@oss-autopilot/core 3.4.0 → 3.5.0

package/dist/commands/compliance-score.d.ts

@@ -0,0 +1,21 @@
+/**
+ * compliance-score command (#1245).
+ *
+ * Fetches PR metadata via the GitHub API, runs the typed
+ * `computeComplianceScore` core function, and returns the structured
+ * result. Used by the `pr-compliance-checker` agent (and the
+ * `compliance-score` MCP tool) to replace per-prompt scoring tables
+ * with a deterministic, testable evaluation.
+ *
+ * Same architectural shape as `track`: read-only API call, no state
+ * mutation, runs against a public PR URL.
+ */
+import type { ComplianceScoreOutput } from '../formatters/json.js';
+/**
+ * Run the compliance evaluation against a PR URL.
+ *
+ * @throws {ValidationError} If the URL is not a valid GitHub PR URL.
+ */
+export declare function runComplianceScore(options: {
+    prUrl: string;
+}): Promise<ComplianceScoreOutput>;

package/dist/commands/compliance-score.js

@@ -0,0 +1,156 @@
+/**
+ * compliance-score command (#1245).
+ *
+ * Fetches PR metadata via the GitHub API, runs the typed
+ * `computeComplianceScore` core function, and returns the structured
+ * result. Used by the `pr-compliance-checker` agent (and the
+ * `compliance-score` MCP tool) to replace per-prompt scoring tables
+ * with a deterministic, testable evaluation.
+ *
+ * Same architectural shape as `track`: read-only API call, no state
+ * mutation, runs against a public PR URL.
+ */
+import { getOctokit, requireGitHubToken } from '../core/index.js';
+import { ValidationError } from '../core/errors.js';
+import { validateUrl, PR_URL_PATTERN, validateGitHubUrl } from './validation.js';
+import { parseGitHubUrl } from '../core/urls.js';
+import { computeComplianceScore, } from '../core/compliance-score.js';
+/**
+ * Detect whether the target repo has visible test infrastructure. Looks
+ * for the well-known directories at the repo root in a single contents
+ * call. Failures (missing repo, rate limit, network) surface as
+ * `undefined` so the score function falls back to its strict default.
+ */
+async function detectTestInfrastructure(octokit, owner, repo) {
+    try {
+        const { data } = await octokit.repos.getContent({ owner, repo, path: '' });
+        if (!Array.isArray(data))
+            return undefined;
+        const TEST_DIR = /^(?:tests?|__tests__|spec)$/i;
+        return data.some((entry) => entry.type === 'dir' && TEST_DIR.test(entry.name));
+    }
+    catch {
+        return undefined;
+    }
+}
+/**
+ * Parse every issue/PR reference out of the PR body into a flat list of
+ * `{ owner, repo, number }` triples (#1246 Improvement B). Handles the
+ * three forms that PR bodies use in practice:
+ *   - Bare same-repo: `#42` (with closing keyword or referencing keyword)
+ *   - Cross-repo shorthand: `owner/repo#42`
+ *   - Direct URL: `https://github.com/owner/repo/issues/42`
+ *
+ * Deduplicates by `(owner, repo, number)` so a body that mentions the
+ * same issue twice (`Closes #42 — see #42`) results in one API call.
+ */
+function parseLinkedIssueReferences(body, defaultOwner, defaultRepo) {
+    const out = new Map();
+    const push = (owner, repo, number) => {
+        const key = `${owner}/${repo}#${number}`;
+        if (!out.has(key))
+            out.set(key, { owner, repo, number });
+    };
+    // Bare `#42` only counts when accompanied by a closing or referencing
+    // verb — random hashtags shouldn't trigger an API call.
+    const BARE_REF = /\b(?:close[sd]?|fix(?:e[sd])?|resolve[sd]?|relates?\s+to|refs?|references?|see)\s+#(\d+)/gi;
+    for (const match of body.matchAll(BARE_REF)) {
+        push(defaultOwner, defaultRepo, Number.parseInt(match[1], 10));
+    }
+    const CROSS_REPO = /\b([\w.-]+)\/([\w.-]+)#(\d+)/g;
+    for (const match of body.matchAll(CROSS_REPO)) {
+        push(match[1], match[2], Number.parseInt(match[3], 10));
+    }
+    const ISSUE_OR_PR_URL = /https?:\/\/github\.com\/([^/\s]+)\/([^/\s]+)\/(?:issues|pull)\/(\d+)/gi;
