Conversation
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
#53) Clarify that coding-agents-prompting-flow.md is a Rosetta KB path, not a repo file
* fix(claude): category field is not recognized * Bump versions
* Fix codex hooks
* Fix use of requirements skill * Fixed AI tele-typing what user is saying and providing change EXPLANATIONS in requirements
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
* Introduce GitHub auth * Add oauth_base_url to oauth_configured gate for all three modes Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
validate-types.sh runs rosettify TypeScript typecheck via npm, but the publish-ims-mcp and rosetta-mcp-dockerhub pipelines did not install Node.js or rosettify dependencies. Adds setup-node and npm ci steps. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Aligns with the pattern used in publish-rosettify.yml. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
Signed-off-by: isolomatov-gd <isolomatov@griddynamics.com>
sharkich
requested review from
YevheniiaLementova,
isolomatov-gd,
k-bieniek,
kkhristenko51,
omaiesh and
scappuccino-grid
as code owners
github-actions
Bot
added
the
documentation
Contributor
Rosetta Triage ReviewSummary: This PR enhances the Rosetta plugin system and OAuth authentication documentation by adding a third OAuth mode ( Findings:
Suggestions:
Automated triage by Rosetta agent |
There was a problem hiding this comment.
Pull request overview
This PR updates Rosetta’s plugin generation/distribution and documentation, expands OAuth support to include GitHub mode, and adjusts CI/test setup to support the updated Node/tooling requirements.
Changes:
- Add GitHub OAuth mode (
ROSETTA_OAUTH_MODE=github) with config validation updates and test coverage. - Update plugin generator + generated plugin artifacts (indexes, bootstrap scripts, removed legacy bootstrap/local-files-mode rule files, updated manifests).
- Refresh docs and workflows (installation/deployment/architecture/auth) and CI scripts (Node 24, rosettify deps/build in pipelines).
Reviewed changes
Copilot reviewed 66 out of 67 changed files in this pull request and generated 11 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/plugin_generator.py | Exclude specific rule files during plugin sync; generate workflows/INDEX.md in addition to rules/INDEX.md. |
| run-tests.sh | Builds rosettify before running its tests. |
| rosettify/package-lock.json | Locks rosettify dependencies/version updates. |
| rosetta-mcp-server/pyproject.toml | Bumps server version and aligns dependency on ims-mcp. |
| rosetta-mcp-server/README.md | Documents new github OAuth mode and updated env var requirements. |
| plugins/rosetta/.claude-plugin/plugin.json | Bumps plugin version and removes category. |
| plugins/core-cursor/workflows/requirements-authoring-flow.md | Updates workflow description to explicitly require the skill usage. |
| plugins/core-cursor/workflows/INDEX.md | Adds workflows index file for plugin bootstrap context. |
| plugins/core-cursor/skills/requirements-authoring/SKILL.md | Adds additional authoring rules. |
| plugins/core-cursor/skills/load-context/SKILL.md | Rewrites load-context guidance into an ordered list with truncation handling. |
| plugins/core-cursor/rules/local-files-mode.md | Removes legacy rule from generated plugin output. |
| plugins/core-cursor/rules/bootstrap.md | Removes legacy rule from generated plugin output. |
| plugins/core-cursor/rules/INDEX.md | Removes references to deleted legacy rule files. |
| plugins/core-cursor/.cursor-plugin/plugin.json | Removes embedded MCP server config; updates description/version. |
| plugins/core-copilot/workflows/requirements-authoring-flow.md | Updates workflow description to explicitly require the skill usage. |
| plugins/core-copilot/skills/requirements-authoring/SKILL.md | Adds additional authoring rules. |
| plugins/core-copilot/skills/load-context/SKILL.md | Rewrites load-context guidance into an ordered list with truncation handling. |
| plugins/core-copilot/rules/local-files-mode.md | Removes legacy rule from generated plugin output. |
| plugins/core-copilot/rules/bootstrap.md | Removes legacy rule from generated plugin output. |
| plugins/core-copilot/rules/INDEX.md | Removes references to deleted legacy rule files. |
| plugins/core-copilot/rosetta-bootstrap.sh | Prepends stronger “read fully” instruction to bootstrap context. |
| plugins/core-copilot/.mcp.json | Removes embedded MCP config file. |
| plugins/core-copilot/.github/plugin/rosetta-bootstrap.sh | Aligns bootstrap wrapper messaging with root script. |
| plugins/core-copilot/.github/plugin/plugin.json | Removes mcpServers entry; bumps version/description. |
| plugins/core-copilot/.github/plugin/.mcp.json | Removes embedded MCP config file. |
| plugins/core-codex/.codex/hooks.json | Makes bootstrap hook resilient to being invoked from subdirectories. |
