Issue 1 — feeds/teahouse.json line 157: Stale top-level lastCommentId (functional bug)
The top-level lastCommentId (line 157) is DC_kwDORQmU5s4A9hdr from section 22 (timestamp 2026-03-14T06:05:17Z). However, section 29's lastCommentId (line 81) is DC_kwDORQmU5s4A9hqk (timestamp 2026-03-14T09:01:34Z) — nearly 3 hours newer. The top-level recentComments array (lines 158–228) also only contains section 22 comments, completely omitting section 29's newer activity. Any consumer using the polling pattern from docs/teahouse-feed-guide.md compares feed["lastCommentId"] to detect new comments — because the top-level field is stale, new comments from section 29 are silently missed.
Fix: update top-level lastCommentId to DC_kwDORQmU5s4A9hqk and include section 29's recent comments in the top-level recentComments array (or at minimum ensure the top-level ID reflects the globally newest comment across all sections).
Issue 2 — scripts/run_qa.sh line 17–21: Multi-URL argument handling broken (functional bug)
When called with multiple URLs (e.g. ./run_qa.sh url1 url2 url3), the script builds URL_ARGS in a loop (lines 17–20) but then ignores it entirely, calling qa_pipeline.py --url "$1" (line 21) which processes only the first argument. The other URLs are silently dropped.
Fix: either use $URL_ARGS in the pipeline call, or pass --urls via a temp file, or document that only one URL is supported and drop the unused loop.
Issue 3 — feeds/subscribers.json line 15: Webhook URL uses plaintext HTTP (security issue)
The subscriber webhook endpoint is http://43.163.91.147:9378/teahouse-feed — plain HTTP, not HTTPS. Comment content (including user names and message previews) is transmitted unencrypted over the network. Any network intermediary can read or tamper with the webhook payload.
Fix: use https:// for the subscriber webhook URL, or serve the endpoint with TLS.
Issue 4 — docs/teahouse-feed-guide.md line 43–67: check_new_comments() never returns a value (broken example code)
The function check_new_comments() on line 43 has no return statement with a meaningful result. The "advanced polling" section on line 109 does has_new = check_new_comments(), which will always be None (falsy), so the active polling interval is never triggered — the adaptive frequency logic is completely broken.
Fix: add return True inside the if current_id != last_known_id: branch and return False at the end of the function.
Issue 1 —
feeds/teahouse.jsonline 157: Stale top-levellastCommentId(functional bug)The top-level
lastCommentId(line 157) isDC_kwDORQmU5s4A9hdrfrom section 22 (timestamp 2026-03-14T06:05:17Z). However, section 29'slastCommentId(line 81) isDC_kwDORQmU5s4A9hqk(timestamp 2026-03-14T09:01:34Z) — nearly 3 hours newer. The top-levelrecentCommentsarray (lines 158–228) also only contains section 22 comments, completely omitting section 29's newer activity. Any consumer using the polling pattern fromdocs/teahouse-feed-guide.mdcomparesfeed["lastCommentId"]to detect new comments — because the top-level field is stale, new comments from section 29 are silently missed.Fix: update top-level
lastCommentIdtoDC_kwDORQmU5s4A9hqkand include section 29's recent comments in the top-levelrecentCommentsarray (or at minimum ensure the top-level ID reflects the globally newest comment across all sections).Issue 2 —
scripts/run_qa.shline 17–21: Multi-URL argument handling broken (functional bug)When called with multiple URLs (e.g.
./run_qa.sh url1 url2 url3), the script buildsURL_ARGSin a loop (lines 17–20) but then ignores it entirely, callingqa_pipeline.py --url "$1"(line 21) which processes only the first argument. The other URLs are silently dropped.Fix: either use
$URL_ARGSin the pipeline call, or pass--urlsvia a temp file, or document that only one URL is supported and drop the unused loop.Issue 3 —
feeds/subscribers.jsonline 15: Webhook URL uses plaintext HTTP (security issue)The subscriber webhook endpoint is
http://43.163.91.147:9378/teahouse-feed— plain HTTP, not HTTPS. Comment content (including user names and message previews) is transmitted unencrypted over the network. Any network intermediary can read or tamper with the webhook payload.Fix: use
https://for the subscriber webhook URL, or serve the endpoint with TLS.Issue 4 —
docs/teahouse-feed-guide.mdline 43–67:check_new_comments()never returns a value (broken example code)The function
check_new_comments()on line 43 has noreturnstatement with a meaningful result. The "advanced polling" section on line 109 doeshas_new = check_new_comments(), which will always beNone(falsy), so the active polling interval is never triggered — the adaptive frequency logic is completely broken.Fix: add
return Trueinside theif current_id != last_known_id:branch andreturn Falseat the end of the function.