+    for (const match of body.matchAll(ISSUE_OR_PR_URL)) {
+        push(match[1], match[2], Number.parseInt(match[3], 10));
+    }
+    return [...out.values()];
+}
+/**
+ * Fetch each linked issue/PR via the Issues API and classify its
+ * state (#1246 Improvement B). Failures (404 / rate limit / network)
+ * map to `state: 'not_found'` for that single reference rather than
+ * aborting the score — the function falls back to surfacing what it
+ * could verify.
+ */
+async function verifyLinkedIssues(octokit, prRepo, refs, now = new Date()) {
+    return Promise.all(refs.map(async ({ owner, repo, number }) => {
+        const crossRepo = owner !== prRepo.owner || repo !== prRepo.repo;
+        const fullRepo = `${owner}/${repo}`;
+        try {
+            const { data } = await octokit.issues.get({ owner, repo, issue_number: number });
+            if (data.state === 'open') {
+                return { number, repo: fullRepo, crossRepo, state: 'open' };
+            }
+            const closedAt = data.closed_at ? new Date(data.closed_at) : null;
+            const closedDaysAgo = closedAt ? Math.floor((now.getTime() - closedAt.getTime()) / 86400000) : undefined;
+            return { number, repo: fullRepo, crossRepo, state: 'closed', closedDaysAgo };
+        }
+        catch (err) {
+            const status = err.status;
+            if (status === 404) {
+                return { number, repo: fullRepo, crossRepo, state: 'not_found' };
+            }
+            // Rate limit, 5xx, network — distinct from "not found" so the
+            // score function treats it neutrally. Mapping a 429 on a valid
+            // open issue to `not_found` would falsely fail the
+            // issue-reference check on a perfectly good PR.
+            return { number, repo: fullRepo, crossRepo, state: 'unverifiable' };
+        }
+    }));
+}
+/**
+ * Run the compliance evaluation against a PR URL.
+ *
+ * @throws {ValidationError} If the URL is not a valid GitHub PR URL.
+ */
+export async function runComplianceScore(options) {
+    validateUrl(options.prUrl);
+    validateGitHubUrl(options.prUrl, PR_URL_PATTERN, 'PR');
+    const token = requireGitHubToken();
+    const octokit = getOctokit(token);
+    const parsed = parseGitHubUrl(options.prUrl);
+    if (!parsed || parsed.type !== 'pull') {
+        throw new ValidationError(`Invalid PR URL: ${options.prUrl}`);
+    }
+    const { owner, repo, number } = parsed;
+    // Fetch the PR + its files in parallel; the file list drives the
+    // tests check and the focused-changes check.
+    const [{ data: pr }, filesResponse, hasTestInfrastructure] = await Promise.all([
+        octokit.pulls.get({ owner, repo, pull_number: number }),
+        octokit.pulls.listFiles({ owner, repo, pull_number: number, per_page: 100 }),
+        detectTestInfrastructure(octokit, owner, repo),
+    ]);
+    const meta = {
+        title: pr.title,
+        body: pr.body ?? '',
+        branch: pr.head.ref,
+        filesChangedCount: pr.changed_files,
+        additions: pr.additions,
+        deletions: pr.deletions,
+        files: filesResponse.data.map((f) => f.filename),
+    };
+    // Verify every linked issue/PR reference in the body (#1246 B) so
+    // `Closes #999` against a non-existent or stale issue fails loud
+    // instead of passing on the regex match.
+    const issueRefs = parseLinkedIssueReferences(meta.body, owner, repo);
+    const linkedIssues = issueRefs.length > 0 ? await verifyLinkedIssues(octokit, { owner, repo }, issueRefs) : undefined;
+    const repoContext = {
+        hasTestInfrastructure,
+        linkedIssues,
+    };
+    const result = computeComplianceScore(meta, repoContext);
+    return {
+        pr: {
+            repo: `${owner}/${repo}`,
+            number,
+            title: pr.title,
+            url: options.prUrl,
+        },
+        score: result.score,
+        rating: result.rating,
+        emoji: result.emoji,
+        checks: result.checks,
+    };
+}

