Summary
Create an additional label-driven workflow for bug fix that follows the process discussed, extending the existing bug assessment flow. It should be independent of Spec Kit specifics so it can be reused by other open source projects.
Context
We already have a bug-assess workflow (.github/workflows/bug-assess.md → compiled bug-assess.lock.yml) that triggers on the bug-assess label, assesses a bug-labeled issue against the codebase, and posts the assessment back as an issue comment. The bug fix workflow is the second of three stages (assess → fix → test), each gated by a human applying a label.
Requirements
- Label-driven trigger: runs when a maintainer applies a
bug-fix label to an issue (mirroring the bug-assess trigger pattern).
- Reuse the bug extension logic for generating the fix, but keep it decoupled from Spec Kit-specific logic so it's portable to other repos.
- Integrate with the assessment stage: consume the slug / assessment produced by
bug-assess (e.g. reuse BUG_SLUG) so the fix builds on the prior stage.
- Human as gatekeeper: no full automation on public repos. The fix stage only runs after a maintainer deliberately applies the label.
- Safety mechanisms: authored as a markdown file compiled into a YAML (
.lock.yml) workflow, with validation steps to prevent malicious actions, scoped permissions, and untrusted-input handling consistent with bug-assess.
- Post the proposed fix back to the relevant issue (comment and/or PR) for human review.
Acceptance criteria
Summary
Create an additional label-driven workflow for bug fix that follows the process discussed, extending the existing bug assessment flow. It should be independent of Spec Kit specifics so it can be reused by other open source projects.
Context
We already have a
bug-assessworkflow (.github/workflows/bug-assess.md→ compiledbug-assess.lock.yml) that triggers on thebug-assesslabel, assesses a bug-labeled issue against the codebase, and posts the assessment back as an issue comment. The bug fix workflow is the second of three stages (assess → fix → test), each gated by a human applying a label.Requirements
bug-fixlabel to an issue (mirroring thebug-assesstrigger pattern).bug-assess(e.g. reuseBUG_SLUG) so the fix builds on the prior stage..lock.yml) workflow, with validation steps to prevent malicious actions, scoped permissions, and untrusted-input handling consistent withbug-assess.Acceptance criteria
bug-fixmarkdown workflow added under.github/workflows/and compiled to its.lock.yml.bug-fixlabel; gated so it only runs for that label.