist before bot-actor scoping, so no unscoped legacy data could ever exist under this key. The loop is harmless (no-op if the KV list is empty), but it's dead code that could confuse future maintainers into thinking there's a legacy format to preserve.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/botkit/src/repository.ts` around lines 997 - 1008, The legacy
migration category list in repository.ts includes quoteAuthorizationRefs even
though it has no pre-scope legacy data to migrate. Remove quoteAuthorizationRefs
from the categories array in the migration loop so the legacy migration only
covers actual existing unscoped storage keys, keeping the logic in repository.ts
and its migration helper aligned with real legacy formats.
packages/botkit/src/repository.test.ts (1)

215-245: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Good regression coverage, but only for add.

This confirms addQuoteAuthorizationReference doesn't cache on underlying failure. Given the ordering concern flagged in repository.ts (cache-before-underlying on removeQuoteAuthorizationReference), consider adding a symmetric test here that fails removeQuoteAuthorizationReference on the underlying and asserts the cache still reflects the pre-removal state (or is invalidated only after a successful underlying delete).

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/botkit/src/repository.test.ts` around lines 215 - 245, Add a
symmetric regression test in MemoryCachedRepository covering
removeQuoteAuthorizationReference failure: create a failing underlying
repository for removeQuoteAuthorizationReference, pre-populate the cached state,
call removeQuoteAuthorizationReference, and assert the cache is not
cleared/changed when the underlying delete rejects. Use the existing
MemoryCachedRepository, MemoryRepository, and
addQuoteAuthorizationReference/findQuoteAuthorizationReference helpers in
repository.test.ts to keep the scenario parallel to the current add failure
test.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/concepts/events.md`:
- Around line 321-341: Clarify the Bot.onQuoteRejected lifecycle in the events
docs by noting that it is invoked not only for a remote rejection of a quote
request, but also when a later Delete-based revocation follows the same
strip-and-update path. Update the surrounding explanation near
onQuoteAccepted/onQuoteRejected to mention this additional trigger and keep the
handler description aligned with the implementation.

In `@packages/botkit/src/bot-impl.ts`:
- Around line 800-861: In `BotImpl.onDeleted` / `#stripRejectedQuote`, the
quote-authorization reference is removed before the message update succeeds,
which can orphan a rejected quote if `updateMessage` fails. Move the
`removeQuoteAuthorizationReference` call so it happens only after
`repository.updateMessage` completes successfully, mirroring the rollback-safe
pattern used in `#onQuoteAccepted`, and keep the existing checks in `onDeleted`,
`#stripRejectedQuote`, and `repository.updateMessage` aligned so failures do not
drop the routing reference prematurely.

In `@packages/botkit/src/repository.ts`:
- Around line 2705-2718: `removeQuoteAuthorizationReference` uses the wrong
write-through delete order and can leave `cache` stale or inconsistent. Update
`Repository.removeQuoteAuthorizationReference` to follow the same pattern as
`removeQuoteAuthorization`, `removeFollowee`, and `removeSentFollow`: delete
from `underlying` first, then invalidate `cache`. Keep the method name and the
`cache`/`underlying` calls intact, just swap their execution order.
- Around line 364-401: The local quote-message deletion/unshare flow leaves
behind stale quote-authorization mappings because `message-impl.ts` deletes the
message without clearing `quoteAuthorizationRefs`. Update the delete path that
removes bot-owned quote messages to also remove the matching authorization
reference via the repository API, using `removeQuoteAuthorizationReference`
alongside the existing quote-message cleanup. Make sure the logic identifies the
correct `identifier`, `authorization`, and `messageId` for the quote message so
the mapping is cleared whenever the local quote is deleted.

---

Nitpick comments:
In `@packages/botkit/src/message-impl.ts`:
- Around line 881-913: The `quoteApprovalState` logic in `message-impl.ts` can
incorrectly return "notRequired" when both `quoteTarget.actor.id` and `actor.id`
are undefined, so tighten the `quoteTarget.actor.id?.href === actor.id?.href`
check in the `AuthorizedMessageImpl`/`MessageImpl` constructor path to only
treat it as the same actor when both IDs are actually present and match. Update
the nested conditional near `quoteApprovalState` to explicitly guard against
missing actor IDs before comparing, while keeping the existing pending/accepted
branches unchanged.