package/dist/commands/index.d.ts

@@ -29,6 +29,10 @@ export { runVet } from './vet.js';
 export { runVetList } from './vet-list.js';
 /** Fetch PR metadata from GitHub (informational; nothing is persisted). */
 export { runTrack } from './track.js';
+/** Score a PR against opensource.guide best practices via the typed core function (#1245). */
+export { runComplianceScore } from './compliance-score.js';
+/** Compute repo health rubric (1–10 score + verdict) via the typed core function (#1271, follow-up to #1242). */
+export { runRepoVet } from './repo-vet.js';
 /** Temporarily hide a PR from the daily digest. */
 export { runShelve } from './shelve.js';
 /** Restore a shelved PR to the daily digest. */

package/dist/commands/index.js

@@ -31,6 +31,10 @@ export { runVetList } from './vet-list.js';
 // ── PR Management ───────────────────────────────────────────────────────────
 /** Fetch PR metadata from GitHub (informational; nothing is persisted). */
 export { runTrack } from './track.js';
+/** Score a PR against opensource.guide best practices via the typed core function (#1245). */
+export { runComplianceScore } from './compliance-score.js';
+/** Compute repo health rubric (1–10 score + verdict) via the typed core function (#1271, follow-up to #1242). */
+export { runRepoVet } from './repo-vet.js';
 /** Temporarily hide a PR from the daily digest. */
 export { runShelve } from './shelve.js';
 /** Restore a shelved PR to the daily digest. */

package/dist/commands/list-mark-done.d.ts

@@ -0,0 +1,48 @@
+/**
+ * list-mark-done command (#1299).
+ *
+ * Mark an issue line in a curated list as done by wrapping it in
+ * `~~strikethrough~~` and appending a `**Done** — PR [#N](url) ...` sub-bullet.
+ * If every issue under the same `### repo/name` heading is now struck through,
+ * also strikes through the heading. Replaces the markdown-prose strikethrough
+ * logic in `draft-first-workflow.md` Step 10.
+ *
+ * Idempotent: re-running with an already-marked URL is a no-op.
+ *
+ * No GitHub calls — pure read/transform/write of a local file.
+ */
+export interface MarkDoneOptions {
+    issueUrl: string;
+    prUrl: string;
+    /** Free-text trailing status, e.g. "CI passing", "merged". */
+    prStatus: string;
+    listPath: string;
+}
+export interface MarkDoneOutput {
+    /** True if the line was found and updated. False on already-marked or not-found. */
+    marked: boolean;
+    /** Fully-resolved file path that was inspected. */
+    filePath: string;
+    /** The issue URL that was searched for. */
+    url: string;
+    /** True if the parent `### repo/name` heading was also struck through this run. */
+    repoHeadingStruck: boolean;
+    /** Issue lines under the same repo heading that are still open after the update. */
+    remainingUnderRepo: number;
+    /** Human-readable explanation when `marked` is false. */
+    reason?: string;
+}
+/** Pure transform — exposed for unit testing. */
+export declare function markIssueAsDone(content: string, opts: {
+    issueUrl: string;
+    prUrl: string;
+    prStatus: string;
+}): {
+    content: string;
+    marked: boolean;
+    repoHeadingStruck: boolean;
+    remainingUnderRepo: number;
+    reason?: string;
+};
+/** Read → transform → write atomically (tmp + rename) so a crash mid-write can't corrupt the file. */
+export declare function runMarkIssueListItemDone(options: MarkDoneOptions): Promise<MarkDoneOutput>;

