@_mustachio/ai-review-agent 0.1.0

package/src/core/review.js

@@ -0,0 +1,130 @@
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+const { execSync } = require('child_process');
+
+const DEFAULT_REVIEW = {
+  approve: false,
+  summary: 'Failed to parse AI review output.',
+  issues: [],
+  recommendation: 'Review manually.',
+};
+
+/**
+ * Run OpenCode and return the parsed review JSON.
+ * Writes prompt to a temp file and pipes via stdin to avoid CLI arg size limits.
+ */
+function runReview(prompt, id, { log = console.log } = {}) {
+  const tmpFile = path.join(os.tmpdir(), `ai-review-prompt-${id}.txt`);
+  fs.writeFileSync(tmpFile, prompt, 'utf-8');
+
+  try {
+    const stdout = execSync(
+      `cat "${tmpFile}" | opencode run --format json --title "PR Review #${id}"`,
+      { encoding: 'utf-8', maxBuffer: 50 * 1024 * 1024, stdio: ['pipe', 'pipe', 'pipe'] }
+    );
+
+    return parseReviewOutput(stdout, { log });
+  } finally {
+    try { fs.unlinkSync(tmpFile); } catch {}
+  }
+}
+
+/**
+ * Parse OpenCode JSON output to extract the review object.
+ */
+function parseReviewOutput(output, { log = console.log } = {}) {
+  const lines = output.split('\n').filter(Boolean);
+  const textParts = [];
+
+  for (const line of lines) {
+    try {
+      const parsed = JSON.parse(line);
+      if (parsed.type === 'text' && parsed.part?.text) {
+        textParts.push(parsed.part.text);
+      }
+    } catch {
+      // Not valid JSON line, skip
+    }
+  }
+
+  for (const text of textParts) {
+    const review = tryParseReview(text);
+    if (review) return review;
+  }
+
+  if (textParts.length > 1) {
+    const combined = textParts.join('');
+    const review = tryParseReview(combined);
+    if (review) return review;
+  }
+
+  log('Warning: Could not extract review JSON from OpenCode output');
+  log(`Raw text parts: ${JSON.stringify(textParts)}`);
+  return DEFAULT_REVIEW;
+}
+
+function tryParseReview(text) {
+  const trimmed = text.trim();
+
+  try {
+    const obj = JSON.parse(trimmed);
+    if (isValidReview(obj)) return obj;
+  } catch {}
+
+  const start = trimmed.indexOf('{');
+  if (start === -1) return null;
+
+  const jsonStr = trimmed.slice(start);
+
+  try {
+    const obj = JSON.parse(jsonStr);
+    if (isValidReview(obj)) return obj;
+  } catch {}
+
+  const repaired = repairTruncatedJson(jsonStr);
+  if (repaired) {
+    try {
+      const obj = JSON.parse(repaired);
+      if (isValidReview(obj)) return obj;
+    } catch {}
+  }
+
+  return null;
+}
+
+function repairTruncatedJson(json) {
+  let inString = false;
+  let escaped = false;
+  const stack = [];
+
+  for (let i = 0; i < json.length; i++) {
+    const ch = json[i];
+    if (escaped) { escaped = false; continue; }
+    if (ch === '\\' && inString) { escaped = true; continue; }
+    if (ch === '"') { inString = !inString; continue; }
+    if (inString) continue;
+    if (ch === '{') stack.push('}');
+    else if (ch === '[') stack.push(']');
+    else if (ch === '}' || ch === ']') stack.pop();
+  }
+
+  if (stack.length === 0) return null;
+
+  let repaired = json;
+  if (inString) repaired += '"';
+  while (stack.length > 0) repaired += stack.pop();
+
+  return repaired;
+}
+
+function isValidReview(obj) {
+  return (
+    obj &&
+    typeof obj === 'object' &&
+    typeof obj.approve === 'boolean' &&
+    typeof obj.summary === 'string'
+  );
+}
+
+module.exports = { runReview, parseReviewOutput };

