treliq 0.5.1 → 0.7.0

package/README.md

@@ -2,18 +2,18 @@
   <img src="docs/logo.png" alt="Treliq" width="140" />
 </p>
 
-<h3 align="center">AI-Powered PR Triage for Open Source Maintainers</h3>
+<h3 align="center">AI-Powered PR & Issue Triage for Maintainers & Enterprise Teams</h3>
 
 <p align="center">
-  <em>"3,100 PRs. Which ones should I merge?"</em>
+  <em>"Too many open PRs and issues. Which ones should I review, merge, or close first?"</em>
 </p>
 
 <p align="center">
   <a href="https://www.npmjs.com/package/treliq"><img src="https://img.shields.io/npm/v/treliq?style=flat-square&color=CB3837&logo=npm" alt="npm version" /></a>
   <a href="https://www.npmjs.com/package/treliq"><img src="https://img.shields.io/npm/dm/treliq?style=flat-square&color=CB3837" alt="npm downloads" /></a>
   <a href="https://github.com/mahsumaktas/treliq/actions"><img src="https://img.shields.io/github/actions/workflow/status/mahsumaktas/treliq/ci.yml?branch=main&style=flat-square" alt="CI" /></a>
-  <img src="https://img.shields.io/badge/tests-220_passing-2DA44E?style=flat-square" alt="Tests" />
-  <img src="https://img.shields.io/badge/signals-20-8B5CF6?style=flat-square" alt="20 Signals" />
+  <img src="https://img.shields.io/badge/tests-384_passing-2DA44E?style=flat-square" alt="Tests" />
+  <img src="https://img.shields.io/badge/signals-21-8B5CF6?style=flat-square" alt="21 Signals" />
   <img src="https://img.shields.io/badge/providers-4-FF6600?style=flat-square" alt="4 Providers" />
   <a href="LICENSE"><img src="https://img.shields.io/badge/license-MIT-blue?style=flat-square" alt="License: MIT" /></a>
   <img src="https://img.shields.io/badge/TypeScript-5.7-3178C6?style=flat-square&logo=typescript&logoColor=white" alt="TypeScript" />
@@ -23,7 +23,7 @@
 
 ---
 
-Treliq is an intelligent PR triage system that **deduplicates, scores, and ranks** pull requests so maintainers can focus on merging what matters. Available as a **CLI tool**, **persistent server with REST API**, and **GitHub Action**.
+Treliq is an intelligent triage system that **deduplicates, scores, and ranks** pull requests and issues so maintainers can focus on what matters. Diff-aware code analysis, semantic issue-PR matching, tournament-style holistic re-ranking, auto-close duplicates, auto-merge high-quality PRs, and auto-label by intent. Available as a **CLI tool**, **persistent server with REST API**, and **GitHub Action**.
 
 ## The Problem
 
@@ -32,8 +32,134 @@ Existing tools review code (CodeRabbit, Greptile, Copilot). None answer the main
 - **"These 5 PRs fix the same bug — which one is best?"**
 - **"Does this PR align with our roadmap?"**
 - **"Show me the top 10 PRs I should review today."**
+- **"Which issues have linked PRs? Which are stale?"**
+- **"Auto-close all the duplicate PRs and spam issues."**
 