In `@packages/botkit/src/repository.test.ts`:
- Around line 215-245: Add a symmetric regression test in MemoryCachedRepository
covering removeQuoteAuthorizationReference failure: create a failing underlying
repository for removeQuoteAuthorizationReference, pre-populate the cached state,
call removeQuoteAuthorizationReference, and assert the cache is not
cleared/changed when the underlying delete rejects. Use the existing
MemoryCachedRepository, MemoryRepository, and
addQuoteAuthorizationReference/findQuoteAuthorizationReference helpers in
repository.test.ts to keep the scenario parallel to the current add failure
test.

In `@packages/botkit/src/repository.ts`:
- Around line 997-1008: The legacy migration category list in repository.ts
includes quoteAuthorizationRefs even though it has no pre-scope legacy data to
migrate. Remove quoteAuthorizationRefs from the categories array in the
migration loop so the legacy migration only covers actual existing unscoped
storage keys, keeping the logic in repository.ts and its migration helper
aligned with real legacy formats.

In `@packages/botkit/src/session-impl.test.ts`:
- Around line 497-541: Add test coverage for the self-quote branch in
session-impl.test.ts around the existing quote publishing cases. Reuse the same
setup that exercises the quote flow via the session/bot activity handling, but
make the quoted message belong to the bot itself and assert that no QuoteRequest
is emitted in ctx.sentActivities while the quote Create activity still occurs.
Use the existing identifiers QuoteRequest, Create, session.actorId,
bot.identifier, and ctx.sentActivities to locate the relevant assertions and
cover the new conditional path in session-impl.ts.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 9925af43-9efe-47ed-af41-8115270b6fcb

📥 Commits

Reviewing files that changed from the base of the PR and between ef748db and fe1db02.

⛔ Files ignored due to path filters (1)
  • deno.lock is excluded by !**/*.lock
📒 Files selected for processing (22)
  • CHANGES.md
  • docs/concepts/events.md
  • docs/concepts/message.md
  • docs/concepts/repository.md
  • packages/botkit-postgres/src/mod.test.ts
  • packages/botkit-postgres/src/mod.ts
  • packages/botkit-sqlite/src/mod.test.ts
  • packages/botkit-sqlite/src/mod.ts
  • packages/botkit/src/bot-impl.test.ts
  • packages/botkit/src/bot-impl.ts
  • packages/botkit/src/bot.test.ts
  • packages/botkit/src/bot.ts
  • packages/botkit/src/events.ts
  • packages/botkit/src/instance-impl.ts
  • packages/botkit/src/instance-routing.test.ts
  • packages/botkit/src/message-impl.ts
  • packages/botkit/src/message.ts
  • packages/botkit/src/quote.ts
  • packages/botkit/src/repository.test.ts
  • packages/botkit/src/repository.ts
  • packages/botkit/src/session-impl.test.ts
  • packages/botkit/src/session-impl.ts

Comment thread docs/concepts/events.md Outdated
Comment thread packages/botkit/src/bot-impl.ts
Comment thread packages/botkit/src/repository.ts
Comment thread packages/botkit/src/repository.ts
Move quote-authorization reference cleanup after the message update that
strips a rejected or revoked quote.  Also clear the same reference when a
local quote message is deleted, and make the cached repository delete from
the durable store before invalidating its cache.

This keeps retries possible after transient update failures and avoids
stale authorization mappings after local deletes or cache races.

fedify-dev#32 (comment)
fedify-dev#32 (comment)
fedify-dev#32 (comment)
fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request implements support for consent-respecting quote posts using FEP-044f in BotKit. It introduces new event handlers (onQuoteAccepted and onQuoteRejected), updates database schemas with quote authorization reference tables, and implements the logic to send quote requests and handle remote approvals, rejections, or deletions. Feedback on the changes suggests adding a defensive check in parseQuoteAcceptance to prevent potential runtime errors if the approvals array is null or undefined.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread packages/botkit/src/quote.ts
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 137773ffe2

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/botkit/src/message-impl.ts Outdated
Quote policy parsing now treats missing remote approval lists as absent,
which keeps malformed interaction rules from aborting message parsing.

