claude-git-hooks 2.30.2 → 2.32.0

package/lib/utils/github-api.js

@@ -212,7 +212,8 @@ export const createPullRequest = async ({
     base,
     draft = false,
     labels = [],
-    reviewers = []
+    reviewers = [],
+    teamReviewers = []
 }) => {
     logger.debug('github-api - createPullRequest', 'Starting PR creation', {
         owner,
@@ -286,28 +287,32 @@ export const createPullRequest = async ({
             logger.debug('github-api - createPullRequest', 'No labels to add');
         }
 
-        // Step 3: Request reviewers (if any)
-        if (reviewers.length > 0) {
+        // Step 3: Request reviewers (if any — individual and/or team)
+        if (reviewers.length > 0 || teamReviewers.length > 0) {
             logger.debug('github-api - createPullRequest', 'Requesting reviewers', {
                 prNumber: pr.number,
-                reviewers
+                reviewers,
+                teamReviewers
             });
             try {
                 await octokit.pulls.requestReviewers({
                     owner,
                     repo,
                     pull_number: pr.number,
-                    reviewers
+                    reviewers,
+                    team_reviewers: teamReviewers
                 });
                 logger.debug('github-api - createPullRequest', 'Reviewers requested successfully', {
-                    reviewers
+                    reviewers,
+                    teamReviewers
                 });
             } catch (reviewerError) {
                 // Non-fatal: PR was created, reviewer request failed
                 logger.warning(`Could not request reviewers: ${reviewerError.message}`);
                 logger.debug('github-api - createPullRequest', 'Reviewer request failed', {
                     error: reviewerError.message,
-                    reviewers
+                    reviewers,
+                    teamReviewers
                 });
             }
         } else {
@@ -324,7 +329,8 @@ export const createPullRequest = async ({
             head: pr.head.ref,
             base: pr.base.ref,
             labels,
-            reviewers
+            reviewers,
+            teamReviewers
         };
 
         logger.debug('github-api - createPullRequest', 'PR creation completed', result);
@@ -758,69 +764,95 @@ export const createPullRequestReview = async (
 };
 
 /**
- * Read CODEOWNERS file from repository
+ * List teams with access to a repository
+ * Why: Needed by reviewer-selector to resolve team-based reviewers
  *
- * @param {Object} params - Parameters
- * @param {string} params.owner - Repository owner
- * @param {string} params.repo - Repository name
- * @param {string} params.branch - Branch name (default: main/master)
- * @returns {Promise<string|null>} CODEOWNERS content or null if not found
+ * @param {string} owner - Repository owner
+ * @param {string} repo - Repository name
+ * @returns {Promise<Array<{slug: string, name: string, permission: string}>>} Teams with access
+ * @throws {GitHubAPIError} On failure
  */
-export const readCodeowners = async ({ owner, repo, branch = null }) => {
-    logger.debug('github-api - readCodeowners', 'Attempting to read CODEOWNERS', { owner, repo });
+export const listRepoTeams = async (owner, repo) => {
+    logger.debug('github-api - listRepoTeams', 'Listing repo teams', { owner, repo });
 
     const octokit = getOctokit();
 
-    // Determine default branch if not provided
-    if (!branch) {
-        try {
-            const { data: repoData } = await octokit.repos.get({ owner, repo });
-            branch = repoData.default_branch;
-            logger.debug('github-api - readCodeowners', 'Using default branch', { branch });
-        } catch (error) {
-            branch = 'main'; // Fallback
-            logger.debug(
-                'github-api - readCodeowners',
-                'Could not get default branch, using main',
-                { error: error.message }
-            );
-        }
-    }
+    try {
+        const { data } = await octokit.repos.listTeams({ owner, repo });
 
-    // Try common CODEOWNERS locations
-    const paths = ['CODEOWNERS', '.github/CODEOWNERS', 'docs/CODEOWNERS'];
+        const teams = data.map((t) => ({
+            slug: t.slug,
+            name: t.name,
+            permission: t.permission
+        }));
 
