pierre-review 0.1.0

package/dist/github/queries.js

@@ -0,0 +1,249 @@
+// One query per repo per sync: PRs, reviews, review threads (+comments),
+// general PR comments, and commits in a single round trip.
+export const REPO_ACTIVITY_QUERY = /* GraphQL */ `
+  query RepoActivity($owner: String!, $name: String!, $cursor: String) {
+    repository(owner: $owner, name: $name) {
+      id
+      nameWithOwner
+      defaultBranchRef {
+        name
+      }
+      pullRequests(
+        first: 25
+        after: $cursor
+        orderBy: { field: UPDATED_AT, direction: DESC }
+      ) {
+        pageInfo {
+          hasNextPage
+          endCursor
+        }
+        nodes {
+          id
+          number
+          title
+          body
+          isDraft
+          state
+          createdAt
+          mergedAt
+          closedAt
+          updatedAt
+          url
+          baseRefName
+          mergeable
+          mergeStateStatus
+          author {
+            login
+            ... on User {
+              id
+              name
+              avatarUrl
+            }
+          }
+          mergedBy {
+            login
+            ... on User {
+              id
+              name
+              avatarUrl
+            }
+          }
+          labels(first: 20) {
+            nodes {
+              name
+              color
+            }
+          }
+          reviewRequests(first: 20) {
+            nodes {
+              requestedReviewer {
+                __typename
+                ... on User {
+                  id
+                  login
+                }
+                ... on Team {
+                  id
+                  name
+                }
+              }
+            }
+          }
+          headCommit: commits(last: 1) {
+            nodes {
+              commit {
+                oid
+                statusCheckRollup {
+                  state
+                  contexts(first: 100) {
+                    nodes {
+                      __typename
+                      ... on CheckRun {
+                        name
+                        status
+                        conclusion
+                        detailsUrl
+                      }
+                      ... on StatusContext {
+                        context
+                        state
+                        targetUrl
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          }
+          commits(last: 100) {
+            nodes {
+              commit {
+                oid
+                committedDate
+                message
+                author {
+                  user {
+                    login
+                    id
+                  }
+                }
+                committer {
+                  user {
+                    login
+                    id
+                  }
+                }
+              }
+            }
+          }
+          reviews(first: 50) {
+            nodes {
+              id
+              fullDatabaseId
+              state
+              body
+              submittedAt
+              author {
+                login
+                ... on User {
+                  id
+                  name
+                  avatarUrl
+                }
+              }
+            }
+          }
+          reviewThreads(first: 50) {
+            nodes {
+              id
+              isResolved
+              isOutdated
+              isCollapsed
+              path
+              line
+              comments(first: 50) {
+                nodes {
+                  id
+                  fullDatabaseId
+                  body
+                  createdAt
+                  diffHunk
+                  author {
+                    login
+                    ... on User {
+                      id
+                      name
+                      avatarUrl
+                    }
+                  }
+                }
+              }
+            }
+          }
+          comments(first: 50) {
+            nodes {
+              id
+              fullDatabaseId
+              body
+              createdAt
+              author {
+                login
+                ... on User {
+                  id
+                  name
+                  avatarUrl
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+    rateLimit {
+      remaining
+      resetAt
+      cost
+    }
+  }
+`;
+// Lightweight lookup used when adding a repo (just need the node id + canonical
+// owner/name casing).
+export const REPO_ID_QUERY = /* GraphQL */ `
+  query RepoId($owner: String!, $name: String!) {
+    repository(owner: $owner, name: $name) {
+      id
+      name
+      owner {
+        login
+      }
+    }
+  }
+`;
+// Live repository search for the Add-repo picker. `query` is the raw user term —
+// GitHub "best match" ordering, identical to the github.com search box; it matches
+// on name/description/topics, so no `owner/` prefix is required. `viewer` is folded
+// into the same round trip so the route can float the user's own / org repos to the
+// top without a second request. Open-PR count comes free via pullRequests.totalCount.
+export const REPO_SEARCH_QUERY = /* GraphQL */ `
+  query RepoSearch($searchQuery: String!, $first: Int!, $cursor: String) {
+    search(query: $searchQuery, type: REPOSITORY, first: $first, after: $cursor) {
+      repositoryCount
+      pageInfo {
+        hasNextPage
+        endCursor
+      }
+      nodes {
+        ... on Repository {
+          id
+          name
+          nameWithOwner
+          description
+          url
+          isPrivate
+          stargazerCount
+          owner {
+            login
+            avatarUrl
+          }
+          pullRequests(states: OPEN) {
+            totalCount
+          }
+        }
+      }
+    }
+    viewer {
+      login
+      organizations(first: 100) {
+        nodes {
+          login
+        }
+      }
+    }
+    rateLimit {
+      remaining
+      resetAt
+      cost
+    }
+  }
+`;
+//# sourceMappingURL=queries.js.map

