reviewpack 0.4.0__tar.gz

reviewpack-0.4.0/.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,46 @@
+# Bug Report
+
+## Summary
+
+Describe the bug clearly and briefly.
+
+## Steps to reproduce
+
+1.
+2.
+3.
+
+## Expected behavior
+
+What did you expect to happen?
+
+## Actual behavior
+
+What actually happened?
+
+## Environment
+
+- OS:
+- Python version:
+- Reviewpack version or commit:
+- Installation method:
+
+## Command used
+
+    reviewpack ...
+
+## Error output
+
+Paste relevant error output here.
+
+Please remove tokens, secrets, private repository names, customer names, or sensitive paths before posting.
+
+## Privacy impact
+
+Did the issue involve unexpected collection, display, or output of sensitive information?
+
+- Yes
+- No
+- Not sure
+
+If yes, please describe carefully and avoid including secrets.

reviewpack-0.4.0/.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,49 @@
+# Feature Request
+
+## Summary
+
+Describe the feature you would like to see.
+
+## Problem
+
+What problem would this solve for maintainers or reviewers?
+
+## Proposed solution
+
+Describe your preferred solution.
+
+## Alternatives considered
+
+Describe any alternatives you considered.
+
+## Workflow
+
+Which workflow does this affect?
+
+- Fixture input
+- Local git diff
+- GitHub PR metadata
+- AI input preview
+- GitHub Actions
+- Optional AI provider integration
+- Documentation
+- Other
+
+## Privacy considerations
+
+Could this feature collect, display, or send sensitive information?
+
+Please consider:
+
+- Source code
+- Raw diffs
+- Branch names
+- Commit messages
+- Environment variables
+- Git remote URLs
+- API tokens
+- Repository secrets
+
+## Additional context
+
+Add any other context, examples, or screenshots.

reviewpack-0.4.0/.github/pull_request_template.md

@@ -0,0 +1,54 @@
+# Pull Request
+
+## Summary
+
+Describe what this pull request changes.
+
+## Motivation
+
+Why is this change needed?
+
+## Changes
+
+- 
+- 
+- 
+
+## Tests
+
+Describe how this was tested.
+
+    pytest
+    ruff check .
+
+## Documentation
+
+Does this PR update user-facing documentation?
+
+- Yes
+- No
+- Not needed
+
+## Privacy impact
+
+Does this PR change what Reviewpack collects, stores, displays, sends, or logs?
+
+- Yes
+- No
+- Not sure
+
+If yes, explain:
+
+- What data is involved?
+- Is the behavior opt-in?
+- Is the output inspectable?
+- Are tokens or secrets protected?
+- Does this preserve local-first behavior where possible?
+
+## Checklist
+
+- [ ] Tests added or updated
+- [ ] Documentation added or updated if needed
+- [ ] No tokens, secrets, or private data included
+- [ ] AI-related behavior is optional and explicit
+- [ ] Maintainers remain in control of generated output

reviewpack-0.4.0/.github/workflows/ci.yml

@@ -0,0 +1,43 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        python-version:
+          - "3.10"
+          - "3.11"
+          - "3.12"
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install package
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e ".[dev]"
+
+      - name: Run ruff
+        run: |
+          ruff check .
+
+      - name: Run tests
+        run: |
+          pytest

reviewpack-0.4.0/.github/workflows/package.yml

@@ -0,0 +1,89 @@
+name: Package
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install build tools
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install build twine
+
+      - name: Build distributions
+        run: |
+          python -m build
+
+      - name: Check distributions
+        run: |
+          python -m twine check dist/*
+
+      - name: Inspect wheel contents
+        run: |
+          python - <<'PY'
+          from pathlib import Path
+          import zipfile
+
+          wheels = list(Path("dist").glob("*.whl"))
+          if not wheels:
+              raise SystemExit("No wheel file was built.")
+
+          wheel = wheels[0]
+          print(f"Inspecting {wheel}")
+
+          with zipfile.ZipFile(wheel) as archive:
+              names = archive.namelist()
+
+          if not any(name.startswith("reviewpack/") for name in names):
+              raise SystemExit("Wheel does not contain the reviewpack package.")
+
+          if any(name.startswith("tests/") for name in names):
+              raise SystemExit("Wheel unexpectedly contains tests/.")
+
+          if any(name.startswith("docs/") for name in names):
+              raise SystemExit("Wheel unexpectedly contains docs/.")
+
+          if any(name.startswith(".github/") for name in names):
+              raise SystemExit("Wheel unexpectedly contains .github/.")
+
+          print("Wheel contents look reasonable.")
+          PY
+
+      - name: Smoke test installed wheel
+        run: |
+          python -m venv .smoke
+          . .smoke/bin/activate
+          python -m pip install --upgrade pip
+
+          WHEEL_FILE="$(ls dist/*.whl | head -n 1)"
+          echo "Installing $WHEEL_FILE"
+          python -m pip install "$WHEEL_FILE"
+
+          reviewpack version
+          reviewpack from-fixture examples/fixtures/simple-pr.json --output .reviewpack-smoke
+
+          test -f .reviewpack-smoke/pr-summary.md
+          test -f .reviewpack-smoke/risk-checklist.md
+          test -f .reviewpack-smoke/reviewer-checklist.md
+          test -f .reviewpack-smoke/release-note-hints.md
+          test -f .reviewpack-smoke/ai-review-prompt.md
+          test -f .reviewpack-smoke/reviewpack.json
+
+          echo "Installed wheel smoke test passed."