-    for (const path of paths) {
-        try {
-            logger.debug('github-api - readCodeowners', 'Trying path', { path });
+        logger.debug('github-api - listRepoTeams', 'Teams fetched', {
+            count: teams.length,
+            slugs: teams.map((t) => t.slug)
+        });
 
-            const { data } = await octokit.repos.getContent({
-                owner,
-                repo,
-                path,
-                ref: branch
-            });
+        return teams;
+    } catch (error) {
+        const statusCode = error.status || error.response?.status;
+        logger.debug('github-api - listRepoTeams', 'Failed to list repo teams', {
+            owner,
+            repo,
+            status: statusCode,
+            message: error.message
+        });
 
-            if (data.type === 'file' && data.content) {
-                // Decode base64 content
-                const content = Buffer.from(data.content, 'base64').toString('utf8');
-                logger.debug('github-api - readCodeowners', 'CODEOWNERS found', {
-                    path,
-                    lines: content.split('\n').length
-                });
-                return content;
-            }
-        } catch (error) {
-            logger.debug('github-api - readCodeowners', 'Path not found', {
-                path,
-                error: error.message
-            });
-            // Continue to next path
-        }
+        throw new GitHubAPIError(`Failed to list teams for ${owner}/${repo}: ${error.message}`, {
+            cause: error,
+            statusCode,
+            context: { owner, repo }
+        });
     }
+};
+
+/**
+ * List members of a GitHub team within an organization
+ * Why: Needed by reviewer-selector to resolve team slug to individual usernames
+ *
+ * @param {string} org - GitHub organization name
+ * @param {string} teamSlug - Team slug (e.g. 'automation', not '@org/automation')
+ * @returns {Promise<Array<{login: string}>>} Team members
+ * @throws {GitHubAPIError} On failure
+ */
+export const listTeamMembers = async (org, teamSlug) => {
+    logger.debug('github-api - listTeamMembers', 'Listing team members', { org, teamSlug });
+
+    const octokit = getOctokit();
+
+    try {
+        const { data } = await octokit.teams.listMembersInOrg({
+            org,
+            team_slug: teamSlug,
+            per_page: 100
+        });
 
-    logger.debug('github-api - readCodeowners', 'CODEOWNERS not found in any location');
-    return null;
+        const members = data.map((m) => ({ login: m.login }));
+
+        logger.debug('github-api - listTeamMembers', 'Members fetched', {
+            teamSlug,
+            count: members.length,
+            logins: members.map((m) => m.login)
+        });
+
+        return members;
+    } catch (error) {
+        const statusCode = error.status || error.response?.status;
+        logger.debug('github-api - listTeamMembers', 'Failed to list team members', {
+            org,
+            teamSlug,
+            status: statusCode,
+            message: error.message
+        });
+
+        throw new GitHubAPIError(
+            `Failed to list members of team '${teamSlug}' in ${org}: ${error.message}`,
+            { cause: error, statusCode, context: { org, teamSlug } }
+        );
+    }
 };
 
 /**

package/lib/utils/github-client.js

@@ -1,12 +1,12 @@
 /**
  * File: github-client.js
- * Purpose: GitHub utilities for CODEOWNERS parsing and reviewer detection
+ * Purpose: GitHub utilities for repository parsing and config-based reviewer detection
  *
  * Note: PR creation and API calls are in github-api.js (Octokit-based)
+ * Team-based reviewer selection is in reviewer-selector.js
  * This module handles:
  * - Repository URL parsing
- * - CODEOWNERS file parsing
- * - Reviewer detection from CODEOWNERS and config
+ * - Config-based reviewer detection (fallback for team-based selection)
  */
 
 import { execSync } from 'child_process';
@@ -57,93 +57,6 @@ export const parseGitHubRepo = () => {
     }
 };
 
