@probelabs/visor 0.1.106 → 0.1.107

package/dist/examples/failure-conditions-github-style.yaml

@@ -0,0 +1,119 @@
+version: "1.0"
+
+# Failure conditions using GitHub Actions-like syntax
+# This example shows how to use familiar GitHub Actions expression functions
+
+# Global failure conditions that apply to all checks
+failure_conditions:
+  # Using success() and failure() functions like GitHub Actions
+  check_must_succeed: "!failure()"
+
+  # Using contains() like GitHub Actions
+  no_sql_injection:
+    condition: '!contains(checkName, "skip") || !output.issues.some(i => i.severity === "critical")'
+    message: "Critical issues found in non-skipped checks"
+    severity: error
+
+  # Using startsWith() for check name patterns
+  security_checks_strict:
+    condition: 'startsWith(checkName, "security") && output.issues.length == 0'
+    message: "Security checks must have zero issues"
+    severity: error
+
+steps:
+  # Security check with GitHub Actions-style conditions
+  security-scan:
+    type: ai
+    schema: code-review
+    prompt: "Analyze for security vulnerabilities"
+    on: [pr_opened, pr_updated]
+
+    failure_conditions:
+      # Using contains() to check for specific text in file paths
+      sensitive_files:
+        condition: 'hasFileMatching(output.issues, ".env") || hasFileMatching(output.issues, "secret")'
+        message: "Issues found in sensitive files"
+        severity: error
+
+      # Using success() to check overall health
+      must_complete_successfully:
+        condition: "success() || always()"
+        message: "Check completed"
+        severity: info
+
+  # Performance check with familiar syntax
+  performance-check:
+    type: ai
+    schema: code-review
+    prompt: "Review for performance issues"
+    on: [pr_opened, pr_updated]
+
+    failure_conditions:
+      # Combining multiple GitHub Actions-like functions
+      performance_gates:
+        condition: |
+          !failure() &&
+          !contains(checkName, "skip") &&
+          !output.issues.some(i => i.severity === "critical")
+        message: "Performance check passed quality gates"
+        severity: info
+
+      # Using endsWith() for file type checking
+      frontend_performance:
+        condition: 'hasFileMatching(output.issues, ".js") || hasFileMatching(output.issues, ".tsx")'
+        message: "Frontend performance issues detected"
+        severity: warning
+
+  # Style check with conditional logic
+  code-style:
+    type: ai
+    schema: code-review
+    prompt: "Check code style and formatting"
+    on: [pr_opened, pr_updated]
+
+    failure_conditions:
+      # Complex condition similar to GitHub Actions
+      style_enforcement:
+        condition: |
+          (checkName.includes('code-review') && output.issues.filter(i => i.severity === 'warning').length > 5) ||
+          (contains(checkName, 'strict') && output.issues.length > 0)
+        message: "Style violations exceed threshold"
+        severity: warning
+
+      # Always pass for draft PRs (conceptual example)
+      draft_pr_lenient:
+        condition: "always()"
+        message: "Style check completed"
+        severity: info
+
+# Comparison with GitHub Actions syntax:
+#
+# GitHub Actions:
+#   if: contains(github.event.head_commit.message, 'skip-ci')
+#
+# Visor (JavaScript):
+#   condition: "contains(commit.message, 'skip-ci')"
+#
+# GitHub Actions:
+#   if: success() && github.event_name == 'pull_request'
+#
+# Visor (JavaScript):
+#   condition: "success() && event.name == 'pull_request'"
+#
+# GitHub Actions:
+#   if: failure() || cancelled()
+#
+# Visor (JavaScript):
+#   condition: "failure() || metadata.cancelled"
+#
+# GitHub Actions:
+#   if: startsWith(github.ref, 'refs/heads/release')
+#
+# Visor (JavaScript):
+#   condition: "startsWith(event.ref, 'refs/heads/release')"
+
+output:
+  pr_comment:
+    format: markdown
+    group_by: check
+    collapse: true

