Disagreement · 7284403c-openai-3

SESSION_KEY literal duplicated across modules (risk of drift breaking session cache)

solo GPT-5

repo 799b2361·PR #2·reviewed 5 days ago

GPT-5 finding

SESSION_KEY literal duplicated across modules (risk of drift breaking session cache)

lowmaintainabilityhigh

src/api/platform.ts:21
src/commands/auth.ts:27

The same string constant is hard-coded in multiple files. A future change in one place would silently break cache lookups/saves in the other, causing unexpected re-auth or token invisibility.

Recommendation

Export SESSION_KEY from a single module (e.g., src/api/platform.ts or a shared constants module) and import it where needed. This ensures a single source of truth.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

lowdocs-gap
Comment in db.ts claims session schema has agentId, but persisted sessions for reppo-platform never carry one
view anatomy →

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