1  �

  2  j^iԽ���dZd
dl
Z
d
dlZd
dlZd
dlZd
dlZd
dlZd
dlmZm	Z	
d
dl
  3  mZ
d
dlm
Z
mZmZmZ
d
dlmZmZ
	d
dlZdZ	d
dlZdZ	d
dlZdZeGd	�d
  4  ��ZGd�d�ZGd
�d�ZGd�d�ZGd�d�ZeGd�d��ZGd�d�Z defd�Z!defd�Z"defd�Z#defd�Z$defd�Z%defd�Z&defd�Z'ded e(fd!�Z)d"�Z*e+d#k(re*�
yy#e$r
dZY��wxYw
#e$r
dZY��wxYw
#e$r
dZY��wxYw
)$z�
  5  Claude CI Integration for Alpha/Delta Protocol
  6  CSPEC-2026-001
  7  
  8  AI-powered code review integrated into Forgejo CI pipeline.
  9  Provides automated PR review, security analysis, architecture validation,
 10  and documentation drift detection.
 11  �N)�	dataclass�field)
�Path)�Optional�List�Dict�Any)�datetime�	timedeltaTFc�f
�eZ
dZUd
ZdZeed<dZeed<dZeed<dZ	eed<dZ
 12  eed	<dZeed
 13  <dZeed<dZ
eed
<dZeed<dZeed<dZeed<dZeed<dZeed<dZeed<dZeed<dZeed<dZeed<dZeed<dZeed <ed(d"��Zd!efd#�Zed$ed!dfd%��Zd!e efd&�Z!y'))�CIConfigz(Configuration for Claude CI integration.��anthropic_api_key�claude_session_key�
claude_org_id�auto�	auth_mode�https://source.ac-dc.network�forgejo_url�
forgejo_token�context_repo_pathi�I�max_context_tokens�claude-sonnet-4-20250514�model_pr_review�model_security�claude-opus-4-20250514�model_architecturei �max_output_tokensg�?�max_cost_per_prg4@�max_cost_per_dayT�
post_comments�security_gate_enabled�arch_gate_enabled�/tmp/claude-ci-cache�	cache_diri�cache_ttl_seconds�returnc
�8�|d3id
t
jdd��
dt
jdd��
dt
jdd��
dt
jd	d
 14  ��
dt
jdd
��
dt
jdd��
dt
jdd��
dtt
jdd��
�
dt
jdd��
dt
jdd��
dt
jdd��
dtt
jdd��
�
d tt
jd!d"��
�
d#tt
jd$d%��
�
d&t
jd'd(�j	�d(k(�
d)t
jd*d(�j	�d(k(�
d+t
jd,d(�j	�d(k(�
d-t
jd.d/��
d0tt
jd1d2��
�
�
S)4z.Load configuration from environment variables.r�ANTHROPIC_API_KEYrr�CLAUDE_SESSION_KEYr�
CLAUDE_ORG_IDr�CLAUDE_AUTH_MODErr�FORGEJO_URLrr�
FORGEJO_TOKENr�CONTEXT_REPO_PATHr�MAX_CONTEXT_TOKENS�150000r�MODEL_PR_REVIEWrr�MODEL_SECURITYr�MODEL_ARCHITECTURErr�MAX_OUTPUT_TOKENS�8192r�MAX_COST_PER_PRz1.00r �MAX_COST_PER_DAYz20.00r!�
POST_COMMENTS�truer"�
SECURITY_GATEr#�	ARCH_GATEr%�	CACHE_DIRr$r&�	CACHE_TTL�3600�)�os�getenv�int�float�lower)
�clss
 �A/home/devops/working-repos/alpha-delta-context/tools/claude_ci.py�from_envzCIConfig.from_envRs�
���
 15  � �i�i�(;�R�@�
 16  �!�y�y�)=�r�B�
 17  ��)�)�O�R�8�
 18  ��i�i� 2�F�;�	
 19  �
 20  �	�	�-�1O�P�
 21  ��)�)�O�R�8�

 22  �!�i�i�(;�R�@�
 23  � #�2�9�9�-A�8�#L�M�
 24  ��I�I�&7�9S�T�
 25  ��9�9�%5�7Q�R�
 26  � "�y�y�)=�?W�X�
 27  �"�"�)�)�,?��"H�I�
 28  �"�"�)�)�,=�v�"F�G�
 29  �#�2�9�9�-?��#I�J�
 30  ��)�)�O�V�<�B�B�D��N�
 31  � #%�)�)�O�V�"D�"J�"J�"L�PV�"V�!
 32  �"!�i�i��V�<�B�B�D��N�#
 33  �$�i�i��-C�D�%
 34  �&"�"�)�)�K��"@�A�'
 35  �	
 36  �c
�n�|jd
k7r|jS|jr
y|jr
yy)z+Determine which authentication mode to use.r�oauth�api�none)rrr)
�selfs
 rG�
get_auth_modezCIConfig.get_auth_modeks3���>�>�V�#��>�>�!��"�"���!�!��rI�pathc�
�tstd
�
�
t|
�
5}tj|�
}ddd�
|dij�D��cic]\}}t
||�s
�||��c}}�
�
S#1s
w
Y

�@xYw
c
c}}w)z"Load configuration from YAML file.z#PyYAML required: pip install pyyamlNr@)�HAS_YAML�ImportError�open�yaml�	safe_load�items�hasattr)rFrP�
f�data�
k�
vs      rG�	from_yamlzCIConfig.from_yamlvsu����C�D�D�
�$�Z�
	%�1��>�>�!�$�D�
	%��H�t�z�z�|�G�t�q�!�w�s�A��a��d�G�H�H�
	%�
	%��H
s�A2�A>�'A>�2A;c
�
�g}
|j
�}|d
k(r|
jd�

