feat(skill): add /resolve skill for context-aware conflict resolution

[carlos-alm]

Summary

Adds the /resolve <pr-number> skill — a context-aware merge conflict resolver that traces every conflicting hunk to its source PR before deciding how to resolve it.

• Phase 0: pre-flight (validates git, gh, jq; fetches PR metadata)
• Phase 1: checks out the PR branch and runs git merge origin/<base> to surface conflicts
• Phase 2: for each conflicting file, uses git log + gh api commits/<sha>/pulls to identify which PR on the base branch introduced the conflicting lines; fetches that PR's description and diff
• Phase 3: reads the current PR's description and diff to understand its intent and scope
• Phase 4: resolves each conflict preserving both sides' intentional changes — stops and asks the user if a conflict is genuinely ambiguous
• Phase 5: verifies with git diff origin/<base> and git diff ORIG_HEAD that nothing was silently dropped from either parent
• Phase 6: runs tests and lint (auto-detects biome/eslint/npm)
• Phase 7: commits fix: resolve merge conflicts with <base> and pushes

Never guesses on ambiguous conflicts — always explains and asks instead.

Usage

/resolve 1490
/resolve 1509

Closes #1524

[claude]

Claude finished @carlos-alm's task —— View job

---

PR Review: feat(skill): add /resolve skill for context-aware conflict resolution

Tasks

• Read changed files
• Phase 1: Root Cause Analysis
• Phase 2: Configuration Change Detection
• Phase 3: Test Integrity
• Phase 4: Code Quality
• Phase 5: Backlog Compliance
• Final Assessment

---

Root Cause Analysis

Problem Being Solved: PRs on this repo accumulate merge conflicts over time. Resolving them blindly (picking --ours or --theirs) risks silently dropping functionality. This skill teaches Claude Code to trace which PR introduced the conflicting lines, read both PRs' intent, and make an informed resolution — or stop and ask if ambiguous.

Why This Approach: A Claude Code skill (.claude/skills/) is the right vehicle — it's a reusable, self-contained workflow that lives alongside the repo it operates on, with no runtime dependencies beyond git, gh, and jq. The approach mirrors what a careful developer would do manually.

Risk Assessment: Low. This is a pure workflow skill — no source code, no new dependencies, no DB schema changes, no CLI changes. The only risk is in the skill logic itself: correctness of git commands, state management, and whether it handles edge cases properly. The review below addresses those.

---

Phase 2: Configuration Change Detection

✓ No linting rules, TypeScript config, build config, or test configuration touched. Single file addition. No concerns.

---

Phase 3: Test Integrity

✓ No test files modified. No assertions weakened. No existing behavior changed.

---

Phase 4: Code Quality Findings

Hardcoded repo slug (lines 52, 62–64, 86–87, 191–193, 223–226, 232–234)

Every gh call hardcodes --repo optave/codegraph, but the skill is checked into ops-codegraph-tool (a different repo slug). If this skill is ever run from a fork, a renamed org, or a different repo in the optave org, every API call will silently operate on the wrong repo.

Recommended fix: Detect the repo from git remote in Phase 0:

REPO=$(gh repo view --json nameWithOwner -q .nameWithOwner 2>/dev/null \
  || git remote get-url origin | sed -E 's|.*github.com[:/](.+)\.git|\1|')
echo "$REPO" > .codegraph/resolve/repo

Then load REPO=$(cat .codegraph/resolve/repo) and replace every --repo optave/codegraph with --repo "$REPO".

State directory not cleaned on early-exit error paths (lines 109–114, 388–394, 498–500)

Phase 1 calls exit 0 (no conflicts) and removes .codegraph/resolve/ correctly. However, Phase 4's exit on conflict markers (line 390–394) and Phase 7's error exits (lines 488, 493) do not clean up. The Rules section at line 527 says:

"If the skill exits early (due to ambiguity or error), remove it with rm -rf .codegraph/resolve before re-running."

This is user-facing friction — a failed run leaves stale state that will corrupt the next invocation (Phase 1 would re-read the old head-branch and base-branch). The skill should clean up on every non-zero exit path, or add a trap 'rm -rf .codegraph/resolve' EXIT ERR in Phase 0. The current advice to "remove it manually before re-running" is a reliability hazard.

