@delegance/claude-autopilot 1.6.0 → 1.7.1

package/CHANGELOG.md

@@ -1,5 +1,15 @@
 # Changelog
 
+## [1.7.0] — 2026-04-22
+
+### Added
+- **Stack auto-detection** (`src/core/detect/stack.ts`) — infers human-readable stack string from `package.json`, `go.mod`, `Cargo.toml`, `requirements.txt`, `Gemfile`; detects framework, ORM, auth, UI library, language; injected into review prompt automatically when `stack:` is absent from config
+- **Protected-paths auto-detection** (`src/core/detect/protected-paths.ts`) — scans for migration dirs (`data/deltas/`, `migrations/`, `db/migrate/`, `prisma/migrations/`, `alembic/versions/`, `flyway/`), schema files (`schema.prisma`, `schema.sql`, `db/schema.rb`), infra dirs (`terraform/`, `k8s/`, `helm/`, `.github/workflows/`); populates `protectedPaths` when not set in config
+- **Test-command runtime fallback** — re-runs project detector at `run` time when `testCommand` is absent from config; `null` still disables the test phase explicitly
+- **Git context enrichment** (`src/core/detect/git-context.ts`) — injects branch name and last commit message into the review prompt as `Change context: branch: feat/x | last commit: add user auth` so the LLM understands intent
+- `ReviewInput.context.gitSummary` — new context field; all five adapters (claude, gemini, codex, openai-compatible, auto) inject it when present
+- 18 new tests (9 stack + 9 protected-paths) — **199 total**
+
 ## [1.6.0] — 2026-04-22
 
 ### Added

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@delegance/claude-autopilot",
-  "version": "1.6.0",
+  "version": "1.7.1",
   "type": "module",
   "description": "Claude Code automation pipeline: spec → plan → implement → validate → PR",
   "keywords": [

package/src/adapters/review-engine/claude.ts

@@ -14,7 +14,7 @@ const COST_PER_M_OUTPUT = 75.0;
 const SYSTEM_PROMPT_TEMPLATE = `You are a senior software architect reviewing code changes for quality, security, and correctness.
 
 The codebase context:
-{STACK}
+{STACK}{GIT_CONTEXT}
 
 Provide structured feedback in exactly this format:
 
@@ -56,7 +56,8 @@ export const claudeAdapter: ReviewEngine = {
 
     const model = (input.context as Record<string, unknown> | undefined)?.['model'] as string | undefined ?? DEFAULT_MODEL;
     const stack = input.context?.stack ?? 'A web application — stack details unspecified.';
-    const systemPrompt = SYSTEM_PROMPT_TEMPLATE.replace('{STACK}', stack);
+    const gitCtx = input.context?.gitSummary ? `\n\nChange context: ${input.context.gitSummary}` : '';
+    const systemPrompt = SYSTEM_PROMPT_TEMPLATE.replace('{STACK}', stack).replace('{GIT_CONTEXT}', gitCtx);
 
     const client = new Anthropic({ apiKey });
     let response: Anthropic.Message;

package/src/adapters/review-engine/codex.ts

@@ -10,7 +10,7 @@ const MAX_OUTPUT_TOKENS = 4096;
 const SYSTEM_PROMPT_TEMPLATE = `You are a senior software architect providing feedback on designs, proposals, and ideas.
 
 The codebase context:
-{STACK}
+{STACK}{GIT_CONTEXT}
 
 Provide structured feedback in exactly this format:
 
@@ -49,7 +49,8 @@ export const codexAdapter: ReviewEngine = {
       throw new AutopilotError('OPENAI_API_KEY not set', { code: 'auth', provider: 'codex' });
     }
     const stack = input.context?.stack ?? 'A web application — stack details unspecified.';
-    const systemPrompt = SYSTEM_PROMPT_TEMPLATE.replace('{STACK}', stack);
+    const gitCtx = input.context?.gitSummary ? `\n\nChange context: ${input.context.gitSummary}` : '';
+    const systemPrompt = SYSTEM_PROMPT_TEMPLATE.replace('{STACK}', stack).replace('{GIT_CONTEXT}', gitCtx);
 
     const client = new OpenAI({ apiKey });
     let response;

package/src/adapters/review-engine/gemini.ts

@@ -14,7 +14,7 @@ const COST_PER_M_OUTPUT = 10.0;
 const PROMPT_TEMPLATE = `You are a senior software architect reviewing code changes for quality, security, and correctness.
 
