@mechanai/deepreview 0.0.0-development → 2.0.0

package/src/graphql.ts

@@ -0,0 +1,183 @@
+import { type ExecFileOptions, execFile } from "node:child_process";
+import { promisify } from "node:util";
+
+// oxlint-disable-next-line typescript/strict-void-return -- Why: promisify() overload resolution picks void-returning signature incorrectly
+export const execFileAsync = promisify(execFile);
+
+/**
+ * Spawn a child process via execFile, writing `opts.input` to stdin.
+ * Resolves with stdout on success; rejects with an Error that has a `stderr` property on failure.
+ */
+async function execFileWithInput(
+  cmd: string,
+  args: string[],
+  opts: ExecFileOptions & { input: string },
+): Promise<string> {
+  return new Promise((resolve, reject) => {
+    const child = execFile(cmd, args, opts, (error, stdout, stderr) => {
+      if (error) {
+        const e = error as Error & { stderr?: string };
+        e.stderr = typeof stderr === "string" ? stderr : "";
+        reject(e);
+        return;
+      }
+      const stderrStr = typeof stderr === "string" ? stderr : stderr.toString();
+      if (stderrStr.trim()) console.warn(`[gh stderr] ${stderrStr.trim()}`);
+      resolve(typeof stdout === "string" ? stdout : stdout.toString());
+    });
+    if (!child.stdin) {
+      child.kill();
+      reject(new Error("execFileWithInput: child process has no stdin"));
+      return;
+    }
+    child.stdin.on("error", (err: NodeJS.ErrnoException) => {
+      if (err.code !== "EPIPE") {
+        console.error(`[graphql] stdin error: ${err.message}`);
+      }
+    });
+    child.stdin.end(opts.input);
+  });
+}
+const TIMEOUT_MS = 30_000;
+
+interface GraphQLError {
+  message: string;
+  [key: string]: unknown;
+}
+
+class GraphQLResponseError extends Error {
+  errors: GraphQLError[];
+  constructor(message: string, errors: GraphQLError[]) {
+    super(message);
+    this.errors = errors;
+  }
+}
+
+interface GraphQLResponse<T> {
+  data?: T;
+  errors?: GraphQLError[];
+}
+
+/**
+ * Execute a GraphQL query via `gh api graphql --input -`.
+ */
+export async function graphql<T = unknown>(
+  query: string,
+  variables: Record<string, unknown> = {},
+): Promise<T> {
+  const body = JSON.stringify({ query, variables });
+  let result: string;
+  try {
+    result = await execFileWithInput("gh", ["api", "graphql", "--input", "-"], {
+      input: body,
+      encoding: "utf8",
+      maxBuffer: 10 * 1024 * 1024,
+      signal: AbortSignal.timeout(TIMEOUT_MS),
+    });
+  } catch (err: unknown) {
+    const stderr =
+      err !== null && typeof err === "object" && "stderr" in err
+        ? String((err as { stderr: unknown }).stderr).trim()
+        : "";
+    const message =
+      err !== null && typeof err === "object" && "message" in err
+        ? String((err as { message: unknown }).message)
+        : "unknown error";
+    const detail = stderr === "" ? message : stderr;
+    throw new Error(`gh graphql failed: ${detail}`);
+  }
+
+  let parsed: GraphQLResponse<T>;
+  try {
+    // oxlint-disable-next-line typescript/no-unsafe-type-assertion -- Why: JSON.parse returns any; structural validation follows
+    parsed = JSON.parse(result) as GraphQLResponse<T>;
+  } catch {
+    throw new Error(`gh graphql returned non-JSON: ${result.slice(0, 200)}`);
+  }
+  if (parsed.errors && parsed.errors.length > 0) {
+    const msg = parsed.errors.map((e) => e.message).join("; ");
+    throw new GraphQLResponseError(`GraphQL error: ${msg}`, parsed.errors);
+  }
+  if (parsed.data === undefined || parsed.data === null) {
+    throw new Error("GraphQL response contained no data");
+  }
+  return parsed.data;
+}
+
+export interface PrInfo {
+  owner: string;
+  name: string;
+  prNodeId: string;
+  headOid: string;
+  state: string;
+}
+
+interface RepoViewResponse {
+  owner: { login: string };
+  name: string;
+}
+
+interface PrQueryResponse {
+  repository: {
+    pullRequest: {
+      id: string;
+      state: string;
+      headRefOid: string;
+    } | null;
+  };
+}
+
+/**
+ * Get repo owner, name, and PR details.
+ */
+export async function getPrInfo(prNumber: number, { cwd }: { cwd?: string } = {}): Promise<PrInfo> {
+  let stdout: string;
+  try {
+    ({ stdout } = await execFileAsync("gh", ["repo", "view", "--json", "owner,name"], {
+      encoding: "utf8",
+      signal: AbortSignal.timeout(TIMEOUT_MS),
+      cwd,
+    }));
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err);
+    throw new Error(
+      `Failed to query repository info via \`gh\`. Ensure \`gh auth login\` is complete.\n${message}`,
+    );
+  }
+  let repo: RepoViewResponse;
+  try {
+    // oxlint-disable-next-line typescript/no-unsafe-type-assertion -- Why: JSON.parse returns any; parse failure caught below
+    repo = JSON.parse(stdout) as RepoViewResponse;
+  } catch {
+    throw new Error(
+      `Failed to parse \`gh repo view\` output as JSON. Got:\n${stdout.slice(0, 200)}`,
+    );
+  }
+
+  const data = await graphql<PrQueryResponse>(
+    `
+      query ($owner: String!, $name: String!, $number: Int!) {
+        repository(owner: $owner, name: $name) {
+          pullRequest(number: $number) {
+            id
+            state
+            headRefOid
+          }
+        }
+      }
+    `,
+    { owner: repo.owner.login, name: repo.name, number: prNumber },
+  );
+
+  const pr = data.repository.pullRequest;
+  if (!pr) {
+    throw new Error(`PR #${prNumber} not found in ${repo.owner.login}/${repo.name}`);
+  }
+  return {
+    owner: repo.owner.login,
+    name: repo.name,
+    prNodeId: pr.id,
+    headOid: pr.headRefOid,
+    state: pr.state,
+  };
+}

