PyPI - node9 - Versions diffs - 1.0.3__tar.gz → 1.1.1__tar.gz - Mend

node9 1.0.3tar.gz → 1.1.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

node9-1.1.1/.github/workflows/ai-review.yml ADDED Viewed

@@ -0,0 +1,25 @@
+name: AI Code Review
+on:
+  pull_request:
+    branches: [main]
+jobs:
+  review:
+    name: Claude Code Review
+    runs-on: ubuntu-latest
+    # Skip if the PR was opened by the bot itself
+    if: github.actor != 'github-actions[bot]'
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install dependencies
+        run: npm install @anthropic-ai/sdk @octokit/rest
+      - name: Run AI Review
+        env:
+          GITHUB_TOKEN: ${{ secrets.AUTO_PR_TOKEN }}
+          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: node scripts/ai-review.mjs

node9-1.1.1/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,56 @@
+# CHANGELOG
+<!-- version list -->
+## v1.1.1 (2026-03-17)
+### Bug Fixes
+- Rename job to Claude, add env validation and diff size limit
+  ([`24aca72`](https://github.com/node9-ai/node9-python/commit/24aca7239a4f00b1128749b7a4013c37e3d8e740))
+- Surface truncation warning in PR comment, align word limit with max_tokens
+  ([`12771d8`](https://github.com/node9-ai/node9-python/commit/12771d8b64d30ebc3556e3a7ba296618b7766471))
+- **ai-review**: Upgrade to claude-sonnet-4-6 with 2048 max_tokens
+  ([`52766cf`](https://github.com/node9-ai/node9-python/commit/52766cf88eebea0568223f25f27152c77b9b8a09))
+## v1.1.0 (2026-03-15)
+### Features
+- Add Gemini AI code review on PRs to main
+  ([`50b651d`](https://github.com/node9-ai/node9-python/commit/50b651dc2575dc954def69dd16d7492369a8149a))
+- Switch AI code review from Gemini to Claude Sonnet
+  ([`c52fbb4`](https://github.com/node9-ai/node9-python/commit/c52fbb4ee5d1b460ef008b708e3664e0650f93f9))
+## v1.0.3 (2026-03-15)
+### Bug Fixes
+- Install twine before upload step
+  ([`4b4e142`](https://github.com/node9-ai/node9-python/commit/4b4e142b02815937551cbbb8569aa72b0ab222bc))
+## v1.0.2 (2026-03-15)
+### Bug Fixes
+- Publish to PyPI explicitly with twine instead of semantic-release publish
+  ([`6847fdb`](https://github.com/node9-ai/node9-python/commit/6847fdbbf6c0bbd7a14a743b99745cdf005d73a9))
+## v1.0.1 (2026-03-15)
+### Bug Fixes
+- Add TWINE credentials and twine to build command for PyPI upload
+  ([`d71d73d`](https://github.com/node9-ai/node9-python/commit/d71d73d1caa3c05cfd5011edcd3913f5fc976d07))
+## v1.0.0 (2026-03-15)
+- Initial Release

{node9-1.0.3 → node9-1.1.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: node9
-Version: 1.0.3
+Version: 1.1.1
 Summary: Execution security for Python AI agents — seatbelt for LangChain, CrewAI, and plain Python.
 Project-URL: Homepage, https://node9.ai
 Project-URL: Repository, https://github.com/node9-ai/node9-python