-Code Review ≠ PR Triage. Treliq fills the gap.
+**Code Review ≠ PR Triage. Treliq fills the gap.**
+
+### 🎯 Who is this for?
+- **Enterprise Engineering Teams:** Weekly release cut-offs approaching? Stop guessing which 20 PRs to merge. Treliq prioritizes bug fixes, high test coverage, and small diffs.
+- **Open Source Maintainers:** Drowning in open PRs from random contributors? Automatically detect duplicate attempts, filter out spam, and prioritize trusted contributors.
+- **Platform/DevOps Teams:** Run Treliq as a central server across multiple internal repositories and provide a unified PR dashboard for the whole company.
+
+### ⚡ Zero Setup / Free Mode
+Not ready to trust your codebase with an LLM? Try the 100% free, local heuristic engine with zero API keys required.
+```bash
+# Score PRs based on 21 signals (CI, coverage, conflicts, intent, etc.) completely locally
+npx treliq scan -r owner/repo --no-llm
+
+# Also scan issues alongside PRs
+npx treliq scan -r owner/repo --no-llm --include-issues
+```
+
+## What's New in v0.7.0
+
+### Accuracy Pipeline (5 New Stages)
+Code-aware, semantically intelligent scoring — goes beyond metadata to analyze actual diffs:
+
+| Stage | What it does |
+|-------|-------------|
+| **Diff-Aware Scoring** | Fetches PR diffs via GitHub API, LLM analyzes code quality (0-100), risk assessment, change type, and affected areas. New 3-way blend: `0.4 heuristic + 0.3 LLM text + 0.3 LLM diff` |
+| **Intent-Aware Profiles** | 6 weight profiles (bugfix, feature, refactor, dependency, docs, chore) automatically adjust signal weights. Bugfix PRs boost CI/test weights; docs PRs reduce them. Weights normalized to sum=1.0 |
+| **LLM Dedup Verification** | After embedding clusters, LLM verifies "are these really duplicates?" with subgroup splitting. Dissolves false positives, splits mixed clusters, selects best item per group. Max 20 clusters |
+| **Issue-PR Semantic Matching** | Compares issue body + PR diff via LLM. Match quality: full/partial/unrelated. Bidirectional: PRs get +8/+3/-5 bonus, issues get linked_pr signal update (95/70/40) |
+| **Holistic Re-ranking** | Tournament-style cross-item comparison: groups of 50 → LLM picks top 10 per group → finalists → top 15. Rank bonus: #1 gets +30 points, #15 gets +2 |
+
+All stages are LLM-optional — `--no-llm` mode uses pure heuristic scoring with zero API calls.
+
+**Full pipeline flow:**
+```
+Fetch PRs → Score (21 signals + intent profiles) → Diff Analysis → LLM Blend
+→ Dedup (embeddings + LLM verify) → Vision Check → Semantic Matching → Holistic Re-rank → Output
+```
+
+### Intent Classification (Signal #21)
+3-tier detection pipeline classifies every PR and issue into one of 6 categories:
+
+| Category | Score | Example |
+|----------|-------|---------|
+| bugfix | 90 | `fix: resolve memory leak in scanner` |
+| feature | 85 | `feat: add dark mode toggle` |
+| refactor | 60 | `refactor: extract scoring engine` |
+| dependency | 35 | `chore(deps): bump express to v5` |
+| docs | 30 | `docs: update API reference` |
+| chore | 25 | `ci: add coverage upload step` |
+
+Detection priority: **Conventional commit prefix** (100% confidence) → **LLM classification** (with JSON parsing) → **Heuristic keyword matching** (fallback).
+
+### Full Issue Triage
+Issues are now first-class citizens. Scan, score, deduplicate, and take action on issues alongside PRs.
+
+- **`scan-issues` command** — Standalone issue scanning with 12 dedicated signals
+- **`--include-issues` flag** — Scan issues alongside PRs in a single `scan` run
