Skip to content

feat: readme enhancing#100

Merged
Dodecahedr0x merged 10 commits into
mainfrom
dode/readme-enhancing
Jun 16, 2026
Merged

feat: readme enhancing#100
Dodecahedr0x merged 10 commits into
mainfrom
dode/readme-enhancing

Conversation

@Dodecahedr0x

@Dodecahedr0x Dodecahedr0x commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

Summary by CodeRabbit

  • New Features
    • Added/expanded the Pinocchio Private Counter example with an updated permission + privacy lifecycle and revised program guidance.
  • Documentation
    • Reworked the main README with an Overview, Examples table, Testing steps, and local node architecture/diagram guidance; updated setup instructions across examples to match the new local workflow.
  • Chores
    • Standardized local setup to use the repo-root scripts/test-locally.sh, removed legacy fullstack test utilities and redundant per-example test scripts, updated formatting check script paths, and removed the pinocchio-ephemeral-permission-counter example materials.

@vercel

vercel Bot commented Jun 16, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
counter-session-keys Ready Ready Preview, Comment Jun 16, 2026 12:38pm
er-rolldice Ready Ready Preview, Comment Jun 16, 2026 12:38pm
magicblock-counter-example Ready Ready Preview, Comment Jun 16, 2026 12:38pm
magicblock-engine-examples Ready Ready Preview, Comment Jun 16, 2026 12:38pm
magicblock-rewards-dashboard Ready Ready Preview, Comment Jun 16, 2026 12:38pm
rps-example Ready Ready Preview, Comment Jun 16, 2026 12:38pm
spl-tokens Ready Ready Preview, Comment Jun 16, 2026 12:38pm

Request Review

@coderabbitai

coderabbitai Bot commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Warning

Review limit reached

@Dodecahedr0x, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 26 minutes and 20 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 8bbb4e5d-10b7-4988-86a2-e0e19fa0b4c0

📥 Commits

Reviewing files that changed from the base of the PR and between 5887ed6 and 33d6257.

📒 Files selected for processing (1)
  • pinocchio-private-counter/tests/pinocchio-private-counter.test.ts

Walkthrough

fullstack-test.sh is deleted and replaced by scripts/test-locally.sh. All scripts gain SCRIPT_DIR/REPO_ROOT self-location. Every example's setup npm script and README is updated to ./scripts/test-locally.sh. pinocchio-private-counter is overhauled with a new Counter layout (id+bump+padding), create_permission/update_permission replacing init_permission/set_privacy, and discriminators/processor CPI rewired; the prior implementation is archived to 00-LEGACY_EXAMPLES/pinocchio-private-counter.

Changes

Script path consolidation and example-wide setup updates

Layer / File(s) Summary
Core script self-location and CI path fixes
scripts/test-locally.sh, scripts/test-example.sh, scripts/check-prettier.sh, scripts/update-sdk-versions.sh, scripts/local-env.sh, scripts/projects.sh, .github/workflows/test-examples.yml
All scripts derive SCRIPT_DIR and REPO_ROOT from ${BASH_SOURCE[0]} and switch internal source/exec calls to $SCRIPT_DIR-relative paths; the CI formatting step is updated to bash scripts/check-prettier.sh.
Root README rewrite
README.md
Replaces the categorized bullet list with an HTML project table, adds numbered local test steps, an example workflow, and a Local nodes section with a Mermaid architecture diagram and QFS vs ER endpoint guidance.
Example setup script and README path updates (all examples)
anchor-counter/*, crank-counter/*, dummy-token-transfer/*, ephemeral-account-chats/*, magic-actions/*, oncurve-delegation/*, pinocchio-counter/*, pinocchio-roll-dice/*, private-counter/*, rewards-delegated-vrf/*, rock-paper-scissor/*, roll-dice/*, rust-counter/*, session-keys/*, spl-tokens/*
Every active example's setup npm script path changes from ./test-locally.sh to ./scripts/test-locally.sh; matching README lines are updated; rock-paper-scissor also rotates its Anchor declare_id! program ID.
00-LEGACY_EXAMPLES config cleanup
00-LEGACY_EXAMPLES/anchor-counter/Anchor.toml, 00-LEGACY_EXAMPLES/anchor-counter/package.json, 00-LEGACY_EXAMPLES/session-keys/Anchor.toml, 00-LEGACY_EXAMPLES/session-keys/package.json, 00-LEGACY_EXAMPLES/spl-tokens/package.json
Legacy Anchor.toml files reposition wallet into [provider] and remove [scripts] blocks; legacy package.json files drop the fullstack-test.sh-based test script entries.

