@clipboard-health/ai-rules 2.8.4 → 2.8.6

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@clipboard-health/ai-rules",
   "description": "Pre-built AI agent rules for consistent coding standards.",
-  "version": "2.8.4",
+  "version": "2.8.6",
   "bugs": "https://github.com/ClipboardHealth/core-utils/issues",
   "keywords": [
     "ai",

package/skills/iterate-pr/SKILL.md

@@ -28,7 +28,7 @@ Get the PR for the current branch:
 
 **If PR exists:** Get unresolved comments data:
 
-!`node "${CLAUDE_PLUGIN_ROOT:-.agents}/skills/unresolved-pr-comments/scripts/unresolvedPrComments.ts" 2>/dev/null`
+!`bash "${CLAUDE_PLUGIN_ROOT:-.agents}/skills/unresolved-pr-comments/scripts/unresolvedPrComments.sh" 2>/dev/null`
 
 Parse the JSON output and evaluate exit conditions.
 
@@ -75,7 +75,7 @@ Spawn a Task subagent with `subagent_type: "general-purpose"` using this prompt:
 > 4. **Wait for CI**: !`rc=0; if command -v gtimeout >/dev/null 2>&1; then gtimeout 600 gh pr checks --watch || rc=$?; elif command -v timeout >/dev/null 2>&1; then timeout 600 gh pr checks --watch || rc=$?; else gh pr checks --watch || rc=$?; fi; case $rc in 0|1|8|124) ;; *) exit $rc;; esac` (10 minute timeout; exit codes: 0=pass, 1=fail, 8=pending, 124=timeout are expected and handled in next step; other codes like 4=auth error are re-raised; uses gtimeout on macOS, timeout on Linux, no timeout as fallback)
 > 5. **Check CI Status**: Run `gh pr checks --json name,state,bucket` and parse the output
 >    - If any check has `bucket: "fail"`, invoke `core:fix-ci` via the Skill tool. Since you are running autonomously, do NOT wait for user approval — apply the fixes directly. Report what was fixed and exit.
-> 6. **Check Comments**: Run `node "${CLAUDE_PLUGIN_ROOT:-.agents}/skills/unresolved-pr-comments/scripts/unresolvedPrComments.ts"` and parse the JSON output
+> 6. **Check Comments**: Run `bash "${CLAUDE_PLUGIN_ROOT:-.agents}/skills/unresolved-pr-comments/scripts/unresolvedPrComments.sh"` and parse the JSON output
 >    - If unresolved comments or nitpicks exist:
 >      1. Group comments by file path and read each file once (not per-comment)
 >      2. If a file no longer exists, note the comment may be outdated and skip it
@@ -92,7 +92,7 @@ After the subagent completes:
 
 1. Increment iteration counter
 2. If no commits were made this iteration:
-   - Get unresolved comments by running: `node "${CLAUDE_PLUGIN_ROOT:-.agents}/skills/unresolved-pr-comments/scripts/unresolvedPrComments.ts"`
+   - Get unresolved comments by running: `bash "${CLAUDE_PLUGIN_ROOT:-.agents}/skills/unresolved-pr-comments/scripts/unresolvedPrComments.sh"`
    - If unresolved comments remain, exit with: "Comments addressed, awaiting reviewer resolution. Run `/iterate-pr` after reviewer responds."
 3. Report: "Iteration [N]/[max] complete. Checking state..."
 4. Return to Step 2

package/skills/unresolved-pr-comments/SKILL.md

@@ -13,7 +13,7 @@ Fetch and analyze unresolved review comments from a GitHub pull request.
 Run the script to fetch PR comment data:
 
 ```bash
-node scripts/unresolvedPrComments.ts [pr-number]
+bash scripts/unresolvedPrComments.sh [pr-number]
 ```
 
 If no PR number is provided, it uses the PR associated with the current branch.