-/**
- * Read CODEOWNERS file from repository
- * Why: Auto-detect reviewers based on file changes
- *
- * @returns {Promise<string|null>} - CODEOWNERS content or null if not found
- */
-export const readCodeowners = async () => {
-    logger.debug('github-client - readCodeowners', 'Reading CODEOWNERS file');
-
-    const repo = parseGitHubRepo();
-
-    try {
-        // Use Octokit-based implementation from github-api.js
-        const { readCodeowners: readCodeownersOctokit } = await import('./github-api.js');
-        const content = await readCodeownersOctokit({
-            owner: repo.owner,
-            repo: repo.repo
-        });
-        return content;
-    } catch (error) {
-        logger.debug('github-client - readCodeowners', 'Could not read CODEOWNERS', {
-            error: error.message
-        });
-        return null; // Non-critical failure
-    }
-};
-
-/**
- * Parse CODEOWNERS file to get reviewers for files
- * Why: Extract reviewer info from CODEOWNERS content
- *
- * @param {string} codeownersContent - CODEOWNERS file content
- * @param {Array<string>} files - Files changed in PR
- * @returns {Array<string>} - GitHub usernames of reviewers
- */
-export const parseCodeownersReviewers = (codeownersContent, files = []) => {
-    if (!codeownersContent) {
-        return [];
-    }
-
-    logger.debug('github-client - parseCodeownersReviewers', 'Parsing CODEOWNERS', {
-        filesCount: files.length
-    });
-
-    const reviewers = new Set();
-    const lines = codeownersContent.split('\n');
-
-    // Parse CODEOWNERS format:
-    // pattern @username1 @username2
-    // Example: *.js @frontend-team @tech-lead
-
-    for (const line of lines) {
-        const trimmed = line.trim();
-
-        // Skip comments and empty lines
-        if (!trimmed || trimmed.startsWith('#')) {
-            continue;
-        }
-
-        const parts = trimmed.split(/\s+/);
-        if (parts.length < 2) {
-            continue;
-        }
-
-        const pattern = parts[0];
-        const owners = parts.slice(1).filter((o) => o.startsWith('@'));
-
-        // Check if any file matches this pattern
-        const patternRegex = new RegExp(
-            pattern.replace(/\./g, '\\.').replace(/\*/g, '.*').replace(/\?/g, '.')
-        );
-
-        for (const file of files) {
-            if (patternRegex.test(file)) {
-                owners.forEach((owner) => reviewers.add(owner.substring(1))); // Remove @
-            }
-        }
-    }
-
-    const reviewersList = Array.from(reviewers);
-    logger.debug('github-client - parseCodeownersReviewers', 'Found reviewers', {
-        reviewers: reviewersList
-    });
-
-    return reviewersList;
-};
-
 /**
  * Get reviewers for PR based on changed files
  * Why: Auto-detect appropriate reviewers
@@ -159,20 +72,7 @@ export const getReviewersForFiles = async (files = [], config = {}) => {
 
     const reviewers = new Set();
 
-    // Option 1: Try CODEOWNERS file
-    try {
-        const codeowners = await readCodeowners();
-        if (codeowners) {
-            const codeownersReviewers = parseCodeownersReviewers(codeowners, files);
-            codeownersReviewers.forEach((r) => reviewers.add(r));
-        }
-    } catch (error) {
-        logger.debug('github-client - getReviewersForFiles', 'Could not read CODEOWNERS', {
-            error: error.message
-        });
-    }
-
-    // Option 2: Use config-based reviewers
+    // Config-based reviewers (flat array or object)
     if (config.reviewers) {
         const configReviewers = Array.isArray(config.reviewers)
             ? config.reviewers
@@ -181,7 +81,7 @@ export const getReviewersForFiles = async (files = [], config = {}) => {
         configReviewers.forEach((r) => reviewers.add(r));
     }
 
