@krotovm/gitlab-ai-review 1.0.23 → 1.0.25

package/dist/cli/ci-review.js

@@ -382,7 +382,7 @@ export async function reviewMergeRequestMultiPass(params) {
     const skippedCount = changes.length - reviewFiles.length;
     logStep(`Triage: ${reviewFiles.length} file(s) to review, ${skippedCount} skipped. Summary: ${triageResult.summary.slice(0, 120)}...`);
     if (reviewFiles.length === 0) {
-        const DISCLAIMER = "This comment was generated by an artificial intelligence duck.";
+        const DISCLAIMER = "This comment was generated by AI review bot.";
         return `No confirmed bugs or high-value optimizations found.\n\n---\n_${DISCLAIMER}_`;
     }
     logStep(`Pass 2/4: reviewing ${reviewFiles.length} file(s) (concurrency=${reviewConcurrency})`);
@@ -412,7 +412,7 @@ export async function reviewMergeRequestMultiPass(params) {
         maxFindings,
     });
     if (consolidateMessages == null) {
-        const DISCLAIMER = "This comment was generated by an artificial intelligence duck.";
+        const DISCLAIMER = "This comment was generated by AI review bot.";
         return `No confirmed bugs or high-value optimizations found.\n\n---\n_${DISCLAIMER}_`;
     }
     try {
@@ -449,7 +449,7 @@ export async function reviewMergeRequestMultiPass(params) {
     }
     catch (error) {
         logStep(`Consolidation failed: ${error?.message ?? error}. Returning raw per-file findings.`);
-        const DISCLAIMER = "This comment was generated by an artificial intelligence duck.";
+        const DISCLAIMER = "This comment was generated by AI review bot.";
         const raw = perFileFindings
             .filter((f) => !f.findings.includes("No issues found.") &&
             !f.findings.includes("No confirmed bugs"))