package/skills/unresolved-pr-comments/scripts/parseNitpicks.sh

@@ -0,0 +1,125 @@
+#!/usr/bin/env bash
+# parseNitpicks.sh — Parse CodeRabbit nitpick comments from PR review bodies.
+# Sourced by unresolvedPrComments.sh. Requires: jq, perl.
+
+# Extract nitpick comments from reviews JSON (passed via stdin).
+# Outputs a JSON array of nitpick comment objects.
+extract_nitpick_comments() {
+  local reviews_json="$1"
+
+  printf '%s' "$reviews_json" | perl -e '
+use strict;
+use warnings;
+use JSON::PP;
+
+local $/;
+my $reviews_json = <STDIN>;
+my $reviews = decode_json($reviews_json);
+
+# Find latest coderabbitai review with nitpick section
+my $latest_review;
+my $latest_time = "";
+for my $review (@$reviews) {
+  my $author = $review->{author}{login} // "";
+  my $body = $review->{body} // "";
+  next unless $author eq "coderabbitai" && $body =~ /Nitpick comments/;
+  my $created = $review->{createdAt} // "";
+  if ($created gt $latest_time) {
+    $latest_time = $created;
+    $latest_review = $review;
+  }
+}
+
+unless ($latest_review) {
+  print "[]";
+  exit 0;
+}
+
+my $body = $latest_review->{body};
+my $author = $latest_review->{author}{login} // "deleted-user";
+my $created_at = $latest_review->{createdAt} // "";
+
+# Extract nitpick section content (handle nested blockquotes)
+my $nitpick_content = extract_nitpick_section($body);
+unless (defined $nitpick_content) {
+  print "[]";
+  exit 0;
+}
+
+# Extract file sections: <details><summary>filename (count)</summary><blockquote>...</blockquote></details>
+my @comments;
+while ($nitpick_content =~ /<details>\s*<summary>([^<]+?)\s+\(\d+\)<\/summary>\s*<blockquote>([\s\S]*?)<\/blockquote>\s*<\/details>/g) {
+  my $file_name = trim($1);
+  my $file_content = $2;
+
+  # Extract individual comments: `line-range`: **title** body
+  while ($file_content =~ /`(\d+(?:-\d+)?)`:\s*\*\*([^*]+)\*\*\s*([\s\S]*?)(?=---|\n`\d|<\/blockquote>|$)/g) {
+    my $line_range = $1;
+    my $title = trim($2);
+    my $clean_body = clean_comment_body(trim($3));
+    push @comments, {
+      author    => $author,
+      body      => "$title\n\n$clean_body",
+      createdAt => $created_at,
+      file      => $file_name,
+      line      => $line_range,
+    };
+  }
+}
+
+print encode_json(\@comments);
+
+sub extract_nitpick_section {
+  my ($text) = @_;
+  # Match the nitpick section header
+  if ($text =~ /<summary>\x{1f9f9} Nitpick comments \(\d+\)<\/summary>\s*<blockquote>/i) {
+    my $content_start = $+[0];
+    my $after = substr($text, $content_start);
+
+    # Find matching closing blockquote by tracking depth
+    my $depth = 1;
+    my @tags;
+    while ($after =~ /(<blockquote>|<\/blockquote>)/gi) {
+      my $tag = $1;
+      my $pos = $-[0];
+      my $is_open = ($tag =~ /^<blockquote>/i) ? 1 : 0;
+      push @tags, [$pos, $is_open];
+    }
+    for my $tag (@tags) {
+      $depth += $tag->[1] ? 1 : -1;
+      if ($depth == 0) {
+        return substr($after, 0, $tag->[0]);
+      }
+    }
+  }
+  return undef;
+}
+
+sub clean_comment_body {
+  my ($text) = @_;
+  # Iteratively remove innermost <details> elements
+  my $prev = "";
+  while ($text ne $prev) {
+    $prev = $text;
+    $text =~ s/<details>(?:(?!<details>)[\s\S])*?<\/details>//g;
+  }
+  $text =~ s/</&lt;/g;
+  $text =~ s/>/&gt;/g;
+  return trim($text);
+}
+
+sub trim {
+  my ($s) = @_;
+  $s =~ s/^\s+//;
+  $s =~ s/\s+$//;
+  return $s;
+}
+'
+}
+
+# Extract code scanning alert number from comment body.
+# Outputs the alert number or empty string.
+extract_code_scanning_alert_number() {
+  local body="$1"
+  printf '%s' "$body" | perl -ne 'print $1 if m{/code-scanning/(\d+)}'
+}