-    // Option 3: Use reviewer rules (pattern-based)
+    // Reviewer rules (pattern-based)
     if (config.reviewerRules && Array.isArray(config.reviewerRules)) {
         for (const rule of config.reviewerRules) {
             const patternRegex = new RegExp(rule.pattern);

package/lib/utils/label-resolver.js

@@ -0,0 +1,232 @@
+/**
+ * File: label-resolver.js
+ * Purpose: Resolves labels for a PR based on remote config + local fallback
+ *
+ * Design:
+ * - Fetches label rules from remote config repo (labels.json)
+ * - Falls back to local config when remote is unavailable
+ * - Five rule types applied in order: preset, size, quality, strategy, default
+ * - Each rule type independently enabled/disabled via remote config
+ * - Returns deduplicated, sorted array of label strings
+ * - Does NOT import config.js — receives local fallback via context (dependency injection)
+ */
+
+import logger from './logger.js';
+import { fetchRemoteConfig } from './remote-config.js';
+
+/** Default size thresholds when remote config is unavailable */
+const DEFAULT_SIZE_THRESHOLDS = { S: 10, M: 50, L: 100 };
+
+/**
+ * Resolve labels for a PR based on remote config + local fallback.
+ *
+ * @param {Object} context - Label resolution context
+ * @param {string} [context.preset] - Active preset name (e.g. 'backend')
+ * @param {number} [context.fileCount] - Number of changed files
+ * @param {string} [context.mergeStrategy] - 'squash' | 'merge-commit' | 'unknown'
+ * @param {Object} [context.analysisResult] - Quality analysis flags
+ * @param {boolean} [context.analysisResult.breakingChanges] - Has breaking changes
+ * @param {boolean} [context.analysisResult.hasSecurityIssues] - Has security issues
+ * @param {boolean} [context.analysisResult.hasPerformanceIssues] - Has performance issues
+ * @param {Object} [context.localLabelRules] - Fallback label rules from local config
+ * @returns {Promise<string[]>} Deduplicated, sorted array of label strings
+ */
+export async function resolveLabels(context = {}) {
+    const {
+        preset,
+        fileCount,
+        mergeStrategy,
+        analysisResult,
+        localLabelRules
+    } = context;
+
+    logger.debug('label-resolver - resolveLabels', 'Starting label resolution', {
+        preset,
+        fileCount,
+        mergeStrategy,
+        hasAnalysisResult: !!analysisResult,
+        hasLocalRules: !!localLabelRules
+    });
+
+    // Fetch remote config (null if unavailable)
+    const remoteConfig = await fetchRemoteConfig('labels.json');
+
+    logger.debug('label-resolver - resolveLabels', 'Remote config result', {
+        hasRemoteConfig: remoteConfig !== null
+    });
+
+    const labels = [];
+
+    // 1. Preset labels
+    _applyPresetLabels(labels, preset, remoteConfig, localLabelRules);
+
+    // 2. Size labels
+    _applySizeLabels(labels, fileCount, remoteConfig);
+
+    // 3. Quality labels
+    _applyQualityLabels(labels, analysisResult, remoteConfig);
+
+    // 4. Strategy labels
+    _applyStrategyLabels(labels, mergeStrategy);
+
+    // 5. Default labels (only when remote is available)
+    _applyDefaultLabels(labels, remoteConfig);
+
+    // Deduplicate and sort
+    const result = [...new Set(labels)].sort();
+
+    logger.debug('label-resolver - resolveLabels', 'Labels resolved', {
+        count: result.length,
+        labels: result
+    });
+
+    return result;
+}
+
+/**
+ * Apply preset-specific labels.
+ * Priority: remote presetLabels → local fallback rules.
+ *
+ * @param {string[]} labels - Mutable labels array
+ * @param {string|undefined} preset - Active preset name
+ * @param {Object|null} remoteConfig - Remote labels.json config
+ * @param {Object|undefined} localLabelRules - Local fallback rules
+ */
+function _applyPresetLabels(labels, preset, remoteConfig, localLabelRules) {
+    if (!preset) return;
+
+    // Try remote first
+    const remotePresetLabels = remoteConfig?.presetLabels?.[preset];
+    if (Array.isArray(remotePresetLabels) && remotePresetLabels.length > 0) {
+        logger.debug('label-resolver - _applyPresetLabels', 'Using remote preset labels', {
+            preset,