 The codebase context:
-{STACK}
+{STACK}{GIT_CONTEXT}
 
 Please review the following:
 
@@ -64,7 +64,8 @@ export const geminiAdapter: ReviewEngine = {
 
     const model = (input.context as Record<string, unknown> | undefined)?.['model'] as string | undefined ?? DEFAULT_MODEL;
     const stack = input.context?.stack ?? 'A web application — stack details unspecified.';
-    const prompt = PROMPT_TEMPLATE.replace('{STACK}', stack).replace('{CONTENT}', input.content);
+    const gitCtx = input.context?.gitSummary ? `\n\nChange context: ${input.context.gitSummary}` : '';
+    const prompt = PROMPT_TEMPLATE.replace('{STACK}', stack).replace('{GIT_CONTEXT}', gitCtx).replace('{CONTENT}', input.content);
 
     const genAI = new GoogleGenerativeAI(apiKey);
     const genModel = genAI.getGenerativeModel({

package/src/adapters/review-engine/openai-compatible.ts

@@ -9,7 +9,7 @@ const MAX_OUTPUT_TOKENS = 4096;
 const SYSTEM_PROMPT_TEMPLATE = `You are a senior software architect reviewing code changes for quality, security, and correctness.
 
 The codebase context:
-{STACK}
+{STACK}{GIT_CONTEXT}
 
 Provide structured feedback in exactly this format:
 
@@ -63,7 +63,8 @@ export const openaiCompatibleAdapter: ReviewEngine = {
     }
 
     const stack = input.context?.stack ?? 'A web application — stack details unspecified.';
-    const systemPrompt = SYSTEM_PROMPT_TEMPLATE.replace('{STACK}', stack);
+    const gitCtx = input.context?.gitSummary ? `\n\nChange context: ${input.context.gitSummary}` : '';
+    const systemPrompt = SYSTEM_PROMPT_TEMPLATE.replace('{STACK}', stack).replace('{GIT_CONTEXT}', gitCtx);
     const client = new OpenAI({ apiKey, ...(baseURL ? { baseURL } : {}) });
 
     let response: OpenAI.Chat.ChatCompletion;

package/src/adapters/review-engine/types.ts

@@ -4,7 +4,7 @@ import type { Finding } from '../../core/findings/types.ts';
 export interface ReviewInput {
   content: string;
   kind: 'spec' | 'pr-diff' | 'file-batch';
-  context?: { spec?: string; plan?: string; stack?: string; cwd?: string };
+  context?: { spec?: string; plan?: string; stack?: string; cwd?: string; gitSummary?: string };
 }
 
 export interface ReviewOutput {

package/src/cli/run.ts

@@ -33,6 +33,10 @@ import type { AutopilotConfig } from '../core/config/types.ts';
 import { fileURLToPath } from 'node:url';
 import { toSarif } from '../formatters/sarif.ts';
 import { emitAnnotations } from '../formatters/github-annotations.ts';
+import { detectStack } from '../core/detect/stack.ts';
+import { detectProtectedPaths } from '../core/detect/protected-paths.ts';
+import { detectGitContext } from '../core/detect/git-context.ts';
+import { detectProject } from './detector.ts';
 
 function readToolVersion(): string {
   const pkgPath = path.join(path.dirname(fileURLToPath(import.meta.url)), '../../package.json');
@@ -92,6 +96,27 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
     return 1;
   }
 
+  // Fill in missing config fields from auto-detection (track what was auto-detected for logging)
+  const autoDetected: string[] = [];
+
+  if (!config.stack) {
+    const detected = detectStack(cwd);
+    if (detected) { config = { ...config, stack: detected }; autoDetected.push(`stack: ${detected}`); }
+  }
+  if (!config.protectedPaths || config.protectedPaths.length === 0) {
+    const detected = detectProtectedPaths(cwd);
+    if (detected.length > 0) {
+      config = { ...config, protectedPaths: detected };
+      autoDetected.push(`protected: ${detected.slice(0, 3).join(', ')}${detected.length > 3 ? ` +${detected.length - 3} more` : ''}`);
+    }
+  }
+  if (config.testCommand === undefined) {
+    const detected = detectProject(cwd).testCommand;
+    config = { ...config, testCommand: detected };
+    autoDetected.push(`test: ${detected}`);
+  }
+  const gitCtx = detectGitContext(cwd);
+
   // Resolve touched files
   const touchedFiles = options.files ?? resolveGitTouchedFiles({ cwd, base: options.base });
   if (touchedFiles.length === 0) {
@@ -102,6 +127,12 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
 
