chore: import upstream snapshot with attribution
This commit is contained in:
@@ -0,0 +1,94 @@
|
||||
name: Bug report
|
||||
description: Report a defect in code-review-graph (CLI, MCP server, parser, or graph store)
|
||||
title: "[Bug]: "
|
||||
labels: ["bug"]
|
||||
body:
|
||||
- type: markdown
|
||||
attributes:
|
||||
value: |
|
||||
Thanks for taking the time to report a bug. Before filing, please check the
|
||||
[troubleshooting guide](https://github.com/tirth8205/code-review-graph/blob/main/docs/TROUBLESHOOTING.md)
|
||||
and search existing issues for duplicates.
|
||||
- type: input
|
||||
id: crg-version
|
||||
attributes:
|
||||
label: code-review-graph version
|
||||
description: >-
|
||||
Output of `pip show code-review-graph` (or the version reported by
|
||||
`code-review-graph status`).
|
||||
placeholder: "2.3.5"
|
||||
validations:
|
||||
required: true
|
||||
- type: dropdown
|
||||
id: os
|
||||
attributes:
|
||||
label: Operating system
|
||||
options:
|
||||
- macOS
|
||||
- Linux
|
||||
- Windows
|
||||
- Other (describe in "Additional context")
|
||||
validations:
|
||||
required: true
|
||||
- type: input
|
||||
id: python-version
|
||||
attributes:
|
||||
label: Python version
|
||||
description: Output of `python --version`. Python 3.10+ is required.
|
||||
placeholder: "3.12.4"
|
||||
validations:
|
||||
required: true
|
||||
- type: dropdown
|
||||
id: ai-platform
|
||||
attributes:
|
||||
label: AI platform
|
||||
description: Which AI coding tool were you using when you hit the bug?
|
||||
options:
|
||||
- claude-code
|
||||
- cursor
|
||||
- codex
|
||||
- windsurf
|
||||
- zed
|
||||
- opencode
|
||||
- copilot
|
||||
- other (describe in "Additional context")
|
||||
validations:
|
||||
required: true
|
||||
- type: textarea
|
||||
id: status-output
|
||||
attributes:
|
||||
label: Output of `code-review-graph status`
|
||||
description: >-
|
||||
Run `code-review-graph status` in the affected repository and paste the full
|
||||
output. If the command itself fails, paste the error instead.
|
||||
render: shell
|
||||
validations:
|
||||
required: true
|
||||
- type: textarea
|
||||
id: repro-steps
|
||||
attributes:
|
||||
label: Steps to reproduce
|
||||
description: Exact commands or actions, in order, that trigger the bug.
|
||||
placeholder: |
|
||||
1. code-review-graph build
|
||||
2. code-review-graph detect-changes --brief
|
||||
3. ...
|
||||
validations:
|
||||
required: true
|
||||
- type: textarea
|
||||
id: expected-actual
|
||||
attributes:
|
||||
label: Expected vs actual behavior
|
||||
description: What did you expect to happen, and what happened instead?
|
||||
placeholder: |
|
||||
Expected: ...
|
||||
Actual: ...
|
||||
validations:
|
||||
required: true
|
||||
- type: textarea
|
||||
id: additional-context
|
||||
attributes:
|
||||
label: Additional context
|
||||
description: Logs, stack traces, screenshots, or anything else that helps.
|
||||
validations:
|
||||
required: false
|
||||
@@ -0,0 +1,8 @@
|
||||
blank_issues_enabled: false
|
||||
contact_links:
|
||||
- name: Questions and ideas (GitHub Discussions)
|
||||
url: https://github.com/tirth8205/code-review-graph/discussions
|
||||
about: Ask questions, share setups, and discuss ideas before filing an issue.
|
||||
- name: Troubleshooting guide
|
||||
url: https://github.com/tirth8205/code-review-graph/blob/main/docs/TROUBLESHOOTING.md
|
||||
about: Fixes for common installation, build, and MCP connection problems.
|
||||
@@ -0,0 +1,54 @@
|
||||
name: Feature request
|
||||
description: Suggest a new capability or an improvement to code-review-graph
|
||||
title: "[Feature]: "
|
||||
labels: ["enhancement"]
|
||||
body:
|
||||
- type: markdown
|
||||
attributes:
|
||||
value: |
|
||||
Thanks for the suggestion! For requests to support a new AI coding tool,
|
||||
please use the **Platform support request** template instead.
