@delegance/claude-autopilot 5.0.0 → 5.0.2

package/src/cli/migrate-v4.ts

@@ -1,388 +0,0 @@
-/**
- * `claude-autopilot migrate-v4` — codemod for v4 → v5 rename.
- *
- * Scans a repo for @delegance/guardrail + guardrail CLI references and proposes
- * replacements. Writes with `--write`, restores from manifest with `--undo`.
- *
- * Mutation rules (per codex review of alpha.3 spec):
- *   - package.json: updates dependencies, devDependencies, optionalDependencies,
- *     peerDependencies. Preserves key ordering within each section. Preserves
- *     semver operator shape (^/~/>=/exact) — only rewrites the package name and
- *     bumps to ^5.0.0-alpha.
- *   - Shell scripts, Makefiles, workflow yaml, Dockerfiles: word-boundary match
- *     on `guardrail <verb>` → `claude-autopilot <verb>`, and
- *     `@delegance/guardrail` → `@delegance/claude-autopilot`.
- *   - package-lock.json: NOT touched (regenerated by npm install).
- *
- * --undo reads `.claude-autopilot/migrate-v4-manifest.json` and restores files
- * by sha256 match. Rejects restoration if the current file differs from the
- * backup's post-write hash, preventing clobber of user edits.
- */
-
-import * as fs from 'node:fs';
-import * as path from 'node:path';
-import * as crypto from 'node:crypto';
-
-export interface MigrateV4Options {
-  cwd?: string;
-  write?: boolean;
-  undo?: boolean;
-  path?: string;
-}
-
-interface Replacement {
-  pattern: RegExp;
-  replace: (match: string, ...groups: string[]) => string;
-  description: string;
-}
-
-interface FileResult {
-  path: string;
-  relPath: string;
-  replacements: number;
-  preview: string[];
-}
-
-interface ManifestEntry {
-  path: string;
-  beforeSha256: string;
-  afterSha256: string;
-  backupPath: string;
-  timestamp: string;
-}
-
-const MANIFEST_DIR = '.claude-autopilot';
-const MANIFEST_NAME = 'migrate-v4-manifest.json';
-
-// File patterns to scan. Glob-like but hand-rolled — no dep on minimatch for this path.
-const INCLUDE_EXTENSIONS = new Set([
-  '.sh', '.bash', '.zsh', '.fish', '.mk', '.yml', '.yaml', '.json', '.toml', '.md',
-]);
-const INCLUDE_FILENAMES = new Set([
-  'Makefile', 'Dockerfile', 'dockerfile', 'package.json',
-  '.pre-commit-config.yaml', '.pre-commit-hooks.yaml', '.husky',
-]);
-
-// Lockfiles are explicitly skipped — text substitution would corrupt their
-// internal structure (resolved URLs, integrity hashes, peer-dep graphs).
-// Users regenerate them via `npm install` after the migrate completes.
-const SKIP_FILENAMES = new Set([
-  'package-lock.json',
-  'npm-shrinkwrap.json',
-  'pnpm-lock.yaml',
-  'yarn.lock',
-  'bun.lockb',
-  'bun.lock',
-]);
-
-const SKIP_DIRS = new Set([
-  'node_modules', '.git', 'dist', 'build', '.next', '.nuxt', 'out',
-  'coverage', '__pycache__', '.venv', 'venv', '.turbo',
-  MANIFEST_DIR, // don't mutate our own manifest
-]);
-
-const VERBS = 'run|scan|ci|setup|doctor|init|fix|baseline|explain|ignore|costs|watch|hook|autoregress|triage|pr-desc|council|report|test-gen|mcp|lsp|worker|pr|preflight';
-
-const TEXT_REPLACEMENTS: Replacement[] = [
-  // Package name with version suffix (`@delegance/guardrail@^4`, `@delegance/guardrail@4.3.1`)
-  // MUST run before the bare-name rule. Replaces the entire spec with
-  // `@delegance/claude-autopilot@alpha` — the old `^4` / `4.3.1` ranges don't
-  // resolve against the new package (it starts at 5.0.0).
-  {
-    pattern: /@delegance\/guardrail@[^\s"'`,)\]}]+/g,
-    replace: () => '@delegance/claude-autopilot@alpha',
-    description: '@delegance/guardrail@<version> → @delegance/claude-autopilot@alpha',
-  },
-  // Bare package name (no version suffix) — used in imports, package.json keys,
-  // prose references. Preserves surrounding context.