package/skills/unresolved-pr-comments/scripts/unresolvedPrComments.sh

@@ -0,0 +1,246 @@
+#!/usr/bin/env bash
+# unresolvedPrComments.sh — Fetch unresolved review comments from a GitHub PR.
+# Usage: bash unresolvedPrComments.sh [pr-number]
+# Outputs JSON with unresolved comments and CodeRabbit nitpicks.
+# Compatible with macOS bash 3.2. Requires: gh, jq, perl.
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+# shellcheck source=parseNitpicks.sh
+source "${SCRIPT_DIR}/parseNitpicks.sh"
+
+# Save original stdout so output_error works inside $() command substitutions
+exec 3>&1
+
+# --- Helpers (inlined from ghClient.ts / prClient.ts) ---
+
+output_error() {
+  printf '%s' "$1" | jq -Rsc '{ error: . }' >&3
+  exit 1
+}
+
+validate_prerequisites() {
+  if ! command -v jq >/dev/null 2>&1; then
+    printf '{"error":"jq not found. Install from https://stedolan.github.io/jq"}\n' >&3
+    exit 1
+  fi
+  if ! command -v gh >/dev/null 2>&1; then
+    output_error "gh CLI not found. Install from https://cli.github.com"
+  fi
+  if ! command -v perl >/dev/null 2>&1; then
+    output_error "perl not found."
+  fi
+  if ! gh api user --jq '.login' >/dev/null 2>&1; then
+    output_error "Not authenticated with GitHub. Run: gh auth login"
+  fi
+}
+
+get_pr_number() {
+  local arg="${1:-}"
+  if [ -n "$arg" ]; then
+    if ! printf '%s' "$arg" | grep -qE '^[0-9]+$'; then
+      output_error "Invalid PR number: ${arg}"
+    fi
+    printf '%s' "$arg"
+    return
+  fi
+
+  local pr_json
+  if ! pr_json="$(gh pr view --json number 2>/dev/null)"; then
+    output_error "No PR found for current branch. Provide PR number as argument."
+  fi
+
+  local pr_num
+  pr_num="$(printf '%s' "$pr_json" | jq -r '.number // empty')"
+  if [ -z "$pr_num" ]; then
+    output_error "No PR found for current branch. Provide PR number as argument."
+  fi
+  printf '%s' "$pr_num"
+}
+
+get_repo_info() {
+  local repo_json
+  if ! repo_json="$(gh repo view --json owner,name 2>/dev/null)"; then
+    output_error "Could not determine repository. Are you in a git repo with a GitHub remote?"
+  fi
+
+  REPO_OWNER="$(printf '%s' "$repo_json" | jq -r '.owner.login // empty')"
+  REPO_NAME="$(printf '%s' "$repo_json" | jq -r '.name // empty')"
+
+  if [ -z "$REPO_OWNER" ] || [ -z "$REPO_NAME" ]; then
+    output_error "Failed to parse repository info from gh CLI output."
+  fi
+}
+
+# --- GraphQL ---
+
+# Pagination limits: 100 review threads, 10 comments per thread, 100 reviews.
+# Sufficient for typical PRs; data may be truncated on exceptionally active PRs.
+GRAPHQL_QUERY='
+query($owner: String!, $repo: String!, $pr: Int!) {
+  repository(owner: $owner, name: $repo) {
+    pullRequest(number: $pr) {
+      title
+      url
+      reviewThreads(first: 100) {
+        nodes {
+          isResolved
+          comments(first: 10) {
+            nodes {
+              body
+              path
+              line
+              originalLine
+              author { login }
+              createdAt
+            }
+          }
+        }
+      }
+      reviews(first: 100) {
+        nodes {
+          body
+          author { login }
+          createdAt
+        }
+      }
+    }
+  }
+}'
+
+execute_graphql_query() {
+  local owner="$1" repo="$2" pr_number="$3"
+  local result
+  if ! result="$(gh api graphql \
+    -f "query=${GRAPHQL_QUERY}" \
+    -f "owner=${owner}" \
+    -f "repo=${repo}" \
+    -F "pr=${pr_number}" 2>&1)"; then
+    output_error "GraphQL query failed: ${result}"
+  fi
+  printf '%s' "$result"
+}
+
+# --- Code scanning filter ---
+
+is_code_scanning_alert_fixed() {
+  local owner="$1" repo="$2" alert_number="$3"
+  local result