package/dist/examples/failure-conditions-migration.yaml

@@ -0,0 +1,74 @@
+# Migration Example: Before and After
+# This example shows how to migrate from basic configuration to failure conditions
+
+version: "1.0"
+
+# BEFORE: Simple configuration without failure conditions
+# checks:
+#   security:
+#     type: ai
+#     prompt: "Security analysis..."
+#     on: [pr_opened, pr_updated]
+
+# AFTER: Enhanced configuration with failure conditions
+
+# Global failure conditions - start simple
+failure_conditions:
+  # Basic quality gate
+  default_quality_gate: "output.issues.length > 20"
+
+  # Critical issue blocker
+  critical_blocker:
+    condition: "output.issues.some(i => i.severity === 'critical')"
+    message: "Critical issues found - deployment blocked"
+    severity: error
+    halt_execution: true
+
+steps:
+  # Migrated security check with failure conditions
+  security:
+    type: ai
+    group: review
+    schema: code-review
+    prompt: |
+      Analyze security vulnerabilities in the code changes.
+      Look for common security issues and provide specific recommendations.
+    on: [pr_opened, pr_updated]
+
+    # Start with simple check-specific conditions
+    failure_conditions:
+      # Security-specific gate
+      security_gate: "output.issues.some(i => i.severity === 'error')"
+
+      # Specific security patterns
+      sensitive_operations:
+        condition: "hasFileWith(output.issues, 'password') || hasFileWith(output.issues, 'token')"
+        message: "Sensitive security operations detected"
+        severity: warning
+
+  # New performance check with conditions
+  performance:
+    type: ai
+    group: review
+    schema: code-review
+    prompt: |
+      Analyze performance implications of code changes.
+    on: [pr_opened, pr_updated]
+
+    failure_conditions:
+      # Performance threshold
+      performance_issues: "output.issues.filter(i => i.severity === 'error').length > 2"
+
+# Output configuration
+output:
+  pr_comment:
+    format: markdown
+    group_by: check
+    collapse: false
+
+# Migration Steps:
+# 1. Add global failure_conditions section with basic conditions
+# 2. Add group and schema to existing checks
+# 3. Add check-specific failure_conditions as needed
+# 4. Test conditions using debug mode
+# 5. Gradually refine expressions based on results