Authorized messages also refresh their public quotePolicy field after an
update changes the serialized interaction policy, so callers do not see
stale authorization rules on the same object instance.

fedify-dev#32 (comment)
fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

/gemini review

@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: dabba58373

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/botkit/src/bot-impl.ts Outdated
Comment thread CHANGES.md

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces support for consent-respecting quote posts using FEP-044f in BotKit. It adds new event handlers (onQuoteAccepted and onQuoteRejected), introduces quote authorization reference storage methods across PostgreSQL, SQLite, and KV/Memory repositories, and handles the processing of Accept, Reject, and Delete activities for quote requests. The feedback focuses on improving robustness by validating that incoming ID strings are valid UUIDs before executing database queries to prevent 500 errors, and wrapping asynchronous rollback operations in a try-catch block to avoid shadowing original errors during failures.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread packages/botkit/src/bot-impl.ts
Comment thread packages/botkit/src/bot-impl.ts
Comment thread packages/botkit/src/bot-impl.ts
Comment thread packages/botkit/src/bot-impl.ts
Quote request IDs that come from local ActivityPub URLs are now checked
before they reach repository lookups, so malformed public URLs do not leak
storage-specific UUID errors through the inbox or object dispatcher.

Quote acceptance updates now include reply target actors when they fan out
the stored message update.  Rollback cleanup for failed acceptance updates
also logs cleanup failures without hiding the original update error.

fedify-dev#32 (comment)
fedify-dev#32 (comment)
fedify-dev#32 (comment)
fedify-dev#32 (comment)
fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request implements support for consent-respecting quote posts using FEP-044f in BotKit. Key changes include adding onQuoteAccepted and onQuoteRejected event handlers, introducing quote authorization reference storage in the PostgreSQL, SQLite, and KV repositories, and updating message interfaces to expose quote approval states. Additionally, the bot implementation now handles incoming quote request acceptances, rejections, and deletions, including stripping quote targets when rejected. The feedback suggests optimizing the lookup of mentioned actors in bot-impl.ts by resolving them in parallel with Promise.all to prevent potential performance bottlenecks.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread packages/botkit/src/bot-impl.ts Outdated

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 02c0a2343d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/botkit/src/bot-impl.ts Outdated
Comment thread CHANGES.md
Quote authorization deletions now rely on the stored authorization stamp
reference instead of refetching the original quote target.  This lets a
revocation strip the local quote even after the quoted object disappears or
becomes inaccessible.

Quote update fanout also resolves mentioned actors in parallel, avoiding
sequential lookup latency for posts with multiple mentions.

fedify-dev#32 (comment)
fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

/gemini review

@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request implements support for consent-respecting quote posts using FEP-044f. It introduces QuoteRequest activities, QuoteAuthorization stamps, and corresponding event handlers (onQuoteAccepted and onQuoteRejected). To support this, new database tables and repository methods (addQuoteAuthorizationReference, findQuoteAuthorizationReference, removeQuoteAuthorizationReference) have been added across SQLite, Postgres, and KV backends to map received authorization stamps back to local quote messages. The message models have also been updated to expose quotePolicy and quoteApprovalState, and incoming Accept, Reject, and Delete activities are now handled to update or strip quote targets accordingly. There are no review comments, and I have no additional feedback to provide.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8bb71d607c

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/botkit/src/bot-impl.ts

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/botkit/src/bot-impl.test.ts`:
- Line 4229: The test in bot-impl.test.ts is using an unsafe `as unknown as
RequestContext<void>` double assertion on `ctx`, which bypasses type safety
instead of resolving the mismatch. Update the mock typing around
`createMockInboxContext` and the `dispatchQuoteRequest` call so `ctx` is
assignable to `RequestContext<void>` without a double cast, or narrow the
assertion to only the specific missing member(s) needed. Keep the fix localized
around `dispatchQuoteRequest` and the mock context helper.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2a5f8c84-698f-42d3-88cd-212e3e519313

📥 Commits

Reviewing files that changed from the base of the PR and between fe1db02 and 8bb71d6.