Phase 5 verification is informational only — no failure path (lines 403–428)

Phase 5 shows diffs but instructs the LLM to "manually review each diff output" and "go back to Phase 4 if anything looks wrong." This relies entirely on the model's judgment with no automated guardrail. The verification section has no exit 1 — even a resolution that silently drops a 50-line function would pass Phase 5 mechanically. Consider adding at minimum a word-count sanity check or file-size regression check.

find . -maxdepth 1 -name "eslint.config.*" | grep -q . (line 453)

Using find | grep -q is fragile and violates the skill linter's Pattern 13 guidance (the lint script in .claude/skills/create-skill/scripts/lint-skill.sh warns about find with -quit). A more portable pattern:

compgen -G "eslint.config.*" > /dev/null 2>&1

Or:

[ -n "$(ls eslint.config.* 2>/dev/null)" ]

Minor — won't break on Linux — but the codebase's own lint-skill checker would flag find patterns.

$TEST_CMD unquoted at line 446

$TEST_CMD || { ... }

If TEST_CMD contains spaces (e.g. pnpm test --reporter verbose), this will word-split incorrectly. Same for $LINT_CMD at line 462. Use eval "$TEST_CMD" or quote the variable consistently.

No guard against running on main directly (Phase 0 / Phase 1)

If someone accidentally runs /resolve with a PR whose head branch is main (or the current branch is main), Phase 1 will check out main and run git merge origin/main — a no-op, but it leaves the working tree on main. Phase 7 will then push. Add a guard in Phase 0:

HEAD_BRANCH=$(jq -r '.headRefName' .codegraph/resolve/pr-meta.json)
BASE_BRANCH=$(jq -r '.baseRefName' .codegraph/resolve/pr-meta.json)
if [ "$HEAD_BRANCH" = "$BASE_BRANCH" ]; then
  echo "ERROR: PR head and base are the same branch ($HEAD_BRANCH) — nothing to merge"
  rm -rf .codegraph/resolve
  exit 1
fi

Phase 6 detects pnpm by lockfile but yarn by both lockfile AND binary (line 438–444)

if [ -f "pnpm-lock.yaml" ]; then TEST_CMD="pnpm test"
elif [ -f "yarn.lock" ] && command -v yarn > /dev/null 2>&1; then TEST_CMD="yarn test"

pnpm is assumed present if the lockfile exists, but yarn requires the binary. These checks are inconsistent — if pnpm isn't installed but the lockfile exists, the skill will error at test time rather than falling back gracefully. Either check both by binary or check both by lockfile only.

---

Phase 5: Backlog Compliance

Zero-dep: ✓ — No new npm runtime dependencies. Uses only git, gh, jq (already available in this repo's workflow environment).

Foundation-aligned: ✓ — This is a developer workflow automation skill, not a cloud API call or code-generation agent. It doesn't modify production code or make architectural decisions. CLAUDE.md explicitly calls out that skills live in .claude/skills/ and this follows the existing pattern. P8 ("we are not an agent") technically applies to the codegraph tool itself, not to the skills layer, which is by definition agentic scripting for developer workflows.

Problem-fit: 2/5 — The /resolve skill solves a real developer pain point (context-blind conflict resolution), but it doesn't address the core codegraph problem statement: AI assistants waste tokens re-orienting in large codebases, hallucinate dependencies, and miss blast radius. This is a meta-workflow skill for maintaining the repo's own PRs — useful for contributors, tangential to the library's stated purpose.

Breaking: No — purely additive, single new file.

Tier: Tier 1 (zero-dep ✓ + foundation-aligned ✓). No objection on these axes.

---

Critical Concerns

1. Hardcoded --repo optave/codegraph on every gh call — the skill lives in ops-codegraph-tool (a different repo). This will break or silently operate on the wrong repo for any external contributor or fork. This must be fixed before merge.

2. No cleanup on error exit paths — stale .codegraph/resolve/ from a failed run will corrupt the next invocation. Currently requires manual intervention per the Rules section.

