claude-codex-code-review 0.1.0

package/.claude/commands/codex-review.md

@@ -0,0 +1,61 @@
+---
+allowed-tools: Bash(scripts/codex-review.sh:*), Bash(cat:*), Bash(test:*), Bash(git status:*), Bash(git diff:*)
+description: Run Codex CLI review on current uncommitted changes, then ask which findings to fix
+argument-hint: [optional review instructions]
+---
+
+# Codex Review
+
+Run the project Codex review script first:
+
+!`scripts/codex-review.sh "$ARGUMENTS"`
+
+Then read `.ai-review/codex-review.md`, `.ai-review/effective-config.env`, and `.codex-review.yml` if they exist.
+
+Your job:
+
+1. Summarize whether Codex reported actionable findings.
+2. If there are no actionable findings, say that clearly and stop.
+3. If there are actionable findings, list them by severity and include file/line references when Codex provided them.
+4. Ask the user which findings to fix before editing anything.
+5. If the user chooses findings to fix, only fix those selected findings.
+6. Do not perform unrelated refactors.
+7. Do not create a commit.
+8. After fixing selected findings, offer to run `/codex-review` again for confirmation.
+
+Default behavior is manual approval. Treat `.ai-review/effective-config.env` as the effective runtime configuration. It is produced by `scripts/codex-review.sh` after applying this precedence:
+
+1. `/codex-review` command arguments
+2. `.codex-review.yml`
+3. built-in defaults
+
+If the project has no `.codex-review.yml` and the user passes no command arguments, use these defaults:
+
+```yaml
+mode: ask
+review_scope: uncommitted
+max_fix_rounds: 1
+auto_fix_severities: []
+```
+
+Configuration meanings:
+
+- `mode: ask` means always ask before fixing.
+- `mode: auto` means the user has opted into automatic fixes, but still limit fixes to actionable Codex findings.
+- `mode: severity` means only findings matching `auto_fix_severities` may be fixed automatically; ask before fixing all others.
+- `max_fix_rounds` limits automatic review/fix loops.
+
+Supported command arguments:
+
+```text
+--mode ask|auto|severity
+--review-scope uncommitted
+--max-fix-rounds 1
+--auto-fix-severities P0,P1
+```
+
+Additional follow-up instructions passed by the user. The local Codex CLI may not accept custom prompts together with `--uncommitted`, so apply these instructions when summarizing findings and deciding how to repair selected issues:
+
+```text
+$ARGUMENTS
+```

package/.codex-review.yml

@@ -0,0 +1,4 @@
+mode: ask
+review_scope: uncommitted
+max_fix_rounds: 1
+auto_fix_severities: []

package/README.md

@@ -0,0 +1,48 @@
+# claude-codex-code-review
+
+Install a Claude Code `/codex-review` command into a project. The command runs
+Codex CLI review on current uncommitted changes, writes the review to
+`.ai-review/codex-review.md`, and lets Claude ask which findings to fix.
+
+## Install with curl
+
+Use the raw GitHub URL:
+
+```bash
+curl -fsSL https://raw.githubusercontent.com/lkkwxy/claude-codex-claude-codex-review-claude/main/scripts/install.sh | bash
+```
+
+The `github.com/.../blob/main/...` URL renders HTML and will not work with
+`curl | bash`.
+
+## Install with npx
+
+After publishing this package to npm:
+
+```bash
+npx claude-codex-code-review install
+```
+
+Then open Claude Code in the project and run:
+
+```text
+/codex-review
+```
+
+## Configuration
+
+Command-line arguments override `.codex-review.yml`. Missing values fall back to
+the config file, then these defaults:
+
+```yaml
+mode: ask
+review_scope: uncommitted
+max_fix_rounds: 1
+auto_fix_severities: []
+```
+
+Example:
+
+```text
+/codex-review --mode severity --auto-fix-severities P0,P1
+```

