PyPI - whycode-cli - Versions diffs - 0.2.4__tar.gz → 0.2.5__tar.gz - Mend

whycode-cli 0.2.4tar.gz → 0.2.5tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

{whycode_cli-0.2.4/src/whycode_cli.egg-info → whycode_cli-0.2.5}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: whycode-cli
-Version: 0.2.4
+Version: 0.2.5
 Summary: Tells you what to be afraid of before you touch a file.
 Author: Kevin
 License-Expression: MIT

{whycode_cli-0.2.4 → whycode_cli-0.2.5}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "whycode-cli"
-version = "0.2.4"
+version = "0.2.5"
 description = "Tells you what to be afraid of before you touch a file."
 readme = "README.md"
 license = "MIT"

{whycode_cli-0.2.4 → whycode_cli-0.2.5}/src/whycode/__init__.py RENAMED Viewed

@@ -1,3 +1,3 @@
 """WhyCode — tells you what to be afraid of before touching a file."""
-__version__ = "0.2.4"
+__version__ = "0.2.5"

{whycode_cli-0.2.4 → whycode_cli-0.2.5}/src/whycode/cli.py RENAMED Viewed

@@ -238,6 +238,14 @@ def diff(
     json_out: bool = typer.Option(
         False, "--json", help="Emit machine-readable JSON instead of a table."
     ),
+    markdown: bool = typer.Option(
+        False,
+        "--markdown",
+        help=(
+            "Emit GitHub-flavoured markdown suitable for posting as a PR comment. "
+            "Pipe into a workflow step that calls `gh pr comment`."
+        ),
+    ),
     fail_on: str | None = typer.Option(
         None,
         "--fail-on",
@@ -305,6 +313,37 @@ def diff(
     flagged = [c for c in cards if _is_actionable(c)]
     quiet_n = len(cards) - len(flagged)
+    scope_md = "files staged for commit" if staged else f"files changed vs `{actual_base}`"
+    if markdown:
+        # Stable marker so a follow-up workflow step can find-and-update the
+        # same comment on subsequent pushes instead of stacking new ones.
+        print("<!-- whycode-comment -->")
+        print("## WhyCode risk briefing")
+        print()
+        print(f"**{len(files)} {scope_md}**")
+        print()
+        if not flagged:
+            print("Nothing flagged. Read the diff anyway.")
+        else:
+            print("| Score | Band | File | Top signal |")
+            print("| ----: | ---- | ---- | ---------- |")
+            for c in flagged:
+                top_signal = c.signals[0].headline.replace("|", "\\|")
+                print(
+                    f"| {c.score.value} | {c.score.band.value} | "
+                    f"`{c.path}` | {top_signal} |"
+                )
+            if quiet_n:
+                print()
+                print(f"_+ {quiet_n} file(s) changed with no flags._")
+            print()
+            print(
+                "_Run `whycode why <path>` for the full Risk Card on any of the above._"
+            )
+        if threshold is not None and any(c.score.value >= threshold for c in cards):
+            raise typer.Exit(1)
+        return
     scope = "staged for commit" if staged else f"changed vs {actual_base}"
     console.print(f"[bold]{len(files)} file(s) {scope}[/bold]")
     if not flagged:

whycode_cli-0.2.5/src/whycode/templates/github-workflow.yml ADDED Viewed

@@ -0,0 +1,64 @@
+# Risk-rank pull requests with WhyCode.
+#
+# On every PR this workflow:
+#   1. Computes the Risk Card for each changed file (vs the PR base)
+#   2. Prints a risk-ranked table to the job log
+#   3. Posts (or updates) a single PR comment with the same table
+#
+# Advisory by default — humans decide. To turn it into a hard gate that
+# blocks merging, append `--fail-on <band>` to the diff line:
+#   handle    block at HANDLE WITH CARE   (score >= 75)
+#   history   block at READ HISTORY FIRST (score >= 50)
+#   look      stricter — block at >= 25
+name: WhyCode
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+permissions:
+  contents: read
+  pull-requests: write  # required to post / update the PR comment
+jobs:
+  whycode:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out PR
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # WhyCode needs full history
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+      - name: Install WhyCode
+        run: pip install whycode-cli
+      - name: Risk-rank files in this PR (job log)
+        run: whycode diff --base origin/${{ github.base_ref }}
+      - name: Build PR comment body
+        run: whycode diff --base origin/${{ github.base_ref }} --markdown > whycode-comment.md
+      - name: Post or update the PR comment
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+          REPO: ${{ github.repository }}
+        run: |
+          set -euo pipefail
+          BODY=$(cat whycode-comment.md)
+          # Find any existing comment we previously posted (identified by the
+          # hidden HTML marker WhyCode emits at the top of the message).
+          EXISTING=$(gh api "repos/${REPO}/issues/${PR_NUMBER}/comments" \
+            --jq 'map(select(.body | contains("<!-- whycode-comment -->"))) | .[0].id // empty')
+          if [ -n "$EXISTING" ]; then
+            gh api -X PATCH "repos/${REPO}/issues/comments/${EXISTING}" \
+              -f body="$BODY" > /dev/null
+          else
+            gh api -X POST "repos/${REPO}/issues/${PR_NUMBER}/comments" \
+              -f body="$BODY" > /dev/null
+          fi