reviewpack-0.4.0/.github/workflows/publish.yml

@@ -0,0 +1,151 @@
+name: Publish
+
+on:
+  workflow_dispatch:
+    inputs:
+      repository:
+        description: Target package repository.
+        required: true
+        default: testpypi
+        type: choice
+        options:
+          - testpypi
+          - pypi
+      dry-run:
+        description: Build and validate only. Do not publish.
+        required: true
+        default: true
+        type: boolean
+
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install build tools
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install build twine
+
+      - name: Build distributions
+        run: |
+          python -m build
+
+      - name: Check distributions
+        run: |
+          python -m twine check dist/*
+
+      - name: Inspect wheel contents
+        run: |
+          python - <<'PY'
+          from pathlib import Path
+          import zipfile
+
+          wheels = list(Path("dist").glob("*.whl"))
+          if not wheels:
+              raise SystemExit("No wheel file was built.")
+
+          wheel = wheels[0]
+          print(f"Inspecting {wheel}")
+
+          with zipfile.ZipFile(wheel) as archive:
+              names = archive.namelist()
+
+          if not any(name.startswith("reviewpack/") for name in names):
+              raise SystemExit("Wheel does not contain the reviewpack package.")
+
+          if any(name.startswith("tests/") for name in names):
+              raise SystemExit("Wheel unexpectedly contains tests/.")
+
+          if any(name.startswith("docs/") for name in names):
+              raise SystemExit("Wheel unexpectedly contains docs/.")
+
+          if any(name.startswith(".github/") for name in names):
+              raise SystemExit("Wheel unexpectedly contains .github/.")
+
+          print("Wheel contents look reasonable.")
+          PY
+
+      - name: Smoke test installed wheel
+        run: |
+          python -m venv .smoke
+          . .smoke/bin/activate
+          python -m pip install --upgrade pip
+
+          WHEEL_FILE="$(ls dist/*.whl | head -n 1)"
+          echo "Installing $WHEEL_FILE"
+          python -m pip install "$WHEEL_FILE"
+
+          reviewpack version
+          reviewpack from-fixture examples/fixtures/simple-pr.json --output .reviewpack-smoke
+
+          test -f .reviewpack-smoke/pr-summary.md
+          test -f .reviewpack-smoke/risk-checklist.md
+          test -f .reviewpack-smoke/reviewer-checklist.md
+          test -f .reviewpack-smoke/release-note-hints.md
+          test -f .reviewpack-smoke/ai-review-prompt.md
+          test -f .reviewpack-smoke/reviewpack.json
+
+          echo "Installed wheel smoke test passed."
+
+      - name: Upload distributions artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: reviewpack-distributions
+          path: dist/*
+          if-no-files-found: error
+
+  publish-testpypi:
+    needs: build
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'workflow_dispatch' && inputs.repository == 'testpypi' && inputs['dry-run'] == false }}
+
+    permissions:
+      id-token: write
+
+    environment:
+      name: testpypi
+
+    steps:
+      - name: Download distributions artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: reviewpack-distributions
+          path: dist
+
+      - name: Publish to TestPyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          repository-url: https://test.pypi.org/legacy/
+
+  publish-pypi:
+    needs: build
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'workflow_dispatch' && inputs.repository == 'pypi' && inputs['dry-run'] == false }}
+
+    permissions:
+      id-token: write
+
+    environment:
+      name: pypi
+
+    steps:
+      - name: Download distributions artifact
+        uses: actions/download-artifact@v4
+        with:
+          name: reviewpack-distributions
+          path: dist
+
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1