---

Final Recommendation

• Rating: ⭐⭐⭐☆☆ (3/5)
• Action: REQUEST CHANGES
• Reasoning: The skill's structure, phase decomposition, and safety rules are well-designed and follow existing skill conventions (Phase 0, exit conditions, Rules section, no git add .). The hardcoded --repo optave/codegraph is a correctness bug — the skill is in ops-codegraph-tool and every gh API call will target the wrong repo. Fix that, add a trap for cleanup on error exits, and this is ready to merge. The other findings (unquoted $TEST_CMD, find usage, pnpm/yarn detection asymmetry, no main-branch guard) are minor but worth addressing.

[greptile-apps]

Greptile Summary

This PR addresses four items from the previous review round: the hardcoded optave/codegraph repo slug is now detected dynamically, the biome lint scope is widened to ., temp-file names use sha1sum-based keys, and a MERGE_HEAD guard is added to Phase 0. However, the edits that replaced the slug with "$REPO" also introduced two new regressions that break the skill's core operations.

• Blank lines after \\ in six gh commands (lines 70, 89, 124, 245, 281, 291): when a bash line ends with \\ and the very next line is blank, the continuation terminates at the blank-line's newline — leaving --json, --jq, or || { ... } as orphaned tokens that cause syntax errors or silently drop flags from the command.
• Greedy sed regex leaves .git in the fallback REPO slug (lines 62, 81): (.+)(\\.git)? always matches the full path including .git because (.+) is greedy; on SSH remotes the result is owner/repo.git, which is not a valid GitHub slug and makes every subsequent gh call fail."

Confidence Score: 3/5

Not safe to merge — the edits that fixed the hardcoded repo slug inadvertently broke all multi-line gh commands and the SSH-remote fallback.

Two new regressions were introduced while addressing the previous round's feedback. The blank-line-after-backslash issue affects every critical gh call in the skill (checkout, PR metadata fetch, commit-to-PR lookup, source PR fetch), so the skill would fail at the very first gh pr view invocation. The sed fallback regex leaves a .git suffix in REPO for any SSH remote, making the fallback path always produce an invalid slug. Neither regression existed in the previous version of the file.

.claude/skills/resolve/SKILL.md — specifically the six gh command continuations at lines 70, 89, 124, 245, 281, 291 and the sed fallback at lines 62 and 81.

Important Files Changed

Filename	Overview
.claude/skills/resolve/SKILL.md	Addresses four previous review issues (dynamic repo slug, biome scope, sha1sum temp-file keys, MERGE_HEAD guard) but introduces two new regressions: blank lines after \ in six gh commands break bash line continuation, and the sed fallback regex leaves a .git suffix in REPO for SSH remotes.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    START(["/resolve PR_NUMBER"]) --> P0

    subgraph P0["Phase 0 — Pre-flight"]
        P0A["Validate tools: git, gh, jq"] --> P0B
        P0B["Check for stale MERGE_HEAD"] --> P0C
        P0C["Detect REPO slug\ngh repo view OR sed fallback"] --> P0D
        P0D["Fetch PR metadata → .codegraph/resolve/"] --> P0E
        P0E{"head == base?"}
        P0E -->|yes| ERR1["ERROR: nothing to merge"]
        P0E -->|no| P1
    end

    subgraph P1["Phase 1 — Branch Setup"]
        P1A["gh pr checkout PR_NUMBER"] --> P1B
        P1B["git fetch origin BASE_BRANCH"] --> P1C
        P1C["git merge origin/BASE_BRANCH --no-edit"] --> P1D
        P1D{"conflicts?"}
        P1D -->|no| DONE_CLEAN["merge clean → exit 0"]
        P1D -->|yes| P1E["Write conflicting-files.txt\nSave ORIG_HEAD, MERGE_HEAD"]
        P1E --> P2
    end

    subgraph P2["Phase 2 — Conflict Archaeology"]
        P2A["git log ORIG_HEAD..MERGE_HEAD per file"] --> P2B
        P2B["gh api repos/REPO/commits/SHA/pulls"] --> P2C
        P2C["gh pr view + gh pr diff for each source PR"] --> P3
    end

    subgraph P3["Phase 3 — Current PR Context"]
        P3A["Read current PR description"] --> P3B
        P3B["git diff origin/BASE..ORIG_HEAD per conflicting file"] --> P4
    end