pinocchio-private-counter permission model overhaul and legacy archival

Layer / File(s) Summary
Counter state layout and PDA helpers redesign
pinocchio-private-counter/src/state.rs
Counter struct gains id: Address, bump: u8, and explicit _pad: [u8; 7], replacing count+authority; SIZE derives from size_of::<Self>(); load/load_mut use is_multiple_of alignment checks; find_pda and derive_pda helpers are added using seeds [b"counter", id].
Entrypoint discriminators and processor CPI refactor
pinocchio-private-counter/src/entrypoint.rs, pinocchio-private-counter/src/processor.rs
InstructionDiscriminator adds CreatePermission/UpdatePermission and drops InitPermission/SetPrivacy; inner_process_instruction switches to checked slicing from offset 8; processor removes explicit bump parameters and derives PDA from stored counter state; MagicIntentBundleBuilder is replaced by commit_and_undelegate_accounts; new process_create_permission and process_update_permission are added using data_buffer_size/MAX_MEMBER_SIZE.
Package config, tests, tsconfig, and README updates
pinocchio-private-counter/Cargo.toml, pinocchio-private-counter/.gitignore, pinocchio-private-counter/package.json, pinocchio-private-counter/tsconfig.json, pinocchio-private-counter/tests/pinocchio-private-counter.test.ts, pinocchio-private-counter/README.md
Cargo.toml pins ephemeral-rollups-pinocchio to a git rev and adds solana-address; package.json renames, simplifies scripts, moves deps to devDependencies, switches license to MIT; tsconfig upgrades to ES2020/ESNext/bundler with vitest types; test file loads PROGRAM_ID from target/deploy keypair JSON; README adds a Program Model section with account layout and instruction discriminator table.
Prior implementation archived to 00-LEGACY_EXAMPLES
00-LEGACY_EXAMPLES/pinocchio-private-counter/src/*, 00-LEGACY_EXAMPLES/pinocchio-private-counter/Cargo.toml, 00-LEGACY_EXAMPLES/pinocchio-private-counter/package.json, 00-LEGACY_EXAMPLES/pinocchio-private-counter/README.md, 00-LEGACY_EXAMPLES/pinocchio-private-counter/tsconfig.json
The previous entrypoint (bump-based discriminators), processor (MagicIntentBundleBuilder commit variants, init_permission/set_privacy), state (count+authority), and lib.rs (without declare_id) are copied into the legacy directory alongside a new Cargo.toml with Solana dev-dependencies and three test targets, a renamed package.json (pinocchio-private-counter-client), and matching README/tsconfig.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

Suggested reviewers

  • GabrielePicco
  • jonasXchen
🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Title check ❓ Inconclusive The PR title 'feat: readme enhancing' is vague and uses imprecise language ('enhancing') that doesn't clearly convey the specific changes made across the extensive codebase. Provide a more descriptive title that captures the main objective, such as 'refactor: reorganize scripts and update documentation paths' or 'feat: migrate test infrastructure and enhance example documentation'.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dode/readme-enhancing

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 9

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@00-LEGACY_EXAMPLES/pinocchio-private-counter/package.json`:
- Line 8: The relative paths in the npm scripts test:local (line 8), lint (line
16), and lint:fix (line 17) are incorrect because this is a nested legacy
package located two directories deep from the repo root. Currently these scripts
use ../scripts/ and ../node_modules/ paths, but from this nested location, the
repo root is at ../../, not ../. Update all three script definitions to use
../../scripts/ instead of ../scripts/ to correctly reference the scripts
directory and ensure the commands resolve to the correct paths.

In `@00-LEGACY_EXAMPLES/pinocchio-private-counter/README.md`:
- Around line 58-77: The Instructions section in the README.md file has markdown
linting issues with heading spacing. Each heading (### 0: InitializeCounter, ###
1: IncreaseCounter, ### 2: Delegate, ### 3: CommitAndUndelegate, ### 4: Commit,
### 5: IncrementAndCommit, and ### 6: IncrementAndUndelegate) requires blank
lines before and after it to comply with MD022 markdown linting rules. Add a
blank line before each heading and after each heading's content to fix the
linting violations.