package/dist/prompt/index.js

@@ -1,6 +1,8 @@
 /** @format */
 import { buildMainSystemMessages, FILE_REVIEW_SYSTEM, TRIAGE_SYSTEM, } from "./messages.js";
 import { normalizeReviewFindingsMarkdown, sanitizeGitLabMarkdown, truncateWithMarker, } from "./utils.js";
+import { buildConsolidateSystemLines, buildVerificationSystemLines, } from "./templates/postprocess-system.js";
+import { buildConsolidateUserContent, buildFileReviewUserContent, buildMainReviewUserContent, buildTriageUserContent, buildVerificationUserContent, } from "./templates/user-prompts.js";
 export const DEFAULT_PROMPT_LIMITS = {
     maxDiffs: 50,
     maxDiffChars: 16000,
@@ -33,15 +35,11 @@ export const buildPrompt = ({ changes, limits, allowTools = false, }) => {
     const toolNote = allowTools
         ? "Tools (get_file_at_ref, grep_repository) are available — use them to verify suspicions and inspect truncated or omitted files."
         : "Tools are unavailable in this run; rely only on visible diff evidence.";
-    const userContent = [
-        `Review the following code changes (git diff format). ${stats}`,
+    const userContent = buildMainReviewUserContent({
+        stats,
         toolNote,
-        "",
-        "Changes:",
-        changesText || "(no changes provided)",
-        "",
-        "Produce your review now. Follow the system instructions strictly.",
-    ].join("\n");
+        changesText,
+    });
     const boundedContent = truncateWithMarker(userContent, effectiveLimits.maxTotalPromptChars, "prompt payload");
     return [...MESSAGES, { role: "user", content: boundedContent }];
 };
@@ -50,26 +48,12 @@ export const buildPrompt = ({ changes, limits, allowTools = false, }) => {
 // ---------------------------------------------------------------------------
 export const DEFAULT_MAX_FINDINGS = 5;
 export const DEFAULT_REVIEW_CONCURRENCY = 5;
-export const DIFF_SNIPPET_CHARS = 300;
 export function buildTriagePrompt(changes) {
-    const fileEntries = changes.map((c) => {
-        const flags = [];
-        if (c.new_file)
-            flags.push("new");
-        if (c.deleted_file)
-            flags.push("deleted");
-        if (c.renamed_file)
-            flags.push("renamed");
-        const flagStr = flags.length > 0 ? ` [${flags.join(", ")}]` : "";
-        const snippet = c.diff.slice(0, DIFF_SNIPPET_CHARS);
-        const truncNote = c.diff.length > DIFF_SNIPPET_CHARS ? "..." : "";
-        return `### ${c.path}${flagStr}\n\`\`\`\n${snippet}${truncNote}\n\`\`\``;
-    });
     return [
         TRIAGE_SYSTEM,
         {
             role: "user",
-            content: `Triage these ${changes.length} file(s):\n\n${fileEntries.join("\n\n")}`,
+            content: buildTriageUserContent(changes),
         },
     ];
 }
@@ -103,25 +87,17 @@ export function buildFileReviewPrompt(params) {
     const toolNote = allowTools
         ? "Tools (get_file_at_ref, grep_repository) are available to verify suspicions or read the full file."
         : "Tools are unavailable; rely only on visible diff evidence.";
-    const otherFilesNote = otherChangedFiles.length > 0
-        ? `\nOther files changed in this MR: ${otherChangedFiles.join(", ")}`
-        : "";
     return [
         FILE_REVIEW_SYSTEM,
         {
             role: "user",
-            content: [
-                `MR Summary: ${summary}`,
-                otherFilesNote,
-                "",
-                toolNote,
-                "",
-                `File: ${filePath}`,
-                "Diff:",
+            content: buildFileReviewUserContent({
+                filePath,
                 fileDiff,
-                "",
-                "Review this file now.",
-            ].join("\n"),
+                summary,
+                otherChangedFiles,
+                toolNote,
+            }),
         },
     ];
 }
@@ -137,32 +113,15 @@ export function buildConsolidatePrompt(params) {
     return [
         {
             role: "system",
-            content: [
-                "You consolidate per-file code review findings into a final ranked list.",
-                `Select the top ${maxFindings} most important findings. Deduplicate overlapping issues.`,
-                "Preserve this exact per-finding markdown block:",
-                "`- [high|medium] <title>`",
-                "`  File: <path>`",
-                "`  Line: ~<N>`",
-                "`  Why: <one concise sentence with key evidence>`",
-                "Rank by: (1) [high] before [medium], (2) correctness > security > perf.",
-                "Do not add new findings. Do not add headings, summaries, or commentary.",
-                "Drop any finding that: claims a syntax error without quoting the invalid token, claims a function/variable is missing without concrete proof, or flags a refactoring rename as a bug.",
-                `If fewer than ${maxFindings} findings exist, return all of them.`,
-                'If all findings are low quality or dubious after dedup, return exactly: "No confirmed bugs or high-value optimizations found."',
-                "GitLab-flavoured markdown.",
-            ].join("\n"),
+            content: buildConsolidateSystemLines(maxFindings).join("\n"),
         },
         {
             role: "user",
-            content: [
-                `MR Summary: ${summary}`,
-                "",
-                "Per-file findings:",
+            content: buildConsolidateUserContent({
+                summary,
                 findingsText,
-                "",
-                `Return the top ${maxFindings} findings in the required bullet format.`,
-            ].join("\n"),
+                maxFindings,
+            }),
         },
     ];
 }
@@ -174,36 +133,15 @@ export function buildVerificationPrompt(params) {
     return [
         {
             role: "system",
-            content: [
-                "You are a skeptical verifier of a merge request review.",
-                "Your job is to remove weak, speculative, or unsupported findings from the draft list.",
-                "Do not add new findings. Keep, rewrite for clarity, or remove existing findings only.",
-                "A finding can stay only if it is directly supported by evidence from the per-file findings.",
-                "If confidence is not high, drop the finding.",
-                "Preserve this exact per-finding markdown block:",
-                "`- [high|medium] <title>`",
-                "`  File: <path>`",
-                "`  Line: ~<N>`",
-                "`  Why: <one concise sentence with key evidence>`",
-                "Do not add headings, summaries, or extra commentary.",
-                `Return at most ${maxFindings} findings.`,
-                'If no findings survive verification, return exactly: "No confirmed bugs or high-value optimizations found."',
-                "GitLab-flavoured markdown.",
-            ].join("\n"),
+            content: buildVerificationSystemLines(maxFindings).join("\n"),
         },
         {
             role: "user",
-            content: [
-                `MR Summary: ${summary}`,
-                "",
-                "Per-file findings (evidence pool):",
+            content: buildVerificationUserContent({
+                summary,
                 findingsText,
-                "",
-                "Draft consolidated findings to verify:",
                 consolidatedFindings,
-                "",
-                "Return only the verified final findings.",
-            ].join("\n"),
+            }),
         },
     ];
 }
@@ -232,8 +170,8 @@ export function extractCompletionText(completion) {
     }
     return null;
 }
-const ERROR_ANSWER = "I'm sorry, I'm not feeling well today. Please ask a human to review this code change.";
-const DISCLAIMER = "This comment was generated by an artificial intelligence duck.";
+const ERROR_ANSWER = "AI review could not be completed. Please ask a human to review this code change.";
+const DISCLAIMER = "This comment was generated by AI review bot.";
 export const buildAnswer = (completion) => {
     if (completion instanceof Error) {
         const maybeCause = completion.cause;