    subgraph P4["Phase 4 — Resolution"]
        P4A["Inspect conflict markers"] --> P4B
        P4B{"Ambiguous?"}
        P4B -->|yes| STOP["STOP — explain to user"]
        P4B -->|no| P4C["Edit file, git add by name"]
        P4C --> P4D["Verify no markers in staged diff"]
        P4D --> P5
    end

    subgraph P5P6["Phase 5 + 6 — Verify & Validate"]
        P5["git diff vs both parents per file"] --> P6
        P6["Run tests and lint"]
        P6 --> P6R{"pass?"}
        P6R -->|no| ERR2["ERROR: fix before committing"]
        P6R -->|yes| P7
    end

    subgraph P7["Phase 7 — Commit & Push"]
        P7A["git commit"] --> P7B
        P7B["git push"] --> P7C
        P7C["rm -rf .codegraph/resolve"]
    end

    P7C --> DONE(["Done ✓"])

Loading

_{Reviews (4): Last reviewed commit: "fix: resolve merge conflicts with main (..." | Re-trigger Greptile}

[greptile-apps]

Hardcoded optave/codegraph repo slug breaks every gh call

Every gh pr view, gh pr checkout, gh pr diff, and gh api repos/... call throughout the skill passes --repo optave/codegraph (or uses the literal path repos/optave/codegraph/...). The repository this skill lives in is optave/ops-codegraph-tool, so all API calls will hit the wrong repo — gh pr view will return metadata for a different project's PR, gh pr checkout will try to check out a branch that doesn't exist locally, and Phase 2's commit-to-PR lookup will be completely wrong.

The repo should be derived dynamically instead of hardcoded — e.g. store REPO=$(gh repo view --json nameWithOwner -q .nameWithOwner) once in Phase 0 to .codegraph/resolve/repo and read it in each subsequent phase. The same wrong slug appears again at lines 75, 143, 159, 164, 185, 193, and 198.

[carlos-alm]

Fixed — repo slug is now detected dynamically in Phase 0 via gh repo view --json nameWithOwner (with a git remote get-url fallback), stored to .codegraph/resolve/repo, and loaded with REPO=$(cat .codegraph/resolve/repo) in every subsequent phase. The hardcoded optave/codegraph slug has been removed from all eight gh call sites (lines 52, 75, 87, 121, 191–193, 223–226, 232–234).

[greptile-apps]

Biome lint command hardcodes src/ tests/ directories

npx biome check --reporter=summary src/ tests/ will error with "no such file or directory" in any repo that doesn't use those exact directory names — which contradicts the footer example "/resolve 3920 — resolve conflicts on any PR in the repository" implying generic use. The safe, portable fallback is to point biome at . (the project root) and let biome.json's files.include / files.ignore govern scope rather than fixing it in the command.

[carlos-alm]

Fixed — the biome invocation now points at . (npx biome check --reporter=summary .) and lets biome.json's files.include/files.ignore govern scope. This works in any repo regardless of directory layout.

[greptile-apps]

tr '/' '_' for temp-file naming causes silent collisions

echo "$FILE" | tr '/' '_' is used to flatten a file path into a temp-file name in several places (e.g. incoming-commits-$(echo "$FILE" | tr '/' '_').txt). Two different paths — src/foo/bar.ts and src/foo_bar.ts — both produce src_foo_bar.ts, so one file's commit trace silently overwrites the other's. A safer approach is to use a hash or base64-encode the path: printf '%s' "$FILE" | sha1sum | cut -c1-16 gives a collision-resistant short name.

[carlos-alm]

Fixed — all temp-file names derived from file paths now use printf '%s' "$FILE" | sha1sum | cut -c1-16 instead of tr '/' '_'. This produces a 16-hex-char collision-resistant key, so paths like src/foo/bar.ts and src/foo_bar.ts get distinct names. A file_key() helper function is defined once at the top of each phase that uses it.

[greptile-apps]

Re-run after a Phase 1 crash leaves an unaborted merge

If Phase 1 fails after git merge starts (e.g., a crash between the merge command and writing conflicting-files.txt), MERGE_HEAD is left set. The next invocation of /resolve will fail immediately at git merge with error: You have not concluded your merge (MERGE_HEAD exists), with no recovery path explained. The skill's Rules section says to rm -rf .codegraph/resolve before re-running, but that does not abort the in-flight merge — git merge --abort is also needed. Consider adding an explicit guard in Phase 0 or Phase 1.