|
||||
- type: textarea
|
||||
id: problem
|
||||
attributes:
|
||||
label: Problem
|
||||
description: >-
|
||||
What problem are you trying to solve? What is painful or impossible today?
|
||||
validations:
|
||||
required: true
|
||||
- type: textarea
|
||||
id: proposed-solution
|
||||
attributes:
|
||||
label: Proposed solution
|
||||
description: How would you like this to work? CLI flags, MCP tool shape, etc.
|
||||
validations:
|
||||
required: true
|
||||
- type: dropdown
|
||||
id: area
|
||||
attributes:
|
||||
label: Affected area
|
||||
options:
|
||||
- Parser / language support
|
||||
- Graph store / SQLite
|
||||
- MCP tools / server
|
||||
- CLI
|
||||
- Visualization
|
||||
- Embeddings / search
|
||||
- Docs
|
||||
- Other
|
||||
validations:
|
||||
required: false
|
||||
- type: textarea
|
||||
id: alternatives
|
||||
attributes:
|
||||
label: Alternatives considered
|
||||
description: Other approaches or workarounds you have tried or considered.
|
||||
validations:
|
||||
required: false
|
||||
- type: textarea
|
||||
id: additional-context
|
||||
attributes:
|
||||
label: Additional context
|
||||
description: Links, examples from other tools, or anything else that helps.
|
||||
validations:
|
||||
required: false
|
||||
@@ -0,0 +1,62 @@
|
||||
name: Platform support request
|
||||
description: Request support for a new AI coding tool (MCP config, hooks, or skills)
|
||||
title: "[Platform]: "
|
||||
labels: ["enhancement", "platform-support"]
|
||||
body:
|
||||
- type: markdown
|
||||
attributes:
|
||||
value: |
|
||||
code-review-graph already configures Claude Code, Codex, Cursor, Windsurf, Zed,
|
||||
Continue, OpenCode, Antigravity, Gemini CLI, Qwen, Kiro, Qoder, and GitHub
|
||||
Copilot. Use this form to request support for another AI coding tool.
|
||||
- type: input
|
||||
id: platform-name
|
||||
attributes:
|
||||
label: Platform name
|
||||
description: The AI coding tool you want supported.
|
||||
placeholder: "e.g. Aider"
|
||||
validations:
|
||||
required: true
|
||||
- type: input
|
||||
id: platform-docs
|
||||
attributes:
|
||||
label: Link to the platform's MCP / configuration docs
|
||||
description: Official documentation describing how the tool consumes MCP servers.
|
||||
placeholder: "https://..."
|
||||
validations:
|
||||
required: true
|
||||
- type: dropdown
|
||||
id: mcp-support
|
||||
attributes:
|
||||
label: Does the platform support MCP?
|
||||
options:
|
||||
- Yes — stdio transport
|
||||
- Yes — HTTP / SSE transport
|
||||
- Yes — both transports
|
||||
- "No"
|
||||
- Unknown
|
||||
validations:
|
||||
required: true
|
||||
- type: textarea
|
||||
id: config-location
|
||||
attributes:
|
||||
label: Where does its MCP configuration live?
|
||||
description: >-
|
||||
Config file path(s) and format, if known — e.g. `~/.tool/mcp.json`,
|
||||
project-level `.tool/settings.json`, TOML, etc.
|
||||
validations:
|
||||
required: false
|
||||
- type: textarea
|
||||
id: additional-context
|
||||
attributes:
|
||||
label: Additional context
|
||||
description: Hooks/skills support, rules-file injection points, or other details.
|
||||
validations:
|
||||
required: false
|
||||
- type: checkboxes
|
||||
id: testing
|
||||
attributes:
|
||||
label: Testing
|
||||
options:
|
||||
- label: I have this tool installed and can test a pre-release integration.
|
||||
required: false
|
||||
@@ -0,0 +1,34 @@
|
||||
# Pull Request
|
||||
|
||||
## Linked issue
|
||||
|
||||
<!-- Link the issue this PR addresses, e.g. "Closes #123".