package/dist/index.js

@@ -0,0 +1,49 @@
+import { pathToFileURL } from 'node:url';
+import { buildApp } from './app.js';
+import { config } from './config.js';
+import { cleanupRedundantReviewEvents } from './db/cleanup.js';
+import { runMigrations } from './db/run-migrations.js';
+// Boot the server: migrate → cache the local user → build the Fastify app →
+// start the scheduler → listen. Returns the listening Fastify instance and the
+// resolved port so a caller (the CLI) can print the URL / open the browser.
+export async function start() {
+    // Apply any pending migrations before serving.
+    runMigrations();
+    // Drop redundant empty-review-wrapper timeline events left by older syncs.
+    const removed = cleanupRedundantReviewEvents();
+    if (removed > 0)
+        console.log(`cleanup: removed ${removed} redundant review_submitted events`);
+    // Cache the locally-authenticated GitHub user up front so triage ("my turn")
+    // knows who "you" are. Non-fatal if gh isn't available.
+    const { ensureLocalUser } = await import('./github/local-user.js');
+    const me = ensureLocalUser();
+    const app = await buildApp();
+    if (me)
+        app.log.info(`local user: ${me.login}`);
+    else
+        app.log.warn('local user unknown (gh api user failed) — "my turn" disabled');
+    // Scheduler is wired in Phase 3; guarded so the skeleton runs without it.
+    if (!config.disableScheduler) {
+        try {
+            const { startScheduler } = await import('./sync/scheduler.js');
+            startScheduler(app.log);
+        }
+        catch (err) {
+            app.log.warn({ err }, 'scheduler not started');
+        }
+    }
+    await app.listen({ port: config.port, host: config.host });
+    return { app, port: config.port };
+}
+// Run-as-main guard: only auto-boot when this module is the process entrypoint
+// (e.g. `node dist/index.js` via the `start` script). When the CLI imports
+// `start()`, this stays dormant so the server boots exactly once.
+const isMain = process.argv[1] !== undefined &&
+    import.meta.url === pathToFileURL(process.argv[1]).href;
+if (isMain) {
+    start().catch((err) => {
+        console.error('Failed to start backend:', err);
+        process.exit(1);
+    });
+}
+//# sourceMappingURL=index.js.map

package/dist/sync/bot-detection.js

@@ -0,0 +1,24 @@
+// Known bot logins (without the [bot] suffix). Anything weird gets a manual
+// override via PATCH /api/users/:id.
+const KNOWN_BOTS = new Set([
+    'dependabot',
+    'renovate',
+    'github-actions',
+    'codecov',
+    'sonarcloud',
+    'snyk-bot',
+    'mergify',
+    'imgbot',
+    'allcontributors',
+    'pre-commit-ci',
+    'sonarqubecloud',
+    'coderabbitai',
+]);
+export function isLikelyBot(login) {
+    const lower = login.toLowerCase();
+    if (lower.endsWith('[bot]'))
+        return true;
+    const stripped = lower.replace(/\[bot\]$/, '');
+    return KNOWN_BOTS.has(stripped);
+}
+//# sourceMappingURL=bot-detection.js.map