package/dist/commands/list-mark-done.js

@@ -0,0 +1,213 @@
+/**
+ * list-mark-done command (#1299).
+ *
+ * Mark an issue line in a curated list as done by wrapping it in
+ * `~~strikethrough~~` and appending a `**Done** — PR [#N](url) ...` sub-bullet.
+ * If every issue under the same `### repo/name` heading is now struck through,
+ * also strikes through the heading. Replaces the markdown-prose strikethrough
+ * logic in `draft-first-workflow.md` Step 10.
+ *
+ * Idempotent: re-running with an already-marked URL is a no-op.
+ *
+ * No GitHub calls — pure read/transform/write of a local file.
+ */
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { errorMessage } from '../core/errors.js';
+const STRIKE = '~~';
+const DONE_PREFIX = '  - **Done**';
+const ISSUE_LINE_RE = /^[*+-]\s/;
+const REPO_HEADING_RE = /^###\s/;
+const SECTION_BREAK_RE = /^#{1,3}\s/;
+const PR_NUMBER_RE = /\/(?:pull|issues)\/(\d+)(?:[/?#]|$)/;
+/** Extract a PR number from a GitHub PR URL, returning a string like "#42". */
+function prNumberLabel(prUrl) {
+    const match = prUrl.match(PR_NUMBER_RE);
+    return match ? `#${match[1]}` : 'PR';
+}
+/** Wrap a line in `~~...~~` if it isn't already. Returns the input unchanged when already wrapped. */
+function strikeLine(line) {
+    // Strip the leading list marker so we wrap the content, not the bullet.
+    const markerMatch = line.match(/^(?:[*+-]\s+|#{1,6}\s+)/);
+    const prefix = markerMatch ? markerMatch[0] : '';
+    const body = line.slice(prefix.length);
+    if (body.startsWith(STRIKE) && body.endsWith(STRIKE) && body.length >= 4) {
+        return { line, alreadyStruck: true };
+    }
+    return { line: `${prefix}${STRIKE}${body}${STRIKE}`, alreadyStruck: false };
+}
+/**
+ * Match the URL only when followed by a non-digit, non-word character (or
+ * end of line). A bare `includes(issueUrl)` would match `issues/1` against
+ * a line containing `issues/10`, so finding/marking issue 1 would mark
+ * whichever number-prefix line appears first.
+ */
+function lineMentionsUrl(line, issueUrl) {
+    const idx = line.indexOf(issueUrl);
+    if (idx === -1)
+        return false;
+    const next = line.charCodeAt(idx + issueUrl.length);
+    // NaN (end of string) → digit boundary OK. Otherwise reject any digit
+    // immediately after the URL so 'issues/1' doesn't match 'issues/10'.
+    return Number.isNaN(next) || next < 48 /* '0' */ || next > 57; /* '9' */
+}
+/** Find the issue block (issue line plus any indented sub-bullets) that mentions the URL. */
+function findIssueBlock(lines, issueUrl) {
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        if (!ISSUE_LINE_RE.test(line))
+            continue;
+        if (!lineMentionsUrl(line, issueUrl))
+            continue;
+        let end = i + 1;
+        while (end < lines.length && /^\s{2,}/.test(lines[end]))
+            end++;
+        return { start: i, end };
+    }
+    return undefined;
+}
+/** Find the `### repo/...` heading enclosing a given line index, plus its end (next heading at depth ≤ 3). */
+function findRepoSection(lines, lineIndex) {
+    let headingIndex;
+    for (let i = lineIndex - 1; i >= 0; i--) {
+        if (REPO_HEADING_RE.test(lines[i])) {
+            headingIndex = i;
+            break;
+        }
+        if (/^#{1,2}\s/.test(lines[i]))
+            return undefined;
+    }
+    if (headingIndex === undefined)
+        return undefined;
+    let end = lines.length;
+    for (let i = headingIndex + 1; i < lines.length; i++) {
+        if (SECTION_BREAK_RE.test(lines[i])) {
+            end = i;
+            break;
+        }
+    }
+    return { headingIndex, end };
+}
+/** Count issue lines under a section that are NOT yet struck through. */
+function countOpenIssues(lines, section) {
+    let open = 0;
+    for (let i = section.headingIndex + 1; i < section.end; i++) {
+        const line = lines[i];
+        if (!ISSUE_LINE_RE.test(line))
+            continue;
+        const body = line.replace(/^[*+-]\s+/, '');
+        if (!(body.startsWith(STRIKE) && body.endsWith(STRIKE)))
+            open++;
+    }
+    return open;
+}
+/** Pure transform — exposed for unit testing. */
+export function markIssueAsDone(content, opts) {
