Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fix: include all reviewers in GitHubReview and fixes issue #3440 #4775

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
DonnieBLT merged 2 commits into from
Nov 15, 2025
Merged

Fix: include all reviewers in GitHubReview and fixes issue #3440 #4775

DonnieBLT merged 2 commits into from
Nov 15, 2025
+33 −15

Conversation

@Krishiv-Mahajan
Copy link
Contributor

@Krishiv-Mahajan Krishiv-Mahajan commented Nov 11, 2025
edited by coderabbitai bot
Loading

This pr fix issue #3440 review Leaderboard so it shows the users who have reviewed PRs on the projects / repos

This PR fixes a logic issue in update_github_issues.py where only reviews made by the PR author were stored.
As a result, the Code Review Leaderboard had missing data.

Fixes #3440

Summary by CodeRabbit

  • Bug Fixes
    • Capture and store reviews from any reviewer (no longer limited to the PR author), associating reviews with matching user profiles when found.
    • Add resilient handling for missing or failing reviewer profile lookups: log warnings and continue processing reviews without blocking overall pull request handling.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Nov 11, 2025
edited
Loading

Walkthrough

Updated the GitHub issues management command to store reviews from any reviewer by deriving reviewer_login from review["user"]["login"], resolving a matching UserProfile via an exact github_url (https://github.com/{login}), creating/updating GitHubReview with the resolved reviewer when found, and logging/skipping reviews when no profile is found or lookup errors occur.

Changes

Cohort / File(s) Summary
GitHub Issues Command Review Processing
website/management/commands/update_github_issues.py		 Derive reviewer_login from review["user"]["login"]; perform exact UserProfile lookup using github_url = https://github.com/{login}; if a matching UserProfile is found, create/update GitHubReview with reviewer set to that profile; if not found or lookup raises, log a warning and skip storing that review. PR and bulk update flow otherwise unchanged.

Sequence Diagram

sequenceDiagram
    participant cmd as update_github_issues command
    participant gh as GitHub API
    participant db as Database

    cmd->>gh: Fetch PR reviews
    gh-->>cmd: Reviews (each includes review["user"]["login"])

    loop For each review
        cmd->>cmd: Extract reviewer_login = review["user"]["login"]
        cmd->>db: Query UserProfile where github_url == "https://github.com/{reviewer_login}"
        alt Profile found
            cmd->>db: Create/Update GitHubReview with reviewer = UserProfile
            db-->>cmd: Success
        else Profile not found
            cmd->>cmd: Log warning and skip storing review
        end
        opt Lookup error
            cmd->>cmd: Log warning and continue
        end
    end

    cmd->>db: Bulk update PR records (unchanged flow)
    db-->>cmd: Complete
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

  • Inspect github_url exact-match logic for edge cases (trailing slashes, case sensitivity).
  • Verify logging paths and that exceptions during lookup don't abort PR processing.
  • Confirm tests or manual checks cover reviewers without profiles and reviewers with profiles.
  • Check potential performance impact of per-review profile queries; consider batching or caching.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: including all reviewers in GitHubReview and references the fixed issue #3440.
Linked Issues check ✅ Passed The PR addresses the core requirement from issue #3440 by fixing the logic to store reviews from all users, not just PR authors, ensuring reviewers appear on the leaderboard.
Out of Scope Changes check ✅ Passed All changes are scoped to fixing the reviewer storage logic in update_github_issues.py to resolve the leaderboard issue; no unrelated modifications detected.
✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot requested changes Nov 11, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🧹 Nitpick comments (1)
website/management/commands/update_github_issues.py (1)

143-168: Consider pre-loading UserProfiles to reduce database queries.

The current implementation queries the database for each review to find the reviewer's UserProfile. For PRs with many reviews, this could result in numerous queries. Consider pre-loading all UserProfiles into a dictionary at the start of the command for better performance.

Example optimization:

# At the start of handle() method, after line 17
github_username_to_profile = {}
for profile in users_with_github:
    username = profile.github_url.rstrip('/').split('/')[-1]
    github_username_to_profile[username.lower()] = profile

# Then in the review loop, replace lines 147-149 with:
reviewer_profile = github_username_to_profile.get(reviewer_login.lower())
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 0668a4a and 9547aac.

📒 Files selected for processing (1)
  • website/management/commands/update_github_issues.py (1 hunks)
🧰 Additional context used
🪛 Ruff (0.14.4)
website/management/commands/update_github_issues.py

165-165: Do not catch blind exception: Exception

(BLE001)

167-167: Use explicit conversion flag

Replace with conversion flag

(RUF010)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: Run Tests
  • GitHub Check: docker-test
🔇 Additional comments (1)
website/management/commands/update_github_issues.py (1)

140-141: LGTM! Comment accurately reflects the fix.

The updated comment clearly indicates the intended behavior change to capture reviews from all users, which aligns with the PR objective to fix the Code Review Leaderboard.

@github-project-automation github-project-automation bot moved this from Backlog to Ready in 📌 OWASP BLT Project Board Nov 11, 2025
coderabbitai[bot]
coderabbitai bot reviewed Nov 11, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

♻️ Duplicate comments (1)
website/management/commands/update_github_issues.py (1)

169-174: Address the exception handling concern from the previous review.