-  {
-    pattern: /@delegance\/guardrail\b/g,
-    replace: () => '@delegance/claude-autopilot',
-    description: '@delegance/guardrail → @delegance/claude-autopilot',
-  },
-  // `npx guardrail <verb>` / `pnpm dlx guardrail <verb>` / `yarn dlx guardrail <verb>`.
-  // These must run BEFORE the bare `guardrail <verb>` pattern below so the package-
-  // name `guardrail` inside `npx` is replaced as a unit with its wrapper tool.
-  {
-    pattern: new RegExp(
-      `((?:^|\\s)(?:npx|pnpm\\s+dlx|yarn\\s+dlx|bunx)\\s+)guardrail(\\s+)(${VERBS})\\b`,
-      'g',
-    ),
-    replace: (_m, wrapper, ws, verb) => `${wrapper}@delegance/claude-autopilot@alpha${ws}${verb}`,
-    description: 'npx/pnpm dlx/yarn dlx guardrail <verb> → ... @delegance/claude-autopilot@alpha <verb>',
-  },
-  // `guardrail <verb>` on its own line or after whitespace/punctuation
-  {
-    pattern: new RegExp(`(^|[\\s\`"'(])guardrail(\\s+)(${VERBS})\\b`, 'g'),
-    replace: (_m, lead, ws, verb) => `${lead}claude-autopilot${ws}${verb}`,
-    description: '`guardrail <verb>` → `claude-autopilot <verb>`',
-  },
-  // Quoted `"guardrail"` in argv-style arrays — Dockerfile CMD, exec args, etc.
-  {
-    pattern: new RegExp(
-      `(["'])guardrail(["'])(\\s*,\\s*)(["'])(${VERBS})\\b`,
-      'g',
-    ),
-    replace: (_m, q1, q2, sep, q3, verb) => `${q1}claude-autopilot${q2}${sep}${q3}${verb}`,
-    description: '`"guardrail", "<verb>"` → `"claude-autopilot", "<verb>"`',
-  },
-];
-
-// package.json needs JSON-aware handling for the dependency keys (to preserve
-// semver operators and section structure), plus text replacements on the rest
-// of the file (for scripts, bin references, etc).
-function migratePackageJson(content: string): { updated: string; count: number } {
-  let pkg: Record<string, unknown>;
-  try {
-    pkg = JSON.parse(content) as Record<string, unknown>;
-  } catch {
-    return applyTextReplacements(content);
-  }
-
-  let count = 0;
-  for (const section of ['dependencies', 'devDependencies', 'optionalDependencies', 'peerDependencies']) {
-    const deps = pkg[section] as Record<string, string> | undefined;
-    if (deps && typeof deps === 'object' && '@delegance/guardrail' in deps) {
-      const oldRange = deps['@delegance/guardrail']!;
-      const m = oldRange.match(/^(\^|~|>=|<=|>|<|=)?/);
-      const operator = (m && m[1]) ?? '';
-      // Rebuild the deps object preserving key order — substitute the old key
-      // in place with the new one. Straight `delete` + reassign would append
-      // the renamed dep at the end of its section, producing noisy diffs.
-      const rebuilt: Record<string, string> = {};
-      for (const [key, value] of Object.entries(deps)) {
-        if (key === '@delegance/guardrail') {
-          rebuilt['@delegance/claude-autopilot'] = `${operator}5.0.0-alpha`;
-        } else {
-          rebuilt[key] = value;
-        }
-      }
-      pkg[section] = rebuilt;
-      count++;
-    }
-  }
-
-  const indent = detectJsonIndent(content);
-  const newline = content.endsWith('\n') ? '\n' : '';
-  const rewritten = JSON.stringify(pkg, null, indent) + newline;
-
-  // Text replacements on the stringified form — catches `guardrail <verb>` in
-  // scripts, bin paths, and any other embedded CLI invocation.
