You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Org-scoped reports: one run covers the subject's activity across all repositories visible to an org-owned token, not just one repo. Support GitHub App installation tokens (created by the org via the app-manifest flow) alongside plain tokens. Enumerate accessible repos, aggregate the subject's activity across them, and stamp the coverage block with the full covered-repo list, time window, and token scope so omissions are visible to any reader ("covers N repos of org X, window Y–Z").
Token acquisition stays a pluggable concern: the core consumes "a token"; the CLI/wrappers decide where it comes from.
Acceptance criteria
A single run with an org-scoped token produces one report aggregating activity across all visible repos
Coverage stamp lists every covered repo, the time window, and the token scope class
GitHub App installation token flow works end-to-end (documented manual test against a real org is acceptable)
Adapter fixtures cover multi-repo enumeration and aggregation; metrics tests prove cross-repo aggregation (e.g., reviews in repo A + repo B sum correctly)
Parallel-work contract
This issue runs in parallel with #3, #4, #6. Territory rules (reviewer must enforce):
Owns: repo-enumeration and token/auth plumbing as new files in the GitHub adapter and CLI (GitHub App installation tokens, scope detection), cross-repo aggregation wiring, and the coverage sub-struct of the report schema.
Parent
#1
What to build
Org-scoped reports: one run covers the subject's activity across all repositories visible to an org-owned token, not just one repo. Support GitHub App installation tokens (created by the org via the app-manifest flow) alongside plain tokens. Enumerate accessible repos, aggregate the subject's activity across them, and stamp the coverage block with the full covered-repo list, time window, and token scope so omissions are visible to any reader ("covers N repos of org X, window Y–Z").
Token acquisition stays a pluggable concern: the core consumes "a token"; the CLI/wrappers decide where it comes from.
Acceptance criteria
Parallel-work contract
This issue runs in parallel with #3, #4, #6. Territory rules (reviewer must enforce):
coveragesub-struct of the report schema.ActivitySet(that right belongs to Full GitHub collaboration metrics (reviews, comments, merge timing, rework) #3 this wave) or the adapter's activity-fetch files — enumeration and auth live in their own files.collaboration/cadence/verificationsub-structs, CI wrapper YAML.Blocked by