This broad Exception catch and the string formatting issue were already flagged in a previous review comment. Please catch specific exceptions (UserProfile.DoesNotExist, UserProfile.MultipleObjectsReturned) and use the explicit conversion flag {e!s} instead of str(e).

Apply this diff as suggested in the previous review:

-                                        except Exception as e:
+                                        except (UserProfile.DoesNotExist, UserProfile.MultipleObjectsReturned) as e:
                                             self.stdout.write(
-                                                self.style.WARNING(f"Could not find UserProfile for reviewer {reviewer_login}: {str(e)}")
+                                                self.style.WARNING(f"Could not find UserProfile for reviewer {reviewer_login}: {e!s}")
                                             )
🧹 Nitpick comments (1)
website/management/commands/update_github_issues.py (1)

153-168: Add logging when reviews are skipped due to missing UserProfile.

When reviewer_profile is None (line 153), the review is silently skipped with no indication in the logs. This makes it difficult to debug incomplete leaderboard data or identify reviewers who should have profiles created.

Apply this diff to log skipped reviews:

                                            if reviewer_profile:
                                                GitHubReview.objects.update_or_create(
                                                    review_id=review["id"],
                                                    defaults={
                                                        "pull_request": github_issue,
                                                        "reviewer": reviewer_profile,  # The actual reviewer, not the PR author
                                                        "body": review.get("body", ""),
                                                        "state": review["state"],
                                                        "submitted_at": timezone.make_aware(
                                                            datetime.strptime(
                                                                review["submitted_at"], "%Y-%m-%dT%H:%M:%SZ"
                                                            )
                                                        ),
                                                        "url": review["html_url"],
                                                    },
                                                )
+                                            else:
+                                                self.stdout.write(
+                                                    self.style.WARNING(
+                                                        f"Skipping review by {reviewer_login} (no UserProfile found)"
+                                                    )
+                                                )
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between 9547aac and e12258b.

📒 Files selected for processing (1)
  • website/management/commands/update_github_issues.py (1 hunks)
🧰 Additional context used
🪛 Ruff (0.14.4)
website/management/commands/update_github_issues.py

169-169: Do not catch blind exception: Exception

(BLE001)

172-172: Use explicit conversion flag

Replace with conversion flag

(RUF010)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: Run Tests
  • GitHub Check: docker-test
🔇 Additional comments (2)
website/management/commands/update_github_issues.py (2)

140-140: LGTM! Comment clarifies the fix.

The updated comment accurately reflects the corrected behavior of storing reviews from any user, which directly addresses the bug described in issue #3440.

148-151: Use iendswith for more robust URL matching, or normalize github_url values.

The current approach using __iexact on lines 149-150 requires an exact string match. This will silently fail if any stored github_url values have trailing slashes (e.g., "https://github.com/username/" vs "https://github.com/username"), causing valid reviews to be skipped. While your code constructs URLs without trailing slashes, Django's URLField validator accepts both forms, creating inconsistency risk.

The codebase already recognizes this pattern: extract_github_username() in website/views/user.py line 75 normalizes URLs by stripping trailing slashes, indicating prior awareness of this issue.

Recommended fix:

-                                            expected_github_url = f"https://github.com/{reviewer_login}"
-                                            reviewer_profile = UserProfile.objects.filter(
-                                                github_url__iexact=expected_github_url
-                                            ).first()
+                                            reviewer_profile = UserProfile.objects.filter(
+                                                github_url__iendswith=f"/{reviewer_login}"
+                                            ).first()

This handles both https://github.com/{username} and https://github.com/{username}/, and is case-insensitive by default for URL schemes.

Alternatively, add a clean() method to normalize github_url on the UserProfile model to strip trailing slashes on save.

@Krishiv-Mahajan
Copy link
Contributor Author

Krishiv-Mahajan commented Nov 11, 2025

Hi @DonnieBLT
This PR fixes the issue #3440 where the Code Review Leaderboard didn’t display reviewers correctly.
The logic now stores all reviewers (not just PR authors), and all checks have passed .

Would you mind reviewing when you get a chance?

@DonnieBLT DonnieBLT requested a review from Copilot November 11, 2025 13:36
Copilot AI reviewed Nov 11, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR fixes issue #3440 by correcting the logic in the GitHub review data collection process to capture reviews from all reviewers, not just PR authors. Previously, the Code Review Leaderboard had missing data because only reviews made by the PR author were stored.

  • Removed the condition that filtered reviews to only those made by the PR author
  • Added logic to look up reviewer UserProfiles based on their GitHub URL
  • Implemented error handling for cases where reviewer profiles cannot be found

@DonnieBLT DonnieBLT merged commit 57c0c17 into OWASP-BLT:main Nov 15, 2025
23 checks passed
@DonnieBLT
Copy link
Collaborator

DonnieBLT commented Nov 15, 2025

deployed, please test it and let me know if it worked

@Krishiv-Mahajan Krishiv-Mahajan deleted the review-leadership-issue branch December 19, 2025 17:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

No one assigned

Labels

None yet

Projects

📌 OWASP BLT Project Board
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

fix the Code Review Leaderboard so it shows the users who have reviewed PRs on the projects / repos

2 participants

@Krishiv-Mahajan @DonnieBLT