+  if ! result="$(gh api "repos/${owner}/${repo}/code-scanning/alerts/${alert_number}" 2>/dev/null)"; then
+    return 1
+  fi
+
+  local state
+  state="$(printf '%s' "$result" | jq -r '.most_recent_instance.state // empty')"
+  [ "$state" = "fixed" ]
+}
+
+# --- Main ---
+
+main() {
+  validate_prerequisites
+
+  local pr_number
+  pr_number="$(get_pr_number "${1:-}")"
+
+  get_repo_info
+  local owner="$REPO_OWNER"
+  local repo="$REPO_NAME"
+
+  local response
+  response="$(execute_graphql_query "$owner" "$repo" "$pr_number")"
+
+  # Validate response
+  if [ "$(printf '%s' "$response" | jq -r '.data.repository // empty')" = "" ]; then
+    output_error "Repository ${owner}/${repo} not found or not accessible."
+  fi
+  if [ "$(printf '%s' "$response" | jq -r '.data.repository.pullRequest // empty')" = "" ]; then
+    output_error "PR #${pr_number} not found or not accessible."
+  fi
+
+  local title url
+  title="$(printf '%s' "$response" | jq -r '.data.repository.pullRequest.title')"
+  url="$(printf '%s' "$response" | jq -r '.data.repository.pullRequest.url')"
+
+  # Extract unresolved comments: filter unresolved threads, flatten comments
+  local all_unresolved
+  all_unresolved="$(printf '%s' "$response" | jq '[
+    .data.repository.pullRequest.reviewThreads.nodes[]
+    | select(.isResolved == false)
+    | .comments.nodes[]
+    | {
+        author: (.author.login // "deleted-user"),
+        body: .body,
+        createdAt: .createdAt,
+        file: .path,
+        line: (.line // .originalLine)
+      }
+  ]')"
+
+  # Filter out fixed code-scanning alerts from github-advanced-security
+  local unresolved_comments="[]"
+  local count
+  count="$(printf '%s' "$all_unresolved" | jq 'length')"
+
+  local i=0
+  while [ "$i" -lt "$count" ]; do
+    local comment
+    comment="$(printf '%s' "$all_unresolved" | jq ".[$i]")"
+    local comment_author
+    comment_author="$(printf '%s' "$comment" | jq -r '.author')"
+
+    local keep=true
+    if [ "$comment_author" = "github-advanced-security" ]; then
+      local comment_body alert_number
+      comment_body="$(printf '%s' "$comment" | jq -r '.body')"
+      alert_number="$(extract_code_scanning_alert_number "$comment_body")"
+      if [ -n "$alert_number" ]; then
+        if is_code_scanning_alert_fixed "$owner" "$repo" "$alert_number"; then
+          keep=false
+        fi
+      fi
+    fi
+
+    if [ "$keep" = true ]; then
+      unresolved_comments="$(printf '%s' "$unresolved_comments" | jq --argjson c "$comment" '. + [$c]')"
+    fi
+
+    i=$((i + 1))
+  done
+
+  # Extract nitpick comments from reviews
+  local reviews_json
+  reviews_json="$(printf '%s' "$response" | jq '[.data.repository.pullRequest.reviews.nodes[]]')"
+  local nitpick_comments
+  nitpick_comments="$(extract_nitpick_comments "$reviews_json")"
+
+  # Build final output
+  local total_unresolved total_nitpicks
+  total_unresolved="$(printf '%s' "$unresolved_comments" | jq 'length')"
+  total_nitpicks="$(printf '%s' "$nitpick_comments" | jq 'length')"
+
+  jq -n \
+    --argjson nitpickComments "$nitpick_comments" \
+    --arg owner "$owner" \
+    --argjson prNumber "$pr_number" \
+    --arg repo "$repo" \
+    --arg title "$title" \
+    --argjson totalNitpicks "$total_nitpicks" \
+    --argjson totalUnresolvedComments "$total_unresolved" \
+    --argjson unresolvedComments "$unresolved_comments" \
+    --arg url "$url" \
+    '{
+      nitpickComments: $nitpickComments,
+      owner: $owner,
+      prNumber: $prNumber,
+      repo: $repo,
+      title: $title,
+      totalNitpicks: $totalNitpicks,
+      totalUnresolvedComments: $totalUnresolvedComments,
+      unresolvedComments: $unresolvedComments,
+      url: $url
+    }'
+}
+
+main "$@"

