@equilateral_ai/mindmeld 3.3.1 → 3.5.0

package/src/handlers/webhooks/githubWebhook.js

@@ -10,16 +10,35 @@ const crypto = require('crypto');
 const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse } = require('./helpers');
 
 exports.handler = wrapHandler(async ({ body, headers }) => {
-    // Verify webhook signature
+    // Verify webhook signature — try per-repo secret first, then global fallback
     const signature = headers['x-hub-signature-256'] || headers['X-Hub-Signature-256'];
-    const secret = process.env.GITHUB_WEBHOOK_SECRET;
+    const rawBody = JSON.stringify(body);
+    const repoFullName = body?.repository?.full_name;
 
-    if (!secret) {
-        console.error('GITHUB_WEBHOOK_SECRET not configured');
-        return createErrorResponse(500, 'Webhook not configured');
+    let verified = false;
+
+    // Try per-repo secret from git_repositories
+    if (repoFullName) {
+        const repoResult = await executeQuery(`
+            SELECT webhook_secret FROM rapport.git_repositories
+            WHERE repo_name = $1 AND webhook_secret IS NOT NULL
+            LIMIT 1
+        `, [repoFullName]);
+
+        if (repoResult.rowCount > 0 && repoResult.rows[0].webhook_secret) {
+            verified = verifySignature(rawBody, signature, repoResult.rows[0].webhook_secret);
+        }
+    }
+
+    // Fallback to global secret
+    if (!verified) {
+        const globalSecret = process.env.GITHUB_WEBHOOK_SECRET;
+        if (globalSecret) {
+            verified = verifySignature(rawBody, signature, globalSecret);
+        }
     }
 
-    if (!verifySignature(JSON.stringify(body), signature, secret)) {
+    if (!verified) {
         return createErrorResponse(401, 'Invalid signature');
     }
 
@@ -58,94 +77,93 @@ async function handlePushEvent(payload) {
     const repoFullName = payload.repository?.full_name;
     if (!repoFullName) return;
 
-    // Find project by repo URL
-    const projectResult = await executeQuery(`
-        SELECT project_id FROM rapport.projects
-        WHERE repo_url LIKE $1
-    `, [`%${repoFullName}%`]);
+    const repoUrl = payload.repository?.html_url || `https://github.com/${repoFullName}`;
+    const branch = payload.ref?.replace('refs/heads/', '') || 'unknown';
 
-    if (projectResult.rowCount === 0) {
-        console.log(`Project not found for repo: ${repoFullName}`);
-        return;
+    // Find or create repo in git_repositories
+    let repoResult = await executeQuery(`
+        SELECT repo_id, company_id FROM rapport.git_repositories
+        WHERE repo_name = $1 OR repo_url = $2
+    `, [repoFullName, repoUrl]);
+
+    if (repoResult.rowCount === 0) {
+        // Look up company from projects table
+        const projectResult = await executeQuery(`
+            SELECT project_id, company_id FROM rapport.projects
+            WHERE repo_url LIKE $1
+            LIMIT 1
+        `, [`%${repoFullName}%`]);
+
+        const companyId = projectResult.rows[0]?.company_id || null;
+
+        // Auto-register the repo
+        repoResult = await executeQuery(`
+            INSERT INTO rapport.git_repositories (repo_id, repo_name, repo_url, company_id, default_branch, created_at, updated_at)
+            VALUES (gen_random_uuid(), $1, $2, $3, $4, NOW(), NOW())
+            RETURNING repo_id, company_id
+        `, [repoFullName, repoUrl, companyId, branch]);
+
+        console.log(`Auto-registered repo: ${repoFullName} (repo_id: ${repoResult.rows[0].repo_id})`);
     }
 
-    const projectId = projectResult.rows[0].project_id;
-    const branch = payload.ref?.replace('refs/heads/', '') || 'unknown';
+    const repoId = repoResult.rows[0].repo_id;
 
     for (const commit of (payload.commits || [])) {
-        await recordCommit(commit, projectId, branch);
+        await recordCommit(commit, repoId, repoFullName, repoUrl);
+    }
+
+    // Update last_commit_sha on the repo
+    const lastCommit = payload.head_commit?.id || payload.commits?.[payload.commits.length - 1]?.id;
+    if (lastCommit) {
+        await executeQuery(`
+            UPDATE rapport.git_repositories SET last_commit_sha = $1, updated_at = NOW()
+            WHERE repo_id = $2
+        `, [lastCommit, repoId]);
     }
 }
 
