fix: accept colon-linked bounty issue refs

[sirakinb]

Summary

• allow webhook PR bounty references with a colon after the linking keyword, e.g. Refs: #406
• keep existing issue-number boundary checks for malformed suffixes
• add regression coverage proving an accepted PR label pays the linked bounty when the PR body uses the colon form

Why

GitHub contributors commonly write references as Refs: #123 or Fixes: #123. The current payout parser only accepts Refs #123, so a maintainer could apply mrwk:accepted to valid work and still get missing_issue if the PR body used the colon form.

Tests

• ./.venv/bin/python -m ruff format --check app/webhooks/github.py tests/test_webhooks.py
• ./.venv/bin/python -m ruff check app/webhooks/github.py tests/test_webhooks.py
• ./.venv/bin/python -m pytest tests/test_webhooks.py -q
• ./.venv/bin/python -m pytest -q

Refs #406

Summary by CodeRabbit

• Bug Fixes

  • Issue reference parsing now accepts optional colons after action keywords in pull request descriptions (e.g., Refs: 123, Closes: 456), improving compatibility with common linking conventions.

• Tests

  • Added test coverage for colon-formatted issue references.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 7ea532a0-03d1-45ca-be73-e64e840fe0b8

📥 Commits

Reviewing files that changed from the base of the PR and between d8532d4 and c54f7c0.

📒 Files selected for processing (2)

• app/webhooks/github.py
• tests/test_webhooks.py

---

📝 Walkthrough

Walkthrough

This PR relaxes the LINKED_ISSUE_RE regex in the GitHub webhook handler to accept an optional colon after linked-issue action keywords (e.g., Refs: 123). A new test validates that the webhook correctly handles and pays bounties when PR bodies include colon-suffixed issue references.

Changes

Linked-issue regex relaxation

Layer / File(s)	Summary
Linked-issue regex relaxation and webhook validation app/webhooks/github.py, tests/test_webhooks.py	LINKED_ISSUE_RE regex accepts optional colon after keywords. Test verifies pull_request "labeled" webhook with Refs: link pays bounty and credits PR author wallet.

Possibly related PRs

• ramimbo/mergework#296: Both PRs modify app/webhooks/github.py's linked-issue parsing—one relaxes the LINKED_ISSUE_RE to allow optional colon after keywords, while the other hardens parsing of extracted issue numbers against oversized/out-of-range values.

🚥 Pre-merge checks | ✅ 4 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Linked Issues check	⚠️ Warning	Linked issue #123 concerns GitHub account lookup normalization, which is unrelated to this PR's webhook parsing fix for colon-linked bounty references.	The linked issue #123 does not match the PR objectives. Remove this incorrect link or verify the intended linked issue number.
Bounty Pr Focus	⚠️ Warning	PR claims narrow scope for Refs #406 but adds 130 files including unrelated issue #123 code and entire project infrastructure, exceeding stated scope.	Separate into focused commits: one for #406 (colon-linked refs only), one for #123 (account normalization), one for project setup.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concretely names the changed surface: webhook PR bounty reference parsing that now accepts colon-linked issue references.
Description check	✅ Passed	The description is well-structured with clear summary, rationale, and test commands. All required template sections are present and substantively completed.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to parsing colon-linked issue references in webhook PR bodies and adding corresponding test coverage.
Mergework Public Artifact Hygiene	✅ Passed	PR documentation avoids investment/price claims, disclaims current cash-out paths, describes MRWK as native coin with future snapshot/bridge potential, emphasizes private security reporting.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[tinyopsstudio]

Reviewed PR #557 at c54f7c0d46dde5a9e38d57dd4175c60325693c05.

Evidence checked:

• inspected app/webhooks/github.py and tests/test_webhooks.py;
• ran tests/test_webhooks.py::test_accepted_pr_label_accepts_colon_after_link_keyword locally: pass;
• ran tests/test_webhooks.py locally: 19 passed.

No functional blocker found in isolation for the new Refs: #406 path.

Merge-selection note: this appears to be superseded by the already-open PR #540. Both PRs target the same colon-linked bounty reference behavior for #406 and both modify the same LINKED_ISSUE_RE separator in app/webhooks/github.py.

The difference is coverage depth:

• PR fix: accept colon-linked bounty issue refs #557 proves the first accepted-label payout path for Refs: #406;
• PR Accept colon-form bounty references in webhook payouts #540 covers the same parser behavior, is currently open/clean/approved, and also verifies payout amount, maintainer balance, duplicate replay handling, and WebhookEvent.processed_status.

Recommendation: avoid merging both. Either proceed with #540 or explicitly choose one implementation/test set and close the duplicate. If #540 lands first, #557 should be closed as a duplicate/superseded PR.

[Baijack-star]

Reviewed current head c54f7c0d46dde5a9e38d57dd4175c60325693c05 as a non-author, focused on the accepted-label webhook colon-reference change.\n\nI would not merge or pay this PR as a distinct #406 fix in its current form because it duplicates the already-open PR #540 scope. Both PRs change the same LINKED_ISSUE_RE colon separator behavior in app/webhooks/github.py and add the same accepted-label payout regression surface in tests/test_webhooks.py. Comparing #557 directly against PR #540 shows no new product behavior: #557 only changes the regex spelling from #540's (?:\s+|\s*:\s*) to \s*:?\s+, and swaps the test fixture from Bounty: #3 to Refs: #406.\n\nThe current #557 regression is also weaker than #540's already-reviewed coverage: it verifies a single paid result, but drops #540's duplicate-delivery replay assertion and webhook event processed_status == paid check. That makes this a superseded duplicate rather than a useful additional fix.\n\nValidation I ran on #557:\n- PYTHONPATH=. /Users/apple/Documents/paid-demand-goal-reset/mergework-review/.venv/bin/python -m pytest tests/test_webhooks.py -q -> 19 passed\n- PYTHONPATH=. PYTEST_DISABLE_PLUGIN_AUTOLOAD=1 /Users/apple/Documents/paid-demand-goal-reset/mergework-review/.venv/bin/python -m pytest -q -> 415 passed\n- PYTHONPATH=. /Users/apple/Documents/paid-demand-goal-reset/mergework-review/.venv/bin/python -m ruff check app/webhooks/github.py tests/test_webhooks.py -> passed\n- PYTHONPATH=. /Users/apple/Documents/paid-demand-goal-reset/mergework-review/.venv/bin/python -m ruff format --check app/webhooks/github.py tests/test_webhooks.py -> 2 files already formatted\n- PYTHONPATH=. /Users/apple/Documents/paid-demand-goal-reset/mergework-review/.venv/bin/python -m mypy app/webhooks/github.py -> success\n- git diff --check origin/main...HEAD -> clean\n\nSuggested path: close this PR as superseded by #540, or re-scope it only if it adds a genuinely distinct webhook parser boundary not already covered by #540/#539/#555.