|
||||
If there is no issue, briefly say why (e.g. trivial typo fix). -->
|
||||
|
||||
Closes #
|
||||
|
||||
## What & why
|
||||
|
||||
<!-- What does this PR change, and why is the change needed? -->
|
||||
|
||||
## How it was tested
|
||||
|
||||
<!-- Paste the exact commands you ran and summarise their results. Typical commands
|
||||
(see CONTRIBUTING.md "Running Tests" and "Linting and Type Checking"): -->
|
||||
|
||||
```bash
|
||||
uv run pytest tests/ --tb=short -q
|
||||
uv run ruff check code_review_graph/
|
||||
uv run mypy code_review_graph/ --ignore-missing-imports --no-strict-optional
|
||||
```
|
||||
|
||||
## Checklist
|
||||
|
||||
<!-- Mirrors the requirements in CONTRIBUTING.md ("Making Changes" and "Code Style"). -->
|
||||
|
||||
- [ ] Tests added for new functionality
|
||||
- [ ] All tests pass: `uv run pytest tests/ --tb=short -q`
|
||||
- [ ] Linting passes: `uv run ruff check code_review_graph/`
|
||||
- [ ] Type checking passes: `uv run mypy code_review_graph/ --ignore-missing-imports --no-strict-optional`
|
||||
- [ ] Lines are at most 100 characters
|
||||
- [ ] Docs updated where behavior changed (README, `docs/`, docstrings)
|
||||
@@ -0,0 +1,43 @@
|
||||
---
|
||||
applyTo: '**'
|
||||
description: Use code-review-graph MCP tools for token-efficient codebase exploration and code review instead of built-in file/search tools.
|
||||
---
|
||||
|
||||
<!-- code-review-graph MCP tools -->
|
||||
## MCP Tools: code-review-graph
|
||||
|
||||
**IMPORTANT: This project has a knowledge graph. ALWAYS use the
|
||||
code-review-graph MCP tools BEFORE using #tool:read/readFile #tool:search/fileSearch #tool:search/textSearch to explore
|
||||
the codebase.** The graph is faster, cheaper (fewer tokens), and gives
|
||||
you structural context (callers, dependents, test coverage) that file
|
||||
scanning cannot.
|
||||
|
||||
### When to use graph tools FIRST
|
||||
|
||||
- **Exploring code**: `semantic_search_nodes_tool` or `query_graph_tool` instead of Grep
|
||||
- **Understanding impact**: `get_impact_radius_tool` instead of manually tracing imports
|
||||
- **Code review**: `detect_changes_tool` + `get_review_context_tool` instead of reading entire files
|
||||
- **Finding relationships**: `query_graph_tool` with callers_of/callees_of/imports_of/tests_for
|
||||
- **Architecture questions**: `get_architecture_overview_tool` + `list_communities_tool`
|
||||
|
||||
Fall back to Grep/Glob/Read **only** when the graph doesn't cover what you need.
|
||||
|
||||
### Key Tools
|
||||
|
||||
| Tool | Use when |
|
||||
| ------ | ---------- |
|
||||
| `detect_changes_tool` | Reviewing code changes — gives risk-scored analysis |
|
||||
| `get_review_context_tool` | Need source snippets for review — token-efficient |
|
||||
| `get_impact_radius_tool` | Understanding blast radius of a change |
|
||||
| `get_affected_flows_tool` | Finding which execution paths are impacted |
|
||||
| `query_graph_tool` | Tracing callers, callees, imports, tests, dependencies |
|
||||
| `semantic_search_nodes_tool` | Finding functions/classes by name or keyword |
|
||||
| `get_architecture_overview_tool` | Understanding high-level codebase structure |
|
||||
| `refactor_tool` | Planning renames, finding dead code |
|
||||
|
||||
### Workflow
|
||||
|
||||
1. The graph auto-updates on file changes (via hooks).
|
||||
2. Use `detect_changes_tool` for code review.
|
||||
3. Use `get_affected_flows_tool` to understand impact.
|
||||
4. Use `query_graph_tool` pattern="tests_for" to check coverage.
|
||||
@@ -0,0 +1,38 @@
|
||||
<!-- code-review-graph MCP tools -->
|
||||
## MCP Tools: code-review-graph
|
||||
|
||||
**IMPORTANT: This project has a knowledge graph. ALWAYS use the
|
||||
code-review-graph MCP tools BEFORE using Grep/Glob/Read to explore
|
||||
the codebase.** The graph is faster, cheaper (fewer tokens), and gives
|
||||
you structural context (callers, dependents, test coverage) that file
|
||||
scanning cannot.