   console.log(`\n${fmt('bold', '[autopilot run]')} ${fmt('dim', configPath)}`);
   console.log(`${fmt('dim', `  ${touchedFiles.length} changed file(s):`)} ${touchedFiles.slice(0, 5).join(', ')}${touchedFiles.length > 5 ? ` … +${touchedFiles.length - 5} more` : ''}`);
+  if (gitCtx.summary) {
+    console.log(fmt('dim', `  ${gitCtx.summary}`));
+  }
+  if (autoDetected.length > 0) {
+    console.log(fmt('dim', `  auto-detected: ${autoDetected.join(' | ')}`));
+  }
 
   if (options.dryRun) {
     console.log(fmt('yellow', '\n[run] Dry run — skipping pipeline execution.\n'));
@@ -141,6 +172,7 @@ export async function runCommand(options: RunCommandOptions = {}): Promise<numbe
     reviewEngine,
     staticRules,
     cwd,
+    gitSummary: gitCtx.summary ?? undefined,
   };
 
   console.log('');

package/src/core/detect/git-context.ts

@@ -0,0 +1,27 @@
+import { runSafe } from '../shell.ts';
+
+export interface GitContext {
+  branch: string | null;
+  commitMessage: string | null;
+  /** Short summary suitable for injecting into a review prompt */
+  summary: string | null;
+}
+
+/**
+ * Reads branch name and last commit message from git. Returns nulls gracefully
+ * if git is unavailable or the repo has no commits.
+ */
+export function detectGitContext(cwd: string): GitContext {
+  const branch = runSafe('git', ['-C', cwd, 'rev-parse', '--abbrev-ref', 'HEAD'])?.trim() ?? null;
+  const commitMessage = runSafe('git', ['-C', cwd, 'log', '-1', '--format=%s'])?.trim() ?? null;
+
+  let summary: string | null = null;
+  if (branch || commitMessage) {
+    const parts: string[] = [];
+    if (branch && branch !== 'HEAD') parts.push(`branch: ${branch}`);
+    if (commitMessage) parts.push(`last commit: ${commitMessage}`);
+    summary = parts.join(' | ');
+  }
+
+  return { branch, commitMessage, summary };
+}

package/src/core/detect/protected-paths.ts

@@ -0,0 +1,63 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+
+interface MigrationSignal {
+  glob: string;
+  check: (cwd: string) => boolean;
+}
+
+const MIGRATION_SIGNALS: MigrationSignal[] = [
+  { glob: 'data/deltas/**',           check: c => fs.existsSync(path.join(c, 'data', 'deltas')) },
+  { glob: 'migrations/**',            check: c => fs.existsSync(path.join(c, 'migrations')) },
+  { glob: 'db/migrate/**',            check: c => fs.existsSync(path.join(c, 'db', 'migrate')) },
+  { glob: 'database/migrations/**',   check: c => fs.existsSync(path.join(c, 'database', 'migrations')) },
+  { glob: 'prisma/migrations/**',     check: c => fs.existsSync(path.join(c, 'prisma', 'migrations')) },
+  { glob: 'alembic/versions/**',      check: c => fs.existsSync(path.join(c, 'alembic', 'versions')) },
+  { glob: 'flyway/**',                check: c => fs.existsSync(path.join(c, 'flyway')) },
+  // *.sql is handled below via readdirSync
+];
+
+const SCHEMA_FILES = [
+  'prisma/schema.prisma',
+  'schema.prisma',
+  'schema.sql',
+  'db/schema.rb',
+  'config/schema.xml',
+];
+
+const INFRA_SIGNALS: Array<{ glob: string; check: (cwd: string) => boolean }> = [
+  { glob: 'terraform/**',      check: c => fs.existsSync(path.join(c, 'terraform')) },
+  { glob: 'infra/**',          check: c => fs.existsSync(path.join(c, 'infra')) },
+  { glob: '.github/workflows/**', check: c => fs.existsSync(path.join(c, '.github', 'workflows')) },
+  { glob: 'k8s/**',            check: c => fs.existsSync(path.join(c, 'k8s')) },
+  { glob: 'helm/**',           check: c => fs.existsSync(path.join(c, 'helm')) },
+];
+
+/**
+ * Scans the project for migration directories, schema files, and infra configs
+ * and returns glob patterns suitable for `protectedPaths`.
+ */
+export function detectProtectedPaths(cwd: string): string[] {
+  const found = new Set<string>();
+
+  for (const sig of MIGRATION_SIGNALS) {
+    if (sig.check(cwd)) found.add(sig.glob);
+  }
+
+  // Root-level .sql files
+  try {
+    if (fs.readdirSync(cwd).some(f => f.endsWith('.sql'))) found.add('*.sql');
+  } catch { /* ignore */ }
+
+  for (const rel of SCHEMA_FILES) {
+    if (fs.existsSync(path.join(cwd, rel))) {
+      found.add(rel.includes('/') ? rel.split('/')[0] + '/**' : rel);
+    }
+  }
+
+  for (const sig of INFRA_SIGNALS) {
+    if (sig.check(cwd)) found.add(sig.glob);
+  }
+
+  return Array.from(found).sort();
+}

