@sentry/warden 0.13.0 → 0.15.0

package/skills/warden-sweep/scripts/create_issue.py

@@ -0,0 +1,189 @@
+#!/usr/bin/env python3
+# /// script
+# requires-python = ">=3.9"
+# ///
+"""
+Warden Sweep: Create tracking issue.
+
+Creates a GitHub issue summarizing the sweep results after verification
+but before patching. Gives every PR a parent to reference and gives
+reviewers a single place to see the full picture.
+
+Usage:
+    uv run create_issue.py <sweep-dir>
+
+Stdout: JSON with issueUrl and issueNumber
+Stderr: Progress lines
+
+Idempotent: if issueUrl already exists in manifest, skips creation.
+"""
+from __future__ import annotations
+
+import argparse
+import json
+import os
+import subprocess
+import sys
+from typing import Any
+
+sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
+from _utils import (  # noqa: E402
+    ensure_github_label,
+    pr_number_from_url,
+    read_json,
+    read_jsonl,
+    severity_badge,
+    write_json,
+)
+
+
+def build_issue_body(
+    run_id: str,
+    scan_index: list[dict[str, Any]],
+    all_findings: list[dict[str, Any]],
+    verified: list[dict[str, Any]],
+    rejected: list[dict[str, Any]],
+) -> str:
+    """Build the GitHub issue body markdown."""
+    files_scanned = sum(1 for e in scan_index if e.get("status") == "complete")
+    files_timed_out = sum(
+        1 for e in scan_index
+        if e.get("status") == "error" and e.get("error") == "timeout"
+    )
+    files_errored = sum(
+        1 for e in scan_index
+        if e.get("status") == "error" and e.get("error") != "timeout"
+    )
+
+    # Collect unique skills from scan index
+    skills: set[str] = set()
+    for entry in scan_index:
+        for skill in entry.get("skills", []):
+            skills.add(skill)
+
+    lines = [
+        f"## Warden Sweep `{run_id}`",
+        "",
+        "| Metric | Count |",
+        "|--------|-------|",
+        f"| Files scanned | {files_scanned} |",
+        f"| Files timed out | {files_timed_out} |",
+        f"| Files errored | {files_errored} |",
+        f"| Total findings | {len(all_findings)} |",
+        f"| Verified | {len(verified)} |",
+        f"| Rejected | {len(rejected)} |",
+        "",
+    ]
+
+    if verified:
+        lines.append("### Verified Findings")
+        lines.append("")
+        lines.append("| Severity | Skill | File | Title |")
+        lines.append("|----------|-------|------|-------|")
+        for f in verified:
+            sev = severity_badge(f.get("severity", "info"))
+            skill = f.get("skill", "")
+            file_path = f.get("file", "")
+            start_line = f.get("startLine")
+            location = f"{file_path}:{start_line}" if start_line else file_path
+            title = f.get("title", "")
+            lines.append(f"| {sev} | {skill} | `{location}` | {title} |")
+        lines.append("")
+
+    if skills:
+        lines.append("### Skills Run")
+        lines.append("")
+        lines.append(", ".join(sorted(skills)))
+        lines.append("")
+
+    lines.append("> Generated by Warden Sweep. PRs referencing this issue will appear below.")
+
+    return "\n".join(lines) + "\n"
+
+
+def create_github_issue(title: str, body: str) -> dict[str, Any]:
+    """Create a GitHub issue with the warden label. Returns issueUrl and issueNumber."""