|
||||
|
||||
### When to use graph tools FIRST
|
||||
|
||||
- **Exploring code**: `semantic_search_nodes_tool` or `query_graph_tool` instead of Grep
|
||||
- **Understanding impact**: `get_impact_radius_tool` instead of manually tracing imports
|
||||
- **Code review**: `detect_changes_tool` + `get_review_context_tool` instead of reading entire files
|
||||
- **Finding relationships**: `query_graph_tool` with callers_of/callees_of/imports_of/tests_for
|
||||
- **Architecture questions**: `get_architecture_overview_tool` + `list_communities_tool`
|
||||
|
||||
Fall back to Grep/Glob/Read **only** when the graph doesn't cover what you need.
|
||||
|
||||
### Key Tools
|
||||
|
||||
| Tool | Use when |
|
||||
| ------ | ---------- |
|
||||
| `detect_changes_tool` | Reviewing code changes — gives risk-scored analysis |
|
||||
| `get_review_context_tool` | Need source snippets for review — token-efficient |
|
||||
| `get_impact_radius_tool` | Understanding blast radius of a change |
|
||||
| `get_affected_flows_tool` | Finding which execution paths are impacted |
|
||||
| `query_graph_tool` | Tracing callers, callees, imports, tests, dependencies |
|
||||
| `semantic_search_nodes_tool` | Finding functions/classes by name or keyword |
|
||||
| `get_architecture_overview_tool` | Understanding high-level codebase structure |
|
||||
| `refactor_tool` | Planning renames, finding dead code |
|
||||
|
||||
### Workflow
|
||||
|
||||
1. The graph auto-updates on file changes (via hooks).
|
||||
2. Use `detect_changes_tool` for code review.
|
||||
3. Use `get_affected_flows_tool` to understand impact.
|
||||
4. Use `query_graph_tool` pattern="tests_for" to check coverage.
|
||||
@@ -0,0 +1,20 @@
|
||||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: "pip"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "weekly"
|
||||
open-pull-requests-limit: 5
|
||||
labels:
|
||||
- "dependencies"
|
||||
commit-message:
|
||||
prefix: "deps"
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "weekly"
|
||||
open-pull-requests-limit: 3
|
||||
labels:
|
||||
- "dependencies"
|
||||
commit-message:
|
||||
prefix: "ci"
|
||||
@@ -0,0 +1,88 @@
|
||||
name: CI
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: [main]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.10"
|
||||
- name: Install dependencies
|
||||
run: pip install -e ".[dev]"
|
||||
- name: Lint with ruff
|
||||
run: ruff check code_review_graph/
|
||||
|
||||
type-check:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.10"
|
||||
- name: Install dependencies
|
||||
run: pip install -e ".[dev]" mypy types-networkx
|
||||
- name: Run mypy
|
||||
run: mypy code_review_graph/ --ignore-missing-imports --no-strict-optional
|
||||
|
||||
security:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.10"
|
||||
- name: Install bandit
|
||||
run: pip install bandit[toml]
|
||||
- name: Run bandit security scan
|
||||
run: bandit -r code_review_graph/ -c pyproject.toml
|
||||
|
||||
schema-sync:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Check Python/VSCode schema versions match
|
||||
run: |
|
||||
PY_VER=$(grep -oP 'LATEST_VERSION\s*=\s*max\(MIGRATIONS\.keys\(\)\)' code_review_graph/migrations.py > /dev/null && python3 -c "
|
||||
import re, ast
|
||||
src = open('code_review_graph/migrations.py').read()
|
||||
m = re.search(r'MIGRATIONS:\s*dict\[.*?\]\s*=\s*\{([^}]+)\}', src)
|
||||
keys = [int(k.strip().rstrip(':')) for k in re.findall(r'(\d+):', m.group(1))]
|
||||
print(max(keys))
|
||||
")
|
||||
TS_VER=$(grep -oP 'SUPPORTED_SCHEMA_VERSION\s*=\s*\K\d+' code-review-graph-vscode/src/backend/sqlite.ts)
|
||||
echo "Python LATEST_VERSION: $PY_VER"
|
||||
echo "VSCode SUPPORTED_SCHEMA_VERSION: $TS_VER"
|
||||
if [ "$PY_VER" != "$TS_VER" ]; then
|
||||
echo "::error::Schema version mismatch! Python=$PY_VER, VSCode=$TS_VER"
|
||||
exit 1
|
||||
fi
|
||||
echo "Schema versions in sync."