-  const { updated, count: textCount } = applyTextReplacements(rewritten);
-  return { updated, count: count + textCount };
-}
-
-function detectJsonIndent(source: string): number | string {
-  const m = source.match(/\n( +)"/);
-  if (m && m[1]) return m[1].length;
-  return 2;
-}
-
-function applyTextReplacements(content: string): { updated: string; count: number } {
-  let updated = content;
-  let count = 0;
-  for (const r of TEXT_REPLACEMENTS) {
-    updated = updated.replace(r.pattern, (...args) => {
-      count++;
-      return r.replace(args[0], ...args.slice(1, args.length - 2));
-    });
-  }
-  return { updated, count };
-}
-
-function shouldProcessFile(filePath: string): boolean {
-  const base = path.basename(filePath);
-  if (SKIP_FILENAMES.has(base)) return false;
-  const ext = path.extname(filePath);
-  if (INCLUDE_FILENAMES.has(base)) return true;
-  if (INCLUDE_EXTENSIONS.has(ext)) return true;
-  return false;
-}
-
-function collectFiles(root: string): string[] {
-  const out: string[] = [];
-  function walk(dir: string): void {
-    let entries: fs.Dirent[];
-    try {
-      entries = fs.readdirSync(dir, { withFileTypes: true });
-    } catch { return; }
-    for (const entry of entries) {
-      const full = path.join(dir, entry.name);
-      if (entry.isDirectory()) {
-        if (SKIP_DIRS.has(entry.name)) continue;
-        walk(full);
-      } else if (entry.isFile() && shouldProcessFile(full)) {
-        out.push(full);
-      }
-    }
-  }
-  walk(root);
-  return out;
-}
-
-function sha256(content: string): string {
-  return crypto.createHash('sha256').update(content).digest('hex');
-}
-
-function processFile(file: string): { replacements: number; original: string; updated: string; preview: string[] } {
-  const original = fs.readFileSync(file, 'utf8');
-  const { updated, count } = path.basename(file) === 'package.json'
-    ? migratePackageJson(original)
-    : applyTextReplacements(original);
-  if (count === 0) return { replacements: 0, original, updated: original, preview: [] };
-  const preview = diffPreview(original, updated);
-  return { replacements: count, original, updated, preview };
-}
-
-function diffPreview(before: string, after: string): string[] {
-  const preview: string[] = [];
-  const beforeLines = before.split('\n');
-  const afterLines = after.split('\n');
-  const maxLines = Math.max(beforeLines.length, afterLines.length);
-  for (let i = 0; i < maxLines && preview.length < 10; i++) {
-    const b = beforeLines[i] ?? '';
-    const a = afterLines[i] ?? '';
-    if (b !== a) {
-      if (b) preview.push(`  - ${b.trim().slice(0, 100)}`);
-      if (a) preview.push(`  + ${a.trim().slice(0, 100)}`);
-    }
-  }
-  return preview;
-}
-
-export async function runMigrateV4(options: MigrateV4Options = {}): Promise<number> {
-  const cwd = options.cwd ?? options.path ?? process.cwd();
-
-  if (options.undo) return runUndo(cwd);
-
-  const files = collectFiles(cwd);
-  const results: FileResult[] = [];
-  let totalReplacements = 0;
-
-  const manifest: ManifestEntry[] = [];
-
-  for (const file of files) {
-    const { replacements, original, updated, preview } = processFile(file);
-    if (replacements === 0) continue;
-    results.push({
-      path: file,
-      relPath: path.relative(cwd, file),
-      replacements,
-      preview,
-    });
-    totalReplacements += replacements;
-
-    if (options.write) {
-      // Reuse `original` from processFile — avoids a second read + prevents any
-      // chance of `beforeSha256` diverging from what the transformation actually
-      // consumed if the file changed mid-scan.