In `@00-LEGACY_EXAMPLES/pinocchio-private-counter/src/processor.rs`:
- Around line 88-149: Add a critical authorization guard to enforce that only
the authority can invoke state-mutating handlers. At the start of
process_initialize_counter, add a check to verify that the authority_account is
a signer (using the authority_account.is_signer() check or equivalent).
Additionally, in process_initialize_counter, add a guard to reject
re-initialization by checking if counter_account.lamports() is greater than zero
and the counter is already initialized—return an error instead of allowing
reinitialization of existing state. Apply the same authority signer verification
guard at the start of the other affected functions: process_increase_counter
(lines 152-174), process_init_permission, process_set_privacy, and
process_close_permission (lines 229-381) to prevent unauthorized state mutations
across all mutating handlers.

In `@00-LEGACY_EXAMPLES/pinocchio-private-counter/src/state.rs`:
- Around line 19-21: Replace ProgramError::InvalidArgument with
ProgramError::InvalidAccountData in the validation check where the account
buffer size is compared to Self::SIZE. This error type is more semantically
correct for data-layout and deserialization failures rather than argument
validation failures. Apply this same change to all similar buffer size
validation checks mentioned in the comment (there are multiple locations with
this pattern).

In `@pinocchio-private-counter/package.json`:
- Around line 8-9: The test script on line 9 runs tests directly without
ensuring the setup/build phase has been completed first, causing immediate
failures on fresh checkouts or after clean builds due to missing artifacts like
target/deploy/pinocchio_private_counter-keypair.json. Modify the test script to
execute the setup script before running test:local, either by chaining commands
(e.g., yarn setup && yarn test:local) or using a yarn pretest lifecycle hook to
guarantee the build artifacts are created before tests run.

In `@pinocchio-private-counter/README.md`:
- Line 35: On line 35 of the README, replace the package name reference
`pinocchio-ephemeral-permission-counter` with `pinocchio-private-counter` in the
setup command example to match the actual package name defined in package.json
and ensure the documented command will work correctly.

In `@pinocchio-private-counter/src/entrypoint.rs`:
- Around line 107-109: The instruction_data length has already been validated to
be at least 8 bytes before reaching the slice operation on line 107. The use of
get(8..) followed by ok_or is redundant since the length check guarantees the
slice will succeed. Replace the safe checked slice operation with direct
indexing by changing the get(8..).ok_or(...) pattern to simply use
&instruction_data[8..], which is safe because the length has already been
validated.

In `@pinocchio-private-counter/src/processor.rs`:
- Around line 40-43: The idempotent check that returns early when an account
already exists and is owned by the program does not validate that the stored id
field matches the provided id parameter. This allows re-initialization with a
different id to silently succeed without any error or warning. After the
existing ownership check and before returning Ok(()), deserialize or read the
stored id from the counter account data using counter_info, compare it with the
provided id parameter, and either log a warning or return an error if they do
not match. Only return Ok(()) if both the account exists and ownership is
confirmed and the stored id matches the provided id.
- Around line 218-252: The function `process_update_permission` is missing
signer validation for the `payer_info` parameter that is used as the authority
in the UpdateEphemeralPermission invocation. Add a validation check at the
beginning of `process_update_permission` to verify that `payer_info.is_signer()`
returns true, returning `ProgramError::MissingRequiredSignature` if the check
fails. Apply the same validation to the `process_close_permission` function
which has the same issue where `payer_info` is passed as authority without
signer validation. This validation pattern is already present in
`process_commit_and_undelegate` and should be consistent across all functions
that use `payer_info` as a signer.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 371aa788-15c5-4762-ba8a-dde9d9ece257

📥 Commits

Reviewing files that changed from the base of the PR and between a0ec1b2 and eda18d7.