package/skills/unresolved-pr-comments/scripts/parseNitpicks.ts

@@ -1,145 +0,0 @@
-// Matches file sections inside the nitpick block: <details><summary>filename (count)</summary><blockquote>...</blockquote></details>
-const FILE_SECTION_REGEX =
-  /<details>\s*<summary>([^<]+?)\s+\(\d+\)<\/summary>\s*<blockquote>([\s\S]*?)<\/blockquote>\s*<\/details>/g;
-
-// Matches individual comments: `line-range`: **title** body
-// Stops at: horizontal rule, next comment, end of blockquote section, or end of string
-const COMMENT_REGEX =
-  /`(\d+(?:-\d+)?)`:\s*\*\*([^*]+)\*\*\s*([\s\S]*?)(?=---|\n`\d|<\/blockquote>|$)/g;
-
-export const NITPICK_SECTION_MARKER = "Nitpick comments";
-
-export interface Review {
-  author: { login: string } | null;
-  body: string;
-  createdAt: string;
-}
-
-export interface NitpickComment {
-  author: string;
-  body: string;
-  createdAt: string;
-  file: string;
-  line: string;
-}
-
-export function cleanCommentBody(body: string): string {
-  // Remove details elements iteratively to handle nested elements
-  let result = body;
-  let previousResult = "";
-  while (result !== previousResult) {
-    previousResult = result;
-    // Match innermost details elements first (those without nested details)
-    result = result.replaceAll(/<details>(?:(?!<details>)[\s\S])*?<\/details>/g, "");
-  }
-
-  return result.replaceAll("<", "&lt;").replaceAll(">", "&gt;").trim();
-}
-
-interface BlockquoteTag {
-  index: number;
-  isOpen: boolean;
-}
-
-function findMatchingBlockquoteEnd(content: string): number | undefined {
-  const openTag = /<blockquote>/gi;
-  const closeTag = /<\/blockquote>/gi;
-
-  const tags: BlockquoteTag[] = [];
-
-  let match: RegExpExecArray | null;
-  while ((match = openTag.exec(content)) !== null) {
-    tags.push({ index: match.index, isOpen: true });
-  }
-  while ((match = closeTag.exec(content)) !== null) {
-    tags.push({ index: match.index, isOpen: false });
-  }
-
-  tags.sort((a, b) => a.index - b.index);
-
-  let depth = 1;
-  for (const tag of tags) {
-    depth += tag.isOpen ? 1 : -1;
-    if (depth === 0) {
-      return tag.index;
-    }
-  }
-
-  return undefined;
-}
-
-export function extractNitpickSectionContent(body: string): string | undefined {
-  const startPattern = /<summary>🧹 Nitpick comments \(\d+\)<\/summary>\s*<blockquote>/i;
-  const startMatch = startPattern.exec(body);
-  if (!startMatch) {
-    return undefined;
-  }
-
-  const contentStart = startMatch.index + startMatch[0].length;
-  const afterStart = body.slice(contentStart);
-
-  const endPosition = findMatchingBlockquoteEnd(afterStart);
-  if (endPosition === undefined) {
-    return undefined;
-  }
-
-  return afterStart.slice(0, endPosition);
-}
-
-export function parseCommentsFromFileSection(
-  fileContent: string,
-  fileName: string,
-  review: Review,
-): NitpickComment[] {
-  return [...fileContent.matchAll(COMMENT_REGEX)].map((match) => {
-    const lineRange = match[1];
-    const title = match[2].trim();
-    const cleanBody = cleanCommentBody(match[3].trim());
-
-    return {
-      author: review.author?.login ?? "deleted-user",
-      body: `${title}\n\n${cleanBody}`,
-      createdAt: review.createdAt,
-      file: fileName,
-      line: lineRange,
-    };
-  });
-}
-
-export function extractNitpicksFromReview(review: Review): NitpickComment[] {
-  if (!review.body.includes(NITPICK_SECTION_MARKER)) {
-    return [];
-  }
-
-  const nitpickContent = extractNitpickSectionContent(review.body);
-  if (!nitpickContent) {
-    return [];
-  }
-
-  const fileSections = [...nitpickContent.matchAll(FILE_SECTION_REGEX)];
-
-  return fileSections.flatMap((fileMatch) => {
-    const fileName = fileMatch[1].trim();
-    const fileContent = fileMatch[2];
-    return parseCommentsFromFileSection(fileContent, fileName, review);
-  });
-}
-
-export function getLatestCodeRabbitReview(reviews: Review[]): Review | undefined {
-  return [...reviews]
-    .filter(
-      (review) =>
-        review.author?.login === "coderabbitai" && review.body.includes(NITPICK_SECTION_MARKER),
-    )
-    .sort((a, b) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime())[0];
-}
-
-export function extractNitpickComments(reviews: Review[]): NitpickComment[] {
-  const latestReview = getLatestCodeRabbitReview(reviews);
-  return latestReview ? extractNitpicksFromReview(latestReview) : [];
-}
-
-export function extractCodeScanningAlertNumber(body: string): number | undefined {
-  const match = /\/code-scanning\/(\d+)/.exec(body);
-  return match ? Number.parseInt(match[1], 10) : undefined;
-}