+- **Cross-type dedup** — PRs and issues embedded in the same vector space; clusters can be `pr`, `issue`, or `mixed`
+- **12 Issue Signals**: staleness, body quality, label priority, activity, contributor trust, spam detection, milestone, reactions, linked PR status, assignee, reproducibility info, intent
+
+### Auto-Actions Engine
+Two-phase architecture: **ActionEngine** plans actions (pure, testable), **ActionExecutor** executes via GitHub API (re-fetches state before each action).
+
+```bash
+# Preview what would happen (dry-run, default)
+npx treliq scan -r owner/repo --auto-close-dupes --auto-close-spam --auto-merge --auto-label-intent
+
+# Execute for real
+npx treliq scan -r owner/repo --auto-close-dupes --auto-close-spam --auto-merge --auto-label-intent --confirm
+```
+
+| Action | Flag | Description |
+|--------|------|-------------|
+| Close duplicates | `--auto-close-dupes` | Keeps best-scored item in each cluster, closes the rest with comment |
+| Close spam | `--auto-close-spam` | Closes items flagged as spam |
+| Auto-merge | `--auto-merge` | Merges PRs with score >= threshold, approved, CI pass, no conflicts |
+| Label intent | `--auto-label-intent` | Applies `intent:bugfix`, `intent:feature`, etc. labels |
+
+Safety: **dry-run by default**, `--confirm` required for execution, batch limit 50, `--exclude` list, stale state re-check before each action.
+
+### Test Suite (384 tests, 28 suites)
+
+| Category | Tests | Suites |
+|----------|-------|--------|
+| **Accuracy pipeline** | 39 | DiffAnalyzer (7), IntentProfiles (8), DedupVerification (6), SemanticMatcher (7), HolisticRanker (7), Scoring blend (4) |
+| **Intent & issue triage** | 71 | IntentClassifier (24), IssueScoringEngine (14), ActionEngine (18), ActionExecutor (18), IssueScanner (6), Issue GraphQL (5), cross-type dedup (4), intent signal (6) |
+| **Core scoring & pipeline** | 274 | 21-signal scoring, concurrency, rate limiting, caching, batch embedding, dedup, vision, webhooks, auth, config, DB |
+
+---
+
+## What's New in v0.6.0
+
+### Performance Pipeline Redesign
+Full rewrite of the scan pipeline for large-scale repos (1000+ PRs). First scan drops from ~140 min to ~15-20 min; incremental scans finish in ~5-8 min.
+
+### Parallel Pipeline
+- **Dedup + Vision run concurrently** via `Promise.all` (previously sequential)
+- Each stage uses `ConcurrencyController` for internal parallelism
+
+### Batch Embedding
+- **Gemini** `batchEmbedContents` API — 100 embeddings per call
+- **OpenAI** array input — 100 embeddings per call
+- Automatic fallback to parallel individual embedding if batch fails
+
+### RetryableProvider
+- New wrapper around any LLM provider with exponential backoff + jitter
+- Detects HTTP 429 and respects `Retry-After` headers
+- Non-retryable status codes (400/401/403/404/422) fail fast
+- `onThrottle` callback wired to adaptive concurrency controllers
+
+### Adaptive Concurrency
+- `ConcurrencyController.throttle()` halves parallelism on rate-limit hits
+- `ConcurrencyController.recover()` increments back toward initial max
+- Shared controllers across dedup + vision, auto-throttled via RetryableProvider
+
+### Expanded Cache
+- Embedding vectors and vision results now persisted in cache
+- Incremental scans skip re-embedding and re-checking cached PRs
+- Compact JSON format (no pretty-print) reduces cache file size
+
+### Test Suite (244 tests)
+- 17 test suites, 244/244 passing
+- RetryableProvider, batch embedding, adaptive concurrency, parallel dedup/vision, expanded cache
+
+---
 