+            labels: remotePresetLabels
+        });
+        labels.push(...remotePresetLabels);
+        return;
+    }
+
+    // Fall back to local
+    const localPresetLabels = localLabelRules?.[preset];
+    if (Array.isArray(localPresetLabels) && localPresetLabels.length > 0) {
+        logger.debug('label-resolver - _applyPresetLabels', 'Using local fallback preset labels', {
+            preset,
+            labels: localPresetLabels
+        });
+        labels.push(...localPresetLabels);
+    }
+}
+
+/**
+ * Apply size labels based on file count and thresholds.
+ *
+ * @param {string[]} labels - Mutable labels array
+ * @param {number|undefined} fileCount - Number of changed files
+ * @param {Object|null} remoteConfig - Remote labels.json config
+ */
+function _applySizeLabels(labels, fileCount, remoteConfig) {
+    if (fileCount === undefined || fileCount === null) return;
+
+    // Check if disabled in remote config
+    if (remoteConfig?.sizeLabels?.enabled === false) {
+        logger.debug('label-resolver - _applySizeLabels', 'Size labels disabled via remote config');
+        return;
+    }
+
+    const thresholds = remoteConfig?.sizeLabels?.thresholds || DEFAULT_SIZE_THRESHOLDS;
+    const { S, M, L } = thresholds;
+
+    let sizeLabel;
+    if (fileCount < S) {
+        sizeLabel = 'size:S';
+    } else if (fileCount < M) {
+        sizeLabel = 'size:M';
+    } else if (fileCount < L) {
+        sizeLabel = 'size:L';
+    } else {
+        sizeLabel = 'size:XL';
+    }
+
+    logger.debug('label-resolver - _applySizeLabels', 'Size label applied', {
+        fileCount,
+        thresholds,
+        sizeLabel
+    });
+
+    labels.push(sizeLabel);
+}
+
+/**
+ * Apply quality labels based on analysis result flags.
+ *
+ * @param {string[]} labels - Mutable labels array
+ * @param {Object|undefined} analysisResult - Quality analysis flags
+ * @param {Object|null} remoteConfig - Remote labels.json config
+ */
+function _applyQualityLabels(labels, analysisResult, remoteConfig) {
+    if (!analysisResult) return;
+
+    // Check if disabled globally
+    if (remoteConfig?.qualityLabels?.enabled === false) {
+        logger.debug('label-resolver - _applyQualityLabels', 'Quality labels disabled via remote config');
+        return;
+    }
+
+    const qualityConfig = remoteConfig?.qualityLabels;
+
+    if (analysisResult.breakingChanges && qualityConfig?.breakingChange !== false) {
+        labels.push('breaking-change');
+    }
+
+    if (analysisResult.hasSecurityIssues && qualityConfig?.security !== false) {
+        labels.push('security');
+    }
+
+    if (analysisResult.hasPerformanceIssues && qualityConfig?.performance !== false) {
+        labels.push('performance');
+    }
+
+    logger.debug('label-resolver - _applyQualityLabels', 'Quality labels applied', {
+        breakingChanges: analysisResult.breakingChanges,
+        security: analysisResult.hasSecurityIssues,
+        performance: analysisResult.hasPerformanceIssues
+    });
+}
+
+/**
+ * Apply merge strategy label.
+ *
+ * @param {string[]} labels - Mutable labels array
+ * @param {string|undefined} mergeStrategy - 'squash' | 'merge-commit' | 'unknown'
+ */
+function _applyStrategyLabels(labels, mergeStrategy) {
+    if (!mergeStrategy || mergeStrategy === 'unknown') return;
+
+    const strategyLabel = `merge-strategy:${mergeStrategy}`;
+    labels.push(strategyLabel);
+
+    logger.debug('label-resolver - _applyStrategyLabels', 'Strategy label applied', {
+        mergeStrategy,
+        strategyLabel
+    });
+}
+
+/**
+ * Apply default labels from remote config.
+ * Only applied when remote config is available.
+ *
+ * @param {string[]} labels - Mutable labels array
+ * @param {Object|null} remoteConfig - Remote labels.json config
+ */
+function _applyDefaultLabels(labels, remoteConfig) {
+    if (!remoteConfig) return;
+
+    const defaultLabels = remoteConfig.defaultLabels;
+    if (!Array.isArray(defaultLabels) || defaultLabels.length === 0) return;
+
+    logger.debug('label-resolver - _applyDefaultLabels', 'Default labels applied', {
+        defaultLabels
+    });
+
+    labels.push(...defaultLabels);
+}