nE|dk(r|js|
jd�

n"|dk(r|js|
jd�

|js|
jd�

|
St|j�
j
�s|
jd|j���

|
S)	z.Validate configuration, return list of errors.rMzINo authentication configured. Set ANTHROPIC_API_KEY or CLAUDE_SESSION_KEYrLz1ANTHROPIC_API_KEY not set (required for API mode)rKz4CLAUDE_SESSION_KEY not set (required for OAuth mode)zCONTEXT_REPO_PATH not setz"Context repo path does not exist: )rO�appendrrrr�exists)rN�errorsrs   rG�validatezCIConfig.validate�s������&�&�(�	�����M�M�e�f�
�%�
��(>�(>��M�M�M�N�
�'�
!�$�*A�*A��M�M�P�Q��%�%��M�M�5�6��
��d�,�,�-�4�4�6��M�M�>�t�?U�?U�>V�W�X��
rIN)r'r
)"�__name__�
 37  __module__�__qualname__�__doc__r�str�__annotations__rrrrrrrrCrrrrrrDr r!�boolr"r#r%r&�classmethodrHrOr]rrbr@rIrGr
r
.s-
��2� ��s�� ��� ��M�3���I�s��5�K��5��M�3�� ��s��$���$�6�O�S�5�4�N�C�4�6���6�!��s�!�"�O�U�!�#��e�#��M�4��"&��4�&�"��t�"�,�I�s�+�!��s�!��
 38  ��
 39  �0	�s�	��I
�S�I
�Z�I
��I
��$�s�)�rIr
c��eZ
dZd
Zdg
dg
ddgdg
dg
dg
d	�Zd
 40  efd�Zdd
eee	de
 41  e	e	ffd�Zdd
eee	de	fd�Zde	de
fd�Zde
 42  e	effd�Zy)�
ContextLoaderz�
 43      Loads and manages project context from alpha-delta-context repository.
 44      Provides token-efficient context for Claude API calls.
 45      z$project/architecture/machine/*.cspeczproject/governance/*.mdzinfra/machine/security.cspecz%infra/machine/incident-response.cspecz4project/architecture/machine/api-specification.cspecz3project/architecture/machine/testing-strategy.cspeczproject/decisions.md)�architecture�
 46  governance�securityrL�testing�	decisions�configc�b�|
|_t|
j�
|_d|_d|_y�
N)rrrr�	repo_path�_context_cache�_cache_time�rNrrs  rG�__init__zContextLoader.__init__�s+������f�6�6�7���-1���/3��rIN�
 47  categoriesr'c
 48  ��
�|
�#t
|jj��
}
i}|
D]�}|jj|g�}|D]o}|jj|�
D]O}|j
�s
�	|jd��
}t|j|j�
�
}|||<�Q�q��|S#t$r+}	td|�d|	��tj��
Yd
}	~	��d
}	~	w
wxYw
)z�
 49          Load context files from repository.
 50  
 51          Args:
 52              categories: Optional list of categories to load.
 53                         If None, loads all categories.
 54  
 55          Returns:
 56              Dict mapping file paths to contents.
 57          N�utf-8)
�encodingzWarning: Could not read �: �
�file)�list�CONTEXT_PATTERNS�keys�getru�glob�is_file�	read_textrg�relative_to�	Exception�print�sys�stderr)
 58  rNrz�files�category�patterns�pattern�	file_path�content�rel_path�
es
 59            rG�load_context_filesz ContextLoader.load_context_files�s
�����d�3�3�8�8�:�;�J���"�
 60  	`
�H��,�,�0�0��2�>�H�#�
`
��!%���!4�!4�W�!=�`
�I� �(�(�*�`
�&/�&9�&9�7�&9�&K�G�'*�9�+@�+@����+P�'Q�H�.5�E�(�O�`
�
`
�
 61  	`
���� )�
`
�!�$<�Y�K�r�!��"M�TW�T^�T^�_�_��
`
�s�>;C
�
	C5	�
 62  !C0	�0C5	c���|j�Z|j�Ntj�|jz
 63  t	|j
 64  j�
�
kr|jS|j|
�
}g}|jd�

|jd�

|jd�

|jd�

t|j��
D]]\}}|jd|���

|jd�

|j|�

|jd�

|jd�

�_dj|�
}||_tj�|_
|S)z�
 65          Build a context prompt for Claude API calls.
 66          Uses caching to avoid repeated file reads.
 67  
 68          Returns:
 69              Formatted context string for system prompt.
 70          )
�secondsz# Alpha/Delta Protocol Contextrz7You have access to the following project documentation:z	## File: z```�

 71  )rvrwr
 72  �nowrrrr&r�r_�sortedrW�join)rNrzr��sectionsr�r��contexts       rG�build_context_promptz"ContextLoader.build_context_prompt�s&
��
���+����(��L�L�N�T�-�-�-�	�$�+�+�B_�B_�0`�`��&�&�&��'�'�
 73  �3�������8�9���������Q�R������"(�����"7�	 ��I�w��O�O�i�	�{�3�4��O�O�E�"��O�O�G�$��O�O�E�"��O�O�B��	 ��)�)�H�%��&���#�<�<�>����rI�textc��t
|
�
d
zS)z+Rough token estimation (4 chars per token).��
�len)rNr�s  rG�estimate_tokenszContextLoader.estimate_tokens�s���4�y�A�~�rIc
�
�|j
�}
td
�|
j�D��
}t|j�
t|
�
||j
|j��
t|
j��
d�S)z%Get information about loaded context.c
3�2K
�|]}
t
|
�
�
�

�y�w
rtr�)�.0r�s  rG�	<genexpr>z1ContextLoader.get_context_info.<locals>.<genexpr>
s����E�7�#�g�,�E�s�
)ru�
 74  file_count�total_chars�estimated_tokensr�)
 75  r��sum�valuesrgrur�r�r�r�r�)rNr�r�s   rG�get_context_infozContextLoader.get_context_info
sr���'�'�)���E�e�l�l�n�E�E���T�^�^�,��e�*�&� $� 4� 4��)�)�+�!��%�*�*�,�'�
 76  �	
 77  rIrt)rcrdrerfr�r
ryrrrgrr�r�rCr�r	r�r@rIrGrlrl�s����
3�
 78  �
&�
 79  �
+�3�
 80  �
 81  
C
�
 82  �
B
�
 83  �
#�
 84  �#��,4�x�4��X�d�3�i�-@��D�QT�VY�QY�N��<#�x��S�	�/B�#�c�#�J
�C��C��

 85  �$�s�C�x�.�

 86  rIrlc�
�eZ
dZd
Zdefd�Zdededeeeffd�Z	ded	ed
 87  e
 88  deeeffd�Zded	ed
 89  e
 90  defd�Zded	ed
 91  e
 92  de
eeeffd
�Z	dded	ed
 93  e
 94  dededeeeffd�Z	dded	edededededeedeeeffd�Zy)�
ForgejoClientz*Client for Forgejo/Gitea API interactions.rrc��|
|_|
jjd
�
|_i|_|
j
 95  rd|
j
 96  ��|jd<yy)N�
/�token �
Authorization)rrr�rstrip�base_url�headersrrxs  rGryzForgejoClient.__init__
sR������*�*�1�1�#�6��
�������.4�V�5I�5I�4J�,K�D�L�L��)� rI�method�endpointr'c���tstd
�
�
|j�d|��}tj|
|fd|j
 97  i
|�
�
}|j
�
|jr|j�SiS)zMake API request.�'requests required: pip install requestsz/api/v1r�)	�HAS_REQUESTSrSr��requests�requestr��raise_for_statusr��json)rNr�r��kwargs�url�responses      rG�_requestzForgejoClient._request!
sk����G�H�H�����w�x�j�1���#�#�F�C�P����P��P���!�!�#�����=�=�?�"��	rI�owner�repo�	pr_numberc	�8�|j
d
d|
�d|�d|���S)zGet pull request details.�GET�/repos/r��/pulls/�
r��rNr�r�r�s    rG�get_przForgejoClient.get_pr.
s&���}�}�U�g�e�W�A�d�V�7�9�+�$N�O�OrIc���tstd
�
�
|j�d|
�d|�d|�d�}tj||j
 98  ��}|j
�
|jS)zGet pull request diff.r��/api/v1/repos/r�r�z.diff�
r�)r�rSr�r�r�r�r�r�)rNr�r�r�r�r�s      rG�get_pr_diffzForgejoClient.get_pr_diff2
s]����G�H�H�����~�e�W�A�d�V�7�9�+�U�S���<�<��T�\�\�:���!�!�#��}�}�rIc
 99  �:�|j
d
d|
�d|�d|�d��S)z Get list of files changed in PR.r�r�r�r�z/filesr�r�s    rG�get_pr_fileszForgejoClient.get_pr_files<
s(���}�}�U�g�e�W�A�d�V�7�9�+�V�$T�U�UrI�body�eventc
100  �D�|j
d
d|
�d|�d|�d�||d���S)zw
101          Post a review comment on a PR.
102  
103          Args:
104              event: APPROVE, REQUEST_CHANGES, or COMMENT
105          �POSTr�r�r�z/reviews)r�r��
r�r�)rNr�r�r�r�r�s      rG�post_review_commentz!ForgejoClient.post_review_comment@
s=���}�}���e�W�A�d�V�7�9�+�X�>���/��
106  �	
107  rIN�sha�stater��description�
108  target_urlc	�\�|||d
dd�}|r||d<|j
dd|
�d|�d|��|�	�S)
109  zg
110          Set commit status.
111  
112          Args:
113              state: pending, success, error, failure
114          N�)r�r�r�r�r�r�r�z
115  /statuses/r�r�)	rNr�r�r�r�r�r�r�rZs	         rG�set_commit_statuszForgejoClient.set_commit_statusT
s\��"��&�t��,�
116  ��
117  �!+�D����}�}���e�W�A�d�V�:�c�U�3���
118  �	
119  rI)
�COMMENTrt)rcrdrerfr
ryrgrr	r�rCr�r�rr�r�rr�r@rIrGr�r�
sh
��4�L
�x�L
��s��c���S�#�X���P
�C�P
�s�P
�s�P
�t�C��H�~�P
����C��C��C��V
�#�V
�S�V
�S�V
�T�$�s�TW�x�.�EY�V
��

120  ��
121  ��
122  ��	
123  �
124  �
125  ��

126  �
127  �c�3�h��
128  �8%)�
129  ��
130  ��
131  ��	
132  �
133  �
134  ��

135  ��
136  ��S�M�
137  �
138  �c�3�h��
139  rIr�c�6�eZ
dZd
Zdefd�Zd�Zdededefd�Zy	)
140  �ClaudeCLIClientz{
141      Client that uses the Claude Code CLI for inference.
142      Leverages existing OAuth authentication from Claude Code.
143      rrc�2�|
|_|j�
yrt)rr�
144  _check_clirxs  rGryzClaudeCLIClient.__init__}
s��������rIc
�D�d
dl}
|
jd�
std�
�
y)zVerify Claude CLI is available.rN�claude�LClaude CLI not found. Install with: npm install -g @anthropic-ai/claude-code)�shutil�which�RuntimeError)rNr�s  rGr�zClaudeCLIClient._check_cli�
s"����|�|�H�%��m�n�n�&rI�
system_prompt�user_messager'c�
�d
dl}|�}ddddd|
|g}	|j|ddd	�
145  �}|jd
k7r)td|j��t
146  j��
y
|jj�S#|j$r
tdt
147  j��
Yy
t$r(}td|��t
148  j��
Yd}~y
d}~w
wxYw
)zm
149          Send a chat message using Claude Code CLI.
150          Uses -p flag for non-interactive output.
151          rNr��-pz--output-formatr�z--system-promptT�,
)�capture_outputr��timeoutzClaude CLI error: rrzClaude CLI timed out)
152  �
153  subprocess�run�
154  returncoder�r�r��stdout�strip�TimeoutExpiredr�)rNr�r�r��full_prompt�cmd�resultr�s        rG�chatzClaudeCLIClient.chat�
s���
155  	�&���
���v��}�
�
156  ��	��^�^��#���	$��F�� � �A�%��*�6�=�=�/�:����L���=�=�&�&�(�(���(�(�	��(�s�z�z�:���	��&�q�c�*����<���	�s$�AA9�A9�9*C�%C�-C�CN)	rcrdrerfr
ryr�rgr�r@rIrGr�r�w
s3���
157  �x��o
�(�#�(�S�(�S�(rIr�c�J�eZ
dZd
ZdZdefd�Zdeeeffd�Z	dededefd	�Z
158  y
159  )�ClaudeOAuthClientz�
160      DEPRECATED: Use ClaudeCLIClient instead.
161      The claude.ai web API doesn't accept OAuth tokens from Claude Code.
162      This class is kept for potential future use with session cookies.
163      zhttps://claude.ai/apirrc�
�|
|_|
j|_|
j|_t
164  st
d
�
�
ddl}|jd�
r,tdtj��
t|
�
|_
ytd�
�
)Nr�rr�zUsing Claude CLI for OAuth moderr�)rrr�session_keyr�org_idr�rSr�r�r�r�r�r��_cli_clientr�)rNrrr�s   rGryzClaudeOAuthClient.__init__�
sn�����!�4�4����*�*�����G�H�H�	��<�<��!��3�#�*�*�E�.�v�6�D���m�n�nrIr'c
���d
d
dd�}
|jjd�
st|j�
dkDrd|j��|
d<|
Sd|j��|
d	<|
S)
165  z'Get headers for claude.ai API requests.�application/jsonz
Claude-CI/1.0)�Content-Type�Acceptz
166  User-Agentzsk-�2zBearer r�zsessionKey=�Cookie)r