package/dist/prompt/messages.js

@@ -1,66 +1,6 @@
 /** @format */
-export const MAIN_SYSTEM_LINES = [
-    "You are an AI code reviewer for pull requests.",
-    "Find only real bugs introduced by the diff.",
-    "Return at most 3 findings. Prefer no finding over a weak one.",
-    "",
-    "Rules:",
-    "- Focus on changed lines.",
-    "- Ignore style, refactoring suggestions, and general best practices.",
-    "- If uncertain, use tools: get_file_at_ref and grep_repository.",
-    "- Report only issues clearly visible in diff or verified by tools.",
-    '- If uncertain after checking, return exactly: "No confirmed bugs or high-value optimizations found."',
-    "",
-    "Severity:",
-    "- [high]: deterministic runtime/security breakage with clear path.",
-    "- [medium]: likely bug with strong evidence.",
-    "",
-    "Output format (strict):",
-    "- `- [high|medium] <title>`",
-    "- `  File: <path>`",
-    "- `  Line: ~<N>`",
-    "- `  Why: <one concise sentence with evidence>`",
-    '- If no issues: exactly "No confirmed bugs or high-value optimizations found."',
-];
-export const TRIAGE_SYSTEM_LINES = [
-    "You are a senior developer triaging files in a merge request.",
-    "For each file, decide whether it NEEDS_REVIEW (modifies logic, functionality, security, or performance) or can be SKIPPED (cosmetic-only: formatting, comments, renaming for clarity, docs, auto-generated files).",
-    "",
-    "Also produce a concise summary (2-4 sentences) of the entire merge request: what it does and which areas it touches.",
-    "",
-    "Respond with a JSON object (no markdown fences) in this exact schema:",
-    '{ "summary": "<MR summary>", "files": [{ "path": "<file path>", "verdict": "NEEDS_REVIEW" | "SKIP" }] }',
-    "",
-    "Rules:",
-    "- When in doubt, verdict is NEEDS_REVIEW.",
-    "- Deleted files are SKIP unless the deletion could break dependents.",
-    "- New files containing logic are NEEDS_REVIEW.",
-    "- Test-only files are SKIP unless they cover security-critical or complex logic.",
-    "- Config/CI/docs files are SKIP unless they modify build targets, env vars, or secrets.",
-];
-export const FILE_REVIEW_SYSTEM_LINES = [
-    "You are an AI reviewer for a single-file diff.",
-    "Find only real bugs introduced by changed lines.",
-    "Return at most 2 findings. Prefer no finding over a weak one.",
-    "",
-    "Rules:",
-    "- Focus on changed lines only.",
-    "- Ignore style/refactor/general improvement comments.",
-    "- If uncertain, use tools: get_file_at_ref and grep_repository.",
-    "- Report only issues clearly visible in diff or verified by tools.",
-    '- If uncertain after checking, return exactly: "No issues found."',
-    "",
-    "Severity:",
-    "- [high]: deterministic runtime/security breakage with clear path.",
-    "- [medium]: likely bug with strong evidence.",
-    "",
-    "Output format (strict):",
-    "- `- [high|medium] <title>`",
-    "- `  File: <path>`",
-    "- `  Line: ~<N>`",
-    "- `  Why: <one concise sentence with evidence>`",
-    '- If no issues: exactly "No issues found."',
-];
+import { FILE_REVIEW_SYSTEM_LINES, MAIN_SYSTEM_LINES, } from "./templates/review-system.js";
+import { TRIAGE_SYSTEM_LINES } from "./templates/triage-system.js";
 export const buildMainSystemMessages = () => [
     {
         role: "system",