package/skills/unresolved-pr-comments/scripts/unresolvedPrComments.ts

@@ -1,190 +0,0 @@
-#!/usr/bin/env node
-import {
-  executeGraphQL,
-  outputError,
-  runGh,
-  validatePrerequisites,
-} from "../../../lib/ghClient.ts";
-import { getPrNumber, getRepoInfo } from "../../../lib/prClient.ts";
-
-import {
-  extractCodeScanningAlertNumber,
-  extractNitpickComments,
-  type NitpickComment,
-  type Review,
-} from "./parseNitpicks.ts";
-
-// Pagination limits: 100 review threads, 10 comments per thread, 100 reviews.
-// Sufficient for typical PRs; data may be truncated on exceptionally active PRs.
-const GRAPHQL_QUERY = `
-query($owner: String!, $repo: String!, $pr: Int!) {
-  repository(owner: $owner, name: $repo) {
-    pullRequest(number: $pr) {
-      title
-      url
-      reviewThreads(first: 100) {
-        nodes {
-          isResolved
-          comments(first: 10) {
-            nodes {
-              body
-              path
-              line
-              originalLine
-              author { login }
-              createdAt
-            }
-          }
-        }
-      }
-      reviews(first: 100) {
-        nodes {
-          body
-          author { login }
-          createdAt
-        }
-      }
-    }
-  }
-}`;
-
-interface Comment {
-  author: { login: string } | null;
-  body: string;
-  createdAt: string;
-  line: number | null;
-  originalLine: number | null;
-  path: string;
-}
-
-interface ReviewThread {
-  comments: { nodes: Comment[] };
-  isResolved: boolean;
-}
-
-interface GraphQLResponse {
-  data: {
-    repository: {
-      pullRequest: {
-        reviewThreads: { nodes: ReviewThread[] };
-        reviews: { nodes: Review[] };
-        title: string;
-        url: string;
-      } | null;
-    } | null;
-  };
-}
-
-interface UnresolvedComment {
-  author: string;
-  body: string;
-  createdAt: string;
-  file: string;
-  line: number | null;
-}
-
-interface CodeScanningInstance {
-  state: string;
-}
-
-interface CodeScanningAlert {
-  most_recent_instance: CodeScanningInstance;
-}
-
-interface OutputResult {
-  nitpickComments: NitpickComment[];
-  owner: string;
-  prNumber: number;
-  repo: string;
-  title: string;
-  totalNitpicks: number;
-  totalUnresolvedComments: number;
-  unresolvedComments: UnresolvedComment[];
-  url: string;
-}
-
-function isCodeScanningAlertFixed(owner: string, repo: string, alertNumber: number): boolean {