+    ensure_github_label("warden", "5319E7", "Automated fix from Warden Sweep")
+
+    result = subprocess.run(
+        [
+            "gh", "issue", "create",
+            "--label", "warden",
+            "--title", title,
+            "--body", body,
+        ],
+        capture_output=True,
+        text=True,
+        timeout=30,
+    )
+
+    if result.returncode != 0:
+        raise RuntimeError(f"gh issue create failed: {result.stderr.strip()}")
+
+    issue_url = result.stdout.strip()
+    try:
+        issue_number = int(pr_number_from_url(issue_url))
+    except (ValueError, IndexError):
+        raise RuntimeError(f"Could not parse issue number from gh output: {issue_url}")
+
+    return {"issueUrl": issue_url, "issueNumber": issue_number}
+
+
+def main() -> None:
+    parser = argparse.ArgumentParser(
+        description="Warden Sweep: Create tracking issue"
+    )
+    parser.add_argument("sweep_dir", help="Path to the sweep directory")
+    args = parser.parse_args()
+
+    sweep_dir = args.sweep_dir
+    data_dir = os.path.join(sweep_dir, "data")
+    manifest_path = os.path.join(data_dir, "manifest.json")
+
+    if not os.path.isdir(sweep_dir):
+        print(
+            json.dumps({"error": f"Sweep directory not found: {sweep_dir}"}),
+            file=sys.stdout,
+        )
+        sys.exit(1)
+
+    manifest = read_json(manifest_path) or {}
+
+    # Idempotency: if issue already exists, return existing values
+    if manifest.get("issueUrl"):
+        output = {
+            "issueUrl": manifest["issueUrl"],
+            "issueNumber": manifest.get("issueNumber", 0),
+        }
+        print(json.dumps(output))
+        return
+
+    run_id = manifest.get("runId", "unknown")
+
+    # Read sweep data
+    scan_index = read_jsonl(os.path.join(data_dir, "scan-index.jsonl"))
+    all_findings = read_jsonl(os.path.join(data_dir, "all-findings.jsonl"))
+    verified = read_jsonl(os.path.join(data_dir, "verified.jsonl"))
+    rejected = read_jsonl(os.path.join(data_dir, "rejected.jsonl"))
+
+    files_scanned = sum(1 for e in scan_index if e.get("status") == "complete")
+
+    # Build issue
+    title = f"Warden Sweep {run_id}: {len(verified)} findings across {files_scanned} files"
+    body = build_issue_body(run_id, scan_index, all_findings, verified, rejected)
+
+    print("Creating tracking issue...", file=sys.stderr)
+    result = create_github_issue(title, body)
+    print(f"Created issue: {result['issueUrl']}", file=sys.stderr)
+
+    # Write issueUrl and issueNumber to manifest
+    manifest["issueUrl"] = result["issueUrl"]
+    manifest["issueNumber"] = result["issueNumber"]
+    manifest.setdefault("phases", {})["issue"] = "complete"
+    write_json(manifest_path, manifest)
+
+    print(json.dumps(result))
+
+
+if __name__ == "__main__":
+    main()

package/skills/warden-sweep/scripts/extract_findings.py

@@ -0,0 +1,219 @@
+#!/usr/bin/env python3
+# /// script
+# requires-python = ">=3.9"
+# ///
+"""
+Extract individual findings from warden JSONL log files.
+
+Usage:
+    python extract_findings.py <log-path-or-directory> -o <output.jsonl>
+    python extract_findings.py .warden/logs/ --scan-index data/scan-index.jsonl -o findings.jsonl
+
+Reads warden JSONL logs (one skill record per line, summary as last line),
+extracts each finding as a standalone record with a stable ID, and writes
+one finding per line to the output file.
+
+Finding ID format: <skill>-<sha256(title+path+line)[:8]>
+"""
+from __future__ import annotations
+
+import argparse
+import hashlib
+import json
+import os
+import sys
+from pathlib import Path
+from typing import Any
+
+
+def generate_finding_id(skill: str, title: str, path: str, line: int | None) -> str:
+    """Generate a stable, deterministic finding ID."""
+    raw = f"{title}:{path}:{line or 0}"
+    digest = hashlib.sha256(raw.encode()).hexdigest()[:8]
+    # Sanitize skill name for use in ID
+    safe_skill = skill.replace("/", "-").replace(" ", "-").lower()
+    return f"{safe_skill}-{digest}"
+
+
+def parse_jsonl_log(log_path: str) -> list[dict[str, Any]]:
+    """Parse a warden JSONL log file and extract individual findings.
+
+    Each non-summary line has the shape:
+    {
+      "run": {...},
+      "skill": "...",
+      "findings": [{...}, ...],
+      ...
+    }
+
+    The last line is a summary record with "type": "summary" which we skip.