+    const hadTrailingNewline = content.endsWith('\n');
+    const lines = (hadTrailingNewline ? content.slice(0, -1) : content).split('\n');
+    const block = findIssueBlock(lines, opts.issueUrl);
+    if (!block) {
+        return {
+            content,
+            marked: false,
+            repoHeadingStruck: false,
+            remainingUnderRepo: 0,
+            reason: 'issue URL not found in the list',
+        };
+    }
+    const issueLine = lines[block.start];
+    const issueBody = issueLine.replace(/^[*+-]\s+/, '');
+    const alreadyMarked = issueBody.startsWith(STRIKE) && issueBody.endsWith(STRIKE);
+    if (alreadyMarked) {
+        const section = findRepoSection(lines, block.start);
+        return {
+            content,
+            marked: false,
+            repoHeadingStruck: false,
+            remainingUnderRepo: section ? countOpenIssues(lines, section) : 0,
+            reason: 'already marked done',
+        };
+    }
+    // 1. Strike the issue line.
+    const struck = strikeLine(issueLine);
+    lines[block.start] = struck.line;
+    // 2. Insert the **Done** sub-bullet after the issue line and any existing sub-bullets.
+    const doneSubBullet = `${DONE_PREFIX} — PR [${prNumberLabel(opts.prUrl)}](${opts.prUrl}) submitted, ${opts.prStatus}.`;
+    // If the previously-existing sub-bullets already contain a Done line, treat as idempotent.
+    const existingSubBullets = lines.slice(block.start + 1, block.end);
+    const hasDoneAlready = existingSubBullets.some((l) => l.trim().startsWith('- **Done**'));
+    if (!hasDoneAlready) {
+        lines.splice(block.end, 0, doneSubBullet);
+    }
+    // 3. If every issue under this repo heading is now struck, strike the heading too.
+    const section = findRepoSection(lines, block.start);
+    let repoHeadingStruck = false;
+    let remaining = 0;
+    if (section) {
+        // Recompute end since we may have inserted a sub-bullet.
+        const refreshed = findRepoSection(lines, block.start);
+        if (refreshed) {
+            remaining = countOpenIssues(lines, refreshed);
+            const headingLine = lines[refreshed.headingIndex];
+            const headingBody = headingLine.replace(/^#{3}\s+/, '');
+            const headingAlreadyStruck = headingBody.startsWith(STRIKE) && headingBody.endsWith(STRIKE);
+            if (remaining === 0 && !headingAlreadyStruck) {
+                const result = strikeLine(headingLine);
+                lines[refreshed.headingIndex] = result.line;
+                repoHeadingStruck = !result.alreadyStruck;
+            }
+        }
+    }
+    let next = lines.join('\n');
+    if (hadTrailingNewline)
+        next += '\n';
+    return {
+        content: next,
+        marked: true,
+        repoHeadingStruck,
+        remainingUnderRepo: remaining,
+    };
+}
+/** Read → transform → write atomically (tmp + rename) so a crash mid-write can't corrupt the file. */
+export async function runMarkIssueListItemDone(options) {
+    const filePath = path.resolve(options.listPath);
+    if (!fs.existsSync(filePath)) {
+        throw new Error(`File not found: ${filePath}`);
+    }
+    let content;
+    try {
+        content = fs.readFileSync(filePath, 'utf8');
+    }
+    catch (error) {
+        throw new Error(`Failed to read file: ${errorMessage(error)}`, { cause: error });
+    }
+    const result = markIssueAsDone(content, {
+        issueUrl: options.issueUrl,
+        prUrl: options.prUrl,
+        prStatus: options.prStatus,
+    });
+    if (result.marked) {
+        const tmp = `${filePath}.tmp-${process.pid}-${Date.now()}`;
+        try {
+            fs.writeFileSync(tmp, result.content, 'utf8');
+            fs.renameSync(tmp, filePath);
+        }
+        catch (error) {
+            try {
+                fs.unlinkSync(tmp);
+            }
+            catch {
+                // best-effort cleanup
+            }
+            throw new Error(`Failed to write file: ${errorMessage(error)}`, { cause: error });
+        }
+    }
+    return {
+        marked: result.marked,
+        filePath,
+        url: options.issueUrl,
+        repoHeadingStruck: result.repoHeadingStruck,
+        remainingUnderRepo: result.remainingUnderRepo,
+        reason: result.reason,
+    };
+}