⛔ Files ignored due to path filters (4)
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests-rs/fixtures/dlp.so is excluded by !**/*.so
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
  • pinocchio-ephemeral-permission-counter/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
  • pinocchio-private-counter/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (85)
  • .github/workflows/test-examples.yml
  • 00-LEGACY_EXAMPLES/anchor-counter/Anchor.toml
  • 00-LEGACY_EXAMPLES/anchor-counter/package.json
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/.env.example
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/.gitignore
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/Cargo.toml
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/LICENSE
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/README.md
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/package.json
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/src/entrypoint.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/src/lib.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/src/processor.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/src/state.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests-rs/delegate_counter.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests-rs/increase_counter.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests-rs/initialize_counter.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests-rs/utils.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests/initializeKeypair.ts
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests/kit/initializeKeypair.ts
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests/kit/pinocchio-private-counter.test.ts
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests/kit/schema.ts
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests/schema.ts
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests/web3js/initializeKeypair.ts
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests/web3js/pinocchio-private-counter.test.ts
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tests/web3js/schema.ts
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/tsconfig.json
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/vitest.config.ts
  • 00-LEGACY_EXAMPLES/session-keys/Anchor.toml
  • 00-LEGACY_EXAMPLES/session-keys/package.json
  • 00-LEGACY_EXAMPLES/spl-tokens/package.json
  • README.md
  • anchor-counter/README.md
  • anchor-counter/package.json
  • crank-counter/README.md
  • crank-counter/package.json
  • dummy-token-transfer/README.md
  • dummy-token-transfer/package.json
  • ephemeral-account-chats/README.md
  • ephemeral-account-chats/package.json
  • fullstack-test.sh
  • magic-actions/README.md
  • magic-actions/package.json
  • oncurve-delegation/README.md
  • oncurve-delegation/package.json
  • pinocchio-counter/README.md
  • pinocchio-counter/package.json
  • pinocchio-ephemeral-permission-counter/Cargo.toml
  • pinocchio-ephemeral-permission-counter/README.md
  • pinocchio-ephemeral-permission-counter/src/entrypoint.rs
  • pinocchio-ephemeral-permission-counter/src/processor.rs
  • pinocchio-ephemeral-permission-counter/src/state.rs
  • pinocchio-ephemeral-permission-counter/tsconfig.json
  • pinocchio-private-counter/.gitignore
  • pinocchio-private-counter/.yarnrc.yml
  • pinocchio-private-counter/Cargo.toml
  • pinocchio-private-counter/README.md
  • pinocchio-private-counter/package.json
  • pinocchio-private-counter/src/entrypoint.rs
  • pinocchio-private-counter/src/processor.rs
  • pinocchio-private-counter/src/state.rs
  • pinocchio-private-counter/tests/pinocchio-private-counter.test.ts
  • pinocchio-private-counter/tsconfig.json
  • pinocchio-roll-dice/README.md
  • pinocchio-roll-dice/package.json
  • private-counter/README.md
  • private-counter/package.json
  • rewards-delegated-vrf/README.md
  • rewards-delegated-vrf/package.json
  • rock-paper-scissor/README.md
  • rock-paper-scissor/package.json
  • rock-paper-scissor/programs/anchor-rock-paper-scissor/src/lib.rs
  • roll-dice/README.md
  • roll-dice/package.json
  • rust-counter/README.md
  • rust-counter/package.json
  • scripts/check-prettier.sh
  • scripts/local-env.sh
  • scripts/projects.sh
  • scripts/test-example.sh
  • scripts/test-locally.sh
  • scripts/update-sdk-versions.sh
  • session-keys/README.md
  • session-keys/package.json
  • spl-tokens/README.md
  • spl-tokens/package.json
💤 Files with no reviewable changes (9)
  • pinocchio-ephemeral-permission-counter/README.md
  • pinocchio-ephemeral-permission-counter/tsconfig.json
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/.gitignore
  • fullstack-test.sh
  • pinocchio-ephemeral-permission-counter/Cargo.toml
  • pinocchio-ephemeral-permission-counter/src/processor.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/src/lib.rs
  • pinocchio-ephemeral-permission-counter/src/state.rs
  • pinocchio-ephemeral-permission-counter/src/entrypoint.rs

Comment thread 00-LEGACY_EXAMPLES/pinocchio-private-counter/package.json Outdated
Comment thread 00-LEGACY_EXAMPLES/pinocchio-private-counter/README.md
Comment thread 00-LEGACY_EXAMPLES/pinocchio-private-counter/src/processor.rs
Comment thread 00-LEGACY_EXAMPLES/pinocchio-private-counter/src/state.rs
Comment thread pinocchio-private-counter/package.json
Comment thread pinocchio-private-counter/README.md Outdated
Comment thread pinocchio-private-counter/src/entrypoint.rs Outdated
Comment thread pinocchio-private-counter/src/processor.rs
Comment thread pinocchio-private-counter/src/processor.rs

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
00-LEGACY_EXAMPLES/pinocchio-private-counter/src/processor.rs (1)

362-399: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Missing authority signer check in process_close_permission.