-      const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
-      const backupPath = `${file}.v4-backup.${timestamp}`;
-      fs.writeFileSync(backupPath, original);
-      fs.writeFileSync(file, updated);
-      manifest.push({
-        path: file,
-        beforeSha256: sha256(original),
-        afterSha256: sha256(updated),
-        backupPath,
-        timestamp,
-      });
-    }
-  }
-
-  // Emit report
-  console.log(`\n\x1b[1m[migrate-v4] ${options.write ? 'Writing' : 'Dry-run — scanning'} ${cwd}\x1b[0m\n`);
-  if (results.length === 0) {
-    console.log('  No v4 references found.');
-    return 0;
-  }
-  for (const r of results) {
-    console.log(`  \x1b[32m${r.replacements}\x1b[0m  ${r.relPath}`);
-    for (const line of r.preview.slice(0, 4)) console.log(`        \x1b[2m${line}\x1b[0m`);
-  }
-  console.log(`\n  ─────────────────────────────`);
-  console.log(`  ${totalReplacements} replacements across ${results.length} files`);
-
-  if (options.write) {
-    const manifestDir = path.join(cwd, MANIFEST_DIR);
-    fs.mkdirSync(manifestDir, { recursive: true });
-    const manifestPath = path.join(manifestDir, MANIFEST_NAME);
-    fs.writeFileSync(manifestPath, JSON.stringify({
-      migratedAt: new Date().toISOString(),
-      from: '@delegance/guardrail',
-      to: '@delegance/claude-autopilot',
-      entries: manifest,
-    }, null, 2));
-    console.log(`\n  \x1b[32m✓\x1b[0m  Applied. Manifest: ${path.relative(cwd, manifestPath)}`);
-    console.log(`       Backup files suffix: .v4-backup.<timestamp>`);
-    console.log(`       Restore: claude-autopilot migrate-v4 --undo`);
-    console.log(`\n  Next: run \`npm install\` to sync package-lock.json.`);
-  } else {
-    console.log(`\n  Run with \x1b[36m--write\x1b[0m to apply (with .v4-backup files + restore manifest).`);
-  }
-  return 0;
-}
-
-function runUndo(cwd: string): number {
-  const manifestPath = path.join(cwd, MANIFEST_DIR, MANIFEST_NAME);
-  if (!fs.existsSync(manifestPath)) {
-    console.error(`[migrate-v4] No manifest at ${manifestPath}. Nothing to undo.`);
-    return 1;
-  }
-  const raw = JSON.parse(fs.readFileSync(manifestPath, 'utf8')) as {
-    migratedAt: string;
-    from: string;
-    to: string;
-    entries: ManifestEntry[];
-  };
-  const restored: ManifestEntry[] = [];
-  const pending: ManifestEntry[] = [];
-
-  for (const entry of raw.entries) {
-    if (!fs.existsSync(entry.path)) {
-      console.error(`  \x1b[33m!\x1b[0m  ${path.relative(cwd, entry.path)} missing — skipping`);
-      pending.push(entry);
-      continue;
-    }
-    if (!fs.existsSync(entry.backupPath)) {
-      console.error(`  \x1b[33m!\x1b[0m  backup missing for ${path.relative(cwd, entry.path)} — skipping`);
-      pending.push(entry);
-      continue;
-    }
-    const currentHash = sha256(fs.readFileSync(entry.path, 'utf8'));
-    if (currentHash !== entry.afterSha256) {
-      console.error(`  \x1b[33m!\x1b[0m  ${path.relative(cwd, entry.path)} modified since migrate — refusing to overwrite`);
-      console.error(`        expected sha256=${entry.afterSha256.slice(0, 8)}, got ${currentHash.slice(0, 8)}`);
-      pending.push(entry);
-      continue;
-    }
-    const backup = fs.readFileSync(entry.backupPath, 'utf8');
-    if (sha256(backup) !== entry.beforeSha256) {
-      console.error(`  \x1b[33m!\x1b[0m  backup ${path.relative(cwd, entry.backupPath)} tampered — skipping`);
-      pending.push(entry);
-      continue;
-    }
-    fs.writeFileSync(entry.path, backup);
-    fs.unlinkSync(entry.backupPath);
-    console.log(`  \x1b[32m✓\x1b[0m  ${path.relative(cwd, entry.path)}`);
-    restored.push(entry);
-  }
-
-  // Preserve manifest when any entries remain pending so --undo can be re-run
-  // after the user resolves the blocker (restored their edits, fixed backup, etc).