-  const result = runGh(["api", `repos/${owner}/${repo}/code-scanning/alerts/${alertNumber}`]);
-  if (result.status !== 0) {
-    return false;
-  }
-
-  try {
-    const alert = JSON.parse(result.stdout) as CodeScanningAlert;
-    return alert.most_recent_instance.state === "fixed";
-  } catch {
-    return false;
-  }
-}
-
-function executeGraphQLQuery(owner: string, repo: string, prNumber: number): GraphQLResponse {
-  return executeGraphQL<GraphQLResponse>(GRAPHQL_QUERY, { owner, repo, pr: prNumber });
-}
-
-function formatComment(comment: Comment): UnresolvedComment {
-  return {
-    author: comment.author?.login ?? "deleted-user",
-    body: comment.body,
-    createdAt: comment.createdAt,
-    file: comment.path,
-    line: comment.line ?? comment.originalLine,
-  };
-}
-
-function isUnresolvedSecurityComment(
-  comment: UnresolvedComment,
-  owner: string,
-  repo: string,
-): boolean {
-  if (comment.author !== "github-advanced-security") {
-    return true;
-  }
-
-  const alertNumber = extractCodeScanningAlertNumber(comment.body);
-  if (!alertNumber) {
-    return true;
-  }
-
-  return !isCodeScanningAlertFixed(owner, repo, alertNumber);
-}
-
-function main(): void {
-  validatePrerequisites();
-
-  const prNumber = getPrNumber(process.argv[2]);
-  const { name: repo, owner } = getRepoInfo();
-  const response = executeGraphQLQuery(owner, repo, prNumber);
-
-  const repository = response.data.repository;
-  if (!repository) {
-    outputError(`Repository ${owner}/${repo} not found or not accessible.`);
-  }
-
-  const pr = repository.pullRequest;
-  if (!pr) {
-    outputError(`PR #${prNumber} not found or not accessible.`);
-  }
-
-  const unresolvedComments = pr.reviewThreads.nodes
-    .filter((thread) => !thread.isResolved)
-    .flatMap((thread) => thread.comments.nodes.map(formatComment))
-    .filter((comment) => isUnresolvedSecurityComment(comment, owner, repo));
-
-  const nitpickComments = extractNitpickComments(pr.reviews.nodes);
-
-  const output: OutputResult = {
-    nitpickComments,
-    owner,
-    prNumber,
-    repo,
-    title: pr.title,
-    totalNitpicks: nitpickComments.length,
-    totalUnresolvedComments: unresolvedComments.length,
-    unresolvedComments,
-    url: pr.url,
-  };
-
-  console.log(JSON.stringify(output, undefined, 2));
-}
-
-main();