package/bin/codex-review

@@ -0,0 +1,118 @@
+#!/usr/bin/env bash
+set -u
+set -o pipefail
+
+PACKAGE_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd -P)"
+TARGET_DIR="$(pwd)"
+FORCE=0
+
+usage() {
+  cat <<'USAGE'
+Usage:
+  claude-codex-code-review install [options]
+  claude-codex-code-review --help
+
+Installs the Claude Code /codex-review command into the current project.
+
+Options:
+  --target-dir <dir>  Install into a specific project directory. Default: current directory.
+  --force             Overwrite existing codex-review files.
+  -h, --help          Show this help.
+
+Examples:
+  npx claude-codex-code-review install
+  npx claude-codex-code-review install -- --target-dir /path/to/project
+  npx claude-codex-code-review install -- --force
+USAGE
+}
+
+log() {
+  printf "[codex-review install] %s\n" "$1"
+}
+
+fail() {
+  printf "[codex-review install] ERROR: %s\n" "$1" >&2
+  exit 1
+}
+
+copy_file() {
+  local source_path="$1"
+  local dest_path="$2"
+
+  if [ ! -f "$source_path" ]; then
+    fail "package template is missing: $source_path"
+  fi
+
+  if [ -f "$dest_path" ] && [ "$FORCE" -ne 1 ]; then
+    log "Keeping existing $dest_path"
+    return
+  fi
+
+  mkdir -p "$(dirname "$dest_path")"
+  cp "$source_path" "$dest_path"
+}
+
+append_gitignore_once() {
+  local gitignore_path="$1"
+  local entry=".ai-review/"
+
+  touch "$gitignore_path"
+  if grep -Fxq "$entry" "$gitignore_path"; then
+    log "Keeping existing .gitignore entry: $entry"
+  else
+    printf "\n%s\n" "$entry" >> "$gitignore_path"
+    log "Added .gitignore entry: $entry"
+  fi
+}
+
+COMMAND="${1:-install}"
+case "$COMMAND" in
+  install)
+    shift || true
+    ;;
+  -h|--help|help)
+    usage
+    exit 0
+    ;;
+  *)
+    fail "unknown command: $COMMAND"
+    ;;
+esac
+
+while [ "$#" -gt 0 ]; do
+  case "$1" in
+    --target-dir)
+      [ "$#" -ge 2 ] || fail "--target-dir requires a value."
+      TARGET_DIR="$2"
+      shift 2
+      ;;
+    --target-dir=*)
+      TARGET_DIR="${1#*=}"
+      shift
+      ;;
+    --force)
+      FORCE=1
+      shift
+      ;;
+    -h|--help)
+      usage
+      exit 0
+      ;;
+    *)
+      fail "unknown option: $1"
+      ;;
+  esac
+done
+
+mkdir -p "$TARGET_DIR"
+cd "$TARGET_DIR" || fail "cannot enter target directory: $TARGET_DIR"
+
+copy_file "$PACKAGE_ROOT/.claude/commands/codex-review.md" ".claude/commands/codex-review.md"
+copy_file "$PACKAGE_ROOT/scripts/codex-review.sh" "scripts/codex-review.sh"
+copy_file "$PACKAGE_ROOT/.codex-review.yml" ".codex-review.yml"
+chmod +x "scripts/codex-review.sh"
+append_gitignore_once ".gitignore"
+
+log "Installed /codex-review into $TARGET_DIR"
+log "Usage in Claude Code: /codex-review"
+log "Optional: /codex-review --mode severity --auto-fix-severities P0,P1"

package/package.json

@@ -0,0 +1,21 @@
+{
+  "name": "claude-codex-code-review",
+  "version": "0.1.0",
+  "description": "Install a Claude Code /codex-review command that runs Codex CLI review and lets Claude apply selected fixes.",
+  "license": "MIT",
+  "bin": {
+    "claude-codex-code-review": "bin/codex-review"
+  },
+  "files": [
+    ".claude/commands/codex-review.md",
+    ".codex-review.yml",
+    "bin/codex-review",
+    "scripts/codex-review.sh"
+  ],
+  "scripts": {
+    "test": "bash -n scripts/codex-review.sh scripts/install.sh bin/codex-review"
+  },
+  "engines": {
+    "node": ">=18"
+  }
+}