package/src/core/detect/stack.ts

@@ -0,0 +1,153 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+
+function readJson(p: string): Record<string, unknown> | null {
+  try { return JSON.parse(fs.readFileSync(p, 'utf8')); } catch { return null; }
+}
+
+function fileContains(p: string, needle: string): boolean {
+  try { return fs.readFileSync(p, 'utf8').includes(needle); } catch { return false; }
+}
+
+function readFile(p: string): string {
+  try { return fs.readFileSync(p, 'utf8'); } catch { return ''; }
+}
+
+function version(deps: Record<string, string>, name: string): string | null {
+  const v = deps[name];
+  if (!v) return null;
+  return v.replace(/^[\^~>=<\s]+/, '').split('.')[0] ?? null;
+}
+
+/**
+ * Infers a human-readable stack description from project files.
+ * Returns null if nothing definitive is found (caller should omit from prompt).
+ */
+export function detectStack(cwd: string): string | null {
+  // Go
+  const goMod = path.join(cwd, 'go.mod');
+  if (fs.existsSync(goMod)) {
+    const content = readFile(goMod);
+    const parts = ['Go'];
+    if (content.includes('gin-gonic/gin')) parts.push('Gin');
+    else if (content.includes('labstack/echo')) parts.push('Echo');
+    else if (content.includes('gofiber/fiber')) parts.push('Fiber');
+    else if (content.includes('go-chi/chi')) parts.push('Chi');
+    if (content.includes('database/sql') || content.includes('sqlx') || content.includes('pgx')) parts.push('PostgreSQL');
+    if (content.includes('gorm.io')) parts.push('GORM');
+    if (content.includes('redis')) parts.push('Redis');
+    return parts.join(' + ');
+  }
+
+  // Rust
+  const cargoToml = path.join(cwd, 'Cargo.toml');
+  if (fs.existsSync(cargoToml)) {
+    const content = readFile(cargoToml);
+    const parts = ['Rust'];
+    if (content.includes('actix-web')) parts.push('Actix-Web');
+    else if (content.includes('axum')) parts.push('Axum');
+    else if (content.includes('warp')) parts.push('Warp');
+    if (content.includes('sqlx') || content.includes('diesel')) parts.push('PostgreSQL');
+    if (content.includes('serde')) parts.push('Serde');
+    if (content.includes('tokio')) parts.push('Tokio async');
+    return parts.join(' + ');
+  }
+
+  // Ruby / Rails
+  const gemfile = path.join(cwd, 'Gemfile');
+  if (fs.existsSync(gemfile)) {
+    const content = readFile(gemfile);
+    const parts: string[] = [];
+    if (content.includes("'rails'") || content.includes('"rails"')) parts.push('Ruby on Rails');
+    else if (content.includes("'sinatra'") || content.includes('"sinatra"')) parts.push('Sinatra');
+    else parts.push('Ruby');
+    if (content.includes('pg') || content.includes('postgresql')) parts.push('PostgreSQL');
+    else if (content.includes('mysql')) parts.push('MySQL');
+    else if (content.includes('sqlite')) parts.push('SQLite');
+    if (content.includes('rspec')) parts.push('RSpec');
+    if (content.includes('sidekiq')) parts.push('Sidekiq');
+    return parts.join(' + ');
+  }
+
+  // Python
+  const reqTxt = path.join(cwd, 'requirements.txt');
+  const pyproject = path.join(cwd, 'pyproject.toml');
+  const hasFastapi = fileContains(reqTxt, 'fastapi') || fileContains(pyproject, 'fastapi');
+  const hasDjango  = fileContains(reqTxt, 'django')  || fileContains(pyproject, 'django');
+  const hasFlask   = fileContains(reqTxt, 'flask')   || fileContains(pyproject, 'flask');
+  if (hasFastapi || hasDjango || hasFlask || fs.existsSync(reqTxt) || fs.existsSync(pyproject)) {
+    const parts: string[] = [];
+    if (hasFastapi) parts.push('FastAPI');
+    else if (hasDjango) parts.push('Django');
+    else if (hasFlask) parts.push('Flask');
+    else parts.push('Python');
+    const combined = readFile(reqTxt) + readFile(pyproject);
+    if (combined.includes('sqlalchemy') || combined.includes('SQLAlchemy')) parts.push('SQLAlchemy');
+    if (combined.includes('postgresql') || combined.includes('psycopg')) parts.push('PostgreSQL');
+    if (combined.includes('pydantic')) parts.push('Pydantic');
+    if (combined.includes('celery')) parts.push('Celery');
+    return parts.join(' + ');
+  }
+
+  // Node / JS / TS
+  const pkgPath = path.join(cwd, 'package.json');
+  if (!fs.existsSync(pkgPath)) return null;
+  const pkg = readJson(pkgPath);
+  if (!pkg) return null;
+
+  const deps: Record<string, string> = {
+    ...(pkg['dependencies'] as Record<string, string> ?? {}),
+    ...(pkg['devDependencies'] as Record<string, string> ?? {}),
+  };
+
+  const parts: string[] = [];
+  const isTs = 'typescript' in deps || fs.existsSync(path.join(cwd, 'tsconfig.json'));
+
+  // Framework
+  if ('next' in deps) {
+    const v = version(deps, 'next');
+    parts.push(v ? `Next.js ${v}` : 'Next.js');
+  } else if ('nuxt' in deps || 'nuxt3' in deps) {
+    parts.push('Nuxt');
+  } else if ('remix' in deps || '@remix-run/react' in deps) {
+    parts.push('Remix');
+  } else if ('astro' in deps) {
+    parts.push('Astro');
+  } else if ('express' in deps) {
+    parts.push('Express');
+  } else if ('fastify' in deps) {
+    parts.push('Fastify');
+  } else if ('hono' in deps) {
+    parts.push('Hono');
+  } else if ('react' in deps) {
+    parts.push('React');
+  } else if ('vue' in deps) {
+    parts.push('Vue');
+  } else if ('svelte' in deps || '@sveltejs/kit' in deps) {
+    parts.push('SvelteKit');
+  }
+
+  // Database / ORM
+  if ('@supabase/supabase-js' in deps) parts.push('Supabase');
+  if ('prisma' in deps || '@prisma/client' in deps) parts.push('Prisma');
+  if ('drizzle-orm' in deps) parts.push('Drizzle');
+  if ('typeorm' in deps) parts.push('TypeORM');
+  if ('mongoose' in deps) parts.push('MongoDB');
+
+  // Meta-frameworks / routers
+  if ('@trpc/server' in deps) parts.push('tRPC');
+  if ('graphql' in deps && ('apollo-server' in deps || '@apollo/server' in deps)) parts.push('GraphQL/Apollo');
+
+  // Auth
+  if ('next-auth' in deps || '@auth/core' in deps) parts.push('NextAuth');
+  if ('clerk' in deps || '@clerk/nextjs' in deps) parts.push('Clerk');
+
+  // UI
+  if ('tailwindcss' in deps) parts.push('Tailwind CSS');
+
+  // Language suffix
+  if (isTs) parts.push('TypeScript');
+
+  if (parts.length === 0) return null;
+  return parts.join(' + ');
+}