 ## What's New in v0.5.1
 
@@ -105,7 +231,7 @@ Tested on OpenClaw PRs with 4 models:
 - 📡 **Real-time SSE** — Live dashboard updates via Server-Sent Events
 - 🔗 **GitHub Webhooks** — Auto-score PRs on open/update/close with HMAC-SHA256 verification
 - 🔍 **GraphQL Fetching** — ~80% fewer API calls using GitHub's GraphQL API
-- 📊 **20-Signal Scoring** — Includes new Scope Coherence + PR Complexity analysis
+- 📊 **21-Signal Scoring** — Includes Scope Coherence, PR Complexity, and Intent analysis
 - 🗄️ **SQLite Persistence** — Full scan history, PR state tracking, repository management
 - ⚡ **Parallel LLM Scoring** — Concurrency-controlled parallel scoring with configurable limits
 - 🚦 **Rate Limit Manager** — Intelligent GitHub API pacing with automatic backoff
@@ -138,12 +264,19 @@ graph TB
     end
 
     subgraph Core
-        Scanner[Scanner]
-        Scoring[20-Signal Scoring Engine]
+        Scanner[PR Scanner]
+        IScan[Issue Scanner]
+        Scoring[21-Signal PR Scoring]
+        IScore[12-Signal Issue Scoring]
+        Intent[Intent Classifier]
         LLM[Multi-Provider LLM<br/>Gemini · OpenAI · Anthropic · OpenRouter]
-        Dedup[Embedding Dedup<br/>LanceDB]
+        Diff[Diff Analyzer<br/>Code Quality · Risk]
+        Dedup[Cross-type Dedup<br/>LanceDB + LLM Verify]
         Vision[Vision Doc Alignment]
-        Rep[Contributor Reputation]
+        Semantic[Semantic Matcher<br/>Issue-PR Resolution]
+        Holistic[Holistic Ranker<br/>Tournament Re-ranking]
+        Actions[Action Engine<br/>close · merge · label]
+        Executor[Action Executor]
     end
 
     subgraph Persistence
@@ -165,19 +298,33 @@ graph TB
     end
 
     GH_REST & GH_GQL --> Scanner
+    GH_REST & GH_GQL --> IScan
     WH --> REST
     Scanner --> Scoring
+    IScan --> IScore
+    Scoring --> Intent
+    IScore --> Intent
     Scoring --> LLM
-    Scanner --> Dedup
+    IScore --> LLM
+    Scanner --> Diff
+    Diff --> LLM
+    Diff --> Scoring
+    Scanner & IScan --> Dedup
+    Dedup --> LLM
     Scanner --> Vision
-    Scoring --> Rep
-    Scoring --> SQLite
+    Semantic --> LLM
+    Scanner & IScan --> Semantic
+    Scanner & IScan --> Holistic
+    Holistic --> LLM
+    Scoring & IScore --> SQLite
+    Actions --> Executor
+    Executor --> GH_REST
     Cache --> Scanner
     REST --> Scanner
     REST --> SSE
     Scheduler --> Scanner
     Scheduler --> Notif
-    CLI --> Scanner
+    CLI --> Scanner & IScan & Actions
     Dashboard --> REST
     Dashboard --> SSE
     Action --> CLI
@@ -204,6 +351,12 @@ npx treliq score -r owner/repo -n 123 -f markdown
 # Scan all open PRs (up to 100)
 npx treliq scan -r owner/repo -m 100 -f json
 
+# Scan PRs + Issues together
+npx treliq scan -r owner/repo --include-issues -f json
+
+# Scan only issues
+npx treliq scan-issues -r owner/repo -m 200 -f table
+
 # Find duplicate PR clusters
 npx treliq dedup -r owner/repo
 
@@ -211,6 +364,25 @@ npx treliq dedup -r owner/repo
 npx treliq scan -r owner/repo --trust-contributors
 ```
 
+### Auto-Actions
+
+```bash
+# Preview auto-actions (dry-run — safe, no changes made)
+npx treliq scan -r owner/repo \
+  --auto-close-dupes \
+  --auto-close-spam \
+  --auto-merge --merge-threshold 90 --merge-method squash \
+  --auto-label-intent
+
+# Execute auto-actions for real
+npx treliq scan -r owner/repo \
+  --auto-close-dupes --auto-close-spam --auto-merge \
+  --auto-label-intent --confirm
+
+# Exclude specific items from auto-actions
+npx treliq scan -r owner/repo --auto-close-dupes --confirm --exclude 42,99,101
+```
+
 ### Server Mode
 
 ```bash
@@ -241,6 +413,7 @@ The server exposes:
 | `POST /api/repos/:owner/:repo/scan` | Trigger a new scan |
 | `GET /api/repos/:owner/:repo/scans` | Scan history |
 | `GET /api/repos/:owner/:repo/spam` | Spam PRs |
+| `GET /api/repos/:owner/:repo/issues` | List scored issues (sortable, filterable) |
 | `GET /api/events` | SSE real-time stream |
 | `POST /webhooks` | GitHub webhook receiver |
 | `GET /setup` | GitHub App setup guide |
@@ -263,7 +436,7 @@ npx treliq scan -r owner/repo -p openai --api-key sk-...
 # Anthropic (embeddings auto-fallback to Gemini/OpenAI)
 npx treliq scan -r owner/repo -p anthropic --api-key sk-ant-...
 