|
||||
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
strategy:
|
||||
matrix:
|
||||
python-version: ["3.10", "3.11", "3.12", "3.13"]
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Set up Python ${{ matrix.python-version }}
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: ${{ matrix.python-version }}
|
||||
- name: Install dependencies
|
||||
run: pip install -e ".[dev]" pytest-cov
|
||||
- name: Run tests with coverage
|
||||
run: pytest --tb=short -q --cov=code_review_graph --cov-report=term-missing --cov-fail-under=65
|
||||
@@ -0,0 +1,65 @@
|
||||
name: Weekly Eval
|
||||
|
||||
# Report-only benchmark run. This workflow surfaces benchmark drift in the
|
||||
# job summary and the uploaded CSV artifact, but it must NOT fail the default
|
||||
# branch on regressions (yet) — eval failures are informational until the
|
||||
# co-change baseline has enough history to set thresholds against.
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "23 6 * * 1" # Mondays 06:23 UTC (off-minute to dodge load spikes)
|
||||
workflow_dispatch:
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
eval:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 45
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.12"
|
||||
|
||||
- name: Install with eval extras
|
||||
run: pip install -e ".[eval]"
|
||||
|
||||
- name: Run benchmarks (2 smallest pinned configs)
|
||||
# httpx (~60 files) and flask (~83 files) are the two smallest
|
||||
# pinned repos. Report-only: `|| true` keeps regressions and
|
||||
# transient clone failures from failing the default branch.
|
||||
run: |
|
||||
code-review-graph eval \
|
||||
--repo httpx,flask \
|
||||
--benchmark token_efficiency,impact_accuracy,agent_baseline \
|
||||
--output-dir evaluate/results || true
|
||||
|
||||
- name: Upload result CSVs
|
||||
if: always()
|
||||
uses: actions/upload-artifact@v4
|
||||
with:
|
||||
name: eval-results-${{ github.run_id }}
|
||||
path: evaluate/results/*.csv
|
||||
if-no-files-found: warn
|
||||
retention-days: 90
|
||||
|
||||
- name: Write job summary
|
||||
if: always()
|
||||
run: |
|
||||
python - <<'PY' >> "$GITHUB_STEP_SUMMARY"
|
||||
from code_review_graph.eval.reporter import generate_full_report
|
||||
|
||||
print("# Weekly eval (report-only)")
|
||||
print()
|
||||
print(
|
||||
"Configs: `httpx`, `flask` (the two smallest pinned repos). "
|
||||
"Regressions are reported here and in the CSV artifact but do "
|
||||
"not fail CI."
|
||||
)
|
||||
print()
|
||||
print(generate_full_report("evaluate/results"))
|
||||
PY
|
||||
@@ -0,0 +1,21 @@
|
||||
# Dogfoods the local composite action (action.yml at the repo root) on PRs.
|
||||
name: PR Review
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
branches: [main]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
|
||||
jobs:
|
||||
review:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Run code-review-graph review
|
||||
uses: ./
|
||||
with:
|
||||
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||
fail-on-risk: none
|
||||
@@ -0,0 +1,32 @@
|
||||
name: Publish to PyPI
|
||||
|
||||
on:
|
||||
release:
|
||||
types: [published]
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
publish:
|
||||
runs-on: ubuntu-latest
|
||||
environment: pypi
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.12"
|
||||
|
||||
- name: Install build tools
|
||||
run: pip install build twine
|
||||
|
||||
- name: Build package
|
||||
run: python -m build
|
||||
|
||||
- name: Publish to PyPI
|
||||
env:
|
||||
TWINE_USERNAME: __token__
|
||||
TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
|
||||
run: twine upload dist/*
|
||||
Reference in New Issue
Block a user