| plugins/core-codex/.codex-plugin/plugin.json | Removes MCP reference; bumps version/description. |
| plugins/core-codex/.codex-plugin/hooks.json | Makes bootstrap hook resilient to being invoked from subdirectories. |
| plugins/core-codex/.codex-plugin/.mcp.json | Removes embedded MCP config file. |
| plugins/core-codex/.agents/workflows/requirements-authoring-flow.md | Updates workflow description to explicitly require the skill usage. |
| plugins/core-codex/.agents/skills/requirements-authoring/SKILL.md | Adds additional authoring rules. |
| plugins/core-codex/.agents/skills/load-context/SKILL.md | Rewrites load-context guidance into an ordered list with truncation handling. |
| plugins/core-codex/.agents/rules/local-files-mode.md | Removes legacy rule from generated plugin output. |
| plugins/core-codex/.agents/rules/bootstrap.md | Removes legacy rule from generated plugin output. |
| plugins/core-codex/.agents/rules/INDEX.md | Removes references to deleted legacy rule files. |
| plugins/core-claude/workflows/requirements-authoring-flow.md | Updates workflow description to explicitly require the skill usage. |
| plugins/core-claude/workflows/INDEX.md | Adds workflows index file for plugin bootstrap context. |
| plugins/core-claude/skills/requirements-authoring/SKILL.md | Adds additional authoring rules. |
| plugins/core-claude/skills/load-context/SKILL.md | Rewrites load-context guidance into an ordered list with truncation handling. |
| plugins/core-claude/rules/local-files-mode.md | Removes legacy rule from generated plugin output. |
| plugins/core-claude/rules/bootstrap.md | Removes legacy rule from generated plugin output. |
| plugins/core-claude/rules/INDEX.md | Removes references to deleted legacy rule files. |
| plugins/core-claude/.claude-plugin/rosetta-bootstrap.sh | Adds a bootstrap hook script that emits additionalContext with locking. |
| plugins/core-claude/.claude-plugin/plugin.json | Switches SessionStart hook to call the bootstrap script; removes MCP config; bumps version/description. |
| instructions/r2/core/workflows/requirements-authoring-flow.md | Updates workflow description to explicitly require the skill usage. |
| instructions/r2/core/skills/requirements-authoring/SKILL.md | Adds additional authoring rules. |
| instructions/r2/core/skills/load-context/SKILL.md | Rewrites load-context guidance into an ordered list with truncation handling. |
| ims-mcp-server/tests/test_oauth.py | Adds coverage for oauth_base_url requirement + GitHub OAuth mode provider behavior. |
| ims-mcp-server/pyproject.toml | Bumps IMS MCP server version. |
| ims-mcp-server/ims_mcp/constants.py | Adds OAUTH_MODE_GITHUB constant. |
| ims-mcp-server/ims_mcp/config.py | Requires oauth_base_url for all OAuth modes and adds GitHub mode support in config validation. |
| ims-mcp-server/ims_mcp/auth/oauth.py | Adds GitHub provider construction + unknown mode error; updates documentation text. |
| ims-mcp-server/README.md | Documents new github OAuth mode and updated env var requirements. |
| docs/web/docs/installation.md | Updates mode comparison table and plugin install instructions (pre-release). |
| docs/web/docs/deployment.md | Documents OAuth mode matrix including GitHub mode and required env vars. |
| docs/web/docs/contributing.md | Adds note about grid being an enterprise extension not in OSS repo. |
| docs/web/docs/architecture.md | Documents plugin generation/distribution (pre-release). |
| docs/AUTHENTICATION.md | Expands to three OAuth modes and adds GitHub mode documentation. |
| docs/ARCHITECTURE.md | Expands to three OAuth modes and documents plugin generation/distribution (pre-release). |
| INSTALLATION.md | Updates mode comparison table and plugin install instructions (pre-release). |
| DEPLOYMENT_GUIDE.md | Documents OAuth mode matrix including GitHub mode and required env vars. |
| CONTRIBUTING.md | Adds note about grid scope being enterprise-only; clarifies MCP example header. |
| .github/workflows/rosetta-mcp-dockerhub.yaml | Adds Node 24 + npm ci for rosettify before validation. |
| .github/workflows/publish-rosettify.yml | Updates Node version from 22 to 24. |
| .github/workflows/publish-ims-mcp.yml | Adds Node 24 + npm ci for rosettify before validation. |
| .github/CODEOWNERS | Updates owners for docs/instructions/plans and top-level markdown. |
| .claude-plugin/marketplace.json | Bumps marketplace metadata version. |
Files not reviewed (1)
- rosettify/package-lock.json: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| - Each file defines one area abbreviation | ||
| - All other documents are target-state only | ||
| - Never write change explanations | ||
| - Consider that user input maybe provided for your understanding for you to properly make changes |
There was a problem hiding this comment.