package/src/index.js

@@ -0,0 +1,67 @@
+/**
+ * GitHub Actions entry point.
+ * Thin wrapper that maps action.yml inputs to the CLI engine.
+ */
+const core = require('@actions/core');
+const { runFullReview, shouldFailForThreshold, countBySeverity } = require('./core/engine');
+const githubPlatform = require('./platforms/github');
+
+async function run() {
+  try {
+    const apiKey = core.getInput('api-key');
+    if (apiKey) {
+      core.setSecret(apiKey);
+    }
+
+    const prMeta = await githubPlatform.getPrMetadata();
+
+    const review = await runFullReview({
+      baseBranch: prMeta.baseBranch,
+      prTitle: prMeta.prTitle,
+      prAuthor: prMeta.prAuthor,
+      prBody: prMeta.prBody,
+      prNumber: prMeta.prNumber,
+      promptPath: core.getInput('prompt') || undefined,
+      rulesPath: core.getInput('rules') || undefined,
+      excludePatterns: core.getInput('exclude-patterns'),
+      maxDiffSize: parseInt(core.getInput('max-diff-size') || '100000', 10),
+      opencodeVersion: core.getInput('opencode-version') || undefined,
+      opencodeConfig: core.getInput('opencode-config') || undefined,
+      apiKey: apiKey || undefined,
+      log: core.info,
+    });
+
+    // Set outputs
+    core.setOutput('approved', String(review.approve));
+    core.setOutput('summary', review.summary);
+    core.setOutput('issues-count', String(review.issues.length));
+    core.setOutput('blocking-count', String(countBySeverity(review.issues, 'blocking')));
+
+    // Post review
+    const token = process.env.GITHUB_TOKEN || process.env.GH_TOKEN;
+    if (!token) {
+      core.setFailed('GITHUB_TOKEN or GH_TOKEN is required to post reviews.');
+      return;
+    }
+
+    await githubPlatform.postReview(review, {
+      prNumber: prMeta.prNumber,
+      token,
+      postReview: core.getInput('post-review') !== 'false',
+      log: core.info,
+    });
+
+    // Threshold check
+    const threshold = core.getInput('severity-threshold') || 'blocking';
+    const fail = shouldFailForThreshold(review, threshold);
+    if (fail) {
+      core.setFailed(fail);
+    } else {
+      core.info('AI review completed successfully.');
+    }
+  } catch (error) {
+    core.setFailed(`AI review failed: ${error.message}`);
+  }
+}
+
+run();