package/src/parse-threads.test.ts

@@ -0,0 +1,58 @@
+import { describe, it } from "bun:test";
+import assert from "node:assert/strict";
+import { parseThreads } from "./parse-threads.ts";
+
+describe("parseThreads", () => {
+  it("parses a single finding", () => {
+    const input = [
+      "---",
+      "path: pkg/server/handler.go",
+      "line: 48",
+      "---",
+      "The error is silently discarded.",
+    ].join("\n");
+
+    const result = parseThreads(input);
+    assert.equal(result.length, 1);
+    assert.equal(result[0].path, "pkg/server/handler.go");
+    assert.equal(result[0].line, 48);
+    assert.equal(result[0].startLine, undefined);
+    assert.equal(result[0].body.trim(), "The error is silently discarded.");
+  });
+
+  it("parses multiple findings separated by ---", () => {
+    const input = [
+      "---",
+      "path: a.go",
+      "startLine: 10",
+      "line: 15",
+      "---",
+      "Finding one.",
+      "---",
+      "path: b.go",
+      "line: 3",
+      "---",
+      "Finding two.",
+    ].join("\n");
+
+    const result = parseThreads(input);
+    assert.equal(result.length, 2);
+    assert.equal(result[0].path, "a.go");
+    assert.equal(result[0].startLine, 10);
+    assert.equal(result[0].line, 15);
+    assert.equal(result[1].path, "b.go");
+    assert.equal(result[1].line, 3);
+  });
+
+  it("ignores startLine: 0 (treats as single-line)", () => {
+    const input = ["---", "path: x.go", "startLine: 0", "line: 5", "---", "Body."].join("\n");
+
+    const result = parseThreads(input);
+    assert.equal(result[0].startLine, undefined);
+  });
+
+  it("returns empty array for empty input", () => {
+    const result = parseThreads("");
+    assert.equal(result.length, 0);
+  });
+});