package/dist/commands/parse-list.js

@@ -53,13 +53,61 @@ function extractScore(line) {
     const match = line.match(/Score\s+(\d+(?:\.\d+)?)\/10/i);
     return match ? parseFloat(match[1]) : undefined;
 }
-/** Check if a sub-bullet indicates the item is terminal (completed/abandoned — safe to prune) */
+/**
+ * Extract the first bold span (`**...**`) from a line, trimmed.
+ * Anchoring status detection to the first bold span avoids false positives
+ * from explanatory tails that happen to bold an English verb (`...we should
+ * **hold** off until next quarter...`). Returns null when the line has no
+ * bold markup.
+ */
+function firstBoldSpan(line) {
+    const m = line.match(/\*\*([^*]+)\*\*/);
+    return m ? m[1].trim() : null;
+}
+/**
+ * Check if a sub-bullet's first bold span is a terminal status — completed,
+ * abandoned, or being held back from pursuit (#1179). Used by
+ * `parseIssueList` for in-memory bucketing.
+ *
+ * Curators' freshness-sweep vocabulary has grown beyond the original five
+ * keywords. `hold`, `continue watch`, and `downgrade` all mean "this is no
+ * longer in the actionable bucket" — different from "completed", but
+ * equivalent for the question `parseIssueList` answers
+ * ("which URLs are still pursuable?").
+ *
+ * `pruneIssueList` uses the stricter {@link isSubBulletDeletable} instead,
+ * since on-disk deletion must not silently remove items the curator
+ * explicitly parked.
+ */
 function isSubBulletTerminal(line) {
-    return /\*\*(?:Skip|Done|Dropped|Merged|Closed)\*\*/i.test(line);
+    const kw = firstBoldSpan(line);
+    if (!kw)
+        return false;
+    return /^(?:Skip|Done|Dropped|Merged|Closed|Hold|Continue watch|Downgrade)$/i.test(kw);
 }
-/** Check if a sub-bullet indicates the item is in-progress (not available, but NOT safe to prune) */
+/**
+ * Check if a sub-bullet's first bold span is a "delete-from-disk" status.
+ * Strictly the original five keywords — `pruneIssueList` mutates the
+ * markdown file in place, and a curator's `**Hold**` annotation means
+ * "park", not "delete" (#1179).
+ */
+function isSubBulletDeletable(line) {
+    const kw = firstBoldSpan(line);
+    if (!kw)
+        return false;
+    return /^(?:Skip|Done|Dropped|Merged|Closed)$/i.test(kw);
+}
+/**
+ * Check if a sub-bullet's first bold span is in-progress (not available,
+ * but NOT safe to prune). Includes the "decision pending" vocabulary
+ * curators use when an issue is being investigated but not yet bucketed
+ * (#1179).
+ */
 function isSubBulletInProgress(line) {
-    return /\*\*(?:In Progress|Wait|Waiting)\*\*/i.test(line);
+    const kw = firstBoldSpan(line);
+    if (!kw)
+        return false;
+    return /^(?:In Progress|Wait|Waiting|Post findings first|Ship now|Viable not urgent)$/i.test(kw);
 }
 /** Parse a markdown string into structured issue items */
 export function parseIssueList(content) {
@@ -122,11 +170,40 @@ export function parseIssueList(content) {
         }
         lastItem = item;