package/scripts/codex-review.sh

@@ -0,0 +1,244 @@
+#!/usr/bin/env bash
+set -u
+set -o pipefail
+
+OUTPUT_DIR=".ai-review"
+REVIEW_FILE="${OUTPUT_DIR}/codex-review.md"
+LOG_FILE="${OUTPUT_DIR}/codex-review.log"
+EFFECTIVE_CONFIG_FILE="${OUTPUT_DIR}/effective-config.env"
+CONFIG_FILE=".codex-review.yml"
+DEFAULT_MODE="ask"
+DEFAULT_REVIEW_SCOPE="uncommitted"
+DEFAULT_MAX_FIX_ROUNDS="1"
+DEFAULT_AUTO_FIX_SEVERITIES="[]"
+MODE_ARG=""
+REVIEW_SCOPE_ARG=""
+MAX_FIX_ROUNDS_ARG=""
+AUTO_FIX_SEVERITIES_ARG=""
+EXTRA_INSTRUCTIONS=()
+
+timestamp() {
+  date "+%Y-%m-%d %H:%M:%S %z"
+}
+
+usage() {
+  cat <<'USAGE'
+Usage: scripts/codex-review.sh [options] [follow-up instructions]
+
+Runs Codex CLI review and writes the result to .ai-review/codex-review.md.
+Command-line options override .codex-review.yml. Missing options fall back to
+.codex-review.yml, then built-in defaults.
+
+Options:
+  --mode <ask|auto|severity>
+      Fix policy Claude should apply after reading the review. Default: ask.
+
+  --review-scope <uncommitted>
+      Review scope for Codex. Default: uncommitted.
+
+  --max-fix-rounds <number>
+      Maximum automatic fix rounds Claude should run. Default: 1.
+
+  --auto-fix-severities <list>
+      Comma-separated severities for mode=severity, for example: P0,P1.
+      Default: empty.
+
+  -h, --help
+      Show this help.
+USAGE
+}
+
+fail() {
+  local message="$1"
+  mkdir -p "$OUTPUT_DIR"
+  {
+    printf "[%s] ERROR: %s\n" "$(timestamp)" "$message"
+  } | tee -a "$LOG_FILE" >&2
+  exit 1
+}
+
+read_config_value() {
+  local key="$1"
+  local default_value="$2"
+
+  if [ ! -f "$CONFIG_FILE" ]; then
+    printf "%s" "$default_value"
+    return
+  fi
+
+  local value
+  value="$(awk -F ':' -v key="$key" '
+    $1 == key {
+      sub(/^[[:space:]]+/, "", $2)
+      sub(/[[:space:]]+$/, "", $2)
+      gsub(/^["'\'']|["'\'']$/, "", $2)
+      print $2
+      exit
+    }
+  ' "$CONFIG_FILE")"
+
+  if [ -n "$value" ]; then
+    printf "%s" "$value"
+  else
+    printf "%s" "$default_value"
+  fi
+}
+
+while [ "$#" -gt 0 ]; do
+  case "$1" in
+    --mode)
+      [ "$#" -ge 2 ] || fail "--mode requires a value."
+      MODE_ARG="$2"
+      shift 2
+      ;;
+    --mode=*)
+      MODE_ARG="${1#*=}"
+      shift
+      ;;
+    --review-scope)
+      [ "$#" -ge 2 ] || fail "--review-scope requires a value."
+      REVIEW_SCOPE_ARG="$2"
+      shift 2
+      ;;
+    --review-scope=*)
+      REVIEW_SCOPE_ARG="${1#*=}"
+      shift
+      ;;
+    --max-fix-rounds)
+      [ "$#" -ge 2 ] || fail "--max-fix-rounds requires a value."
+      MAX_FIX_ROUNDS_ARG="$2"
+      shift 2
+      ;;
+    --max-fix-rounds=*)
+      MAX_FIX_ROUNDS_ARG="${1#*=}"
+      shift
+      ;;
+    --auto-fix-severities)
+      [ "$#" -ge 2 ] || fail "--auto-fix-severities requires a value."
+      AUTO_FIX_SEVERITIES_ARG="$2"
+      shift 2
+      ;;
+    --auto-fix-severities=*)
+      AUTO_FIX_SEVERITIES_ARG="${1#*=}"
+      shift
+      ;;
+    -h|--help)
+      usage
+      exit 0
+      ;;
+    --)
+      shift
+      while [ "$#" -gt 0 ]; do
+        EXTRA_INSTRUCTIONS+=("$1")
+        shift
+      done
+      ;;
+    -*)
+      fail "unknown option: $1"
+      ;;
+    *)
+      EXTRA_INSTRUCTIONS+=("$1")
+      shift
+      ;;
+  esac
+done
+
+if ! command -v git >/dev/null 2>&1; then
+  fail "git is not available on PATH."
+fi