-async function recordCommit(commit, projectId, branch) {
+async function recordCommit(commit, repoId, repoName, repoUrl) {
     const authorEmail = commit.author?.email;
     if (!authorEmail) return;
 
-    // Find user by email
-    const userResult = await executeQuery(`
-        SELECT "Email_Address" FROM "Users"
-        WHERE "Email_Address" = $1 AND active = true
-    `, [authorEmail]);
+    // Check for duplicate
+    const existing = await executeQuery(`
+        SELECT 1 FROM rapport.commits WHERE commit_sha = $1 LIMIT 1
+    `, [commit.id]);
 
-    if (userResult.rowCount === 0) {
-        console.log(`User not found for email: ${authorEmail}`);
+    if (existing.rowCount > 0) {
+        console.log(`Commit ${commit.id.substring(0, 8)} already recorded, skipping`);
         return;
     }
 
-    const email = userResult.rows[0].Email_Address;
-
-    // Find recent session for correlation
-    const sessionResult = await executeQuery(`
-        SELECT session_id, ended_at, started_at
-        FROM rapport.sessions
-        WHERE email_address = $1
-        AND project_id = $2
-        ORDER BY started_at DESC
-        LIMIT 1
-    `, [email, projectId]);
-
-    let sessionId = null;
-    let withinSession = false;
-    let timeSinceSession = null;
-
-    if (sessionResult.rowCount > 0) {
-        const session = sessionResult.rows[0];
-        const commitTime = new Date(commit.timestamp);
-        const sessionEnd = session.ended_at ? new Date(session.ended_at) : new Date();
-        const sessionStart = new Date(session.started_at);
-
-        // Commit within session if after start and before/during end
-        withinSession = commitTime >= sessionStart && (!session.ended_at || commitTime <= sessionEnd);
-
-        if (!withinSession && session.ended_at) {
-            timeSinceSession = Math.round((commitTime - sessionEnd) / (1000 * 60));
-        }
+    // Build changed_files JSONB from GitHub payload
+    const changedFiles = [
+        ...(commit.added || []).map(f => ({ path: f, action: 'added' })),
+        ...(commit.modified || []).map(f => ({ path: f, action: 'modified' })),
+        ...(commit.removed || []).map(f => ({ path: f, action: 'removed' }))
+    ];
 
-        sessionId = session.session_id;
-    }
-
-    // Insert commit
     await executeQuery(`
         INSERT INTO rapport.commits (
-            commit_hash, project_id, email_address, branch, message,
-            committed_at, files_changed,
-            session_id, within_session, time_since_session_minutes
-        ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
-        ON CONFLICT (commit_hash) DO NOTHING
+            commit_id, commit_sha, repo_id, repo_url, repo_name,
+            author_email, author_name, commit_timestamp, message,
+            changed_files, is_merge, created_at
+        ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, NOW())
     `, [
         commit.id,
-        projectId,
-        email,
-        branch,
-        commit.message?.substring(0, 500), // Truncate long messages
+        commit.id,
+        repoId,
+        repoUrl,
+        repoName,
+        authorEmail,
+        commit.author?.name || authorEmail,
         commit.timestamp,
-        (commit.added?.length || 0) + (commit.modified?.length || 0) + (commit.removed?.length || 0),
-        sessionId,
-        withinSession,
-        timeSinceSession
+        commit.message?.substring(0, 2000),
+        JSON.stringify(changedFiles),
+        commit.message?.toLowerCase().startsWith('merge') || false
     ]);
 
-    console.log(`Recorded commit ${commit.id} for ${email}`);
+    console.log(`Recorded commit ${commit.id.substring(0, 8)} by ${authorEmail}`);
 }
 
 async function handlePREvent(payload) {
@@ -153,71 +171,45 @@ async function handlePREvent(payload) {
     const repoFullName = payload.repository?.full_name;
     if (!pr || !repoFullName) return;
 
-    // Find project by repo URL
-    const projectResult = await executeQuery(`
-        SELECT project_id FROM rapport.projects
-        WHERE repo_url LIKE $1
-    `, [`%${repoFullName}%`]);
-
-    if (projectResult.rowCount === 0) {
-        console.log(`Project not found for repo: ${repoFullName}`);
-        return;
-    }
+    const repoUrl = payload.repository?.html_url || `https://github.com/${repoFullName}`;
 
-    const projectId = projectResult.rows[0].project_id;
-    const prId = `github:${repoFullName}:${pr.number}`;
+    // Find repo
+    const repoResult = await executeQuery(`
+        SELECT repo_id FROM rapport.git_repositories
+        WHERE repo_name = $1 OR repo_url = $2
+    `, [repoFullName, repoUrl]);
 