-  if (pending.length > 0) {
-    fs.writeFileSync(manifestPath, JSON.stringify({
-      ...raw,
-      entries: pending,
-    }, null, 2));
-    console.log(
-      `\n  Restored ${restored.length}, ${pending.length} pending. ` +
-      `Manifest retained at ${path.relative(cwd, manifestPath)} — re-run --undo after resolving issues.`,
-    );
-    return 1;
-  }
-
-  fs.unlinkSync(manifestPath);
-  console.log(`\n  Restored ${restored.length}, skipped 0.`);
-  return 0;
-}

package/src/cli/pr-comment.ts

@@ -1,139 +0,0 @@
-import { runSafe } from '../core/shell.ts';
-import type { RunResult } from '../core/pipeline/run.ts';
-import type { GuardrailConfig } from '../core/config/types.ts';
-import type { GitContext } from '../core/detect/git-context.ts';
-import { readFileSync } from 'node:fs';
-import { join } from 'node:path';
-import { findPackageRoot } from './_pkg-root.ts';
-
-const COMMENT_MARKER = '<!-- guardrail-review -->';
-
-function readVersion(): string {
-  try {
-    const root = findPackageRoot(import.meta.url);
-    if (!root) return 'unknown';
-    const pkgPath = join(root, 'package.json');
-    return (JSON.parse(readFileSync(pkgPath, 'utf8')) as { version: string }).version;
-  } catch { return 'unknown'; }
-}
-
-/** Detect the current open PR number via gh CLI or CI env vars. */
-export function detectPrNumber(cwd: string): number | null {
-  // CI env vars set by GitHub Actions
-  const fromEnv = process.env.PR_NUMBER ?? process.env.GH_PR_NUMBER ?? process.env.GITHUB_PR_NUMBER;
-  if (fromEnv && /^\d+$/.test(fromEnv)) return parseInt(fromEnv, 10);
-
-  // gh CLI — works locally and in CI when gh is authenticated
-  const raw = runSafe('gh', ['pr', 'view', '--json', 'number', '--jq', '.number'], { cwd });
-  if (raw) {
-    const n = parseInt(raw.trim(), 10);
-    if (!isNaN(n)) return n;
-  }
-  return null;
-}
-
-/** Find the ID of a previously-posted autopilot comment, if any. */
-function findExistingCommentId(pr: number, cwd: string): number | null {
-  const raw = runSafe('gh', ['api', `repos/{owner}/{repo}/issues/${pr}/comments`,
-    '--jq', `[.[] | select(.body | startswith("${COMMENT_MARKER}")) | .id] | first`], { cwd });
-  if (!raw) return null;
-  const n = parseInt(raw.trim(), 10);
-  return isNaN(n) ? null : n;
-}
-
-/** Format a RunResult into a markdown PR comment. */
-export function formatComment(
-  result: RunResult,
-  config: GuardrailConfig,
-  gitCtx: GitContext,
-  touchedFileCount: number,
-): string {
-  const statusIcon = result.status === 'pass' ? '✅' : result.status === 'warn' ? '⚠️' : '❌';
-  const statusLabel = result.status === 'pass' ? 'Passed' : result.status === 'warn' ? 'Passed with warnings' : 'Failed';
-
-  const lines: string[] = [
-    COMMENT_MARKER,
-    `## ${statusIcon} Autopilot Review — ${statusLabel}`,
-    '',
-  ];
-
-  // Context line
-  const ctx: string[] = [];
-  if (config.stack) ctx.push(`**Stack:** ${config.stack}`);
-  if (gitCtx.branch) ctx.push(`**Branch:** \`${gitCtx.branch}\``);
-  if (gitCtx.commitMessage) ctx.push(`**Commit:** ${gitCtx.commitMessage}`);
-  ctx.push(`**Files reviewed:** ${touchedFileCount}`);
-  lines.push(ctx.join(' · '), '');
-
-  // Phase table
-  lines.push('| Phase | Status | Findings |');
-  lines.push('|---|:---:|:---:|');
-  for (const phase of result.phases) {
-    const icon = phase.status === 'pass' ? '✅' : phase.status === 'skip' ? '—' :
-                 phase.status === 'warn' ? '⚠️' : '❌';
-    lines.push(`| ${phase.phase} | ${icon} | ${phase.findings.length} |`);
-  }
-  lines.push('');
-
-  // Findings by severity
-  const critical = result.allFindings.filter(f => f.severity === 'critical');
-  const warnings = result.allFindings.filter(f => f.severity === 'warning');
-  const notes    = result.allFindings.filter(f => f.severity === 'note');