package/dist/sync/commit-files.js

@@ -0,0 +1,50 @@
+import { inArray } from 'drizzle-orm';
+import { db, schema } from '../db/client.js';
+import { ghRestGet } from '../github/client.js';
+const { commitFiles } = schema;
+/**
+ * Resolve changed-file paths for the given commit SHAs, using the permanent
+ * `commit_files` cache and filling misses via REST. SHAs are immutable, so the
+ * cache never expires — re-syncs are free.
+ */
+export async function ensureCommitFiles(owner, name, shas) {
+    const result = new Map();
+    const unique = [...new Set(shas)];
+    if (unique.length === 0)
+        return result;
+    // Load whatever is already cached.
+    const cached = db
+        .select()
+        .from(commitFiles)
+        .where(inArray(commitFiles.sha, unique))
+        .all();
+    for (const row of cached)
+        result.set(row.sha, row.paths);
+    // Fetch cache misses with bounded concurrency. These REST calls dominate
+    // sync latency on a PR that just got several commits addressing threads;
+    // running them serially blocks the whole page loop. SHAs are immutable and
+    // the cache is idempotent, so parallelism is safe.
+    const missing = unique.filter((sha) => !result.has(sha));
+    const CONCURRENCY = 5;
+    const fetchOne = async (sha) => {
+        try {
+            const commit = await ghRestGet(`/repos/${owner}/${name}/commits/${sha}`);
+            const paths = (commit.files ?? []).map((f) => f.filename);
+            db.insert(commitFiles)
+                .values({ sha, paths })
+                .onConflictDoUpdate({ target: commitFiles.sha, set: { paths } })
+                .run();
+            result.set(sha, paths);
+        }
+        catch {
+            // A missing/forbidden commit shouldn't abort the whole sync; treat as
+            // "no known files" (derivation falls back to other signals).
+            result.set(sha, []);
+        }
+    };
+    for (let i = 0; i < missing.length; i += CONCURRENCY) {
+        await Promise.all(missing.slice(i, i + CONCURRENCY).map(fetchOne));
+    }
+    return result;
+}
+//# sourceMappingURL=commit-files.js.map

package/dist/sync/derive-thread-state.js

@@ -0,0 +1,38 @@
+/**
+ * Classify a review thread into one of four states. The signal that makes this
+ * tool useful beyond GitHub's own UI.
+ *
+ * - `resolved`           — GitHub marked the thread resolved.
+ * - `likely_addressed`   — a commit touched the thread's file *after* the last
+ *                          comment. Heuristic: false positives when a file is
+ *                          touched for unrelated reasons, false negatives when
+ *                          feedback was addressed by deleting/renaming a file.
+ * - `replied_unresolved` — someone other than the original commenter replied,
+ *                          but no subsequent commit touched the file.
+ * - `untouched`          — none of the above.
+ *
+ * @param prCommitsByDate  PR commits sorted ascending by committedDate.
+ * @param commitFilesBySha SHA -> changed file paths.
+ */
+export function deriveThreadState(thread, prCommitsByDate, commitFilesBySha) {
+    if (thread.isResolved)
+        return 'resolved';
+    // A thread with no comments can't be classified further.
+    const lastComment = thread.comments.at(-1);
+    if (!lastComment)
+        return 'untouched';
+    const latestCommentAt = Date.parse(lastComment.createdAt);
+    const hasSubsequentCommitToFile = prCommitsByDate.some((c) => {
+        if (Date.parse(c.committedDate) <= latestCommentAt)
+            return false;
+        return (commitFilesBySha.get(c.oid) ?? []).includes(thread.path);
+    });
+    if (hasSubsequentCommitToFile)
+        return 'likely_addressed';
+    const firstAuthor = thread.comments[0]?.author?.login;
+    const hasReply = thread.comments.some((c) => c.author?.login && c.author.login !== firstAuthor);
+    if (hasReply)
+        return 'replied_unresolved';
+    return 'untouched';
+}
+//# sourceMappingURL=derive-thread-state.js.map