📒 Files selected for processing (9)
  • docs/concepts/events.md
  • packages/botkit/src/bot-impl.test.ts
  • packages/botkit/src/bot-impl.ts
  • packages/botkit/src/message-impl.test.ts
  • packages/botkit/src/message-impl.ts
  • packages/botkit/src/quote.test.ts
  • packages/botkit/src/quote.ts
  • packages/botkit/src/repository.test.ts
  • packages/botkit/src/repository.ts
✅ Files skipped from review due to trivial changes (1)
  • docs/concepts/events.md
🚧 Files skipped from review as they are similar to previous changes (4)
  • packages/botkit/src/quote.ts
  • packages/botkit/src/repository.ts
  • packages/botkit/src/bot-impl.ts
  • packages/botkit/src/message-impl.ts

Comment thread packages/botkit/src/bot-impl.test.ts Outdated
Quote request dispatch now reuses the message visibility checker before it
reconstructs the FEP-044f request object.  This keeps followers-only and
direct quote metadata from being exposed through a leaked request URL.

The malformed ID regression test now uses a real RequestContext, so it no
longer needs an unsafe double assertion around the mock inbox context.

fedify-dev#32 (comment)
fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@gemini-code-assist

Copy link
Copy Markdown

Warning

Gemini encountered an error creating the review. You can try again by commenting /gemini review.

Quote approval writes can lose a race with message deletion.  When the
repository reports that the message was not updated, the authorization
reference needs the same cleanup as thrown update failures, and the
approval update should not be delivered.

fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces support for consent-respecting quote posts using FEP-044f, including sending quote requests, handling accepted/rejected quote approvals, and managing quote authorization references in SQLite, Postgres, and KV repositories. The review feedback highlights a high-severity issue in packages/botkit/src/bot-impl.ts where the return value of updateMessage is not checked in #stripRejectedQuote, which could lead to inconsistent state if the message update fails.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread packages/botkit/src/bot-impl.ts Outdated

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 8cf429f410

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/botkit/src/bot-impl.ts
Quote revocation updates now treat a missing message update as a failed
write path: the stale authorization reference is removed, but no update
activity or callback is emitted for a message that was not changed.

Received quote authorization references also retain the approving actor
so a later Delete must come from the actor that issued the stamp, not
just from another actor on the same origin.

fedify-dev#32 (comment)
fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request implements support for consent-respecting quote posts using FEP-044f. It introduces automatic QuoteRequest delivery when publishing a quote post targeting a remote actor, handles incoming Accept (approval), Reject (rejection), and Delete (revocation) activities for these requests, and updates local quote messages accordingly (applying authorization stamps or stripping quote content). It also adds new event handlers (onQuoteAccepted, onQuoteRejected), properties (quotePolicy, quoteApprovalState), and repository methods to manage quote authorization references across memory, KV, SQLite, and PostgreSQL backends. I have no additional feedback to provide as there are no review comments.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 3809a7f942

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/botkit/src/session-impl.ts
Private quote requests point the quoted author at the newly published
instrument, so the stored note has to authorize that actor to fetch it.
Add the quoted author to followers-only and direct quote audiences unless
that actor is already included by a mention.

fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

/gemini review

@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request implements support for consent-respecting quote posts using FEP-044f, adding new event handlers (onQuoteAccepted, onQuoteRejected), database tables for tracking quote authorization references, and logic to handle quote approvals, rejections, and deletions. The review feedback highlights a critical bug where options.quoteTarget is accessed without a nullish check, which could throw a TypeError at runtime. Additionally, improvements are suggested to prevent duplicate activity deliveries when the quote author is also a reply target or mentioned in the post.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread packages/botkit/src/session-impl.ts
Comment thread packages/botkit/src/bot-impl.ts Outdated
Comment thread packages/botkit/src/bot-impl.ts

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1bae600226

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/botkit/src/session-impl.ts
Comment thread packages/botkit/src/bot-impl.ts
Quote approvals now stamp the latest stored message instead of an earlier
snapshot, so concurrent edits cannot be rolled back. Quote update delivery
also tracks addressed actors to avoid sending the same Update more than
once when quote, reply, and mention recipients overlap.