     }
+    // Dedupe by URL across both buckets (#1179). Curated lists routinely
+    // mention the same issue in multiple sections (e.g. an item under
+    // "Pursue" plus a freshness-sweep entry under "Pending Vet"), and the
+    // raw per-line counts overstate availability. Rules:
+    //   - If a URL appears in `completed[]` at all, it is filtered out of
+    //     `available[]`. Curators add a terminal annotation (`**hold**`,
+    //     `Done`, etc.) on a later occurrence precisely to override an
+    //     earlier "pursue" line; the terminal classification wins.
+    //   - Within each bucket, the first occurrence is kept (preserves the
+    //     parse order and the tier of the original entry).
+    const completedUrls = new Set(completed.map((item) => item.url));
+    const dedupedAvailable = [];
+    const seenAvailable = new Set();
+    for (const item of available) {
+        if (completedUrls.has(item.url))
+            continue;
+        if (seenAvailable.has(item.url))
+            continue;
+        seenAvailable.add(item.url);
+        dedupedAvailable.push(item);
+    }
+    const dedupedCompleted = [];
+    const seenCompleted = new Set();
+    for (const item of completed) {
+        if (seenCompleted.has(item.url))
+            continue;
+        seenCompleted.add(item.url);
+        dedupedCompleted.push(item);
+    }
     return {
-        available,
-        completed,
-        availableCount: available.length,
-        completedCount: completed.length,
+        available: dedupedAvailable,
+        completed: dedupedCompleted,
+        availableCount: dedupedAvailable.length,
+        completedCount: dedupedCompleted.length,
     };
 }
 /**
@@ -171,7 +248,7 @@ export function pruneIssueList(content, minScore = 6) {
             let shouldRemove = false;
             let j = i + 1;
             while (j < lines.length && /^\s{2,}/.test(lines[j])) {
-                if (isSubBulletTerminal(lines[j])) {
+                if (isSubBulletDeletable(lines[j])) {
                     shouldRemove = true;
                 }
                 const score = extractScore(lines[j]);

package/dist/commands/repo-vet.d.ts

@@ -0,0 +1,21 @@
+/**
+ * repo-vet command (#1271, follow-up to #1242).
+ *
+ * Fetches repo health signals via the GitHub API, runs the typed
+ * `computeRepoVet` core function, and returns the structured result.
+ * Used by the `repo-evaluator` agent (and the future `repo-vet` MCP tool)
+ * to replace per-prompt rubric assembly with a deterministic, testable
+ * evaluation.
+ *
+ * Same architectural shape as `compliance-score`: read-only API calls,
+ * no state mutation, runs against a public `owner/repo` slug.
+ */
+import type { RepoVetOutput } from '../formatters/json.js';
+/**
+ * Run the repo-vet evaluation against an `owner/repo` slug.
+ *
+ * @throws {ValidationError} If the repo identifier is malformed.
+ */
+export declare function runRepoVet(options: {
+    repo: string;
+}): Promise<RepoVetOutput>;