package/src/parse-threads.ts

@@ -0,0 +1,117 @@
+import matter from "gray-matter";
+import yaml from "js-yaml";
+import type { Finding } from "./diff-classifier.ts";
+
+/**
+ * gray-matter engine restricted to safe YAML parsing (no !!js/function etc.).
+ * FAILSAFE_SCHEMA returns all scalars as strings — numeric fields (line, startLine)
+ * are coerced to number downstream in parseThreads. This is intentional.
+ */
+const safeYamlEngine = (s: string): Record<string, unknown> => {
+  const result: unknown = yaml.load(s, { schema: yaml.FAILSAFE_SCHEMA });
+  if (result === null || result === undefined || typeof result !== "object") return {};
+  // oxlint-disable-next-line typescript/no-unsafe-type-assertion -- Why: narrowed to object via typeof guard above; FAILSAFE_SCHEMA always yields a plain object
+  return result as Record<string, unknown>;
+};
+const matterOptions = { engines: { yaml: safeYamlEngine } };
+
+/**
+ * Parse a threads.md file into an array of finding objects.
+ * The file uses --- separators between findings, each with YAML frontmatter.
+ */
+function parseThreads(content: string): Finding[] {
+  const findings: Finding[] = [];
+  const documents = splitDocuments(content);
+
+  for (const doc of documents) {
+    let parsed: matter.GrayMatterFile<string>;
+    try {
+      parsed = matter(doc, matterOptions);
+    } catch (err: unknown) {
+      const message = err instanceof Error ? err.message : String(err);
+      console.warn(`Skipping malformed finding: ${message}`);
+      continue;
+    }
+    const data = parsed.data as Record<string, unknown>;
+    const path = typeof data.path === "string" ? data.path : undefined;
+    const lineNum = Number(data.line);
+    if (path === undefined || path === "" || !Number.isFinite(lineNum) || lineNum < 1) {
+      if (path !== undefined && path !== "") {
+        console.warn(`WARN: Skipping finding with invalid line number in ${path}`);
+      }
+      continue;
+    }
+
+    const rawStartLine: unknown = data.startLine;
+    const startLineNum =
+      rawStartLine !== null && rawStartLine !== undefined ? Number(rawStartLine) : undefined;
+    findings.push({
+      path,
+      line: lineNum,
+      startLine:
+        startLineNum !== undefined && startLineNum > 0 && Number.isFinite(startLineNum)
+          ? startLineNum
+          : undefined,
+      body: parsed.content.trim(),
+    });
+  }
+
+  return findings;
+}
+
+const YAML_KEY_RE = /^\w[\w\s]*:/u;
+
+function peekIsYamlKey(lines: string[], startIndex: number): boolean {
+  for (let j = startIndex; j < lines.length; j++) {
+    if (lines[j].trim() === "") continue;
+    return YAML_KEY_RE.test(lines[j].trim());
+  }
+  return false;
+}
+
+/**
+ * Split a multi-document frontmatter file into individual documents.
+ * Each document starts with "---" (YAML open), has frontmatter, then "---" (YAML close),
+ * then body content until the next document or EOF.
+ */
+function splitDocuments(content: string): string[] {
+  const lines = content.split("\n");
+  const documents: string[] = [];
+  let current: string[] = [];
+  let inFrontmatter = false;
+  let foundFirstDoc = false;
+
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    if (line.trim() === "---") {
+      if (!foundFirstDoc) {
+        foundFirstDoc = true;
+        inFrontmatter = true;
+        current.push(line);
+      } else if (inFrontmatter) {
+        inFrontmatter = false;
+        current.push(line);
+      } else {
+        // Only split if this looks like a new document (next non-blank line has a YAML key)
+        const looksLikeNewDoc = peekIsYamlKey(lines, i + 1);
+        if (looksLikeNewDoc) {
+          documents.push(current.join("\n"));
+          current = [line];
+          inFrontmatter = true;
+        } else {
+          current.push(line);
+        }
+      }
+    } else if (foundFirstDoc) {
+      current.push(line);
+    }
+  }
+
+  if (current.length > 0) {
+    documents.push(current.join("\n"));
+  }
+
+  return documents;
+}
+
+export { parseThreads };

package/src/post-review.test.ts

@@ -0,0 +1,52 @@
+import { describe, it } from "bun:test";
+import assert from "node:assert/strict";
+import { parseThreads } from "./parse-threads.ts";
+import { classifyFindings } from "./diff-classifier.ts";
+
+describe("integration: parse → classify", () => {
+  const threadsContent = [
+    "---",
+    "path: src/main.go",
+    "startLine: 10",
+    "line: 15",
+    "---",
+    "Error not propagated.",
+    "---",
+    "path: src/main.go",
+    "line: 200",
+    "---",
+    "Missing docs.",
+    "---",
+    "path: pkg/other.go",
+    "line: 5",
+    "---",
+    "Unused import.",
+  ].join("\n");
+
+  const diff = [
+    "diff --git a/src/main.go b/src/main.go",
+    "index abc..def 100644",
+    "--- a/src/main.go",
+    "+++ b/src/main.go",
+    "@@ -8,6 +8,10 @@ func main() {",
+    "     existing()",
+    "+    newCode()",
+    "+    moreNew()",
+    "+    evenMore()",
+    "+    andMore()",
+    "     rest()",
+  ].join("\n");
+
+  it("classifies findings correctly across all 3 tiers", () => {
+    const findings = parseThreads(threadsContent);
+    assert.equal(findings.length, 3);
+
+    const classified = classifyFindings(findings, diff);
+    // line 10-15 is within hunk (newStart=8, newLines=10) → tier 1
+    assert.equal(classified[0].tier, 1);
+    // line 200 in src/main.go but not in hunk → tier 2
+    assert.equal(classified[1].tier, 2);
+    // pkg/other.go not in diff → tier 3
+    assert.equal(classified[2].tier, 3);
+  });
+});