-
-  if (critical.length > 0) {
-    lines.push('### 🚨 Critical');
-    for (const f of critical) {
-      const loc = f.file !== '<unspecified>' ? `\`${f.file}${f.line ? `:${f.line}` : ''}\` — ` : '';
-      lines.push(`- ${loc}${f.message}`);
-      if (f.suggestion) lines.push(`  > ${f.suggestion}`);
-    }
-    lines.push('');
-  }
-
-  if (warnings.length > 0) {
-    lines.push('### ⚠️ Warnings');
-    for (const f of warnings) {
-      const loc = f.file !== '<unspecified>' ? `\`${f.file}${f.line ? `:${f.line}` : ''}\` — ` : '';
-      lines.push(`- ${loc}${f.message}`);
-      if (f.suggestion) lines.push(`  > ${f.suggestion}`);
-    }
-    lines.push('');
-  }
-
-  if (notes.length > 0) {
-    lines.push('<details><summary>Notes</summary>\n');
-    for (const f of notes) {
-      const loc = f.file !== '<unspecified>' ? `\`${f.file}${f.line ? `:${f.line}` : ''}\` — ` : '';
-      lines.push(`- ${loc}${f.message}`);
-    }
-    lines.push('\n</details>\n');
-  }
-
-  if (result.totalCostUSD !== undefined) {
-    lines.push(`*Cost: $${result.totalCostUSD.toFixed(4)} · ${result.durationMs}ms · [@delegance/guardrail](https://github.com/axledbetter/guardrail) v${readVersion()}*`);
-  } else {
-    lines.push(`*${result.durationMs}ms · [@delegance/guardrail](https://github.com/axledbetter/guardrail) v${readVersion()}*`);
-  }
-
-  return lines.join('\n');
-}
-
-/** Post or update the autopilot comment on the given PR. */
-export async function postPrComment(
-  pr: number,
-  body: string,
-  cwd: string,
-): Promise<{ action: 'created' | 'updated'; url: string | null }> {
-  const existingId = findExistingCommentId(pr, cwd);
-
-  if (existingId) {
-    runSafe('gh', ['api', `repos/{owner}/{repo}/issues/comments/${existingId}`,
-      '--method', 'PATCH', '--field', `body=${body}`], { cwd });
-    return { action: 'updated', url: null };
-  }
-
-  const raw = runSafe('gh', ['pr', 'comment', String(pr), '--body', body], { cwd });
-  // gh outputs the comment URL on success
-  const url = raw?.trim() ?? null;
-  return { action: 'created', url };
-}

package/src/cli/pr-desc.ts

@@ -1,168 +0,0 @@
-import type { Finding } from '../core/findings/types.ts';
-import * as fs from 'node:fs';
-import { execSync, spawnSync } from 'node:child_process';
-
-export interface PrDescOptions {
-  base?: string;
-  post?: boolean;
-  yes?: boolean;
-  output?: string;
-  _gitDiff?: string;
-  _branchName?: string;
-  _cachedFindings?: Finding[];
-  _reviewEngine?: {
-    review(input: { content: string; kind: string }): Promise<{ rawOutput: string }>;
-  };
-}
-
-export interface PrDescResult {
-  title: string;
-  body: string;
-  prUrl?: string;
-}
-
-export function truncateDiff(diff: string, charLimit = 6000): string {
-  if (diff.length <= charLimit) return diff;
-  const remaining = diff.length - charLimit;
-  return `${diff.slice(0, charLimit)}[...truncated ${remaining} chars]`;
-}
-
-export function summarizeFindings(findings: Finding[], max = 10): string {
-  if (findings.length === 0) return 'None';
-  const order: Record<string, number> = { critical: 0, error: 1, warning: 2, info: 3 };
-  const sorted = [...findings].sort(
-    (a, b) => (order[a.severity] ?? 9) - (order[b.severity] ?? 9),
-  );
-  return sorted
-    .slice(0, max)
-    .map(f => `- [${f.severity.toUpperCase()}] ${f.file}:${f.line ?? '?'} — ${f.message}`)
-    .join('\n');
-}
-
-export function parseDescription(raw: string): { title: string; body: string } {
-  const titleMatch = raw.match(/^Title:\s*(.+)$/m);
-  const title = titleMatch ? titleMatch[1]!.trim() : 'chore: update';
-  const sepIdx = raw.indexOf('\n\n---\n');
-  const body = sepIdx !== -1 ? raw.slice(sepIdx + 5).trim() : raw.replace(/^Title:.*\n?/m, '').trim();
-  return { title, body };
-}
-