-# Heuristic-only (no API keys needed, 20 signals)
+# Heuristic-only (no API keys needed, 21 signals)
 npx treliq scan -r owner/repo --no-llm
 ```
 
@@ -281,7 +454,7 @@ npx treliq init
 # See example output
 npx treliq demo
 
-# Heuristic-only scoring (20 signals, no LLM)
+# Heuristic-only scoring (21 signals, no LLM)
 npx treliq scan -r owner/repo --no-llm
 ```
 
@@ -334,7 +507,7 @@ jobs:
             });
 ```
 
-## 20-Signal Scoring
+## 21-Signal PR Scoring
 
 | # | Signal | Weight | Description |
 |---|--------|--------|-------------|
@@ -356,10 +529,28 @@ jobs:
 | 16 | Body Quality | 0.04 | Description length, checklists, screenshots |
 | 17 | Activity | 0.04 | Comment count — engagement signal |
 | 18 | Breaking Change | 0.04 | Risky files, large deletions, `!:` in title |
-| 19 | **Scope Coherence** | 0.06 | Directory spread, title-to-files alignment |
-| 20 | **PR Complexity** | 0.05 | Size analysis, AI detection, overengineering |
+| 19 | Scope Coherence | 0.06 | Directory spread, title-to-files alignment |
+| 20 | PR Complexity | 0.05 | Size analysis, AI detection, overengineering |
+| 21 | **Intent** | 0.15 | bugfix/feature/refactor/dependency/docs/chore classification |
+
+When an LLM provider is configured, scores are blended: **40% heuristic + 30% LLM text + 30% LLM diff** (with diff analysis) or **40% heuristic + 60% LLM** (without diff). Intent-aware profiles automatically adjust signal weights based on PR category (e.g., bugfix PRs boost CI/test weights).
 
-When an LLM provider is configured, a **quality score** (0–100) is blended at **60% LLM / 40% heuristic**.
+### 12-Signal Issue Scoring
+
+| # | Signal | Weight | Description |
+|---|--------|--------|-------------|
+| 1 | Staleness | 0.08 | Days since opened — fresh issues preferred |
+| 2 | Body Quality | 0.08 | Description length, checklists |
+| 3 | Label Priority | 0.07–0.10 | High-priority labels (bug, p0, security) boosted |
+| 4 | Activity | 0.08 | Comment count — engagement signal |
+| 5 | Contributor Trust | 0.08 | Author association (owner/member/contributor) |
+| 6 | Spam Detection | 0.10 | Empty body, short title, AI language markers |
+| 7 | Milestone | 0.07 | Issues attached to milestones score higher |
+| 8 | Reactions | 0.10 | Community interest via emoji reactions |
+| 9 | Linked PR | 0.08 | Has linked PR(s) attempting to resolve |
+| 10 | Assignee | 0.07 | Assigned = someone is working on it |
+| 11 | Reproducibility | 0.07 | Steps to reproduce, expected/actual, code blocks |
+| 12 | Intent | 0.09 | bugfix/feature/refactor/dependency/docs/chore |
 
 ## Configuration
 
@@ -445,5 +636,6 @@ MIT © [Mahsum Aktaş](https://github.com/mahsumaktas)
 ---
 
 <p align="center">
-  <em>Built because 3,100 PRs won't triage themselves.</em>
+  <em>Built because 3,100 PRs and 2,000 issues won't triage themselves.</em>
 </p>
+<!-- webhook test Sun Feb 22 03:35:33 +03 2026 -->

package/dist/cli.js

@@ -293,8 +293,8 @@ function outputScoredPR(scored, format) {
 }
 program
     .name('treliq')
-    .description('AI-Powered PR Triage for Open Source Maintainers')
-    .version('0.4.0');
+    .description('AI-Powered PR Triage for Maintainers & Enterprise Teams')
+    .version('0.7.0');
 program
     .command('init')
     .description('Interactive setup wizard for Treliq')
@@ -394,7 +394,7 @@ program
     .option('-t, --token <token>', 'GitHub token (or GITHUB_TOKEN env)')
     .option('-k, --gemini-key <key>', 'Gemini API key (or GEMINI_API_KEY env)')
     .option('-p, --provider <name>', 'LLM provider: gemini|openai|anthropic|openrouter|none')
-    .option('-m, --model <name>', 'LLM model name (overrides provider default)')
+    .option('--model <name>', 'LLM model name (overrides provider default)')
     .option('--api-key <key>', 'API key for the selected provider')
     .option('--no-llm', 'Disable LLM scoring and use heuristic-only mode')