[carlos-alm]

Fixed with two guards: (1) Phase 0 now checks for a leftover MERGE_HEAD at startup (git rev-parse --verify MERGE_HEAD) and exits with a clear message telling the user to run git merge --abort && rm -rf .codegraph/resolve before re-running. (2) The metadata-persist block in Phase 0 sets trap 'rm -rf .codegraph/resolve' ERR so that any subsequent error automatically cleans up the state directory, preventing stale state from corrupting a future re-run. The Rules section has been updated to document this behavior.

[carlos-alm]

Addressed all review feedback in commit bc648a0:

P1 — Hardcoded repo slug: Replaced all 8 --repo optave/codegraph occurrences with dynamic detection. Phase 0 runs gh repo view --json nameWithOwner (fallback: parse git remote get-url origin) and writes the slug to .codegraph/resolve/repo. All subsequent phases read REPO=$(cat .codegraph/resolve/repo).

P1 — Biome hardcoded directories: npx biome check --reporter=summary src/ tests/ → npx biome check --reporter=summary . — lets biome.json's own include/ignore govern scope.

P2 — Temp-file naming collision: All tr '/' '_' path-to-name conversions replaced with a file_key() helper using printf '%s' "$FILE" | sha1sum | cut -c1-16. Paths with underscores produce distinct keys.

P2 — Unaborted merge on re-run: Phase 0 now checks git rev-parse --verify MERGE_HEAD and exits with instructions if an in-progress merge is detected. The metadata-persist block also sets trap 'rm -rf .codegraph/resolve' ERR for automatic cleanup on any error exit.

Additional fixes (Claude review):

• $TEST_CMD and $LINT_CMD now invoked via eval (word-split safe for multi-word commands)
• find . -maxdepth 1 -name "eslint.config.*" | grep -q . replaced with ls eslint.config.* > /dev/null 2>&1
• pnpm detection now checks for the binary (command -v pnpm) consistent with yarn; falls back to npx pnpm if lockfile exists but binary is absent
• Phase 0 guards against head === base branch (same-branch PR would be a no-op merge)

[carlos-alm]

@greptileai

[greptile-apps]

Greedy (.+) in the sed fallback consumes the .git suffix, making (\.git)? always match the empty string. For a typical SSH remote (git@github.com:owner/repo.git), \1 captures owner/repo.git instead of owner/repo, so every subsequent gh call fails with "could not resolve to a Repository". The identical pattern appears again at line 81 in the metadata-persist block and must be fixed there too.

Suggested change

	REPO=$(gh repo view --json nameWithOwner -q .nameWithOwner 2>/dev/null \
	|| git remote get-url origin | sed -E 's|.*github\.com[:/](.+)(\.git)?$|\1|')
	if [ -z "$REPO" ]; then
	echo "ERROR: could not detect GitHub repo slug — ensure 'gh' is authenticated or 'origin' points to GitHub"
	exit 1
	fi
	REPO=$(gh repo view --json nameWithOwner -q .nameWithOwner 2>/dev/null \
	|| git remote get-url origin | sed -E 's|.*github\.com[:/]||; s|\.git$||')
	if [ -z "$REPO" ]; then
	echo "ERROR: could not detect GitHub repo slug — ensure 'gh' is authenticated or 'origin' points to GitHub"
	exit 1
	fi

[greptile-apps]

Same greedy sed regex issue as at line 61 — the metadata-persist block has the identical fallback pattern and will produce owner/repo.git for SSH-style remotes.

Suggested change

	REPO=$(gh repo view --json nameWithOwner -q .nameWithOwner 2>/dev/null \
	|| git remote get-url origin | sed -E 's|.*github\.com[:/](.+)(\.git)?$|\1|')
	mkdir -p .codegraph/resolve
	REPO=$(gh repo view --json nameWithOwner -q .nameWithOwner 2>/dev/null \
	|| git remote get-url origin | sed -E 's|.*github\.com[:/]||; s|\.git$||')
	mkdir -p .codegraph/resolve