package/src/core/pipeline/review-phase.ts

@@ -17,6 +17,7 @@ export interface ReviewPhaseInput {
   engine: ReviewEngine;
   config: AutopilotConfig;
   cwd?: string;
+  gitSummary?: string;
   budgetRemainingUSD?: number;
 }
 
@@ -49,7 +50,7 @@ export async function runReviewPhase(input: ReviewPhaseInput): Promise<ReviewPha
     const output = await input.engine.review({
       content: chunk.content,
       kind: chunk.kind,
-      context: { stack: input.config.stack, cwd: input.cwd },
+      context: { stack: input.config.stack, cwd: input.cwd, gitSummary: input.gitSummary },
     });
     allFindings.push(...output.findings);
     if (output.usage) {

package/src/core/pipeline/run.ts

@@ -17,6 +17,7 @@ export interface RunInput {
   reviewEngine?: ReviewEngine;
   staticRules?: StaticRule[];
   cwd?: string;
+  gitSummary?: string;
 }
 
 export interface RunResult {
@@ -59,6 +60,7 @@ export async function runAutopilot(input: RunInput): Promise<RunResult> {
       engine: input.reviewEngine,
       config: input.config,
       cwd: input.cwd,
+      gitSummary: input.gitSummary,
       budgetRemainingUSD: budgetUSD,
     });
     phases.push(reviewResult);