+
+if ! git rev-parse --is-inside-work-tree >/dev/null 2>&1; then
+  fail "current directory is not inside a git repository."
+fi
+
+if ! command -v codex >/dev/null 2>&1; then
+  fail "codex CLI is not available on PATH."
+fi
+
+MODE="${MODE_ARG:-$(read_config_value "mode" "$DEFAULT_MODE")}"
+REVIEW_SCOPE="${REVIEW_SCOPE_ARG:-$(read_config_value "review_scope" "$DEFAULT_REVIEW_SCOPE")}"
+MAX_FIX_ROUNDS="${MAX_FIX_ROUNDS_ARG:-$(read_config_value "max_fix_rounds" "$DEFAULT_MAX_FIX_ROUNDS")}"
+AUTO_FIX_SEVERITIES="${AUTO_FIX_SEVERITIES_ARG:-$(read_config_value "auto_fix_severities" "$DEFAULT_AUTO_FIX_SEVERITIES")}"
+EXTRA_INSTRUCTIONS_TEXT="${EXTRA_INSTRUCTIONS[*]:-}"
+
+case "$MODE" in
+  ask|auto|severity) ;;
+  *) fail "invalid --mode '$MODE'. Expected ask, auto, or severity." ;;
+esac
+
+case "$REVIEW_SCOPE" in
+  uncommitted) ;;
+  *) fail "invalid --review-scope '$REVIEW_SCOPE'. Only uncommitted is currently supported." ;;
+esac
+
+case "$MAX_FIX_ROUNDS" in
+  ''|*[!0-9]*) fail "invalid --max-fix-rounds '$MAX_FIX_ROUNDS'. Expected a non-negative integer." ;;
+  *) ;;
+esac
+
+PENDING_CHANGES="$(git status --porcelain)"
+
+mkdir -p "$OUTPUT_DIR"
+: > "$LOG_FILE"
+{
+  printf "MODE=%s\n" "$MODE"
+  printf "REVIEW_SCOPE=%s\n" "$REVIEW_SCOPE"
+  printf "MAX_FIX_ROUNDS=%s\n" "$MAX_FIX_ROUNDS"
+  printf "AUTO_FIX_SEVERITIES=%s\n" "$AUTO_FIX_SEVERITIES"
+} > "$EFFECTIVE_CONFIG_FILE"
+
+{
+  printf "[%s] Starting Codex review\n" "$(timestamp)"
+  printf "Working directory: %s\n" "$(pwd)"
+  printf "Review file: %s\n" "$REVIEW_FILE"
+  printf "Log file: %s\n" "$LOG_FILE"
+  printf "Effective mode: %s\n" "$MODE"
+  printf "Effective review scope: %s\n" "$REVIEW_SCOPE"
+  printf "Effective max fix rounds: %s\n" "$MAX_FIX_ROUNDS"
+  printf "Effective auto-fix severities: %s\n" "$AUTO_FIX_SEVERITIES"
+  if [ -n "$EXTRA_INSTRUCTIONS_TEXT" ]; then
+    printf "Extra instructions: %s\n" "$EXTRA_INSTRUCTIONS_TEXT"
+  fi
+} >> "$LOG_FILE"
+
+if [ ! -f "$CONFIG_FILE" ]; then
+  {
+    printf "[%s] Config file %s not found; using built-in defaults.\n" "$(timestamp)" "$CONFIG_FILE"
+  } >> "$LOG_FILE"
+fi
+
+if [ -z "$PENDING_CHANGES" ]; then
+  {
+    printf "# Codex Review\n\n"
+    printf "No staged, unstaged, or untracked changes were found.\n"
+  } > "$REVIEW_FILE"
+  {
+    printf "[%s] No uncommitted changes found; skipped Codex review.\n" "$(timestamp)"
+  } >> "$LOG_FILE"
+  printf "No uncommitted changes found. Wrote %s\n" "$REVIEW_FILE"
+  exit 0
+fi
+
+if [ -n "$EXTRA_INSTRUCTIONS_TEXT" ]; then
+  {
+    printf "[%s] Note: this Codex CLI version does not accept custom review instructions with --uncommitted; extra instructions are logged for Claude's follow-up context only.\n" "$(timestamp)"
+  } >> "$LOG_FILE"
+fi
+
+{
+  printf "[%s] Running: codex review --uncommitted\n" "$(timestamp)"
+} >> "$LOG_FILE"
+
+if codex review --uncommitted > "$REVIEW_FILE" 2>> "$LOG_FILE"; then
+  {
+    printf "[%s] Codex review completed successfully.\n" "$(timestamp)"
+  } >> "$LOG_FILE"
+  printf "Codex review completed. Wrote %s\n" "$REVIEW_FILE"
+else
+  status=$?
+  {
+    printf "[%s] Codex review failed with exit code %s.\n" "$(timestamp)" "$status"
+  } >> "$LOG_FILE"
+  printf "# Codex Review Failed\n\nCodex review failed with exit code %s. See %s for details.\n" "$status" "$LOG_FILE" > "$REVIEW_FILE"
+  exit "$status"
+fi