Direct private quotes treat the quoted author as an intentional direct
recipient and keep that author in the audience when the quote is edited.

fedify-dev#32 (comment)
fedify-dev#32 (comment)
fedify-dev#32 (comment)
fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

/gemini review

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces support for consent-respecting quote posts using FEP-044f in BotKit. It adds new event handlers (onQuoteAccepted and onQuoteRejected), introduces quote authorization reference methods and database tables in SQLite and Postgres repositories, and implements the flow for sending quote requests and handling their acceptance, rejection, or deletion. Additionally, it updates message properties to expose quote policies and approval states. Feedback on the changes highlights an inconsistency in AuthorizedMessageImpl.update(), where a check is missing to prevent the bot from adding itself to the audience of a private self-quote, unlike the implementation in SessionImpl.publish().

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread packages/botkit/src/message-impl.ts

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2561994ef7

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/botkit/src/bot-impl.ts Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/botkit/src/message-impl.ts`:
- Around line 476-481: Align SessionImpl.update() with SessionImpl.publish() by
adding the missing self-quote guard when computing privateQuoteAudienceIds.
Update the quoteTargetActorId/mentionedActorIds check so a self-quote does not
add the bot’s own actor URI to tos, matching the recipient set produced in
publish(). Use the existing quote/audience logic in publish() as the reference
point and keep the behavior consistent for followers/direct visibility.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: cb320b88-3df9-492c-91b2-85a2ec0cf387

📥 Commits

Reviewing files that changed from the base of the PR and between a0af94b and 2561994.

📒 Files selected for processing (9)
  • packages/botkit-postgres/src/mod.ts
  • packages/botkit-sqlite/src/mod.ts
  • packages/botkit/src/bot-impl.test.ts
  • packages/botkit/src/bot-impl.ts
  • packages/botkit/src/instance-routing.test.ts
  • packages/botkit/src/message-impl.ts
  • packages/botkit/src/repository.ts
  • packages/botkit/src/session-impl.test.ts
  • packages/botkit/src/session-impl.ts
🚧 Files skipped from review as they are similar to previous changes (2)
  • packages/botkit/src/instance-routing.test.ts
  • packages/botkit/src/bot-impl.ts

Comment thread packages/botkit/src/message-impl.ts
Quote rejection and revocation now strip quote fields from the latest
stored Create instead of an earlier snapshot, so concurrent local edits are
preserved while the quote is removed.

Private quote updates also keep the publish-time self-quote audience rule,
avoiding a redundant self actor recipient when a bot edits its own quote.

fedify-dev#32 (comment)
fedify-dev#32 (comment)
fedify-dev#32 (comment)

Assisted-by: Codex:gpt-5.5
@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

@codex review

@dahlia

dahlia commented Jul 6, 2026

Copy link
Copy Markdown
Member Author

/gemini review

@chatgpt-codex-connector

Copy link
Copy Markdown

Codex Review: Didn't find any major issues. 👍

Reviewed commit: a93dd0db85

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@gemini-code-assist

Copy link
Copy Markdown

Warning

Gemini encountered an error creating the review. You can try again by commenting /gemini review.

@dahlia dahlia merged commit c9aae4c into fedify-dev:main Jul 6, 2026
4 of 5 checks passed
@dahlia dahlia deleted the fep-044f/outbound branch July 6, 2026 15:47
@dahlia dahlia linked an issue Jul 6, 2026 that may be closed by this pull request
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

enhancement New feature or request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Request approval when publishing quote posts (FEP-044f)

1 participant