package/src/platforms/bitbucket.js

@@ -0,0 +1,198 @@
+const { formatComment, buildInlineComments } = require('../core/engine');
+
+const BB_API = 'https://api.bitbucket.org/2.0';
+
+/**
+ * Detect Bitbucket Pipelines environment.
+ */
+function detect() {
+  return !!process.env.BITBUCKET_BUILD_NUMBER;
+}
+
+/**
+ * Get PR metadata. Bitbucket Pipelines only provides PR ID, branch, commit,
+ * workspace, and repo slug as env vars. Title/author/description must be
+ * fetched from the API.
+ */
+async function getPrMetadata(token) {
+  const prId = process.env.BITBUCKET_PR_ID;
+  if (!prId) throw new Error('BITBUCKET_PR_ID not set. Is this running on a PR pipeline?');
+
+  const workspace = process.env.BITBUCKET_WORKSPACE;
+  const repoSlug = process.env.BITBUCKET_REPO_SLUG;
+
+  if (!workspace || !repoSlug) {
+    throw new Error('BITBUCKET_WORKSPACE and BITBUCKET_REPO_SLUG must be set.');
+  }
+
+  // Fetch PR details from API since env vars don't include title/author/description
+  const prData = await bbFetch(
+    `${BB_API}/repositories/${workspace}/${repoSlug}/pullrequests/${prId}`,
+    { headers: authHeaders(token) }
+  );
+  const pr = JSON.parse(prData);
+
+  return {
+    prNumber: parseInt(prId, 10),
+    prTitle: pr.title || '',
+    prAuthor: pr.author?.display_name || pr.author?.nickname || '',
+    prBody: pr.description || '',
+    baseBranch: pr.destination?.branch?.name || 'main',
+    commitHash: process.env.BITBUCKET_COMMIT,
+    workspace,
+    repoSlug,
+  };
+}
+
+/**
+ * Post review results to Bitbucket PR.
+ *
+ * Bitbucket doesn't have GitHub's "request changes" concept.
+ * Instead we use:
+ * - Inline comments for specific issues
+ * - Summary comment for the overview
+ * - Build status (SUCCESSFUL/FAILED) to block/allow merge
+ * - Approve/unapprove as a secondary signal
+ */
+async function postReview(review, { prNumber, token, postReview: shouldPost = true, log = console.log }) {
+  const workspace = process.env.BITBUCKET_WORKSPACE;
+  const repoSlug = process.env.BITBUCKET_REPO_SLUG;
+  const commitHash = process.env.BITBUCKET_COMMIT;
+
+  if (!workspace || !repoSlug) {
+    throw new Error('BITBUCKET_WORKSPACE and BITBUCKET_REPO_SLUG must be set.');
+  }
+
+  const baseUrl = `${BB_API}/repositories/${workspace}/${repoSlug}/pullrequests/${prNumber}`;
+  const headers = authHeaders(token);
+
+  // Clean up previous AI review comments
+  log('Cleaning up previous AI review comments...');
+  await deleteStaleComments(baseUrl, headers, log);
+
+  // Post inline comments
+  const inlineComments = buildInlineComments(review.issues);
+  let inlinePosted = 0;
+
+  for (const comment of inlineComments) {
+    try {
+      await bbFetch(`${baseUrl}/comments`, {
+        method: 'POST',
+        headers: { ...headers, 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          content: { raw: comment.body, markup: 'markdown' },
+          inline: {
+            path: comment.path,
+            to: comment.line,
+            ...(comment.start_line ? { from: comment.start_line } : {}),
+          },
+        }),
+      });
+      inlinePosted++;
+    } catch (err) {
+      log(`Warning: Failed to post inline comment on ${comment.path}:${comment.line}: ${err.message}`);
+    }
+  }
+
+  log(`Posted ${inlinePosted} inline comment(s).`);
+
+  // Post summary comment
+  const summaryBody = formatComment(review);
+  await bbFetch(`${baseUrl}/comments`, {
+    method: 'POST',
+    headers: { ...headers, 'Content-Type': 'application/json' },
+    body: JSON.stringify({
+      content: { raw: summaryBody, markup: 'markdown' },
+    }),
+  });
+
+  if (!shouldPost) return;
+
+  // Set build status to block/allow merge (works with branch restrictions on Premium)
+  if (commitHash) {
+    const statusUrl = `${BB_API}/repositories/${workspace}/${repoSlug}/commit/${commitHash}/statuses/build`;
+    try {
+      await bbFetch(statusUrl, {
+        method: 'POST',
+        headers: { ...headers, 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          state: review.approve ? 'SUCCESSFUL' : 'FAILED',
+          key: 'ai-code-review',
+          name: 'AI Code Review',
+          description: review.approve
+            ? 'AI review passed — no blocking issues found.'
+            : `AI review found issues: ${review.summary}`.slice(0, 255),
+          url: `https://bitbucket.org/${workspace}/${repoSlug}/pull-requests/${prNumber}`,
+        }),
+      });
+      log(`Set build status: ${review.approve ? 'SUCCESSFUL' : 'FAILED'}`);
+    } catch (err) {
+      log(`Warning: Could not set build status: ${err.message}`);
+    }
+  }
+
+  // Approve/unapprove as secondary signal
+  if (review.approve) {
+    try {
+      await bbFetch(`${baseUrl}/approve`, {
+        method: 'POST',
+        headers,
+      });
+      log('Approved PR.');
+    } catch (err) {
+      log(`Warning: Could not approve PR: ${err.message}`);
+    }
+  } else {
+    try {
+      await bbFetch(`${baseUrl}/approve`, {
+        method: 'DELETE',
+        headers,
+      });
+    } catch {
+      // May not have been approved previously — that's fine
+    }
+    log('PR not approved — issues found.');
+  }
+}
+
+/**
+ * Delete previous AI review comments to prevent accumulation.
+ * Identifies bot comments by checking for our signature text.
+ */
+async function deleteStaleComments(baseUrl, headers, log) {
+  try {
+    const response = await bbFetch(`${baseUrl}/comments?pagelen=100`, { headers });
+    const data = JSON.parse(response);
+
+    for (const comment of (data.values || [])) {
+      if (comment.content?.raw?.includes('Generated by AI Code Review')) {
+        try {
+          await bbFetch(`${baseUrl}/comments/${comment.id}`, {
+            method: 'DELETE',
+            headers,
+          });
+          log(`Deleted stale comment #${comment.id}.`);
+        } catch (err) {
+          log(`Warning: Could not delete comment #${comment.id}: ${err.message}`);
+        }
+      }
+    }
+  } catch (err) {
+    log(`Warning: Could not list comments for cleanup: ${err.message}`);
+  }
+}
+
+function authHeaders(token) {
+  return { 'Authorization': `Bearer ${token}` };
+}
+
+async function bbFetch(url, opts = {}) {
+  const response = await fetch(url, opts);
+  if (!response.ok) {
+    const body = await response.text();
+    throw new Error(`Bitbucket API ${response.status}: ${body}`);
+  }
+  return response.text();
+}
+
+module.exports = { detect, getPrMetadata, postReview };