Grammar: “user input maybe provided” → “user input may be provided”. As written, it reads like a typo and can be distracting in a high-signal rule list.
Comment on lines
23
to
25
| Returns ``None`` when the transport is not HTTP or when required OAuth | ||
| environment variables are missing. In that case the server runs without | ||
| authentication (STDIO mode uses ``ROSETTA_API_KEY`` directly). |
There was a problem hiding this comment.
The docstring says this function returns None when required OAuth env vars are missing and the server runs without authentication, but the implementation raises ValueError when config.oauth_configured is false. Please update the docstring (and/or behavior) so they match, otherwise readers will assume HTTP can run unauthenticated when it cannot.
Suggested change
| Returns ``None`` when the transport is not HTTP or when required OAuth | |
| environment variables are missing. In that case the server runs without | |
| authentication (STDIO mode uses ``ROSETTA_API_KEY`` directly). | |
| Returns ``None`` when the transport is not HTTP. For HTTP transport, | |
| OAuth configuration is required; if it is missing, this function raises | |
| ``ValueError`` rather than running the server without authentication. | |
| STDIO mode uses ``ROSETTA_API_KEY`` directly. |
Comment on lines
401
to
+413
| def oauth_configured(self) -> bool: | ||
| """True when all required OAuth fields are set.""" | ||
| """True when all required OAuth fields are set. | ||
|
|
||
| ``oauth_base_url`` is checked for all modes so misconfigured | ||
| deployments fail fast with a clear error instead of crashing | ||
| inside the provider constructor. | ||
| """ | ||
| base = bool(self.oauth_client_id and self.oauth_client_secret and self.oauth_base_url) | ||
| if self.oauth_mode == OAUTH_MODE_OIDC: | ||
| return bool( | ||
| self.oauth_oidc_config_url | ||
| and self.oauth_client_id | ||
| and self.oauth_client_secret | ||
| ) | ||
| return bool( | ||
| return base and bool(self.oauth_oidc_config_url) | ||
| if self.oauth_mode == OAUTH_MODE_GITHUB: | ||
| return base | ||
| return base and bool( |
There was a problem hiding this comment.
oauth_configured now requires oauth_base_url for all modes, but resolve_oauth_base_url() still has a fallback to http_host:http_port. With the new oauth_configured logic, that fallback becomes effectively unused for HTTP auth and can confuse operators about what’s actually required. Consider either (a) allowing the fallback by not requiring oauth_base_url here, or (b) removing the fallback / updating related docs so the contract is consistent.
Comment on lines
+440
to
+441
| 3. Delete files not needed for JetBrains: `.github/.mcp.json`, `.github/hooks.json`, `.github/templates`, `.github/rules/bootstrap.md` | ||
| 4. Copy the contents of `.github/rules/plugin-files-mode.md` into `.github/copilot-instructions.md` and append before the closing `</plugin_files_mode>` tag: `Rosetta plugin root: ".github", get_context_instructions: must read fully all five "cat .github/rules/bootstrap-*.md" files all lines. You MUST FOLLOW ALL instructions and then MUST select workflow and execute it. All workflows are stored in ".github/rules/<workflowtag>.md".` |
There was a problem hiding this comment.