package/lib/utils/remote-config.js

@@ -0,0 +1,102 @@
+/**
+ * File: remote-config.js
+ * Purpose: Generic fetcher for JSON config files from the centralized config repo
+ *
+ * Design:
+ * - Fetches JSON files from mscope-S-L/git-hooks-config via GitHub API
+ * - In-memory cache per process (Map<string, Object|null>) — stores null for failures (no retry)
+ * - Graceful degradation: any error → warn + return null (callers decide fallback)
+ * - No schema validation (callers validate their own shape)
+ * - Debug logging at every step
+ */
+
+import logger from './logger.js';
+import { fetchFileContent } from './github-api.js';
+
+/** @type {string} Owner of the centralized config repository */
+export const CONFIG_REPO_OWNER = 'mscope-S-L';
+
+/** @type {string} Name of the centralized config repository */
+export const CONFIG_REPO_NAME = 'git-hooks-config';
+
+/**
+ * In-memory cache: fileName → parsed Object (or null on failure).
+ * Persists for the lifetime of the process — avoids repeated API calls.
+ * Null entries are cached intentionally: a failed fetch won't succeed on retry
+ * within the same CLI invocation.
+ * @type {Map<string, Object|null>}
+ */
+const _cache = new Map();
+
+/**
+ * Fetch and parse a JSON config file from the centralized config repo.
+ *
+ * @param {string} fileName - File path within the config repo (e.g. 'labels.json')
+ * @returns {Promise<Object|null>} Parsed JSON object, or null on any failure
+ */
+export async function fetchRemoteConfig(fileName) {
+    logger.debug('remote-config - fetchRemoteConfig', 'Request received', { fileName });
+
+    // Cache hit (includes cached nulls)
+    if (_cache.has(fileName)) {
+        const cached = _cache.get(fileName);
+        logger.debug('remote-config - fetchRemoteConfig', 'Cache hit', {
+            fileName,
+            hasValue: cached !== null
+        });
+        return cached;
+    }
+
+    // Fetch from GitHub
+    let content;
+    try {
+        content = await fetchFileContent(CONFIG_REPO_OWNER, CONFIG_REPO_NAME, fileName);
+    } catch (err) {
+        logger.warning(`Could not fetch remote config '${fileName}': ${err.message}`);
+        logger.debug('remote-config - fetchRemoteConfig', 'fetchFileContent threw', {
+            fileName,
+            error: err.message
+        });
+        _cache.set(fileName, null);
+        return null;
+    }
+
+    if (content === null || content === undefined) {
+        logger.warning(`Remote config '${fileName}' not found in ${CONFIG_REPO_OWNER}/${CONFIG_REPO_NAME}`);
+        logger.debug('remote-config - fetchRemoteConfig', 'fetchFileContent returned null', {
+            fileName
+        });
+        _cache.set(fileName, null);
+        return null;
+    }
+
+    // Parse JSON
+    let parsed;
+    try {
+        parsed = JSON.parse(content);
+    } catch (err) {
+        logger.warning(`Remote config '${fileName}' contains invalid JSON: ${err.message}`);
+        logger.debug('remote-config - fetchRemoteConfig', 'JSON.parse failed', {
+            fileName,
+            error: err.message,
+            contentPreview: String(content).substring(0, 100)
+        });
+        _cache.set(fileName, null);
+        return null;
+    }
+
+    logger.debug('remote-config - fetchRemoteConfig', 'Successfully fetched and parsed', {
+        fileName,
+        keys: Object.keys(parsed)
+    });
+
+    _cache.set(fileName, parsed);
+    return parsed;
+}
+
+/**
+ * Clear the in-memory cache. Test helper — not intended for production use.
+ */
+export function _clearCache() {
+    _cache.clear();
+}