package/dist/sync/scheduler.js

@@ -0,0 +1,28 @@
+import cron, {} from 'node-cron';
+import { config } from '../config.js';
+import { syncAllRepos } from './sync-manager.js';
+let task = null;
+// node-cron incremental sync loop. Idempotent upserts make overlapping windows
+// safe; syncAllRepos skips any repo already mid-sync.
+export function startScheduler(log) {
+    if (task)
+        return;
+    if (!cron.validate(config.syncCron)) {
+        log.warn(`invalid SYNC_CRON "${config.syncCron}"; scheduler disabled`);
+        return;
+    }
+    const logger = {
+        info: (m, ...a) => log.info(a.length ? { a } : {}, m),
+        warn: (m, ...a) => log.warn(a.length ? { a } : {}, m),
+        error: (m, ...a) => log.error(a.length ? { a } : {}, m),
+    };
+    task = cron.schedule(config.syncCron, () => {
+        void syncAllRepos(logger);
+    });
+    log.info(`scheduler started (cron "${config.syncCron}")`);
+}
+export function stopScheduler() {
+    task?.stop();
+    task = null;
+}
+//# sourceMappingURL=scheduler.js.map

package/dist/sync/sync-manager.js

@@ -0,0 +1,150 @@
+import { eq } from 'drizzle-orm';
+import { db, schema } from '../db/client.js';
+import { config } from '../config.js';
+import { syncRepo } from './sync-repo.js';
+const { repos, syncState } = schema;
+// In-memory record of which repos are mid-sync (status isn't persisted as
+// "running" — it lives only for the lifetime of the process).
+const running = new Set();
+// Repos currently undergoing a user-initiated FULL ("deep") sync. The deep button
+// fires a forced full sync on every repo at once; they finish at different times.
+// While ANY deep sync is still in flight we skip the scheduled incremental run
+// entirely — otherwise the cron starts a fresh incremental on each repo the moment
+// its deep sync finishes, resetting that repo's progress bar to 0% mid-session.
+const deepSyncing = new Set();
+// True while a deep (forced-full) sync is in progress on any repo.
+export function isDeepSyncActive() {
+    return deepSyncing.size > 0;
+}
+// Live progress for in-flight syncs, surfaced via getSyncStatus so the UI can
+// show a determinate bar. Lives only for the duration of the run.
+const progressByRepo = new Map();
+function setSyncProgress(repoId, p) {
+    progressByRepo.set(repoId, p);
+}
+function clearSyncProgress(repoId) {
+    progressByRepo.delete(repoId);
+}
+const DAY_MS = 24 * 60 * 60 * 1000;
+export function isSyncRunning(repoId) {
+    return running.has(repoId);
+}
+export function getSyncStatus(repoId) {
+    const state = db
+        .select()
+        .from(syncState)
+        .where(eq(syncState.repoId, repoId))
+        .get();
+    let status = 'idle';
+    if (running.has(repoId))
+        status = 'running';
+    else if (state?.lastSyncStatus === 'error')
+        status = 'error';
+    else if (state?.lastSyncStatus === 'ok')
+        status = 'ok';
+    return {
+        repoId,
+        status,
+        progress: status === 'running' ? progressByRepo.get(repoId) ?? null : null,
+        lastFullSyncAt: state?.lastFullSyncAt?.toISOString() ?? null,
+        lastIncrementalSyncAt: state?.lastIncrementalSyncAt?.toISOString() ?? null,
+        lastSyncError: state?.lastSyncError ?? null,
+    };
+}
+function getRepoRow(repoId) {
+    return (db
+        .select({ id: repos.id, owner: repos.owner, name: repos.name })
+        .from(repos)
+        .where(eq(repos.id, repoId))
+        .get() ?? null);
+}
+// Decide window: incremental if we've ever synced, otherwise a full backfill.