package/dist/prompt/templates/postprocess-system.js

@@ -0,0 +1,36 @@
+/** @format */
+export function buildConsolidateSystemLines(maxFindings) {
+    return [
+        "You consolidate per-file code review findings into a final ranked list.",
+        `Select the top ${maxFindings} most important findings. Deduplicate overlapping issues.`,
+        "Preserve this exact per-finding markdown block:",
+        "`- [high|medium] <title>`",
+        "`  File: <path>`",
+        "`  Line: ~<N>`",
+        "`  Why: <one concise sentence with key evidence>`",
+        "Rank by: (1) [high] before [medium], (2) correctness > security > perf.",
+        "Do not add new findings. Do not add headings, summaries, or commentary.",
+        "Drop any finding that: claims a syntax error without quoting the invalid token, claims a function/variable is missing without concrete proof, or flags a refactoring rename as a bug.",
+        `If fewer than ${maxFindings} findings exist, return all of them.`,
+        'If all findings are low quality or dubious after dedup, return exactly: "No confirmed bugs or high-value optimizations found."',
+        "GitLab-flavoured markdown.",
+    ];
+}
+export function buildVerificationSystemLines(maxFindings) {
+    return [
+        "You are a skeptical verifier of a merge request review.",
+        "Your job is to remove weak, speculative, or unsupported findings from the draft list.",
+        "Do not add new findings. Keep, rewrite for clarity, or remove existing findings only.",
+        "A finding can stay only if it is directly supported by evidence from the per-file findings.",
+        "If confidence is not high, drop the finding.",
+        "Preserve this exact per-finding markdown block:",
+        "`- [high|medium] <title>`",
+        "`  File: <path>`",
+        "`  Line: ~<N>`",
+        "`  Why: <one concise sentence with key evidence>`",
+        "Do not add headings, summaries, or extra commentary.",
+        `Return at most ${maxFindings} findings.`,
+        'If no findings survive verification, return exactly: "No confirmed bugs or high-value optimizations found."',
+        "GitLab-flavoured markdown.",
+    ];
+}

package/dist/prompt/templates/review-system.js

@@ -0,0 +1,47 @@
+/** @format */
+export const MAIN_SYSTEM_LINES = [
+    "You are an AI code reviewer for pull requests.",
+    "Find only real bugs introduced by the diff.",
+    "Return at most 3 findings. Prefer no finding over a weak one.",
+    "",
+    "Rules:",
+    "- Focus on changed lines.",
+    "- Ignore style, refactoring suggestions, and general best practices.",
+    "- If uncertain, use tools: get_file_at_ref and grep_repository.",
+    "- Report only issues clearly visible in diff or verified by tools.",
+    '- If uncertain after checking, return exactly: "No confirmed bugs or high-value optimizations found."',
+    "",
+    "Severity:",
+    "- [high]: deterministic runtime/security breakage with clear path.",
+    "- [medium]: likely bug with strong evidence.",
+    "",
+    "Output format (strict):",
+    "- `- [high|medium] <title>`",
+    "- `  File: <path>`",
+    "- `  Line: ~<N>`",
+    "- `  Why: <one concise sentence with evidence>`",
+    '- If no issues: exactly "No confirmed bugs or high-value optimizations found."',
+];
+export const FILE_REVIEW_SYSTEM_LINES = [
+    "You are an AI reviewer for a single-file diff.",
+    "Find only real bugs introduced by changed lines.",
+    "Return at most 2 findings. Prefer no finding over a weak one.",
+    "",
+    "Rules:",
+    "- Focus on changed lines only.",
+    "- Ignore style/refactor/general improvement comments.",
+    "- If uncertain, use tools: get_file_at_ref and grep_repository.",
+    "- Report only issues clearly visible in diff or verified by tools.",
+    '- If uncertain after checking, return exactly: "No issues found."',
+    "",
+    "Severity:",
+    "- [high]: deterministic runtime/security breakage with clear path.",
+    "- [medium]: likely bug with strong evidence.",
+    "",
+    "Output format (strict):",
+    "- `- [high|medium] <title>`",
+    "- `  File: <path>`",
+    "- `  Line: ~<N>`",
+    "- `  Why: <one concise sentence with evidence>`",
+    '- If no issues: exactly "No issues found."',
+];

package/dist/prompt/templates/triage-system.js

@@ -0,0 +1,17 @@
+/** @format */
+export const TRIAGE_SYSTEM_LINES = [
+    "You are a senior developer triaging files in a merge request.",
+    "For each file, decide whether it NEEDS_REVIEW (modifies logic, functionality, security, or performance) or can be SKIPPED (cosmetic-only: formatting, comments, renaming for clarity, docs, auto-generated files).",
+    "",
+    "Also produce a concise summary (2-4 sentences) of the entire merge request: what it does and which areas it touches.",
+    "",
+    "Respond with a JSON object (no markdown fences) in this exact schema:",
+    '{ "summary": "<MR summary>", "files": [{ "path": "<file path>", "verdict": "NEEDS_REVIEW" | "SKIP" }] }',
+    "",
+    "Rules:",
+    "- When in doubt, verdict is NEEDS_REVIEW.",
+    "- Deleted files are SKIP unless the deletion could break dependents.",
+    "- New files containing logic are NEEDS_REVIEW.",
+    "- Test-only files are SKIP unless they cover security-critical or complex logic.",
+    "- Config/CI/docs files are SKIP unless they modify build targets, env vars, or secrets.",
+];