package/dist/examples/for-loop-example.yaml

@@ -0,0 +1,176 @@
+version: "1.0"
+# Example demonstrating Liquid template for loops in Visor
+
+steps:
+  # Example 1: Loop through all files in PR
+  file-summary:
+    type: log
+    level: info
+    message: |
+      📁 File Changes Summary:
+
+      Total files changed: {{ files | size }}
+
+      {% for file in files %}
+      - {{ file.filename }}
+        Status: {{ file.status }}
+        Changes: +{{ file.additions }}/-{{ file.deletions }}
+      {% endfor %}
+
+  # Example 2: Loop with conditions - only show large files
+  large-files:
+    type: log
+    level: warning
+    message: |
+      ⚠️ Large File Changes (>100 lines):
+
+      {% for file in files %}
+        {% assign total_changes = file.additions | plus: file.deletions %}
+        {% if total_changes > 100 %}
+      - {{ file.filename }}: {{ total_changes }} lines changed
+        {% endif %}
+      {% endfor %}
+
+  # Example 3: Group files by extension using nested loops
+  files-by-type:
+    type: log
+    level: info
+    message: |
+      📊 Files Grouped by Extension:
+
+      {% for ext, files in utils.filesByExtension %}
+      {{ ext | upcase }} Files ({{ files | size }}):
+        {% for file in files %}
+        - {{ file.filename }} ({{ file.status }})
+        {% endfor %}
+      {% endfor %}
+
+  # Example 4: Create markdown table from files
+  file-table:
+    type: log
+    level: info
+    message: |
+      ## File Change Details
+
+      | File | Type | Status | Additions | Deletions |
+      |------|------|--------|-----------|-----------|
+      {% for file in files %}
+      | `{{ file.filename }}` | {{ file.filename | split: "." | last }} | {{ file.status }} | +{{ file.additions }} | -{{ file.deletions }} |
+      {% endfor %}
+
+  # Example 5: Loop through check outputs (when using dependencies)
+  dependency-summary:
+    type: log
+    level: info
+    depends_on: [file-summary, large-files]
+    message: |
+      📋 Previous Check Results:
+
+      {% for checkName, result in outputs %}
+      Check: {{ checkName }}
+      {% if result.issues %}
+        Issues found: {{ result.issues | size }}
+        {% for issue in result.issues %}
+        - {{ issue.severity }}: {{ issue.message }}
+        {% endfor %}
+      {% else %}
+        No issues found
+      {% endif %}
+      {% endfor %}
+
+  # Example 6: Advanced filtering and counting
+  security-file-scan:
+    type: ai
+    prompt: |
+      Review these security-sensitive files:
+
+      {% assign security_files = 0 %}
+      {% for file in files %}
+        {% if file.filename contains ".env" or file.filename contains "config" or file.filename contains "secret" %}
+          {% assign security_files = security_files | plus: 1 %}
+      - {{ file.filename }} (SECURITY SENSITIVE)
+        {% endif %}
+      {% endfor %}
+
+      {% if security_files == 0 %}
+      No security-sensitive files detected in this PR.
+      {% else %}
+      Found {{ security_files }} security-sensitive files. Please review carefully.
+      {% endif %}
+
+  # Example 7: Create JSON from loop data
+  json-output:
+    type: command
+    exec: |
+      echo '{
+        "files": [
+          {% for file in files %}
+          {
+            "name": {{ file.filename | json }},
+            "status": {{ file.status | json }},
+            "additions": {{ file.additions }},
+            "deletions": {{ file.deletions }}
+          }{% unless forloop.last %},{% endunless %}
+          {% endfor %}
+        ],
+        "total": {{ files | size }}
+      }' | jq .
+
+  # Example 8: Loop with index
+  numbered-list:
+    type: log
+    level: info
+    message: |
+      📝 Files (numbered):
+
+      {% for file in files %}
+      {{ forloop.index }}. {{ file.filename }}
+         - First in loop: {{ forloop.first }}
+         - Last in loop: {{ forloop.last }}
+         - Index (0-based): {{ forloop.index0 }}
+         - Index (1-based): {{ forloop.index }}
+      {% endfor %}
+
+  # Example 9: Break and continue (using unless/if)
+  filter-files:
+    type: log
+    level: info
+    message: |
+      📂 Non-test TypeScript files:
+
+      {% for file in files %}
+        {% unless file.filename contains ".test." %}
+          {% if file.filename endswith ".ts" or file.filename endswith ".tsx" %}
+      - {{ file.filename }}
+          {% endif %}
+        {% endunless %}
+      {% endfor %}
+
+  # Example 10: Complex nested structure
+  pr-analysis:
+    type: ai
+    prompt: |
+      Analyze this PR structure:
+
+      {% for ext, files in utils.filesByExtension %}
+      {% if files.size > 0 %}
+      === {{ ext | upcase }} Files ({{ files.size }}) ===
+
+      New files:
+      {% for file in files %}
+        {% if file.status == "added" %}
+      - {{ file.filename }}
+        {% endif %}
+      {% endfor %}
+
+      Modified files:
+      {% for file in files %}
+        {% if file.status == "modified" %}
+      - {{ file.filename }} ({{ file.changes }} lines)
+        {% endif %}
+      {% endfor %}
+
+      {% endif %}
+      {% endfor %}
+
+      Focus your review on the files with the most changes.