+    """
+    findings = []
+    try:
+        with open(log_path) as f:
+            for line in f:
+                line = line.strip()
+                if not line:
+                    continue
+                try:
+                    record = json.loads(line)
+                except json.JSONDecodeError:
+                    continue
+
+                # Skip summary records
+                if record.get("type") == "summary":
+                    continue
+
+                skill = record.get("skill", "unknown")
+                run_meta = record.get("run", {})
+                record_findings = record.get("findings", [])
+
+                for finding in record_findings:
+                    location = finding.get("location", {})
+                    file_path = location.get("path", "")
+                    start_line = location.get("startLine")
+                    end_line = location.get("endLine")
+
+                    finding_id = generate_finding_id(
+                        skill=skill,
+                        title=finding.get("title", ""),
+                        path=file_path,
+                        line=start_line,
+                    )
+
+                    normalized = {
+                        "findingId": finding_id,
+                        "file": file_path,
+                        "skill": skill,
+                        "severity": finding.get("severity", "info"),
+                        "confidence": finding.get("confidence"),
+                        "title": finding.get("title", ""),
+                        "description": finding.get("description", ""),
+                        "verification": finding.get("verification"),
+                        "location": {
+                            "path": file_path,
+                            "startLine": start_line,
+                            "endLine": end_line,
+                        },
+                        "suggestedFix": finding.get("suggestedFix"),
+                        "logPath": log_path,
+                        "runId": run_meta.get("runId", ""),
+                    }
+
+                    findings.append(normalized)
+
+    except (OSError, IOError) as e:
+        print(f"Error reading {log_path}: {e}", file=sys.stderr)
+
+    return findings
+
+
+def collect_log_paths(source: str, scan_index: str | None = None) -> list[str]:
+    """Collect log file paths from a directory or scan index."""
+    paths: list[str] = []
+
+    if scan_index and os.path.exists(scan_index):
+        # Read log paths from scan-index.jsonl
+        seen = set()
+        total_entries = 0
+        missing = 0
+        with open(scan_index) as f:
+            for line in f:
+                line = line.strip()
+                if not line:
+                    continue
+                try:
+                    entry = json.loads(line)
+                except json.JSONDecodeError:
+                    continue
+                if entry.get("status") != "complete":
+                    continue
+                total_entries += 1
+                log_path = entry.get("logPath", "")
+                if log_path and log_path not in seen:
+                    seen.add(log_path)
+                    if os.path.isfile(log_path):
+                        paths.append(log_path)
+                    else:
+                        missing += 1
+        if missing > 0:
+            print(
+                f"Warning: {missing} log path(s) from scan-index not found on disk",
+                file=sys.stderr,
+            )
+        # Only use scan-index results if we actually found logs;
+        # fall through to source directory otherwise
+        if paths:
+            return paths
+        if total_entries > 0:
+            print(
+                "Warning: scan-index had entries but no valid log paths; "
+                "falling back to source directory",
+                file=sys.stderr,
+            )
+
+    source_path = Path(source)
+    if source_path.is_file():
+        return [str(source_path)]
+
+    if source_path.is_dir():
+        for f in sorted(source_path.glob("*.jsonl")):
+            paths.append(str(f))
+        return paths
+
+    print(f"Source not found: {source}", file=sys.stderr)
+    return paths
+
+
+def main():
+    parser = argparse.ArgumentParser(
+        description="Extract findings from warden JSONL logs"
+    )
+    parser.add_argument(
+        "source",
+        help="Path to a JSONL log file or directory of log files",
+    )
+    parser.add_argument(
+        "-o", "--output",
+        required=True,
+        help="Output path for normalized findings JSONL",
+    )
+    parser.add_argument(
+        "--scan-index",
+        help="Path to scan-index.jsonl (uses log paths from completed scans)",
+    )
+    args = parser.parse_args()
+
+    log_paths = collect_log_paths(args.source, args.scan_index)
+    if not log_paths:
+        print("No log files found.", file=sys.stderr)
+        sys.exit(1)
+
+    all_findings: list[dict[str, Any]] = []
+    seen_ids: set[str] = set()
+
+    for log_path in log_paths:
+        findings = parse_jsonl_log(log_path)
+        for f in findings:
+            fid = f["findingId"]
+            if fid not in seen_ids:
+                seen_ids.add(fid)
+                all_findings.append(f)
+
+    # Write output
+    os.makedirs(os.path.dirname(os.path.abspath(args.output)), exist_ok=True)
+    with open(args.output, "w") as out:
+        for finding in all_findings:
+            out.write(json.dumps(finding) + "\n")
+
+    print(
+        json.dumps({
+            "logsProcessed": len(log_paths),
+            "findingsExtracted": len(all_findings),
+            "outputPath": args.output,
+        })
+    )
+
+
+if __name__ == "__main__":
+    main()

package/skills/warden-sweep/scripts/find_reviewers.py

@@ -0,0 +1,114 @@
+#!/usr/bin/env python3
+# /// script
+# requires-python = ">=3.9"
+# ///
+"""
+Find top git contributors for a file to use as PR reviewers.