-export async function runPrDesc(options: PrDescOptions): Promise<PrDescResult> {
-  const branchName = options._branchName ?? getBranchName();
-  const diff = options._gitDiff ?? getGitDiff(options.base);
-
-  if (!diff.trim()) {
-    process.stdout.write('No changes detected\n');
-    return { title: 'No changes detected', body: '' };
-  }
-
-  const findings = options._cachedFindings ?? loadCachedFindings();
-  const prompt = buildPrompt(branchName, truncateDiff(diff), summarizeFindings(findings));
-
-  const engine = options._reviewEngine ?? (await resolveEngine() as unknown as { review(input: { content: string; kind: string }): Promise<{ rawOutput: string }> });
-  const { rawOutput } = await engine.review({ content: prompt, kind: 'pr-diff' });
-  const { title, body } = parseDescription(rawOutput);
-
-  const formatted = `Title: ${title}\n\n---\n${body}`;
-
-  if (options.output) {
-    fs.writeFileSync(options.output, formatted, 'utf8');
-  } else {
-    process.stdout.write(formatted + '\n');
-  }
-
-  if (options.post) {
-    return createPr(title, body, options.yes ?? false);
-  }
-
-  return { title, body };
-}
-
-function getBranchName(): string {
-  try {
-    return execSync('git rev-parse --abbrev-ref HEAD', { encoding: 'utf8' }).trim();
-  } catch {
-    return 'unknown';
-  }
-}
-
-function getGitDiff(base?: string): string {
-  try {
-    const ref = base ?? getUpstreamBase();
-    return execSync(`git diff ${ref}...HEAD`, { encoding: 'utf8' });
-  } catch {
-    return '';
-  }
-}
-
-function getUpstreamBase(): string {
-  try {
-    return execSync(
-      'git rev-parse --abbrev-ref --symbolic-full-name @{u}',
-      { encoding: 'utf8' },
-    ).trim();
-  } catch {
-    return 'HEAD~1';
-  }
-}
-
-function loadCachedFindings(): Finding[] {
-  try {
-    return JSON.parse(fs.readFileSync('.guardrail-cache/findings.json', 'utf8')) as Finding[];
-  } catch {
-    return [];
-  }
-}
-
-function buildPrompt(branch: string, diff: string, findingsSummary: string): string {
-  return `Generate a pull request description with three sections:
-
-## Summary
-<3-5 bullet points describing what changed and why>
-
-## Changes
-<grouped by file/area, concise>
-
-## Test Plan
-<checklist of what to verify before merging>
-
-Branch: ${branch}
-Diff:
-${diff}
-
-Guardrail findings in this diff:
-${findingsSummary}`;
-}
-
-async function resolveEngine() {
-  const { loadAdapter } = await import('../adapters/loader.ts');
-  const { loadConfig } = await import('../core/config/loader.ts');
-  const configPath = process.env.GUARDRAIL_CONFIG ?? 'guardrail.config.yaml';
-  let engineRef = 'auto';
-  try {
-    const cfg = await loadConfig(configPath);
-    const rev = (cfg as { reviewEngine?: unknown }).reviewEngine;
-    if (rev) engineRef = typeof rev === 'string' ? rev : (rev as { adapter: string }).adapter;
-  } catch {
-    // no config file — fall back to auto
-  }
-  return loadAdapter({ point: 'review-engine', ref: engineRef });
-}
-
-async function createPr(title: string, body: string, yes: boolean): Promise<PrDescResult> {
-  if (!yes) {
-    process.stdout.write('\nCreate PR with this description? [y/N] ');
-    const answer = await new Promise<string>(resolve => {
-      process.stdin.setEncoding('utf8');
-      process.stdin.once('data', (chunk: string) => resolve(chunk.split('\n')[0] ?? ''));
-    });
-    if (!answer.toLowerCase().startsWith('y')) return { title, body };
-  }
-  const result = spawnSync('gh', ['pr', 'create', '--title', title, '--body', body], { encoding: 'utf8' });
-  if (result.status !== 0) {
-    throw new Error(`gh pr create failed: ${result.stderr?.trim() || result.error?.message || 'unknown error'}`);
-  }
-  const prUrl = result.stdout.trim();
-  process.stdout.write(`\nPR created: ${prUrl}\n`);
-  return { title, body, prUrl };
-}