package/dist/examples/forEach-example.yaml

@@ -0,0 +1,120 @@
+version: "1.0"
+# Example demonstrating the forEach flag in Visor checks
+# forEach allows a check to output an array, and dependent checks will run once for each item
+
+steps:
+  # Step 1: Get a list of JSON files (outputs an array)
+  list-json-files:
+    type: command
+    exec: |
+      # This outputs a JSON array of file paths
+      find . -name "*.json" -type f | head -5 | jq -R -s -c 'split("\n")[:-1]'
+    forEach: true  # Enable forEach - output will be treated as an array for iteration
+    group: validation
+
+  # Step 2: This check will run once for each JSON file from list-json-files
+  validate-each-json:
+    type: command
+    exec: |
+      # {{ outputs.list-json-files }} will be a single file path, not the array
+      echo "Validating: {{ outputs.list-json-files }}"
+      jsonlint "{{ outputs.list-json-files }}" 2>&1 || echo "Invalid JSON: {{ outputs.list-json-files }}"
+    depends_on: [list-json-files]
+    group: validation
+
+  # Another example: Process multiple PR files
+  get-changed-js-files:
+    type: command
+    exec: |
+      # Output array of JavaScript files from the PR
+      echo '{{ files | json }}' | jq '[.[] | select(.filename | endswith(".js")) | .filename]'
+    forEach: true
+    group: analysis
+
+  # This runs for each JS file
+  analyze-each-js-file:
+    type: command
+    exec: |
+      echo "Analyzing file: {{ outputs.get-changed-js-files }}"
+      # Could run ESLint, complexity analysis, etc.
+      wc -l "{{ outputs.get-changed-js-files }}" 2>/dev/null || echo "File not found locally"
+    depends_on: [get-changed-js-files]
+    group: analysis
+
+  # Example with AI checks
+  list-security-concerns:
+    type: ai
+    prompt: |
+      List the top 3 security-sensitive files in this PR as a JSON array of strings.
+      Only include file paths, nothing else.
+      Return format: ["file1.js", "file2.py", "file3.yml"]
+    schema: plain
+    forEach: true  # The AI output (array) will be used for iteration
+    group: security
+
+  # This AI check runs for each security-sensitive file
+  deep-security-review:
+    type: ai
+    prompt: |
+      Perform a detailed security review of this specific file:
+      {{ outputs.list-security-concerns }}
+
+      Focus only on this one file and provide specific security recommendations.
+    depends_on: [list-security-concerns]
+    group: security
+
+  # Example with transform to create array
+  extract-functions:
+    type: command
+    exec: |
+      # Extract function names from a TypeScript file
+      grep -o "function [a-zA-Z_][a-zA-Z0-9_]*" src/example.ts | cut -d' ' -f2
+    transform: |
+      {{ output | split: "\n" | json }}
+    forEach: true
+    group: documentation
+
+  # Document each function
+  document-function:
+    type: ai
+    prompt: |
+      Write JSDoc documentation for the function named: {{ outputs.extract-functions }}
+    depends_on: [extract-functions]
+    group: documentation
+
+  # Complex example: Process webhook data
+  get-jira-tickets:
+    type: http_client
+    url: "https://api.example.com/jira/tickets?pr={{ pr.number }}"
+    transform: |
+      {{ data.issues | json }}
+    forEach: true
+    group: tracking
+
+  update-each-ticket:
+    type: http
+    url: "https://api.example.com/jira/ticket/{{ outputs.get-jira-tickets.id }}"
+    body: |
+      {
+        "status": "in-review",
+        "pr_number": {{ pr.number }},
+        "reviewer": "{{ pr.author }}"
+      }
+    depends_on: [get-jira-tickets]
+    group: tracking
+
+# How forEach works:
+# 1. A check with forEach: true outputs an array (or string that can be parsed as array)
+# 2. The check stores this array internally as forEachItems
+# 3. Any check that depends on a forEach check will:
+#    - Execute once for each item in the array
+#    - Receive a single item (not the array) in outputs.<check-name>
+#    - Aggregate all results from all iterations
+#
+# Example execution flow:
+# - list-json-files outputs: ["file1.json", "file2.json", "file3.json"]
+# - validate-each-json runs 3 times:
+#   - Run 1: outputs.list-json-files = "file1.json"
+#   - Run 2: outputs.list-json-files = "file2.json"
+#   - Run 3: outputs.list-json-files = "file3.json"
+# - All issues from all runs are collected and reported together