+
+Usage:
+    python find_reviewers.py <file-path>
+    python find_reviewers.py src/foo.ts
+
+Output: JSON to stdout with GitHub usernames of top 2 contributors
+from the last 12 months.
+
+{"reviewers": ["user1", "user2"]}
+
+If no contributors found or mapping fails, returns empty list.
+"""
+from __future__ import annotations
+
+import argparse
+import json
+import os
+import sys
+
+sys.path.insert(0, os.path.dirname(os.path.abspath(__file__)))
+from _utils import run_cmd_stdout as run_cmd  # noqa: E402
+
+
+def get_top_authors(file_path: str, count: int = 2) -> list[str]:
+    """Get top N author emails for a file from git log (last 12 months)."""
+    output = run_cmd([
+        "git", "log",
+        "--format=%ae",
+        "--since=12 months ago",
+        "--", file_path,
+    ])
+
+    if not output:
+        return []
+
+    # Count occurrences of each email
+    email_counts: dict[str, int] = {}
+    for email in output.splitlines():
+        email = email.strip()
+        if email:
+            email_counts[email] = email_counts.get(email, 0) + 1
+
+    # Sort by count descending
+    sorted_emails = sorted(email_counts.items(), key=lambda x: x[1], reverse=True)
+
+    return [email for email, _ in sorted_emails[:count]]
+
+
+def email_to_github_username(email: str) -> str | None:
+    """Try to map a git email to a GitHub username.
+
+    Extracts from noreply emails directly. For other emails,
+    uses the GitHub search-by-email API via gh CLI.
+    """
+    # Handle GitHub noreply emails directly
+    if email.endswith("@users.noreply.github.com"):
+        # Format: 12345+username@users.noreply.github.com
+        # or: username@users.noreply.github.com
+        local = email.split("@")[0]
+        if "+" in local:
+            return local.split("+", 1)[1]
+        return local
+
+    # gh api handles URL encoding; pass email directly in the query
+    output = run_cmd([
+        "gh", "api", f"search/users?q={email}+in:email",
+        "--jq", ".items[0].login",
+    ])
+    return output if output else None
+
+
+def get_current_github_user() -> str | None:
+    """Get the currently authenticated GitHub username."""
+    output = run_cmd(["gh", "api", "/user", "--jq", ".login"])
+    return output if output else None
+
+
+def main():
+    parser = argparse.ArgumentParser(
+        description="Find top git contributors for PR reviewer assignment"
+    )
+    parser.add_argument("file_path", help="Path to the file to find reviewers for")
+    parser.add_argument(
+        "--count", type=int, default=2,
+        help="Number of reviewers to find (default: 2)",
+    )
+    args = parser.parse_args()
+
+    current_user = get_current_github_user()
+
+    # Request extra candidates to compensate for self-exclusion
+    fetch_count = args.count + 1 if current_user else args.count
+    emails = get_top_authors(args.file_path, fetch_count)
+    if not emails:
+        print(json.dumps({"reviewers": [], "note": "No recent authors found"}))
+        return
+
+    reviewers: list[str] = []
+    for email in emails:
+        username = email_to_github_username(email)
+        if username and username != current_user:
+            reviewers.append(username)
+
+    print(json.dumps({"reviewers": reviewers[:args.count]}))
+
+
+if __name__ == "__main__":
+    main()