These JetBrains Copilot steps reference files/paths that no longer exist in the generated core-copilot plugin (e.g. .github/.mcp.json, .github/rules/bootstrap.md), and they say workflows live under .github/rules/<workflowtag>.md even though the plugin’s workflows are under .github/workflows/. Please update the instructions to match the current archive contents and directory layout so users don’t follow broken cleanup/copy steps.
Suggested change
| 3. Delete files not needed for JetBrains: `.github/.mcp.json`, `.github/hooks.json`, `.github/templates`, `.github/rules/bootstrap.md` | |
| 4. Copy the contents of `.github/rules/plugin-files-mode.md` into `.github/copilot-instructions.md` and append before the closing `</plugin_files_mode>` tag: `Rosetta plugin root: ".github", get_context_instructions: must read fully all five "cat .github/rules/bootstrap-*.md" files all lines. You MUST FOLLOW ALL instructions and then MUST select workflow and execute it. All workflows are stored in ".github/rules/<workflowtag>.md".` | |
| 3. Delete files not needed for JetBrains: `.github/hooks.json`, `.github/templates` | |
| 4. Copy the contents of `.github/rules/plugin-files-mode.md` into `.github/copilot-instructions.md` and append before the closing `</plugin_files_mode>` tag: `Rosetta plugin root: ".github", get_context_instructions: must read fully all bootstrap instruction files under ".github/rules/". You MUST FOLLOW ALL instructions and then MUST select workflow and execute it. Workflows are stored under ".github/workflows/".` |
Comment on lines
+446
to
+448
| 2. Create a `.github` folder in your repository and extract the archive contents into it | ||
| 3. Delete files not needed for JetBrains: `.github/.mcp.json`, `.github/hooks.json`, `.github/templates`, `.github/rules/bootstrap.md` | ||
| 4. Copy the contents of `.github/rules/plugin-files-mode.md` into `.github/copilot-instructions.md` and append before the closing `</plugin_files_mode>` tag: `Rosetta plugin root: ".github", get_context_instructions: must read fully all five "cat .github/rules/bootstrap-*.md" files all lines. You MUST FOLLOW ALL instructions and then MUST select workflow and execute it. All workflows are stored in ".github/rules/<workflowtag>.md".` |
There was a problem hiding this comment.
These JetBrains Copilot steps reference files/paths that no longer exist in the generated core-copilot plugin (e.g. .github/.mcp.json, .github/rules/bootstrap.md), and they say workflows live under .github/rules/<workflowtag>.md even though the plugin’s workflows are under .github/workflows/. Please update the instructions to match the current archive contents and directory layout so users don’t follow broken cleanup/copy steps.
Suggested change
| 2. Create a `.github` folder in your repository and extract the archive contents into it | |
| 3. Delete files not needed for JetBrains: `.github/.mcp.json`, `.github/hooks.json`, `.github/templates`, `.github/rules/bootstrap.md` | |
| 4. Copy the contents of `.github/rules/plugin-files-mode.md` into `.github/copilot-instructions.md` and append before the closing `</plugin_files_mode>` tag: `Rosetta plugin root: ".github", get_context_instructions: must read fully all five "cat .github/rules/bootstrap-*.md" files all lines. You MUST FOLLOW ALL instructions and then MUST select workflow and execute it. All workflows are stored in ".github/rules/<workflowtag>.md".` | |
| 2. Extract the archive contents at the root of your repository so the included `.github/...` files are placed in the correct locations | |
| 3. Delete files not needed for JetBrains, if present: `.github/hooks.json`, `.github/templates` | |
| 4. Copy the contents of `.github/rules/plugin-files-mode.md` into `.github/copilot-instructions.md` and append before the closing `</plugin_files_mode>` tag: `Rosetta plugin root: ".github", get_context_instructions: must read fully all five "cat .github/rules/bootstrap-*.md" files all lines. You MUST FOLLOW ALL instructions and then MUST select workflow and execute it. All workflows are stored under ".github/workflows/".` |
Comment on lines
+175
to
+176
| if str(relative_path) in EXCLUDED_RULE_FILES: | ||
| continue |
There was a problem hiding this comment.