+function planSync(repoId) {
+    const state = db
+        .select()
+        .from(syncState)
+        .where(eq(syncState.repoId, repoId))
+        .get();
+    if (state?.lastIncrementalSyncAt) {
+        const since = new Date(state.lastIncrementalSyncAt.getTime() - config.syncOverlapMinutes * 60 * 1000);
+        return { mode: 'incremental', since };
+    }
+    return { mode: 'full', since: new Date(Date.now() - config.backfillDays * DAY_MS) };
+}
+/**
+ * Run a sync for one repo. When `background` is true (the default for the API),
+ * returns immediately and the sync continues; the running flag and sync_state
+ * reflect progress. Returns false if a sync is already in flight.
+ */
+export function runSyncForRepo(repoId, log, opts = {}) {
+    if (running.has(repoId))
+        return false;
+    const repo = getRepoRow(repoId);
+    if (!repo)
+        return false;
+    const plan = opts.forceFull
+        ? { mode: 'full', since: new Date(Date.now() - config.backfillDays * DAY_MS) }
+        : planSync(repoId);
+    running.add(repoId);
+    // Track forced-full runs so the scheduler stands down for the whole deep-sync
+    // session (added synchronously here, before any await, so a cron tick that
+    // fires right after this call already sees the deep sync as active).
+    if (opts.forceFull)
+        deepSyncing.add(repoId);
+    setSyncProgress(repoId, { percent: 0, prsProcessed: 0, pages: 0, mode: plan.mode });
+    const task = syncRepo({
+        owner: repo.owner,
+        name: repo.name,
+        ...plan,
+        log,
+        onProgress: (p) => setSyncProgress(repoId, { ...p, mode: plan.mode }),
+    })
+        .catch((err) => {
+        log.error(`background sync ${repo.owner}/${repo.name} failed: ${err instanceof Error ? err.message : err}`);
+    })
+        .finally(() => {
+        running.delete(repoId);
+        deepSyncing.delete(repoId);
+        clearSyncProgress(repoId);
+    });
+    if (!opts.background)
+        return Boolean(task);
+    return true;
+}
+/** Incrementally sync every configured repo (used by the scheduler). */
+export async function syncAllRepos(log) {
+    // Stand down entirely while a deep (forced-full) sync is in progress. Resuming
+    // a repo incrementally the instant its deep sync finishes would reset its
+    // progress bar mid-session; idempotent upserts + the overlap window mean the
+    // next scheduled tick loses nothing by waiting.
+    if (deepSyncing.size > 0) {
+        log.info(`scheduled sync skipped: deep sync in progress (${deepSyncing.size} repo(s))`);
+        return;
+    }
+    const all = db.select({ id: repos.id }).from(repos).all();
+    for (const r of all) {
+        if (running.has(r.id))
+            continue;
+        running.add(r.id);
+        try {
+            const repo = getRepoRow(r.id);
+            const plan = planSync(r.id);
+            setSyncProgress(r.id, { percent: 0, prsProcessed: 0, pages: 0, mode: plan.mode });
+            await syncRepo({
+                owner: repo.owner,
+                name: repo.name,
+                ...plan,
+                log,
+                onProgress: (p) => setSyncProgress(r.id, { ...p, mode: plan.mode }),
+            });
+        }
+        catch (err) {
+            log.error(`scheduled sync of repo ${r.id} failed: ${err instanceof Error ? err.message : err}`);
+        }
+        finally {
+            running.delete(r.id);
+            clearSyncProgress(r.id);
+        }
+    }
+}
+//# sourceMappingURL=sync-manager.js.map