{whycode_cli-0.2.4 → whycode_cli-0.2.5/src/whycode_cli.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: whycode-cli
-Version: 0.2.4
+Version: 0.2.5
 Summary: Tells you what to be afraid of before you touch a file.
 Author: Kevin
 License-Expression: MIT

{whycode_cli-0.2.4 → whycode_cli-0.2.5}/tests/test_cli.py RENAMED Viewed

@@ -508,6 +508,39 @@ def test_scan_no_ignore_brings_them_back(repo, days_ago) -> None:  # type: ignor
     assert "CHANGELOG" in permissive_run.output or "src/app.py" in permissive_run.output
+def test_diff_markdown_output(repo, days_ago) -> None:  # type: ignore[no-untyped-def]
+    repo.commit("init", {"refund.py": "0"}, when=days_ago(120))
+    sha = repo.commit("feat: refund flow", {"refund.py": "1"}, when=days_ago(60))
+    repo.revert(sha, when=days_ago(50))
+    repo.commit(
+        "hotfix: regression",
+        {"refund.py": "2"},
+        body="incident #INC-42",
+        when=days_ago(10),
+    )
+    result = _invoke(repo.root, "diff", "--base", "HEAD~3", "--markdown")
+    assert result.exit_code == 0
+    out = result.output
+    # Hidden marker so the workflow can find-and-update its prior comment.
+    assert "<!-- whycode-comment -->" in out
+    # Markdown table syntax.
+    assert "| Score | Band |" in out
+    assert "| ----: |" in out
+    # File path appears as inline code.
+    assert "`refund.py`" in out
+def test_diff_markdown_quiet_repo(repo, days_ago) -> None:  # type: ignore[no-untyped-def]
+    repo.commit("init", {"a.py": "1"}, when=days_ago(40))
+    repo.commit("docs: tweak", {"a.py": "2"}, when=days_ago(20))
+    result = _invoke(repo.root, "diff", "--base", "HEAD~1", "--markdown")
+    assert result.exit_code == 0
+    out = result.output
+    assert "<!-- whycode-comment -->" in out
+    # No flagged files → friendly note instead of an empty table.
+    assert "Nothing flagged" in out
 def test_scan_respects_user_whycodeignore(repo, days_ago) -> None:  # type: ignore[no-untyped-def]
     (repo.root / ".whycodeignore").write_text("internal/legacy.py\n")
     sha = repo.commit(

whycode_cli-0.2.4/src/whycode/templates/github-workflow.yml DELETED Viewed

@@ -1,40 +0,0 @@
-# Risk-rank pull requests with WhyCode.
-#
-# On every PR this workflow computes the Risk Card for each changed file
-# (vs the PR base) and prints a risk-ranked table to the job log.
-# Advisory by default — humans decide.
-#
-# To turn it into a hard gate that blocks merging, append `--fail-on <band>`
-# to the `whycode diff` line below:
-#   handle    block at HANDLE WITH CARE   (score >= 75)
-#   history   block at READ HISTORY FIRST (score >= 50)
-#   look      stricter — block at >= 25
-name: WhyCode
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-permissions:
-  contents: read
-  pull-requests: read
-jobs:
-  whycode:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check out PR
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0  # WhyCode needs full history
-      - name: Set up Python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.11"
-      - name: Install WhyCode
-        run: pip install whycode-cli
-      - name: Risk-rank files in this PR
-        run: whycode diff --base origin/${{ github.base_ref }}