package/dist/examples/github-workflow-with-tags.yml

@@ -0,0 +1,163 @@
+# GitHub Actions Workflow - Progressive Code Review with Tags
+# This workflow demonstrates different tag strategies for various scenarios
+#
+# NOTE: For fork PR support with check runs, change pull_request to pull_request_target
+# See docs/GITHUB_CHECKS.md#fork-pr-support for details
+
+name: Progressive Code Review
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+  issue_comment:
+    types: [created]
+
+jobs:
+  # ============================================
+  # STAGE 1: Quick validation (runs always)
+  # ============================================
+  quick-validation:
+    name: Fast Critical Checks
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Full history for better analysis
+
+      - name: Run critical fast checks
+        uses: gates-ai/visor-action@v1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          tags: "critical,fast"
+          fail-fast: "true"  # Stop immediately on critical issues
+          max-parallelism: "5"  # Run checks in parallel
+        env:
+          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
+
+  # ============================================
+  # STAGE 2: Security scan (parallel with Stage 1)
+  # ============================================
+  security-scan:
+    name: Security Analysis
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Run all security checks
+        uses: gates-ai/visor-action@v1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          tags: "security"
+          exclude-tags: "experimental"
+        env:
+          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
+
+  # ============================================
+  # STAGE 3: Full review (only for main branch)
+  # ============================================
+  comprehensive-review:
+    name: Comprehensive Analysis
+    runs-on: ubuntu-latest
+    if: github.base_ref == 'main' || github.base_ref == 'master'
+    needs: [quick-validation]  # Only run if quick checks pass
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Run comprehensive checks
+        uses: gates-ai/visor-action@v1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          tags: "comprehensive,remote"
+          exclude-tags: "experimental,fast"  # Skip fast checks (already ran)
+        env:
+          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
+          # Use more powerful model for comprehensive checks
+          AI_MODEL: "gemini-1.5-pro"
+
+  # ============================================
+  # STAGE 4: Performance profiling (for performance PRs)
+  # ============================================
+  performance-analysis:
+    name: Performance Profiling
+    runs-on: ubuntu-latest
+    if: contains(github.event.pull_request.labels.*.name, 'performance') || contains(github.event.pull_request.title, 'perf')
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Run performance checks
+        uses: gates-ai/visor-action@v1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          tags: "performance"
+        env:
+          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
+
+  # ============================================
+  # STAGE 5: Frontend checks (for frontend changes)
+  # ============================================
+  frontend-checks:
+    name: Frontend Analysis
+    runs-on: ubuntu-latest
+    if: |
+      contains(github.event.pull_request.files.*.filename, '.tsx') ||
+      contains(github.event.pull_request.files.*.filename, '.jsx') ||
+      contains(github.event.pull_request.files.*.filename, '.css')
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Run frontend-specific checks
+        uses: gates-ai/visor-action@v1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          tags: "frontend,accessibility,style"
+        env:
+          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
+
+  # ============================================
+  # OPTIONAL: Experimental features (manual trigger)
+  # ============================================
+  experimental-features:
+    name: Experimental Analysis
+    runs-on: ubuntu-latest
+    if: contains(github.event.comment.body, '/experimental')
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Run experimental checks
+        uses: gates-ai/visor-action@v1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          tags: "experimental"
+          debug: "true"  # Enable debug for experimental features
+        env:
+          CLAUDE_CODE_API_KEY: ${{ secrets.CLAUDE_CODE_API_KEY }}
+          # Use Claude for experimental features
+          AI_PROVIDER: "claude-code"
+
+  # ============================================
+  # NIGHTLY: Deep analysis (scheduled)
+  # ============================================
+  deep-analysis:
+    name: Deep Code Analysis
+    runs-on: ubuntu-latest
+    if: github.event_name == 'schedule'  # Only for scheduled runs
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Run all checks including slow ones
+        uses: gates-ai/visor-action@v1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          # Run everything except experimental
+          exclude-tags: "experimental"
+          # No tag filter means run all
+        env:
+          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
+          AI_MODEL: "gemini-1.5-pro"  # Use best model for deep analysis