     .option('-f, --format <format>', 'Output format: table|json|markdown', 'table')
@@ -403,6 +403,15 @@ program
     .option('--trust-contributors', 'Exempt known contributors from spam detection', false)
     .option('--no-cache', 'Force full rescan, ignore cache')
     .option('--cache-file <path>', 'Custom cache file path', '.treliq-cache.json')
+    .option('--include-issues', 'Also scan and triage issues', false)
+    .option('--auto-close-dupes', 'Close duplicate PRs/Issues (dry-run without --confirm)', false)
+    .option('--auto-close-spam', 'Close spam PRs/Issues (dry-run without --confirm)', false)
+    .option('--auto-merge', 'Merge high-score approved PRs (dry-run without --confirm)', false)
+    .option('--merge-threshold <score>', 'Min score for auto-merge', '85')
+    .option('--merge-method <method>', 'Merge method: squash|merge|rebase', 'squash')
+    .option('--auto-label-intent', 'Label PRs/Issues by intent', false)
+    .option('--confirm', 'Execute auto-actions (not just dry-run)', false)
+    .option('--exclude <numbers>', 'Comma-separated PR/Issue numbers to exclude')
     .action(async (opts) => {
     const config = makeConfig(opts);
     if (!config.token) {
@@ -415,6 +424,123 @@ program
     const scanner = new scanner_1.TreliqScanner(config);
     const result = await scanner.scan();
     outputResult(result, config.outputFormat);
+    // Issue scanning (if --include-issues)
+    if (opts.includeIssues) {
+        const { IssueScanner } = await Promise.resolve().then(() => __importStar(require('./core/issue-scanner')));
+        const issueScanner = new IssueScanner({
+            repo: config.repo,
+            token: config.token,
+            maxIssues: config.maxPRs,
+            provider: config.provider,
+        });
+        const scoredIssues = await issueScanner.scan(result.rankedPRs);
+        result.rankedIssues = scoredIssues;
+        result.totalIssues = scoredIssues.length;
+        console.log(`\n📋 ${scoredIssues.length} issues scanned.`);
+    }
+    // Auto-actions
+    const hasAutoActions = opts.autoCloseDupes || opts.autoCloseSpam || opts.autoMerge || opts.autoLabelIntent;
+    if (hasAutoActions) {
+        try {
+            const { ActionEngine } = await Promise.resolve().then(() => __importStar(require('./core/actions')));
+            const exclude = opts.exclude ? opts.exclude.split(',').map(n => parseInt(n.trim(), 10)).filter(n => !isNaN(n) && n > 0) : [];
+            const mergeThreshold = parseInt(opts.mergeThreshold ?? '85', 10);
+            const mergeMethod = (opts.mergeMethod ?? 'squash');
+            const engine = new ActionEngine({
+                mergeThreshold,
+                mergeMethod,
+                exclude,
+            });
+            // Collect all items for action planning
+            const allItems = [...result.rankedPRs];
+            if (result.rankedIssues)
+                allItems.push(...result.rankedIssues);
+            const actions = [];
+            if (opts.autoCloseDupes)
+                actions.push(...engine.planCloseDuplicates(allItems, result.duplicateClusters));
+            if (opts.autoCloseSpam)
+                actions.push(...engine.planCloseSpam(allItems));
+            if (opts.autoMerge)
+                actions.push(...engine.planAutoMerge(result.rankedPRs));
+            if (opts.autoLabelIntent)
+                actions.push(...engine.planLabelIntent(allItems));
+            if (!opts.confirm) {
+                console.log('\n' + engine.formatDryRun(actions));
+            }
+            else {
+                if (actions.length === 0) {
+                    console.log('\nNo actions to execute.');
+                }
+                else {
+                    const { ActionExecutor } = await Promise.resolve().then(() => __importStar(require('./core/action-executor')));
+                    const [owner, repo] = config.repo.split('/');
