Add Shell Society nomination flow#16
Conversation
|
Codex review: needs real behavior proof before merge. Reviewed June 25, 2026, 1:28 PM ET / 17:28 UTC. Summary Reproducibility: not applicable. for a new feature PR. Current main has no Shell Society nomination flow, and the PR body explicitly says the live Discord paths were not exercised. Review metrics: 3 noteworthy metrics.
Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Proof guidance:
Mantis proof suggestion Risk before merge
Maintainer options:
Next step before merge
Security Review detailsBest possible solution: Keep the PR open until maintainers approve the Shell Society role policy and rollout plan, and redacted live Discord proof shows nomination, three approvals, expiry edit, and role grant end to end. Do we have a high-confidence way to reproduce the issue? Not applicable for a new feature PR. Current main has no Shell Society nomination flow, and the PR body explicitly says the live Discord paths were not exercised. Is this the best way to solve the issue? Unclear until live proof and maintainer approval are added. The implementation follows the repo's Carbon registration patterns and uses a channel-message route, but the role-granting policy and production rollout still need human ownership. AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against a8e175303311. Label changesLabel justifications:
Evidence reviewedSecurity concerns:
What I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
|
|
Updated PR head
Validation rerun: Remaining gap: live Discord slash-command/button/role-grant proof still needs a deployed or tunneled Worker endpoint with migrations applied and bot role permissions configured. |
|
Correction pushed at This supersedes my previous comment that said two approvals. Validation rerun: |
|
Pushed review-driven update at Changed:
Validation rerun:
|
|
@clawsweeper review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
|
Pushed ClawSweeper P1 fix at Changed:
Validation rerun:
Remaining gap: live Discord proof is still needed for slash command registration, button clicks, public message visibility/edits, scheduled expiry, and actual role grant. |
|
@clawsweeper review |
|
🦞🧹 I asked ClawSweeper to review this item again. |
Summary
/nominatewith required user and reason options for Shell Society nominationsThis nomination has expired.during the scheduled sweepRoot Cause
contentreplies in new paths even though this repo requires Carbon v2 components.onConflictDoNothing()can reject the duplicate insert.Real behavior proof
Closest feasible local proof was Bun tests plus a Wrangler bundle dry-run. The nomination migration test now applies the nomination migrations through
0007, verifies three configured approvals, rejects duplicate approver rows, rejects duplicate submitted nominations, allows later nominations after approved/expired statuses, backfills expiry for pre-expiry rows, and covers legacy/null expiry rows so they can be expired instead of getting stuck. The Worker also bundled successfully in dry-run mode without deploying.Deployment notes
Verification
bun test tests/nominations.test.ts- 8 pass, 0 failbun test- 26 pass, 0 failbun run typecheck- passedbun run db:generate- no schema changes, nothing to migratebun run deploy:dry-run- Worker bundle completed and exited with--dry-rungit diff --check- cleancodex review --uncommitted- no actionable correctness issues found after the expiry and channel-message fixesWhat was not tested