-    // Try to find user by email or login
-    const authorEmail = pr.user?.email || `${pr.user?.login}@users.noreply.github.com`;
-    const userResult = await executeQuery(`
-        SELECT "Email_Address" FROM "Users"
-        WHERE "Email_Address" = $1 AND active = true
-    `, [authorEmail]);
-
-    if (userResult.rowCount === 0) {
-        console.log(`User not found for: ${authorEmail}`);
+    if (repoResult.rowCount === 0) {
+        console.log(`Repo not found for: ${repoFullName} — push event must arrive first`);
         return;
     }
 
-    const email = userResult.rows[0].Email_Address;
-
-    // Calculate review time if merged
-    let reviewTimeHours = null;
-    if (pr.merged_at && pr.created_at) {
-        const created = new Date(pr.created_at);
-        const merged = new Date(pr.merged_at);
-        reviewTimeHours = (merged - created) / (1000 * 60 * 60);
-    }
+    const repoId = repoResult.rows[0].repo_id;
+    const authorEmail = pr.user?.email || `${pr.user?.login}@users.noreply.github.com`;
+    const status = pr.merged ? 'merged' : pr.state;
 
-    // Upsert PR
+    // Upsert PR by repo_id + pr_number
     await executeQuery(`
         INSERT INTO rapport.pull_requests (
-            pr_id, project_id, email_address, title, branch, base_branch,
-            status, opened_at, merged_at, closed_at,
-            commits_count, files_changed, additions, deletions, review_time_hours
-        ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15)
-        ON CONFLICT (pr_id) DO UPDATE SET
-            status = EXCLUDED.status,
-            merged_at = EXCLUDED.merged_at,
-            closed_at = EXCLUDED.closed_at,
-            review_time_hours = EXCLUDED.review_time_hours
+            pr_id, repo_id, pr_number, title, author_email,
+            status, created_at, merged_at, closed_at,
+            lines_added, lines_removed, files_changed, review_comments
+        ) VALUES (gen_random_uuid(), $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12)
+        ON CONFLICT (pr_id) DO NOTHING
     `, [
-        prId,
-        projectId,
-        email,
+        repoId,
+        pr.number,
         pr.title?.substring(0, 500),
-        pr.head?.ref,
-        pr.base?.ref,
-        pr.merged ? 'merged' : pr.state,
+        authorEmail,
+        status,
         pr.created_at,
-        pr.merged_at,
-        pr.closed_at,
-        pr.commits,
-        pr.changed_files,
-        pr.additions,
-        pr.deletions,
-        reviewTimeHours
+        pr.merged_at || null,
+        pr.closed_at || null,
+        pr.additions || 0,
+        pr.deletions || 0,
+        pr.changed_files || 0,
+        pr.review_comments || 0
     ]);
 
-    console.log(`Recorded PR ${prId} for ${email}`);
+    console.log(`Recorded PR #${pr.number} (${status}) for ${authorEmail}`);
 }

package/src/index.js

@@ -65,7 +65,7 @@ class MindmeldClient {
         companyId: config.companyId || null,
         collaborators: config.collaborators || [],
         userEmail: config.userEmail || null,
-        subscriptionTier: config.subscriptionTier || 'free'
+        subscriptionTier: config.subscriptionTier || 'enterprise'
       };
 
       return this.currentProject;
@@ -713,14 +713,14 @@ class MindmeldClient {
    * @param {string} sessionId - Session identifier
    * @param {Array} standards - Array of standards that were injected
    */
-  recordStandardsShown(sessionId, standards) {
+  recordStandardsShown(sessionId, standards, projectId, userId) {
     // Fire and forget - don't await to keep hook fast
-    this._recordStandardsAsync(sessionId, standards).catch(err => {
+    this._recordStandardsAsync(sessionId, standards, projectId, userId).catch(err => {
       console.error('[Rapport] recordStandardsShown error:', err.message);
     });
   }
 
-  async _recordStandardsAsync(sessionId, standards) {
+  async _recordStandardsAsync(sessionId, standards, projectId, userId) {
     if (!standards || standards.length === 0) return;
 
     const apiUrl = this.config.apiUrl;
@@ -730,9 +730,12 @@ class MindmeldClient {
     // Prepare payload
     const payload = JSON.stringify({
       session_id: sessionId,
+      project_id: projectId || undefined,
+      user_id: userId || undefined,
       standards: standards.map(s => ({
         pattern_id: s.pattern_id || s.element,
-        relevance_score: s.score || 0
+        title: s.element || s.pattern_id,
+        relevance_score: s.relevance_score || s.score || 0
       }))
     });