+                    const octokit = new rest_1.Octokit({ auth: config.token });
+                    const executor = new ActionExecutor(octokit, owner, repo);
+                    console.log(`\nExecuting ${actions.length} actions...`);
+                    const execResult = await executor.execute(actions);
+                    console.log(`Done: ${execResult.executed} executed, ${execResult.skipped} skipped, ${execResult.failed} failed.`);
+                    for (const detail of execResult.details) {
+                        const icon = detail.status === 'executed' ? '  ✅' : detail.status === 'skipped' ? '  ⏭️' : '  ❌';
+                        console.log(`${icon} #${detail.target} ${detail.action}${detail.reason ? ` (${detail.reason})` : ''}`);
+                    }
+                }
+            }
+        }
+        catch (err) {
+            console.error(`Auto-actions failed: ${err.message}`);
+            process.exit(1);
+        }
+    }
+});
+program
+    .command('scan-issues')
+    .description('Scan and triage open issues in a repository')
+    .requiredOption('-r, --repo <owner/repo>', 'GitHub repository')
+    .option('-t, --token <token>', 'GitHub token (or GITHUB_TOKEN env)')
+    .option('-p, --provider <name>', 'LLM provider: gemini|openai|anthropic|openrouter|none')
+    .option('--model <name>', 'LLM model name (overrides provider default)')
+    .option('--api-key <key>', 'API key for the selected provider')
+    .option('--no-llm', 'Disable LLM scoring')
+    .option('-f, --format <format>', 'Output format: table|json|markdown', 'table')
+    .option('-m, --max <number>', 'Max issues to scan', '500')
+    .action(async (opts) => {
+    const config = makeConfig(opts);
+    if (!config.token) {
+        console.error('❌ GITHUB_TOKEN required. Set via env or --token flag.');
+        process.exit(1);
+    }
+    if (!config.provider && opts.llm !== false) {
+        showHeuristicFallbackWarning();
+    }
+    const { IssueScanner } = await Promise.resolve().then(() => __importStar(require('./core/issue-scanner')));
+    const issueScanner = new IssueScanner({
+        repo: config.repo,
+        token: config.token,
+        maxIssues: config.maxPRs,
+        provider: config.provider,
+    });
+    console.log(`🔍 Scanning issues for ${config.repo}...`);
+    const issues = await issueScanner.scan();
+    if (opts.format === 'json') {
+        const clean = issues.map(({ embedding, ...rest }) => rest);
+        console.log(JSON.stringify(clean, null, 2));
+    }
+    else {
+        console.log(`\n📋 Issue Report — ${config.repo}`);
+        console.log(`   ${issues.length} issues scanned | ${issues.filter(i => i.isSpam).length} spam\n`);
+        const rows = issues.slice(0, 30).map(issue => ({
+            '#': issue.number,
+            Score: issue.totalScore,
+            Title: issue.title.slice(0, 45),
+            Author: issue.author.slice(0, 12),
+            Labels: issue.labels.slice(0, 3).join(', '),
+            Comments: issue.commentCount,
+            Reactions: issue.reactionCount,
+            Intent: issue.intent ?? '-',
+            Spam: issue.isSpam ? 'Spam' : 'Clean',
+        }));
+        console.table(rows);
+    }
 });
 program
     .command('score')
@@ -424,7 +550,7 @@ program
     .option('-t, --token <token>', 'GitHub token')
     .option('-k, --gemini-key <key>', 'Gemini API key (or GEMINI_API_KEY env)')
     .option('-p, --provider <name>', 'LLM provider: gemini|openai|anthropic|openrouter|none')
-    .option('-m, --model <name>', 'LLM model name (overrides provider default)')
+    .option('--model <name>', 'LLM model name (overrides provider default)')
     .option('--api-key <key>', 'API key for the selected provider')
     .option('--no-llm', 'Disable LLM scoring and use heuristic-only mode')
     .option('-f, --format <format>', 'Output format', 'table')