package/dist/prompt/templates/user-prompts.js

@@ -0,0 +1,72 @@
+/** @format */
+export function buildMainReviewUserContent(params) {
+    const { stats, toolNote, changesText } = params;
+    return [
+        `Review the following code changes (git diff format). ${stats}`,
+        toolNote,
+        "",
+        "Changes:",
+        changesText || "(no changes provided)",
+        "",
+        "Produce your review now. Follow the system instructions strictly.",
+    ].join("\n");
+}
+export function buildTriageUserContent(changes) {
+    const fileEntries = changes.map((c) => {
+        const flags = [];
+        if (c.new_file)
+            flags.push("new");
+        if (c.deleted_file)
+            flags.push("deleted");
+        if (c.renamed_file)
+            flags.push("renamed");
+        const flagStr = flags.length > 0 ? ` [${flags.join(", ")}]` : "";
+        const snippet = c.diff.slice(0, 300);
+        const truncNote = c.diff.length > 300 ? "..." : "";
+        return `### ${c.path}${flagStr}\n\`\`\`\n${snippet}${truncNote}\n\`\`\``;
+    });
+    return `Triage these ${changes.length} file(s):\n\n${fileEntries.join("\n\n")}`;
+}
+export function buildFileReviewUserContent(params) {
+    const { filePath, fileDiff, summary, otherChangedFiles, toolNote } = params;
+    const otherFilesNote = otherChangedFiles.length > 0
+        ? `\nOther files changed in this MR: ${otherChangedFiles.join(", ")}`
+        : "";
+    return [
+        `MR Summary: ${summary}`,
+        otherFilesNote,
+        "",
+        toolNote,
+        "",
+        `File: ${filePath}`,
+        "Diff:",
+        fileDiff,
+        "",
+        "Review this file now.",
+    ].join("\n");
+}
+export function buildConsolidateUserContent(params) {
+    const { summary, findingsText, maxFindings } = params;
+    return [
+        `MR Summary: ${summary}`,
+        "",
+        "Per-file findings:",
+        findingsText,
+        "",
+        `Return the top ${maxFindings} findings in the required bullet format.`,
+    ].join("\n");
+}
+export function buildVerificationUserContent(params) {
+    const { summary, findingsText, consolidatedFindings } = params;
+    return [
+        `MR Summary: ${summary}`,
+        "",
+        "Per-file findings (evidence pool):",
+        findingsText,
+        "",
+        "Draft consolidated findings to verify:",
+        consolidatedFindings,
+        "",
+        "Return only the verified final findings.",
+    ].join("\n");
+}

package/dist/prompt/utils.js

@@ -17,9 +17,17 @@ export function normalizeReviewFindingsMarkdown(input) {
     const normalized = input.replace(/\r\n/g, "\n").trim();
     if (normalized === "" || normalized === NO_ISSUES_SENTENCE)
         return normalized;
-    const lines = normalized.split("\n");
+    // Some providers collapse each finding into one long line.
+    // Expand inline markers so parser can recover structured blocks.
+    const expanded = normalized
+        .replace(/\s+(File:\s*)/gi, "\n$1")
+        .replace(/\s+(Line:\s*)/gi, "\n$1")
+        .replace(/\s+(Why:\s*)/gi, "\n$1")
+        .replace(/(Why:\s*[^\n]+?)\s+([-*•]\s*\[(?:high|medium)\])/gi, "$1\n$2")
+        .trim();
+    const lines = expanded.split("\n");
     const findings = [];
-    const headerRe = /^\s*-?\s*\[(high|medium)\]\s+(.+?)\s*$/i;
+    const headerRe = /^\s*(?:[-*•]\s*)?\[(high|medium)\]\s+(.+?)\s*$/i;
     const fileRe = /^\s*[-*]?\s*File:\s*(.+?)\s*$/i;
     const lineRe = /^\s*[-*]?\s*Line:\s*(.+?)\s*$/i;
     const whyRe = /^\s*[-*]?\s*Why:\s*(.+?)\s*$/i;

package/package.json

@@ -1,7 +1,7 @@
 {
   "type": "module",
   "name": "@krotovm/gitlab-ai-review",
-  "version": "1.0.23",
+  "version": "1.0.25",
   "description": "CLI tool to generate AI code reviews for GitLab merge requests.",
   "main": "dist/cli.js",
   "bin": {