feat(bridge): GitHub webhook event dispatch and formatting

[baudbot-agent]

Summary

Add GitHub event dispatch and formatting to the broker bridge. When GitHub webhook events arrive through the broker inbox as BrokerEvent envelopes with source: "github", they are formatted with security boundaries and delivered to the pi agent — same pipeline as Slack messages.

Changes

New: slack-bridge/github-events.mjs

Pure-function module for GitHub event formatting and filtering:

• formatGitHubEvent(type, payload) — formats 7 event types (pull_request, pull_request_review, issue_comment, check_suite, check_run, push, ping) plus unknown types
• wrapGitHubContent() — security boundary wrapping with GitHub-specific metadata (Repo, Event, Ref, Actor) using the standard <<<EXTERNAL_UNTRUSTED_CONTENT>>> markers
• shouldSkipEvent() — noise filtering: skips baudbot-agent events, configurable GITHUB_IGNORED_USERS (comma-separated), skips check_suite/check_run lifecycle events (only cares about completed), skips pull_request synchronize
• parseIgnoredUsers() — parses env var with baudbot-agent always included
• extractActor() — resolves actor login from various payload shapes

Modified: slack-bridge/broker-bridge.mjs

• Import new module
• Add github case to processPulledMessage() generic envelope switch
• New handleGitHubEvent() that filters, formats, and forwards to agent via enqueue() + sendToAgent()
• Parse GITHUB_IGNORED_USERS env var at startup

New: slack-bridge/github-events.test.mjs

45 tests covering:

• Security boundary wrapping with metadata
• Ignored user parsing and case-insensitivity
• Actor extraction from different event shapes
• Event filtering (bot users, lifecycle noise, synchronize)
• Formatting for all 7 event types + edge cases (missing fields, merged PRs, PR vs Issue comments)
• Unknown event type handling
• Commit truncation for push events

Modified: vitest.config.mjs + new test/github-events.test.mjs

Vitest wrapper to run the node:test suite via the standard npm test pipeline.

Backwards Compatibility

• New switch case only — unknown sources still handled with log + ack
• No changes to Slack message flow
• If no GitHub events ever arrive, this code never runs
• All 140 existing + new tests pass

Example formatted output

<<<EXTERNAL_UNTRUSTED_CONTENT>>>
Source: GitHub
Repo: modem-dev/website
Event: pull_request_review (approved)
Ref: #111
Actor: someuser
---
PR #111: Important change
Review: approved
Reviewer: someuser
Comment: LGTM, ship it
URL: https://github.com/modem-dev/website/pull/111#pullrequestreview-123
<<<END_EXTERNAL_UNTRUSTED_CONTENT>>>

Testing

node --test slack-bridge/github-events.test.mjs  # 45 pass
npm test                                          # 140 pass (all 8 test files)
npm run lint:js                                   # clean

[greptile-apps]

Greptile Summary

extended broker bridge to handle GitHub webhook events with the same security boundary pattern used for Slack messages. When GitHub events arrive through the broker inbox, they're formatted, filtered for noise (bot users, lifecycle events, synchronize), and delivered to the pi agent.

• added slack-bridge/github-events.mjs with pure functions for formatting 7 event types and filtering noisy events
• integrated into broker-bridge.mjs via new handleGitHubEvent() and generic envelope switch case
• comprehensive test coverage with 45 tests covering all formatters, filters, and edge cases
• introduced GITHUB_IGNORED_USERS env var (comma-separated, always includes baudbot-agent) to prevent bot loops
• missing documentation: GITHUB_IGNORED_USERS should be added to CONFIGURATION.md and .env.schema per project guidelines

Confidence Score: 4/5

• safe to merge with minor documentation follow-up
• well-architected feature with strong test coverage, proper security boundaries, and clean integration into existing pipeline; minor documentation gap for new env var
• slack-bridge/broker-bridge.mjs needs env var documentation added to config files

Important Files Changed

Filename	Overview
slack-bridge/github-events.mjs	new pure-function module for formatting and filtering GitHub webhook events with security boundaries
slack-bridge/broker-bridge.mjs	integrated GitHub event handling into broker bridge message pipeline, needs env var documentation
slack-bridge/github-events.test.mjs	comprehensive test suite with 45 tests covering all formatting, filtering, and edge cases

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Broker Inbox] -->|BrokerEvent envelope| B[processPulledMessage]
    B -->|source: github| C[handleGitHubEvent]
    C --> D{shouldSkipEvent?}
    D -->|skip: bot user| Z[Log & Ack]
    D -->|skip: lifecycle noise| Z
    D -->|skip: synchronize| Z
    D -->|process| E[formatGitHubEvent]
    E -->|ping| Z
    E -->|unknown type| F[minimal summary]
    E -->|known type| G[formatPullRequest<br/>formatPullRequestReview<br/>formatIssueComment<br/>formatCheckSuite<br/>formatCheckRun<br/>formatPush]
    F --> H[wrapGitHubContent]
    G --> H
    H -->|security boundaries| I[enqueue + sendToAgent]
    I --> J[Pi Agent]

Loading

_{Last reviewed commit: 203ff94}

[greptile-apps]

_{5 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}