All other mutating handlers (process_initialize_counter, process_increase_counter, process_delegate, process_init_permission, process_set_privacy, process_commit, process_commit_and_undelegate, process_increment_commit, process_increment_undelegate) now correctly enforce require_authority_signer, but process_close_permission does not. This allows anyone who knows the authority pubkey and bump to close the ephemeral permission without authorization.

🔒 Proposed fix
 pub fn process_close_permission(
     program_id: &Address,
     accounts: &[AccountView],
     bump: u8,
 ) -> ProgramResult {
     let [authority, counter_account, permission, vault, magic_program, permission_program, ..] =
         accounts
     else {
         return Err(ProgramError::NotEnoughAccountKeys);
     };
 
+    require_authority_signer(authority)?;
+
     let counter_pda = counter_address_from_bump(program_id, authority.address(), bump)?;
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@00-LEGACY_EXAMPLES/pinocchio-private-counter/src/processor.rs` around lines
362 - 399, The `process_close_permission` function is missing authorization
validation that all other mutating handlers implement. Add a
require_authority_signer check at the beginning of `process_close_permission` to
verify that the authority account is actually a signer before proceeding.
Additionally, change `authority_is_signer: false` to `authority_is_signer: true`
in the CloseEphemeralPermission struct instantiation to properly require the
authority's signature when closing the ephemeral permission.
README.md (1)

218-224: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Example workflow is missing the validator setup step.

Lines 218–224 show how to test pinocchio-roll-dice with yarn build and yarn test:local, but this assumes the validators are already running from step 2 (yarn setup). Either add yarn setup in a separate terminal (as noted in step 2 above), or explicitly clarify that "this assumes validators from step 2 are running." Without validators, yarn test:local will fail with RPC connection errors.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@README.md` around lines 218 - 224, The example workflow for testing
pinocchio-roll-dice at lines 218–224 does not mention that validators must be
running first (from step 2's `yarn setup` command), which will cause `yarn
test:local` to fail with RPC connection errors. Either add a note to the example
clarifying that validators from step 2 must be running in a separate terminal
before executing the build and test commands, or insert `yarn setup` as a
prerequisite step within the example itself. Choose the approach that best fits
your documentation style and user expectations.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@00-LEGACY_EXAMPLES/pinocchio-private-counter/src/processor.rs`:
- Around line 362-399: The `process_close_permission` function is missing
authorization validation that all other mutating handlers implement. Add a
require_authority_signer check at the beginning of `process_close_permission` to
verify that the authority account is actually a signer before proceeding.
Additionally, change `authority_is_signer: false` to `authority_is_signer: true`
in the CloseEphemeralPermission struct instantiation to properly require the
authority's signature when closing the ephemeral permission.

In `@README.md`:
- Around line 218-224: The example workflow for testing pinocchio-roll-dice at
lines 218–224 does not mention that validators must be running first (from step
2's `yarn setup` command), which will cause `yarn test:local` to fail with RPC
connection errors. Either add a note to the example clarifying that validators
from step 2 must be running in a separate terminal before executing the build
and test commands, or insert `yarn setup` as a prerequisite step within the
example itself. Choose the approach that best fits your documentation style and
user expectations.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: da6d6500-c6fa-4fbc-8908-828e591ce118

📥 Commits

Reviewing files that changed from the base of the PR and between eda18d7 and 5887ed6.

📒 Files selected for processing (9)
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/package.json
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/src/processor.rs
  • 00-LEGACY_EXAMPLES/pinocchio-private-counter/src/state.rs
  • README.md
  • pinocchio-private-counter/README.md
  • pinocchio-private-counter/src/entrypoint.rs
  • pinocchio-roll-dice/package.json
  • roll-dice/package.json
  • scripts/test-locally.sh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant