cto-ai-cli 3.2.0 → 5.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/DOCS.md +402 -2
- package/README.md +224 -252
- package/dist/action/index.js +870 -231
- package/dist/api/dashboard.js +342 -165
- package/dist/api/dashboard.js.map +1 -1
- package/dist/api/server.js +349 -166
- package/dist/api/server.js.map +1 -1
- package/dist/cli/gateway.js +3040 -0
- package/dist/cli/score.js +4142 -548
- package/dist/cli/v2/index.js +353 -176
- package/dist/cli/v2/index.js.map +1 -1
- package/dist/engine/index.d.ts +205 -1
- package/dist/engine/index.js +1620 -196
- package/dist/engine/index.js.map +1 -1
- package/dist/fsevents-X6WP4TKM.node +0 -0
- package/dist/gateway/index.d.ts +281 -0
- package/dist/gateway/index.js +2918 -0
- package/dist/gateway/index.js.map +1 -0
- package/dist/govern/index.d.ts +45 -4
- package/dist/govern/index.js +318 -33
- package/dist/govern/index.js.map +1 -1
- package/dist/interact/index.js +336 -159
- package/dist/interact/index.js.map +1 -1
- package/dist/mcp/v2.js +352 -175
- package/dist/mcp/v2.js.map +1 -1
- package/package.json +10 -23
package/DOCS.md
CHANGED
|
@@ -6,6 +6,9 @@
|
|
|
6
6
|
|
|
7
7
|
- [CLI Commands](#cli-commands)
|
|
8
8
|
- [Security Audit](#security-audit---audit)
|
|
9
|
+
- [Context Gateway](#context-gateway)
|
|
10
|
+
- [Learning Mode](#learning-mode)
|
|
11
|
+
- [Code Review](#code-review)
|
|
9
12
|
- [MCP Server](#mcp-server)
|
|
10
13
|
- [API Server](#api-server)
|
|
11
14
|
- [Programmatic API](#programmatic-api)
|
|
@@ -99,6 +102,21 @@ npx cto-ai-cli --compare # Compare your score vs popular open so
|
|
|
99
102
|
npx cto-ai-cli --benchmark # CTO vs naive vs random comparison
|
|
100
103
|
npx cto-ai-cli --json # Machine-readable JSON output
|
|
101
104
|
npx cto-ai-cli --help # Show all options
|
|
105
|
+
|
|
106
|
+
# Phase 5 — CI/CD Quality Gate
|
|
107
|
+
npx cto-ai-cli --ci # Run quality gate (exits 1 on failure)
|
|
108
|
+
npx cto-ai-cli --ci --threshold 80 # Set minimum score (default: 70)
|
|
109
|
+
npx cto-ai-cli --ci --json # JSON output for CI pipelines
|
|
110
|
+
|
|
111
|
+
# Phase 7 — Learning Mode
|
|
112
|
+
npx cto-ai-cli --learn # Show feedback model & cross-repo intelligence
|
|
113
|
+
npx cto-ai-cli --feedback # Alias for --learn
|
|
114
|
+
npx cto-ai-cli --predict # Predict relevant files for a task
|
|
115
|
+
npx cto-ai-cli --learn --json # Export learning data as JSON
|
|
116
|
+
|
|
117
|
+
# Phase 8 — Code Review
|
|
118
|
+
npx cto-ai-cli --review # Smart PR review analysis
|
|
119
|
+
npx cto-ai-cli --review --json # JSON output for CI
|
|
102
120
|
```
|
|
103
121
|
|
|
104
122
|
Flags can be combined: `npx cto-ai-cli --fix --audit --report --compare`
|
|
@@ -236,6 +254,385 @@ Based on findings, CTO generates actionable recommendations:
|
|
|
236
254
|
|
|
237
255
|
---
|
|
238
256
|
|
|
257
|
+
## Context Gateway
|
|
258
|
+
|
|
259
|
+
A transparent HTTP proxy that sits between your application and any LLM provider. It intercepts every request, scans for secrets, optimizes context, tracks costs, and enforces budgets — all with zero external dependencies.
|
|
260
|
+
|
|
261
|
+
### Quick start
|
|
262
|
+
|
|
263
|
+
```bash
|
|
264
|
+
npx cto-gateway # Start on port 8787
|
|
265
|
+
npx cto-gateway --port 9000 # Custom port
|
|
266
|
+
npx cto-gateway --block-secrets # Hard block on critical secrets
|
|
267
|
+
npx cto-gateway --budget-daily 10 # $10/day limit
|
|
268
|
+
```
|
|
269
|
+
|
|
270
|
+
Then point your app:
|
|
271
|
+
```bash
|
|
272
|
+
export OPENAI_BASE_URL=http://localhost:8787
|
|
273
|
+
```
|
|
274
|
+
|
|
275
|
+
Every request must include the target provider URL as a header:
|
|
276
|
+
```
|
|
277
|
+
x-cto-target: https://api.openai.com/v1/chat/completions
|
|
278
|
+
```
|
|
279
|
+
|
|
280
|
+
### Architecture
|
|
281
|
+
|
|
282
|
+
```
|
|
283
|
+
Your App → Gateway (localhost:8787) → Provider (api.openai.com)
|
|
284
|
+
│
|
|
285
|
+
├── Secret Scanner → redacts/blocks secrets in messages
|
|
286
|
+
├── Context Optimizer → injects CTO-selected context
|
|
287
|
+
├── Cost Tracker → logs per-request cost to JSONL
|
|
288
|
+
├── Budget Guard → rejects requests over limit (429)
|
|
289
|
+
└── Dashboard → live web UI at /__cto
|
|
290
|
+
```
|
|
291
|
+
|
|
292
|
+
### CLI flags
|
|
293
|
+
|
|
294
|
+
| Flag | Default | Description |
|
|
295
|
+
|------|---------|-------------|
|
|
296
|
+
| `--port <n>` | `8787` | Port to listen on |
|
|
297
|
+
| `--host <addr>` | `127.0.0.1` | Host to bind to |
|
|
298
|
+
| `--project <path>` | `.` | Project to analyze for context optimization |
|
|
299
|
+
| `--block-secrets` | off | Hard block requests with critical secrets (403) |
|
|
300
|
+
| `--budget-daily <$>` | unlimited | Max cost per day — returns 429 when exceeded |
|
|
301
|
+
| `--budget-monthly <$>` | unlimited | Max cost per month |
|
|
302
|
+
| `--no-optimize` | on | Disable CTO context injection |
|
|
303
|
+
| `--no-redact` | on | Disable secret redaction |
|
|
304
|
+
| `--no-dashboard` | on | Disable web dashboard |
|
|
305
|
+
|
|
306
|
+
### Provider detection
|
|
307
|
+
|
|
308
|
+
The Gateway auto-detects providers from the `x-cto-target` URL and request headers:
|
|
309
|
+
|
|
310
|
+
| Provider | Detection | Auth header |
|
|
311
|
+
|----------|-----------|-------------|
|
|
312
|
+
| OpenAI | `api.openai.com` or `/v1/chat/completions` | `Authorization: Bearer sk-...` |
|
|
313
|
+
| Anthropic | `api.anthropic.com` or `anthropic-version` header | `x-api-key` |
|
|
314
|
+
| Google AI | `generativelanguage.googleapis.com` | `x-goog-api-key` |
|
|
315
|
+
| Azure OpenAI | `*.openai.azure.com` or `api-key` header | `api-key` |
|
|
316
|
+
| Custom | Fallback — assumes OpenAI-compatible | `Authorization` |
|
|
317
|
+
|
|
318
|
+
### Model pricing
|
|
319
|
+
|
|
320
|
+
Built-in pricing for accurate cost tracking:
|
|
321
|
+
|
|
322
|
+
| Model | Input ($/M tokens) | Output ($/M tokens) | Context window |
|
|
323
|
+
|-------|--------------------|--------------------|----------------|
|
|
324
|
+
| gpt-4o | $2.50 | $10.00 | 128K |
|
|
325
|
+
| gpt-4o-mini | $0.15 | $0.60 | 128K |
|
|
326
|
+
| o1 | $15.00 | $60.00 | 200K |
|
|
327
|
+
| o3-mini | $1.10 | $4.40 | 200K |
|
|
328
|
+
| claude-sonnet-4 | $3.00 | $15.00 | 200K |
|
|
329
|
+
| claude-3.5-haiku | $0.80 | $4.00 | 200K |
|
|
330
|
+
| gemini-2.5-pro | $1.25 | $10.00 | 1M |
|
|
331
|
+
| gemini-2.0-flash | $0.10 | $0.40 | 1M |
|
|
332
|
+
|
|
333
|
+
### Request lifecycle
|
|
334
|
+
|
|
335
|
+
1. **Receive** — Client sends POST request to Gateway
|
|
336
|
+
2. **Budget check** — If daily/monthly budget exceeded → 429
|
|
337
|
+
3. **Parse** — Detect provider, extract messages from provider-specific format
|
|
338
|
+
4. **Scan secrets** — Run 30+ patterns against all message content
|
|
339
|
+
5. **Redact or block** — Replace secrets with `***REDACTED***` or return 403
|
|
340
|
+
6. **Optimize context** — If analysis ready, inject CTO-selected files into system prompt
|
|
341
|
+
7. **Forward** — Proxy to provider (streaming SSE or buffered)
|
|
342
|
+
8. **Track** — Log cost, tokens, savings, latency to JSONL
|
|
343
|
+
9. **Respond** — Forward provider response to client (zero-copy for streams)
|
|
344
|
+
|
|
345
|
+
### Streaming support
|
|
346
|
+
|
|
347
|
+
The Gateway fully supports Server-Sent Events (SSE) streaming:
|
|
348
|
+
|
|
349
|
+
- Detects streaming from `Content-Type: text/event-stream`
|
|
350
|
+
- Zero-copy passthrough: chunks are forwarded to client as they arrive
|
|
351
|
+
- Async token tracking: parses SSE events in background without blocking the stream
|
|
352
|
+
- Usage data extracted from final SSE chunk (when provider includes it)
|
|
353
|
+
|
|
354
|
+
### Dashboard
|
|
355
|
+
|
|
356
|
+
Available at `http://localhost:8787/__cto` (configurable via `--dashboardPath`).
|
|
357
|
+
|
|
358
|
+
Shows:
|
|
359
|
+
- **Today**: requests, cost, tokens saved, secrets redacted
|
|
360
|
+
- **This month**: totals + budget progress
|
|
361
|
+
- **Feature status**: optimization, redaction, tracking, audit log
|
|
362
|
+
- **By model**: breakdown of requests, tokens, and cost per model
|
|
363
|
+
- **By provider**: requests and cost per provider
|
|
364
|
+
- Auto-refreshes every 30 seconds
|
|
365
|
+
|
|
366
|
+
### Usage storage
|
|
367
|
+
|
|
368
|
+
| File | Format | Description |
|
|
369
|
+
|------|--------|-------------|
|
|
370
|
+
| `.cto/gateway/usage/YYYY-MM.jsonl` | JSON Lines | One line per request. Monthly files. |
|
|
371
|
+
|
|
372
|
+
Each line:
|
|
373
|
+
```json
|
|
374
|
+
{
|
|
375
|
+
"id": "a1b2c3d4",
|
|
376
|
+
"timestamp": "2026-02-24T23:52:00.000Z",
|
|
377
|
+
"provider": "openai",
|
|
378
|
+
"model": "gpt-4o",
|
|
379
|
+
"inputTokens": 1200,
|
|
380
|
+
"outputTokens": 350,
|
|
381
|
+
"costUSD": 0.0065,
|
|
382
|
+
"originalTokens": 6200,
|
|
383
|
+
"optimizedTokens": 1200,
|
|
384
|
+
"savedTokens": 5000,
|
|
385
|
+
"savedUSD": 0.0130,
|
|
386
|
+
"secretsRedacted": 2,
|
|
387
|
+
"secretsBlocked": false,
|
|
388
|
+
"latencyMs": 152,
|
|
389
|
+
"stream": true
|
|
390
|
+
}
|
|
391
|
+
```
|
|
392
|
+
|
|
393
|
+
### Budget enforcement
|
|
394
|
+
|
|
395
|
+
When a budget is set, the Gateway checks cost totals before every request:
|
|
396
|
+
|
|
397
|
+
| Condition | HTTP response |
|
|
398
|
+
|-----------|---------------|
|
|
399
|
+
| Daily budget exceeded | `429 Too Many Requests` + `{ "error": "Daily budget exceeded", "budget": 10, "current": 10.42 }` |
|
|
400
|
+
| Monthly budget exceeded | `429 Too Many Requests` + `{ "error": "Monthly budget exceeded" }` |
|
|
401
|
+
| Critical secrets + `--block-secrets` | `403 Forbidden` + `{ "error": "Request blocked: secrets detected" }` |
|
|
402
|
+
|
|
403
|
+
Budget alerts are emitted at 80% of limit (configurable via `alertThreshold`).
|
|
404
|
+
|
|
405
|
+
### Programmatic API
|
|
406
|
+
|
|
407
|
+
```typescript
|
|
408
|
+
import { ContextGateway, UsageTracker } from 'cto-ai-cli/gateway';
|
|
409
|
+
|
|
410
|
+
const gateway = new ContextGateway({
|
|
411
|
+
port: 8787,
|
|
412
|
+
projectPath: '/path/to/project',
|
|
413
|
+
redactSecrets: true,
|
|
414
|
+
blockOnSecrets: false,
|
|
415
|
+
budgetDaily: 20,
|
|
416
|
+
budgetMonthly: 500,
|
|
417
|
+
});
|
|
418
|
+
|
|
419
|
+
// Listen to events
|
|
420
|
+
gateway.onEvent((event) => {
|
|
421
|
+
if (event.type === 'request') console.log(`${event.record.model}: $${event.record.costUSD}`);
|
|
422
|
+
if (event.type === 'budget-alert') console.log(`Budget warning: ${event.period}`);
|
|
423
|
+
});
|
|
424
|
+
|
|
425
|
+
await gateway.start();
|
|
426
|
+
|
|
427
|
+
// Get usage summary
|
|
428
|
+
const tracker = gateway.getTracker();
|
|
429
|
+
const summary = tracker.getSummary('month');
|
|
430
|
+
console.log(`This month: ${summary.totalRequests} requests, $${summary.totalCostUSD}`);
|
|
431
|
+
|
|
432
|
+
// Provider detection (standalone)
|
|
433
|
+
import { detectProvider, estimateCost } from 'cto-ai-cli/gateway';
|
|
434
|
+
|
|
435
|
+
const provider = detectProvider('https://api.openai.com/v1/chat/completions', {});
|
|
436
|
+
const cost = estimateCost(provider, 'gpt-4o', 5000, 1000);
|
|
437
|
+
```
|
|
438
|
+
|
|
439
|
+
### Interceptor (standalone)
|
|
440
|
+
|
|
441
|
+
```typescript
|
|
442
|
+
import { interceptRequest } from 'cto-ai-cli/gateway';
|
|
443
|
+
import type { Message, GatewayConfig } from 'cto-ai-cli/gateway';
|
|
444
|
+
|
|
445
|
+
const messages: Message[] = [
|
|
446
|
+
{ role: 'user', content: 'Deploy with key sk-live_abc123...' },
|
|
447
|
+
];
|
|
448
|
+
|
|
449
|
+
const result = await interceptRequest(messages, config, analysis);
|
|
450
|
+
// result.secretsRedacted → 1
|
|
451
|
+
// result.messages[0].content → 'Deploy with key sk-l**********23...'
|
|
452
|
+
// result.decisions → ['Redacted 1 secret(s) in user message: api-key']
|
|
453
|
+
```
|
|
454
|
+
|
|
455
|
+
---
|
|
456
|
+
|
|
457
|
+
## Learning Mode
|
|
458
|
+
|
|
459
|
+
CTO learns from your usage patterns to improve context selection over time. Three engines work together:
|
|
460
|
+
|
|
461
|
+
### Feedback Engine (`--learn` / `--feedback`)
|
|
462
|
+
|
|
463
|
+
Tracks which context selections lead to accepted AI output.
|
|
464
|
+
|
|
465
|
+
```bash
|
|
466
|
+
npx cto-ai-cli --learn # Full learning dashboard
|
|
467
|
+
npx cto-ai-cli --learn --json # Export for team sharing
|
|
468
|
+
```
|
|
469
|
+
|
|
470
|
+
**v2.0 Features:**
|
|
471
|
+
|
|
472
|
+
| Feature | Description |
|
|
473
|
+
|---------|-------------|
|
|
474
|
+
| **EWMA Temporal Decay** | Recent feedback weighs more (α=0.15). Old patterns fade naturally. |
|
|
475
|
+
| **Bayesian Confidence (Wilson Score)** | Avoids over-trusting sparse data. 1/1 ≠ 100% confidence. |
|
|
476
|
+
| **Session Tracking** | Groups related feedback for per-session analysis. |
|
|
477
|
+
| **A/B Strategy Comparison** | Compare different context strategies with statistical rigor. |
|
|
478
|
+
| **Team Export/Import** | Share learned models across teams with weighted merge (local 70%, team 30%). |
|
|
479
|
+
|
|
480
|
+
### Predictor Engine (`--predict`)
|
|
481
|
+
|
|
482
|
+
Predicts which files are relevant for a task based on historical patterns.
|
|
483
|
+
|
|
484
|
+
```bash
|
|
485
|
+
npx cto-ai-cli --predict --context "fix auth bug" # Predict files for a task
|
|
486
|
+
npx cto-ai-cli --predict --json # JSON predictions
|
|
487
|
+
```
|
|
488
|
+
|
|
489
|
+
The predictor uses:
|
|
490
|
+
- **Task type frequency** — which files were selected for similar task types (3× weight)
|
|
491
|
+
- **Keyword frequency** — which files correlate with task keywords (2× weight)
|
|
492
|
+
- **General selection frequency** — files selected in >30% of all observations
|
|
493
|
+
- **Co-selection patterns** — files that tend to be selected together
|
|
494
|
+
|
|
495
|
+
### Cross-Repo Intelligence
|
|
496
|
+
|
|
497
|
+
Learns patterns across repositories. Stored in `~/.cto/global-intelligence.json`.
|
|
498
|
+
|
|
499
|
+
- **Project fingerprinting** — stack, size class, structure pattern
|
|
500
|
+
- **Archetype matching** — "TypeScript medium-size projects with tests"
|
|
501
|
+
- **Universal patterns** — patterns that work across >50% of project types
|
|
502
|
+
|
|
503
|
+
### Programmatic API
|
|
504
|
+
|
|
505
|
+
```typescript
|
|
506
|
+
import {
|
|
507
|
+
recordFeedback,
|
|
508
|
+
loadFeedbackModel,
|
|
509
|
+
getFeedbackBoosts,
|
|
510
|
+
exportFeedbackForTeam,
|
|
511
|
+
importTeamFeedback,
|
|
512
|
+
wilsonLowerBound,
|
|
513
|
+
renderFeedbackReport,
|
|
514
|
+
renderCrossRepoReport,
|
|
515
|
+
} from 'cto-ai-cli/engine';
|
|
516
|
+
import {
|
|
517
|
+
recordSelection,
|
|
518
|
+
predictRelevantFiles,
|
|
519
|
+
getPredictorBoosts,
|
|
520
|
+
loadModel,
|
|
521
|
+
getModelStats,
|
|
522
|
+
} from 'cto-ai-cli/engine';
|
|
523
|
+
import {
|
|
524
|
+
recordCrossRepoSelection,
|
|
525
|
+
predictFromCrossRepo,
|
|
526
|
+
loadGlobalModel,
|
|
527
|
+
getCrossRepoStats,
|
|
528
|
+
computeFingerprint,
|
|
529
|
+
} from 'cto-ai-cli/engine';
|
|
530
|
+
|
|
531
|
+
// Record feedback
|
|
532
|
+
const model = await recordFeedback('/path/to/project', {
|
|
533
|
+
task: 'fix auth bug',
|
|
534
|
+
contextHash: 'abc123',
|
|
535
|
+
filesIncluded: ['src/auth.ts', 'src/types.ts'],
|
|
536
|
+
tokensUsed: 5000,
|
|
537
|
+
budget: 50000,
|
|
538
|
+
outcome: { accepted: true, compilable: true, timeToAcceptMs: 3000 },
|
|
539
|
+
sessionId: 'sess-1', // optional: group feedback
|
|
540
|
+
strategy: 'experimental', // optional: A/B testing
|
|
541
|
+
});
|
|
542
|
+
|
|
543
|
+
// Get boosts for context selection
|
|
544
|
+
const boosts = await getFeedbackBoosts('/path/to/project', 'fix auth');
|
|
545
|
+
// Map<string, number> — file path → boost value
|
|
546
|
+
|
|
547
|
+
// Wilson score for statistical confidence
|
|
548
|
+
const confidence = wilsonLowerBound(8, 10); // 8 successes out of 10
|
|
549
|
+
// ~0.49 — 95% confident the true rate is ≥49%
|
|
550
|
+
|
|
551
|
+
// Team sharing
|
|
552
|
+
const exported = await exportFeedbackForTeam('/path/to/project', 'my-project');
|
|
553
|
+
const merged = await importTeamFeedback('/other/project', exported);
|
|
554
|
+
|
|
555
|
+
// Predict relevant files
|
|
556
|
+
const predictions = await predictRelevantFiles('/path', 'fix auth', analysis);
|
|
557
|
+
// { filePath, predictedScore, reasons }[]
|
|
558
|
+
```
|
|
559
|
+
|
|
560
|
+
### Storage
|
|
561
|
+
|
|
562
|
+
| File | Scope | Description |
|
|
563
|
+
|------|-------|-------------|
|
|
564
|
+
| `.cto/feedback.json` | Per-project | Raw feedback entries (last 1000) |
|
|
565
|
+
| `.cto/feedback-model.json` | Per-project | Rebuilt model with EWMA, Bayesian, sessions |
|
|
566
|
+
| `.cto/predictor.json` | Per-project | ML predictor model |
|
|
567
|
+
| `~/.cto/global-intelligence.json` | Cross-repo | Global archetype and pattern data |
|
|
568
|
+
|
|
569
|
+
---
|
|
570
|
+
|
|
571
|
+
## Code Review
|
|
572
|
+
|
|
573
|
+
Context-aware PR review intelligence. Analyzes git diffs, detects breaking changes, finds missing files, and generates AI-ready review prompts.
|
|
574
|
+
|
|
575
|
+
### Usage
|
|
576
|
+
|
|
577
|
+
```bash
|
|
578
|
+
npx cto-ai-cli --review # Full review analysis
|
|
579
|
+
npx cto-ai-cli --review --json # JSON output for CI
|
|
580
|
+
```
|
|
581
|
+
|
|
582
|
+
Generates:
|
|
583
|
+
- **Terminal dashboard** — review quality score, breaking changes, missing files, impact radius
|
|
584
|
+
- **`.cto/review-prompt.md`** — AI-ready review prompt with full file contents
|
|
585
|
+
|
|
586
|
+
### Features
|
|
587
|
+
|
|
588
|
+
| Feature | Description |
|
|
589
|
+
|---------|-------------|
|
|
590
|
+
| **Diff Parsing** | Parses git diffs into structured DiffHunk[] with additions/deletions |
|
|
591
|
+
| **Breaking Change Detection** | Removed exports, type changes, function signature changes, deleted files with dependents |
|
|
592
|
+
| **Missing File Detection** | Sibling type files, test files, importers of changed exports, barrel index files |
|
|
593
|
+
| **Impact Radius** | BFS on dependency graph: direct dependents, transitive (2-hop), affected tests |
|
|
594
|
+
| **Review Quality Score** | 5-factor weighted score: PR size (25%), focus (20%), breaking changes (25%), completeness (15%), blast radius (15%) |
|
|
595
|
+
| **Review Prompt Generation** | Context-rich prompt with breaking changes, missing files, and file contents for top-risk files |
|
|
596
|
+
|
|
597
|
+
### Review Quality Score
|
|
598
|
+
|
|
599
|
+
| Grade | Score | Meaning |
|
|
600
|
+
|-------|-------|---------|
|
|
601
|
+
| A+/A/A- | 85-100 | Small, focused PR with no breaking changes |
|
|
602
|
+
| B+/B/B- | 70-84 | Manageable PR, some issues to review |
|
|
603
|
+
| C+/C/C- | 55-69 | Large or unfocused PR, needs careful review |
|
|
604
|
+
| D+/D/D- | 40-54 | Risky PR with breaking changes or missing files |
|
|
605
|
+
| F | <40 | Very large, unfocused, or highly risky PR |
|
|
606
|
+
|
|
607
|
+
### Breaking Change Severity
|
|
608
|
+
|
|
609
|
+
| Severity | Trigger |
|
|
610
|
+
|----------|--------|
|
|
611
|
+
| **Critical** | Deleted file with dependents, removed export with >3 dependents |
|
|
612
|
+
| **High** | Removed export, interface property removed, function signature changed |
|
|
613
|
+
| **Medium** | Export changed with no direct dependents |
|
|
614
|
+
|
|
615
|
+
### Programmatic API
|
|
616
|
+
|
|
617
|
+
```typescript
|
|
618
|
+
import { analyzeForReview, renderReviewSummary } from 'cto-ai-cli/engine';
|
|
619
|
+
import type { ReviewResult, ReviewOptions } from 'cto-ai-cli/engine';
|
|
620
|
+
|
|
621
|
+
const result: ReviewResult = await analyzeForReview(analysis, {
|
|
622
|
+
baseBranch: 'main', // default: 'main'
|
|
623
|
+
depth: 2, // dependency expansion depth
|
|
624
|
+
maxPromptFiles: 20, // max files in review prompt
|
|
625
|
+
});
|
|
626
|
+
|
|
627
|
+
console.log(result.breakingChanges); // BreakingChange[]
|
|
628
|
+
console.log(result.missingFiles); // MissingFile[]
|
|
629
|
+
console.log(result.impactRadius); // { directlyAffected, transitivelyAffected, riskScore }
|
|
630
|
+
console.log(result.reviewQuality); // { score, grade, factors }
|
|
631
|
+
console.log(result.reviewPrompt); // Full AI-ready review prompt
|
|
632
|
+
```
|
|
633
|
+
|
|
634
|
+
---
|
|
635
|
+
|
|
239
636
|
## MCP Server
|
|
240
637
|
|
|
241
638
|
CTO exposes 19 tools via the Model Context Protocol.
|
|
@@ -478,8 +875,11 @@ src/
|
|
|
478
875
|
│ ├── multi-model.ts # Per-model optimization
|
|
479
876
|
│ ├── predictor.ts # ML-based prediction (learns from usage)
|
|
480
877
|
│ ├── semantic.ts # Semantic domain analysis
|
|
481
|
-
│ ├── feedback.ts # Output feedback loop
|
|
482
|
-
│
|
|
878
|
+
│ ├── feedback.ts # Output feedback loop (v2: EWMA, Bayesian, A/B, team)
|
|
879
|
+
│ ├── cross-repo.ts # Cross-repo intelligence
|
|
880
|
+
│ ├── code-review.ts # Context-aware PR review engine
|
|
881
|
+
│ ├── monorepo.ts # Monorepo intelligence
|
|
882
|
+
│ └── quality-gate.ts # CI/CD quality gate
|
|
483
883
|
├── interact/ # Interaction Optimization
|
|
484
884
|
│ ├── orchestrator.ts # Full pipeline
|
|
485
885
|
│ ├── router.ts # Model routing
|