{node9-1.0.3 → node9-1.1.1}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 [project]
 name = "node9"
-version = "1.0.3"
+version = "1.1.1"
 description = "Execution security for Python AI agents — seatbelt for LangChain, CrewAI, and plain Python."
 readme = "README.md"
 license = { text = "Apache-2.0" }

node9-1.1.1/scripts/ai-review.mjs ADDED Viewed

@@ -0,0 +1,79 @@
+import Anthropic from "@anthropic-ai/sdk";
+import { Octokit } from "@octokit/rest";
+const prNumber = parseInt(process.env.PR_NUMBER);
+const githubToken = process.env.GITHUB_TOKEN;
+const repo = process.env.GITHUB_REPOSITORY || "";
+const [repoOwner, repoName] = repo.split("/");
+if (!prNumber || !githubToken || !repoOwner || !repoName || !process.env.ANTHROPIC_API_KEY) {
+  console.error("Missing required environment variables.");
+  process.exit(1);
+}
+const MAX_DIFF_CHARS = 20000;
+const octokit = new Octokit({ auth: githubToken });
+async function runReview() {
+  try {
+    console.log(`Fetching diff for PR #${prNumber}...`);
+    const { data: prDiff } = await octokit.pulls.get({
+      owner: repoOwner,
+      repo: repoName,
+      pull_number: prNumber,
+      mediaType: { format: "diff" },
+    });
+    if (!prDiff || prDiff.trim().length === 0) {
+      console.log("Empty diff, skipping review.");
+      return;
+    }
+    const wasTruncated = prDiff.length > MAX_DIFF_CHARS;
+    const truncatedDiff = wasTruncated
+      ? prDiff.slice(0, MAX_DIFF_CHARS) + "\n\n... [diff truncated]"
+      : prDiff;
+    const prompt = `You are a senior Python engineer reviewing a pull request for the Node9 Python SDK.
+Node9 is an execution security library — a @protect decorator that intercepts AI agent tool calls and asks for human approval before running them.
+Review the following git diff and provide concise, actionable feedback. Focus on:
+- Correctness and edge cases
+- Security issues (this is a security library — be strict)
+- API design and usability for developers integrating with LangChain, CrewAI, etc.
+- Test coverage gaps
+- Anything that could break the daemon HTTP communication
+If the changes look good with no issues, say so briefly.
+Do NOT rewrite the code. Just review it.
+Keep your review under 800 words.
+## Git Diff:
+${truncatedDiff}`;
+    console.log("Sending diff to Claude for review...");
+    const client = new Anthropic({ apiKey: process.env.ANTHROPIC_API_KEY });
+    const message = await client.messages.create({
+      model: "claude-sonnet-4-6",
+      max_tokens: 2048,
+      messages: [{ role: "user", content: prompt }],
+    });
+    const review = message.content[0].text;
+    console.log("Posting review comment...");
+    await octokit.issues.createComment({
+      owner: repoOwner,
+      repo: repoName,
+      issue_number: prNumber,
+      body: `## 🤖 Claude Code Review\n\n${review}${wasTruncated ? "\n\n> ⚠️ **Note:** This diff exceeded 20,000 characters and was truncated. The review above covers only the first portion of the changes." : ""}\n\n---\n*Automated review by Claude Sonnet*`,
+    });
+    console.log("Review posted successfully.");
+  } catch (error) {
+    console.error("Error:", error.message);
+    process.exit(1);
+  }
+}
+runReview();

node9-1.0.3/CHANGELOG.md DELETED Viewed

@@ -1,31 +0,0 @@
-# CHANGELOG
-<!-- version list -->
-## v1.0.3 (2026-03-15)
-### Bug Fixes
-- Install twine before upload step
-  ([`4b4e142`](https://github.com/node9-ai/node9-python/commit/4b4e142b02815937551cbbb8569aa72b0ab222bc))
-## v1.0.2 (2026-03-15)
-### Bug Fixes
-- Publish to PyPI explicitly with twine instead of semantic-release publish
-  ([`6847fdb`](https://github.com/node9-ai/node9-python/commit/6847fdbbf6c0bbd7a14a743b99745cdf005d73a9))
-## v1.0.1 (2026-03-15)
-### Bug Fixes
-- Add TWINE credentials and twine to build command for PyPI upload
-  ([`d71d73d`](https://github.com/node9-ai/node9-python/commit/d71d73d1caa3c05cfd5011edcd3913f5fc976d07))
-## v1.0.0 (2026-03-15)
-- Initial Release