package/src/platforms/github.js

@@ -0,0 +1,120 @@
+const { formatComment, formatInlineIssuesAsList, buildInlineComments } = require('../core/engine');
+
+/**
+ * Detect GitHub environment and extract PR metadata.
+ */
+function detect() {
+  return !!process.env.GITHUB_ACTIONS;
+}
+
+async function getPrMetadata() {
+  // In GitHub Actions, the event payload is in a file
+  const eventPath = process.env.GITHUB_EVENT_PATH;
+  if (!eventPath) throw new Error('GITHUB_EVENT_PATH not set');
+
+  const fs = require('fs');
+  const event = JSON.parse(fs.readFileSync(eventPath, 'utf-8'));
+  const pr = event.pull_request;
+  if (!pr) throw new Error('No pull_request in event payload');
+
+  return {
+    prNumber: pr.number,
+    prTitle: pr.title,
+    prAuthor: pr.user.login,
+    prBody: pr.body || '',
+    baseBranch: pr.base.ref,
+  };
+}
+
+/**
+ * Post review results to GitHub PR.
+ */
+async function postReview(review, { prNumber, token, postReview: shouldPost = true, log = console.log }) {
+  const { Octokit } = require('@octokit/rest');
+  const octokit = new Octokit({ auth: token });
+
+  const [owner, repo] = process.env.GITHUB_REPOSITORY.split('/');
+
+  // Dismiss stale reviews
+  log('Dismissing stale reviews...');
+  await dismissStaleReviews(octokit, owner, repo, prNumber, log);
+
+  if (!shouldPost) {
+    // Just post a comment
+    await octokit.issues.createComment({
+      owner,
+      repo,
+      issue_number: prNumber,
+      body: formatComment(review),
+    });
+    return;
+  }
+
+  // Get head SHA
+  const { data: pr } = await octokit.pulls.get({ owner, repo, pull_number: prNumber });
+  const commitId = pr.head.sha;
+
+  const inlineComments = buildInlineComments(review.issues);
+  const summaryBody = formatComment(review);
+  const event = review.approve ? 'APPROVE' : 'REQUEST_CHANGES';
+
+  try {
+    await octokit.pulls.createReview({
+      owner,
+      repo,
+      pull_number: prNumber,
+      commit_id: commitId,
+      event,
+      body: summaryBody,
+      comments: inlineComments,
+    });
+    log(`Posted review with ${inlineComments.length} inline comment(s).`);
+  } catch (error) {
+    log(`Warning: Failed to post inline comments: ${error.message}`);
+    log('Falling back to summary-only review...');
+
+    await octokit.pulls.createReview({
+      owner,
+      repo,
+      pull_number: prNumber,
+      commit_id: commitId,
+      event,
+      body: summaryBody + formatInlineIssuesAsList(review.issues),
+    });
+  }
+}
+
+async function dismissStaleReviews(octokit, owner, repo, prNumber, log) {
+  try {
+    const { data: reviews } = await octokit.pulls.listReviews({
+      owner,
+      repo,
+      pull_number: prNumber,
+    });
+
+    const botReviews = reviews.filter(
+      (r) =>
+        r.user?.login === 'github-actions[bot]' &&
+        (r.state === 'APPROVED' || r.state === 'CHANGES_REQUESTED')
+    );
+
+    for (const review of botReviews) {
+      try {
+        await octokit.pulls.dismissReview({
+          owner,
+          repo,
+          pull_number: prNumber,
+          review_id: review.id,
+          message: 'Superseded by new AI review.',
+        });
+        log(`Dismissed stale review #${review.id}.`);
+      } catch (err) {
+        log(`Warning: Could not dismiss review #${review.id}: ${err.message}`);
+      }
+    }
+  } catch (err) {
+    log(`Warning: Could not list reviews for dismissal: ${err.message}`);
+  }
+}
+
+module.exports = { detect, getPrMetadata, postReview };