reviewpack-0.4.0/.github/workflows/testpypi-install.yml

@@ -0,0 +1,95 @@
+name: TestPyPI Install
+
+on:
+  workflow_dispatch:
+    inputs:
+      package-version:
+        description: Reviewpack version to install from TestPyPI.
+        required: true
+        default: "0.4.0"
+
+env:
+  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
+
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - name: Install Reviewpack from TestPyPI
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install \
+            --index-url https://test.pypi.org/simple/ \
+            --extra-index-url https://pypi.org/simple/ \
+            "reviewpack==${{ inputs.package-version }}"
+
+      - name: Verify CLI version
+        run: |
+          reviewpack version
+
+      - name: Create synthetic fixture
+        run: |
+          cat > simple-pr.json <<'JSON'
+          {
+            "pr": {
+              "title": "Verify Reviewpack from TestPyPI",
+              "author": "test-user",
+              "url": "https://github.com/Yuanzitech/reviewpack/pull/1",
+              "description": "Synthetic fixture for TestPyPI installation verification."
+            },
+            "changed_files": [
+              {
+                "path": "reviewpack/cli.py",
+                "additions": 10,
+                "deletions": 2
+              },
+              {
+                "path": "tests/test_cli.py",
+                "additions": 20,
+                "deletions": 0
+              },
+              {
+                "path": "README.md",
+                "additions": 5,
+                "deletions": 1
+              }
+            ]
+          }
+          JSON
+
+      - name: Run Reviewpack from installed package
+        run: |
+          reviewpack from-fixture simple-pr.json --output .reviewpack-testpypi
+
+      - name: Verify generated outputs
+        run: |
+          test -f .reviewpack-testpypi/pr-summary.md
+          test -f .reviewpack-testpypi/risk-checklist.md
+          test -f .reviewpack-testpypi/reviewer-checklist.md
+          test -f .reviewpack-testpypi/release-note-hints.md
+          test -f .reviewpack-testpypi/ai-review-prompt.md
+          test -f .reviewpack-testpypi/reviewpack.json
+
+      - name: Run Reviewpack with AI input preview
+        run: |
+          reviewpack from-fixture simple-pr.json --output .reviewpack-testpypi-ai --preview-ai-input
+
+      - name: Verify AI input preview output
+        run: |
+          test -f .reviewpack-testpypi-ai/ai-input-preview.md
+
+      - name: Upload verification outputs
+        uses: actions/upload-artifact@v4
+        with:
+          name: testpypi-install-verification
+          path: |
+            simple-pr.json
+            .reviewpack-testpypi/
+            .reviewpack-testpypi-ai/
+          if-no-files-found: error

reviewpack-0.4.0/.gitignore

@@ -0,0 +1,45 @@
+# Python
+__pycache__/
+*.py[cod]
+*.pyo
+*.pyd
+.Python
+*.egg-info/
+dist/
+build/
+.eggs/
+
+# Virtual environments
+.venv/
+venv/
+env/
+ENV/
+
+# Test and coverage
+.pytest_cache/
+.coverage
+coverage.xml
+htmlcov/
+
+# Type checking and tooling
+.mypy_cache/
+.ruff_cache/
+.pyre/
+
+# Reviewpack output
+.reviewpack/
+
+# Environment files
+.env
+.env.*
+!.env.example
+
+# IDE and editor
+.vscode/
+.idea/
+*.swp
+*.swo
+.DS_Store
+
+# Logs
+*.log

reviewpack-0.4.0/.reviewpack.example.yml

@@ -0,0 +1,37 @@
+# Example Reviewpack configuration.
+#
+# Copy this file to .reviewpack.yml and adjust it for your repository.
+#
+# Reviewpack is local-first and privacy-first by default.
+# This example does not enable network access or AI usage.
+
+risk_paths_high:
+  - "src/auth/**"
+  - "src/security/**"
+  - "src/payment/**"
+
+test_paths:
+  - "tests/**"
+  - "__tests__/**"
+  - "test/**"
+
+docs_paths:
+  - "README.md"
+  - "docs/**"
+
+large_pr:
+  changed_files: 20
+  changed_lines: 800
+
+privacy:
+  include_branch_name: false
+  include_commit_messages: false
+  include_diff_snippets: false
+  include_file_paths: true
+  redact_secrets: true
+
+ai:
+  enabled: false
+  provider: null
+  model: null
+  max_input_chars: 12000