relative_path stringification is OS-dependent (e.g., Windows uses backslashes), so str(relative_path) in EXCLUDED_RULE_FILES may fail to exclude the intended files on non-POSIX systems. Consider comparing via relative_path.as_posix() or relative_path.parts to make exclusions portable.
| @@ -0,0 +1,23 @@ | |||
| #!/bin/bash | |||
| find /tmp -maxdepth 1 -name "rosetta-bootstrap-*.lock" -mmin +1 -delete 2>/dev/null | |||
There was a problem hiding this comment.
find ... -mmin is not POSIX and can fail on some platforms (notably BSD/macOS find), which is a likely environment for Claude Code users. Consider using a more portable cleanup approach (e.g., -mtime, a small Python one-liner, or skipping cleanup entirely) so the hook doesn’t fail before emitting bootstrap context.
Suggested change
| find /tmp -maxdepth 1 -name "rosetta-bootstrap-*.lock" -mmin +1 -delete 2>/dev/null | |
| python3 - <<'PY' 2>/dev/null || true | |
| import glob | |
| import os | |
| import time | |
| now = time.time() | |
| for path in glob.glob("/tmp/rosetta-bootstrap-*.lock"): | |
| try: | |
| if now - os.path.getmtime(path) > 60: | |
| os.remove(path) | |
| except OSError: | |
| pass | |
| PY |
| - Each file defines one area abbreviation | ||
| - All other documents are target-state only | ||
| - Never write change explanations | ||
| - Consider that user input maybe provided for your understanding for you to properly make changes |
There was a problem hiding this comment.
Grammar: “user input maybe provided” → “user input may be provided”. As written, it reads like a typo and can be distracting in a high-signal rule list.
Suggested change
| - Consider that user input maybe provided for your understanding for you to properly make changes | |
| - Consider that user input may be provided for your understanding for you to properly make changes |
| - Each file defines one area abbreviation | ||
| - All other documents are target-state only | ||
| - Never write change explanations | ||
| - Consider that user input maybe provided for your understanding for you to properly make changes |
There was a problem hiding this comment.
Grammar: “user input maybe provided” → “user input may be provided”. As written, it reads like a typo and can be distracting in a high-signal rule list.
Suggested change
| - Consider that user input maybe provided for your understanding for you to properly make changes | |
| - Consider that user input may be provided for your understanding for you to properly make changes |
| - Each file defines one area abbreviation | ||
| - All other documents are target-state only | ||
| - Never write change explanations | ||
| - Consider that user input maybe provided for your understanding for you to properly make changes |
There was a problem hiding this comment.
Grammar: “user input maybe provided” → “user input may be provided”. As written, it reads like a typo and can be distracting in a high-signal rule list.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces several documentation and workflow improvements for Rosetta, focusing on clarifying plugin usage, OAuth authentication modes, and updating CI/CD to support Node.js 24. The changes also include updates to code ownership, plugin installation instructions for multiple IDEs, and enhancements to the plugin generation and distribution process.
Documentation improvements:
oauth,oidc, andgithub), listing required environment variables and clarifying token handling for each. This affectsDEPLOYMENT_GUIDE.mdanddocs/ARCHITECTURE.md. [1] [2]INSTALLATION.md. Added details about plugin generation, contents, and IDE compatibility indocs/ARCHITECTURE.md. [1] [2]CONTRIBUTING.mdguide with notes on enterprise extensions and clarified example usage for Rosetta MCP. [1] [2]INSTALLATION.md.CI/CD and workflow updates:
publish-ims-mcp.ymlandrosetta-mcp-dockerhub.yaml. [1] [2] [3]Project metadata and code ownership:
.claude-plugin/marketplace.jsonto version 2.0.5./instructions/,/docs/,/plans/, and/*.mdto new maintainers in.github/CODEOWNERS.Other documentation clarifications:
INSTALLATION.mdfor accuracy and clarity.docs/ARCHITECTURE.md.