�
167  startswithr�)rNr�s  rG�_get_headerszClaudeOAuthClient._get_headers�
sz��/�(�)�
168  �����&�&�u�-��T�5E�5E�1F��1K�)0��1A�1A�0B�'C�G�O�$���#.�d�.>�.>�-?� @�G�H���rIr�r�c�P�|jr|jj|
|�Std
tj��
	tj|j�d�|j���}|j�
|j�}|std�
�
|dj
dd�}tj|j�d	|�d
169  �|j�ddd��
�}|j�
|j�j
dd�}|
�d|��}tj|j�d	|�d|�d�|j�|dgd�d��}|j�
d}|j�D]M}	|	s
�|	jd�
}
170  |
171  jd�
s
�)	tj |
172  dd�
}d|vr||dz
}�O|S#tj"$r
Y�gwxYw
#t$$r(}td|��tj��
Yd}~yd}~w
wxYw
)zl
173          Send a chat message.
174          Uses CLI if available, otherwise attempts web API (may fail).
175          z1Warning: Claude CLI not found, attempting web APIrz/organizationsr�zNo organization foundr�uuidrz/organizations/z/chat_conversationsz	CI Review)r

�name�r�r�z
176  
177  ---
178  
179  z/chat_conversations/z/completion�UTC)�prompt�timezone�attachmentsT)r�r��streamr|zdata: �N�
180  completionzWeb API error: )r
r�r�r�r�r�r��BASE_URLr
r�r��
181  ValueError�post�
182  iter_lines�decoder
183  
�loads�JSONDecodeErrorr�)
rNr�r�r��orgsr
�conv_id�full_message�
full_response�line�line_strrZr�s
             rGr�zClaudeOAuthClient.chat�
s��
184  ����#�#�(�(���E�E�	�A��
185  �
186  �S�/	��|�|��=�=�/��0��)�)�+��H�
�%�%�'��=�=�?�D�� �!8�9�9��!�W�[�[���,�F� �}�}��=�=�/����8K�L��)�)�+� �+�6��H�
187  
�%�%�'��m�m�o�)�)�&�"�5�G�,�_�K��~�F�L��}�}��=�=�/����8L�W�I�U`�a��)�)�+� ,�%�PR�S��	�H�
�%�%�'��M� �+�+�-�	
%���#�{�{�7�3�H��*�*�8�4�%�#'�:�:�h�q�r�l�#;�D�+�t�3� -��l�1C� C�
��	
%�!� �� $�3�3�
%�$�
%���	��O�A�3�'�c�j�j�9���	�sC�E	G4�"G4�3$G�G4�G1�.G4�0
G1�1G4�4	H%�=H � H%N)rcrdrerfr
r
ryrrgr
r�r@rIrGr�r��
sJ���'�H�o
�x�o
�"�d�3��8�n��9�#�9�S�9�S�9rIr�c�r�eZ
dZUd
Zeed<eed<eeeefed<eed<eed<e	ed<e	ed<e
188  ed	<y
189  )�ReviewResultzResult of a Claude review.�recommendation�summary�findings�raw_response�model�input_tokens�
output_tokens�
cost_estimateN)rcrdrerfrgrhrrr	rCrDr@rIrGr%
r%
s@��$���
�L��4��S��>�"�"����J������rIr%
c���eZ
dZd
Zddd�ddd�d�Zdedefd	�Zd
190  ede	de	d
e
191  fd�Zded
efd�Zdeded
192  ed
e
fd�Zddedeed
e
fd�Zded
e
fd�Zddedeed
e
fd�Zded
e
fd�Zy)�ClaudeCIClientz�
193      Claude API client for CI code review tasks.
194      Provides PR review, security analysis, architecture validation,
195      and documentation sync checking.
196  
197      Supports both direct API (ANTHROPIC_API_KEY) and OAuth (CLAUDE_SESSION_KEY).
198      ��~j�t�h?���Q��?��input�outputg333333�?)rrrr�context_loaderc�@�|
|_||_
|
j�|_|jd
k(r>tstd�
�
t
j|
j��
|_	d|_
199  y|jdk(r	d|_	t|
�
|_
200  yt!d�
�
#t$rp}|
jrYtrStd|�d�tj��
d
|_t
j|
j��
|_	d|_
201  n
�Yd}~yd}~w
wxYw
)	NrLz)anthropic required: pip install anthropic)
�api_keyrKzOAuth failed (z), falling back to API keyrzNo authentication configured)rrr5
rOr�
HAS_ANTHROPICrS�	anthropic�	Anthropicr�client�oauth_clientr�r�r�r�r�r
)rNrrr5
r�s    rGryzClaudeCIClient.__init__6s������,����-�-�/����>�>�U�"� �!�"M�N�N�#�-�-�f�6N�6N�O�D�K� $�D��
�^�^�w�
&�
�"���$5�f�$=��!��;�<�<�� �
��+�+�
��N�1�#�-G�H�s�z�z�Z�%*�D�N�"+�"5�"5�f�>V�>V�"W�D�K�(,�D�%��&��

�s�
B$�$	D�-A&D�Dr*
r+
r,
r'c�n�|jj|
d
dd��}|dz|dz|dz|dzzS)z%Calculate cost estimate for API call.r0
r1
r2
i�r3
r4
)�PRICINGr�)rNr*
r+
r,
�pricings     rG�_calculate_costzClaudeCIClient._calculate_costQsK���,�,�"�"�5�E�U�*K�L���t�#�g�g�&6�6���$�w�x�'8�8�
9�
	:rI�	task_typec�~�|jj�}d
}ddddd�}||zdz|j|
d�zS)	z7Build system prompt with context and task instructions.a�
You are an expert code reviewer for the Alpha/Delta Protocol,
202  a dual-chain blockchain system with privacy-preserving features.
203  
204  Your expertise includes:
205  - Rust programming and blockchain development
206  - Zero-knowledge proofs and privacy-preserving computation
207  - DeFi protocols, DEX design, and perpetual futures
208  - Security best practices and vulnerability detection
209  - Cross-chain bridge security
210  
211  a�
212  TASK: Review the provided pull request diff.
213  
214  Analyze for:
215  1. Code quality and Rust best practices
216  2. Potential bugs or logic errors
217  3. Security concerns
218  4. Alignment with project architecture
219  5. Missing tests or documentation
220  
221  Respond with JSON:
222  {
223      "recommendation": "APPROVE" | "REQUEST_CHANGES" | "COMMENT",
224      "summary": "Brief summary of review",
225      "findings": [
226          {
227              "severity": "critical" | "high" | "medium" | "low" | "info",
228              "category": "security" | "bug" | "style" | "architecture" | "docs",
229              "file": "path/to/file.rs",
230              "line": 42,
231              "title": "Finding title",
232              "description": "Detailed description",
233              "suggestion": "How to fix"
234          }
235      ]
236  }
237  a�
238  TASK: Perform a security-focused review of the provided code changes.
239  
240  Focus on:
241  1. Authentication and authorization issues
242  2. Input validation and sanitization
243  3. Cryptographic implementation correctness
244  4. Privacy leaks in zero-knowledge circuits
245  5. Cross-chain bridge vulnerabilities
246  6. Reentrancy and state manipulation
247  7. Integer overflow/underflow
248  8. Denial of service vectors
249  
250  For each finding, include CWE ID if applicable.
251  
252  Respond with JSON:
253  {
254      "recommendation": "APPROVE" | "REQUEST_CHANGES" | "COMMENT",
255      "summary": "Security assessment summary",
256      "risk_level": "critical" | "high" | "medium" | "low" | "none",
257      "findings": [
258          {
259              "severity": "critical" | "high" | "medium" | "low",
260              "cwe_id": "CWE-XXX",
261              "title": "Vulnerability title",
262              "description": "Detailed description",
263              "file": "path/to/file.rs",
264              "line": 42,
265              "remediation": "How to fix"
266          }
267      ]
268  }
269  ao
270  TASK: Validate the code changes against the Alpha/Delta Protocol specifications.
271  
272  Check for:
273  1. Compliance with Technical Specification 3.0
274  2. Correct use of protocol primitives (AX/DX tokens, validators, etc.)
275  3. Governance rule adherence
276  4. Cross-chain bridge protocol compliance
277  5. Privacy circuit specifications
278  
279  Reference specific sections of the loaded specifications in your findings.
280  
281  Respond with JSON:
282  {
283      "recommendation": "APPROVE" | "REQUEST_CHANGES" | "COMMENT",
284      "summary": "Architecture compliance summary",
285      "compliant": true | false,
286      "findings": [
287          {
288              "severity": "critical" | "high" | "medium" | "low",
289              "spec_section": "Reference to spec section",
290              "title": "Violation title",
291              "description": "How the code violates the spec",
292              "suggestion": "How to make compliant"
293          }
294      ]
295  }
296  a
297  TASK: Check if the code changes require documentation updates.
298  
299  Analyze:
300  1. New public APIs that need documentation
301  2. Changed behavior that affects existing docs
302  3. Removed features that should be removed from docs
303  4. Configuration changes
304  5. Migration requirements
305  
306  Respond with JSON:
307  {
308      "recommendation": "APPROVE" | "REQUEST_CHANGES" | "COMMENT",
309      "summary": "Documentation sync summary",
310      "updates_needed": true | false,
311      "findings": [
312          {
313              "category": "new_api" | "changed_behavior" | "removed" | "config" | "migration",
314              "title": "Update needed",
315              "description": "What documentation needs updating",
316              "suggested_doc_path": "Where to add/update docs",
317              "suggested_content": "Draft documentation text"
318          }
319      ]
320  }
321  )�	pr_review�security_review�architecture_validation�	docs_sync�
322  
323  r)r5
r�r�)rNrA
r��base_prompt�task_promptss     rG�_build_system_promptz#ClaudeCIClient._build_system_promptWs`���%�%�:�:�<��
324  ���6  �B
(�8�ss

325  ��j�W�$�v�-��0@�0@��B�0O�O�OrIr��user_promptc
326  ���|jd
k(r#|jj|
|�}d}d}d}n�|jjj||jj|
d|d�g
��}|jdj}|jj}|jj}|j|||�}	|jd�
}	|jd�
d	z}
327  |	dk\r|
328  |	kDrt!j"||	|
329  �
}nd
330  |gd�}t'|j)dd
331  �|j)d
d�|j)dg�|||||��S#t j$$r	
d
332  |gd�}Y�^wxYw
)z8Make API call to Claude using configured authentication.rKrg�user)�roler�)r*
�
333  max_tokens�system�messages�
{�
}�
r�)r&
r'
r(
r&
r'
rr(
)r&
r'
r(
r)
r*
r+
r,
r-
)rr<
r�r;
rQ
�createrrrr�r��usager+
r,
r@
�find�rfindr�r
r
r%
r�)rNr�rK
r*
r)
r+
r,
�costr��
334  json_start�json_end�parseds            rG�	_call_apizClaudeCIClient._call_api�s�
���>�>�W�$��,�,�1�1�-��M�L��L��M��D��{�{�+�+�2�2���;�;�8�8�$�#)�k�B�C�	3��H�$�+�+�A�.�3�3�L�#�>�>�6�6�L�$�N�N�8�8�M��'�'��|�]�K�D�		\
�%�*�*�3�/�J�#�)�)�#�.��2�H��Q��8�j�#8����L��H�$E�F��,5�,�\^�_���!�:�:�&6�	�B��J�J�y�"�-��Z�Z�
335  �B�/�%��%�'��	
336  �		
337  ���#�#�
	\
�(1�l�XZ�[�F�
	\
�s�
AE�E:�9
E:N�diff�pr_infoc���|j
d
�
}d}|r2|d|jdd��d�z
}|d|jdd��d	�z
}|d
338  |
�d�z
}|j|||jj�S)z�
339          Review a pull request.
340  
341          Args:
342              diff: The PR diff content
343              pr_info: Optional PR metadata (title, description, etc.)
344          rC
z+Please review the following pull request:
345  
346  z**Title:** �title�N/Ar�z**Description:** r�rG
z**Diff:**
347  ```diff
348  �
349  ```)rJ
r�r]
rrr)rNr^
r_
r�rK
s     rG�review_pull_requestz"ClaudeCIClient.review_pull_request
350  s����1�1�+�>�
�E����[����W�e�)D�(E�R�H�H�K��.�w�{�{�6�5�/I�.J�$�O�O�K��-�d�V�5�9�9���~�~�m�[�$�+�+�:U�:U�V�VrIc�~�|j
d
�
}d|
�d�}|j|||jj�S)z Perform security-focused review.rD
zDPlease perform a security review of the following changes:
351  
352  ```diff
353  rc
)rJ
r]
rrr�rNr^
r�rK
s    rGrD
zClaudeCIClient.security_reviewsA���1�1�2C�D�
�_�`d�_e�ej�k���~�~�m�[�$�+�+�:T�:T�U�UrI�commit_messagec��|j
d
�
}d}|r	|d|�d�z
}|d|
�d�z
}|j|||jj�S)z5Validate changes against architecture specifications.rE
zLPlease validate the following changes against the protocol specifications:
354  
355  z**Commit Message:** rG
z**Changes:**
356  ```diff
357  rc
)rJ
r]
rrr)rNr^
rg
r�rK
s     rG�validate_architecturez$ClaudeCIClient.validate_architecture#sa���1�1�2K�L�
�f����1�.�1A��F�F�K��0���e�<�<���~�~�m�[�$�+�+�:X�:X�Y�YrIc�~�|j
d
�
}d|
�d�}|j|||jj�S)z&Check if documentation needs updating.rF
zNPlease check if the following changes require documentation updates:
358  
359  ```diff
360  rc
)rJ
r]
rrrrf
s    rG�check_documentation_syncz'ClaudeCIClient.check_documentation_sync.s@���1�1�+�>�
�i�jn�io�ot�u���~�~�m�[�$�+�+�:U�:U�V�VrIrt)rcrdrerfr>
r
rlryrgrCrDr@
rJ
r%
r]
rrrd
rD
ri
rk
r@rIrGr/
r/
's
���/4�u�$E�,1�U�"C��G�
361  =�x�=��=�6:�S�:��:�C�:�TY�:�EP
�c�EP
�c�EP
�N*
362  �s�*
363  ��*
364  �S�*
365  �\�*
366  �X
W
��W
�h�t�n�W
�P\�W
�$V
�C�V
�L�V
�	Z
�#�	Z
�x��}�	Z
�Xd�	Z
�W
�S�W
�\�W
rIr/
rrc�"
�t
|
�
}|j�}td
�

td|d���

td|d���

td|dd���

td	|d
367  d���

td�

|dD]}td
|���

�y)z$Show context repository information.u#📋 Context Repository Informationz	   Path: ruz   Files loaded: r�z   Total characters: r��
,z   Estimated tokens: r�z
368  
369     Files:r�z   - N)rlr�r�)�argsrr�loader�inforYs     rG�cmd_context_inforq
:s���
�6�
"�F��"�"�$�D�	�
370  /�0�	�I�d�;�'�(�
371  )�*�	��d�<�0�1�
372  2�3�	�!�$�}�"5�a�!8�
373  9�:�	�!�$�'9�":�1�!=�
374  >�?�	�-��
�'�]�
�
�
��a�S�k��
rIc
375  �`�t
|
�
}t|
|�}t|
�
}|jj	d
�
\}}|j|||j�}|j|||j�}td|j�d|jdd����

|j||�}	td|	j���

td|	j���

tdt|	j�
���

td	|	jd
376  ���

|	jrMtd�

|	jD]3}
377  td|
378  jd
d��d|
379  jdd����

�5|
j rK|
j"r?t%|	�
}|j'|||j||	j�
td�

|j(rQtdt)j*|	j|	j|	j|	jd�d��z�

yy)zReview a pull request.r�u🔍 Reviewing PR #r~ra
rb
�
380  📊 Review Result: �   Summary: �
   Findings: �
381     Cost: $�.4f�
382     Findings:�   - [�severityrp
�] �No titleu 
383  ✅ Posted review comment to PRr��r&
r'
r(
rY
��
�indentN)rlr/
r�r��splitr��prr�r�r�rd
r&
r'
r�r(
r-
r!r�format_review_commentr�r��dumps)rn
rrro
r;
�forgejor�r�r_
r^
r�rY�comments            rG�
384  cmd_reviewr�
Is�
��
�6�
"�F�
�F�F�
+�F��F�#�G��)�)�/�/�#�&�K�E�4��n�n�U�D�$�'�'�2�G����u�d�D�G�G�4�D�	�����y��7�;�;�w��+F�*G�
385  H�I�
�
'�
'��g�
6�F�	�"�6�#8�#8�"9�
386  :�;�	�L����(�
387  )�*�	�M�#�f�o�o�.�/�
388  0�1�	�J�v�+�+�C�0�
389  1�2�
���
������
	V
�A��F�1�5�5��V�4�5�R�
���g�z�8R�7S�T�U�
	V
����� 4� 4�'��/���#�#�E�4����'�6�CX�CX�Y�
�1�2��y�y�
�d�T�Z�Z�$�3�3��~�~�����(�(�	!
390  �
391  ���	�rIc
392  ���t
d
tj���tj��
t
d|j
393  ��tj��
t
|
�
}t|
|�}|j
394  dk(r tjj�}�
nt|j
395  �
}t
d|��tj��
t
d|j���tj��
t
d|j���tj��
|j�sAt
d|j���tj��
tjd	�

|j�}t
d
396  t|�
�d�tj��
|j x
s
dd
d�}|j"rtjntj$}t
d|j x
s
d��|��
t
dt|�
�d�|��
|j'||�}t
d|j(��|��
t
d|j*��|��
t
dt|j,�
��|��
t
d|j.d��|��
|j,rQt
d|��
|j,D]5}	t
d|	j1dd��d|	j1dd���|��
�7|j"rNt
t#j2|j(|j*|j,|j.d�d �!��

y"y")#z Review PR using local diff file.�
Debug: cwd = r�Debug: diff arg = �
-�Debug: diff_path = �Debug: diff_path.exists() = �Debug: diff_path.absolute() = � ❌ Error: Diff file not found: rT
�Debug: diff length = � charsrb
r)ra
r�u🔍 Reviewing PR: �Unknownz   Diff size: z bytesrs
rt
ru
rv
rw
rx
ry
rz
rp
r{
ra
r|
r}
r~
r
N)r�rA�getcwdr�r�r^
rlr/
�stdin�readrr`�absolute�exitr�r�ra
r�r�rd
r&
r'
r(
r-
r�r�
)
397  rn
rrro
r;
r^
�	diff_pathr_
r4
r�rYs
398            rG�
cmd_pr_reviewr�
rs���
399  �M�"�)�)�+��
400  '�c�j�j�9�	��t�y�y�k�
401  *����<�
�6�
"�F�
�F�F�
+�F��y�y�C���y�y�~�~�������O�	�
�#�I�;�/�c�j�j�A�
�,�Y�-=�-=�-?�,@�A��
402  �
403  �S�
�.�y�/A�/A�/C�.D�E�C�J�J�W����!��4�Y�5G�5G�5I�4J�K�RU�R\�R\�]��H�H�Q�K��"�"�$��
�%�c�$�i�[��7�c�j�j�I��
404  �
405  �+�e�R�8�G� �9�9�S�Z�Z�#�*�*�F�	���
406  �
407  � 7�i�8�
408  9��G�	�N�3�t�9�+�V�
409  ,�6�:�
�
'�
'��g�
6�F�	�"�6�#8�#8�"9�
410  :��H�	�L����(�
411  )��7�	�M�#�f�o�o�.�/�
412  0�v�>�	�J�v�+�+�C�0�
413  1��?�
���
��V�,����
	c
�A��F�1�5�5��V�4�5�R�
���g�z�8R�7S�T�[a�b�
	c
��y�y�
�d�j�j�$�3�3��~�~�����(�(�	
414  �
415  ��	�rIc��t
d
tj���tj��
t
d|j
416  ��tj��
t
|
�
}t|
|�}|j
417  dk(r tjj�}�
nt|j
418  �
}t
d|��tj��
t
d|j���tj��
t
d|j���tj��
|j�sAt
d|j���tj��
tjd	�

|j�}t
d
419  t|�
�d�tj��
|j rtjntj"}t
d|��
|j%|�
}t
d
|j&��|��
t
d|j(��|��
t
dt|j*�
��|��
t
d|j,d��|��
|j*rpt
d|��
|j*D]T}|j/dd�}	|	rd|	�d�n
d}
420  t
d|j/dd��d|
421  �d|j/dd���|��
�V|j rMt
t!j0|j&|j(|j*|j,d�d� ��

|
j2ro|j*D�cgc]}|j/d�
d!k(s
�|��}}|r>t
d"t|�
�d#�tj��
tjd	�

y$y$y$c
c}w)%zPerform security review.r�
rr�
r�
r�
r�
r�
r�
rT
r�
r�
u"🔒 Performing security review...u
422  📊 Security Review Result: rt
ru
rv
rw
z
423     Security Findings:�cwe_idrz (�
)ry
rz
rp
�
]�
 ra
r|
r}
r~
r
�criticalu
424  ❌ Security gate failed: z critical finding(s)N)r�rAr�
r�r�r^
rlr/
r�
r�
rr`r�
r�
r�r�r�r�rD
r&
r'
r(
r-
r�r�
r")rn
rrro
r;
r^
r�
r4
r�rY�cwe�cwe_strr�
s            rG�cmd_security_reviewr�
�s���
425  �M�"�)�)�+��
426  '�c�j�j�9�	��t�y�y�k�
427  *����<�
�6�
"�F�
�F�F�
+�F��y�y�C���y�y�~�~�������O�	�
�#�I�;�/�c�j�j�A�
�,�Y�-=�-=�-?�,@�A��
428  �
429  �S�
�.�y�/A�/A�/C�.D�E�C�J�J�W����!��4�Y�5G�5G�5I�4J�K�RU�R\�R\�]��H�H�Q�K��"�"�$��
�%�c�$�i�[��7�c�j�j�I� �9�9�S�Z�Z�#�*�*�F�	�
430  .�V�<�
�
#�
#�D�
)�F�	�+�F�,A�,A�+B�
431  C�&�Q�	�L����(�
432  )��7�	�M�#�f�o�o�.�/�
433  0�v�>�	�J�v�+�+�C�0�
434  1��?�
���
�'�f�5����	l
�A��%�%��"�%�C�%(��3�%�q�k�b�G��F�1�5�5��V�4�5�Q�w�i�q����w�PZ�A[�@\�]�dj�k�	l
��y�y�
�d�j�j�$�3�3��~�~�����(�(�	
435  �
436  ��	��#�#�%���R�!�!�%�%�
437  �2C�z�2Q�A�R��R���0��X���?S�T�[^�[e�[e�f��H�H�Q�K��$��Rs�O�8Oc
438  ��t
|
�
}t|
|�}d
dl}|jr�|j	dd|jdg|j
439  x
s
d��j
�}|j	ddd	d
440  |jg|j
441  x
s
d��j
�j�}n3|j	gd�
|j
442  x
s
d��j
�}d}|jrtjntj}td|�
�
|j||�}td|j��|�
�
td|j��|�
�
tdt!|j"�
��|�
�
td|j$d��|�
�
|j"r�td|�
�
|j"D]f}	td|	j'dd��d|	j'dd���|�
�
|	j'd�
s
�Htd|	j'd�
��|�
�
�h|jrNttj(|j|j|j"|j$d�d���

yy)z!Validate architecture compliance.rN�git�showz	--format=�
.)
�cwd�logz-1z--format=%s)r�
r^
zHEAD~1u*📐 Validating architecture compliance...ru
443  📊 Architecture Validation: rt
ru
rv
rw
z
444     Architecture Findings:ry
rz
rp
r{
ra
r|
�spec_sectionz     Spec: r}
r~
r
)rlr/
r��commit�check_outputrur
r�r�r�r�r�r�ri
r&
r'
r�r(
r-
r�r�
)
445  rn
rrro
r;
r�r^
�
446  commit_msgr4
r�rYs
447            rG�cmd_validate_archr�
�sB��
�6�
"�F�
�F�F�
+�F���{�{��&�&�
�F�D�K�K��5����%�#�'�
448  ��&�(�	
� �,�,�
�E�4�����<����%�#�-�
449  ��&�(�5�5�7�	�
450  �&�&�%����%�#�'�
451  ��&�(�	
��
452  � �9�9�S�Z�Z�#�*�*�F�	�
453  6�V�D�
�
)�
)�$�
454  �
;�F�	�,�V�-B�-B�,C�
455  D�6�R�	�L����(�
456  )��7�	�M�#�f�o�o�.�/�
457  0�v�>�	�J�v�+�+�C�0�
458  1��?�
���
�+�&�9����	J
�A��F�1�5�5��V�4�5�R�
���g�z�8R�7S�T�[a�b��u�u�^�$���A�E�E�.�$9�#:�;�&�I�	J
��y�y�
�d�j�j�$�3�3��~�~�����(�(�	
459  �
460  ��	�rIc
461  ��t
d
tj���tj��
t
d|j
462  ��tj��
t
|
�
}t|
|�}|j
463  dk(rtjj�}n�t|j
464  �
}t
d|j���tj��
|j�sAt
d|j���tj��
tjd�

|j�}t
dt|�
�d	�tj��
|j rtjntj"}t
d
465  |��
|j%|�
}t
d|j&��|��
t
d|j(��|��
t
d
t|j*�
��|��
t
d|j,d��|��
|j*rQt
d|��
|j*D]5}t
d|j/dd��d|j/dd���|��
�7|j rNt
t!j0|j&|j(|j*|j,d�d���

yy)zCheck documentation sync.r�
rr�
r�
r�
r�
rT
r�
r�
u#📚 Checking documentation sync...u
466  📊 Documentation Sync: rt
z   Updates needed: rv
rw
z!
467     Documentation Updates Needed:ry
r��otherr{
ra
r|
r}
r~
r
N)r�rAr�
r�r�r^
rlr/
r�
r�
rr`r�
r�
r�r�r�r�rk
r&
r'
r(
r-
r�r�
)	rn
rrro
r;
r^
r�
r4
r�rYs	         rG�
cmd_docs_syncr�
s7��
468  �M�"�)�)�+��
469  '�c�j�j�9�	��t�y�y�k�
470  *����<�
�6�
"�F�
�F�F�
+�F��y�y�C���y�y�~�~�������O�	�
�,�Y�-=�-=�-?�,@�A��
471  �
472  �S����!��4�Y�5G�5G�5I�4J�K�RU�R\�R\�]��H�H�Q�K��"�"�$��
�%�c�$�i�[��7�c�j�j�I� �9�9�S�Z�Z�#�*�*�F�	�
473  /�f�=�
�
,�
,�T�
2�F�	�'��(=�(=�'>�
474  ?�f�M�	�L����(�
475  )��7�	���F�O�O� 4�5�
476  6�V�D�	�J�v�+�+�C�0�
477  1��?�
���
�2��@����
	d
�A��F�1�5�5��W�5�6�b����w�
478  �9S�8T�U�\b�c�
	d
��y�y�
�d�j�j�$�3�3��~�~�����(�(�	
479  �
480  ��	�rIc�h�ts0td
tj��
tjd�

ddg}|j
481  r�t
|j
482  �
j�r�	t|j
483  �
5}tj|�
}ddd�
jdd�}|jd	d
484  �dd}|jd|���

|j|�

|jd�

|jr�t
|j�
j�r�	t|j�
5}tj|�
}ddd�
jdd�}|jd	d
485  �dd}|jd|���

|j|�

|jd�

|jr�t
|j�
j�rk	t|j�
5}tj|�
}ddd�
jdd�}|jd|���

|jd�

|j r�t
|j �
j�rk	t|j �
5}tj|�
}ddd�
jdd�}|jd|���

|jd�

|jd�

|jd�

dj#|�
}tdt%|�
�d�tj��
t|tj��
|
j&j)d�
}	|
j*}
486  |
487  s0tdtj��
tjd�

|	�d|j,�d|j.�d�}d|
488  ��dd �}d!|i
}
td"|��tj��
t1j2|||
�#�}|j4d$vrtd%tj��
ytd&|j4��tj��
t|j6tj��
tjd�

y#1s
w
Y

��xYw
#t$r)}td
|��tj��
Yd}~���d}~w
wxYw
#1s
w
Y

���xYw
#t$r)}td|��tj��
Yd}~��md}~w
wxYw
#1s
w
Y

��xYw
#t$r)}td|��tj��
Yd}~��d}~w
wxYw
#1s
w
Y

���xYw
#t$r)}td|��tj��
Yd}~���d}~w
wxYw
)'z%Post a combined review comment to PR.u2❌ Error: requests required: pip install requestsrrT
u ## 🤖 Claude CI Review SummaryrNr&
rb
r'
z
489  No summaryr�z### PR Review: zPR review not available: z### Security Review: zSecurity review not available: z### Architecture: zArch review not available: z### Documentation: zDocs review not available: �---z'*Powered by Claude CI (CSPEC-2026-001)*r�zComment body (z chars):r�u ❌ Error: FORGEJO_TOKEN not setr�z/issues/z	/commentsr�r
)r�r
r�zPosting to: r
)����u✅ Comment posted successfullyu❌ Failed to post comment: )r�r�r�r�r�
�reviewrr`rTr��loadr�r_r�ro�arch�docsr�r�rr�rr�r�
r�r
�status_coder�)rn
rr�
comment_partsrYrZ�recr'
r��comment_bodyrrr�r��payloadr�s               rG�cmd_post_commentr�
Fs����
�B����T������7��<�M��{�{�t�D�K�K�(�/�/�1�		D
��d�k�k�"�

$�a��y�y��|��

$��(�(�+�U�3�C��h�h�y�,�7���=�G�� � �?�3�%�!8�9�� � ��)�� � ��$�
490  �}�}��d�m�m�,�3�3�5�		J
��d�m�m�$�

$�
��y�y��|��

$��(�(�+�U�3�C��h�h�y�,�7���=�G�� � �#8���!>�?�� � ��)�� � ��$�
491  �y�y�T�$�)�)�_�+�+�-�	F
��d�i�i��

$�A��y�y��|��

$��(�(�+�U�3�C�� � �#5�c�U�!;�<�� � ��$�
492  �y�y�T�$�)�)�_�+�+�-�	F
��d�i�i��

$�A��y�y��|��

$��(�(�+�U�3�C�� � �#6�s�e�!<�=�� � ��$���������B�C��9�9�]�+�L�	�N�3�|�,�-�X�
493  6�S�Z�Z�H�	�,�S�Z�Z�(��$�$�+�+�C�0�K��(�(�M��
�0�s�z�z�B������
�M���	�	�{�(�4�7�7�)�9�
494  M�C�!�-��1�*��G��|�$�G�	�L���
495  �S�Z�Z�0��}�}�S�'��@�H����z�)�
�/�s�z�z�B�
�,�X�-A�-A�,B�C�#�*�*�U�
�h�m�m�#�*�*�-������W

$�

$���
	D
��-�a�S�1��
496  �
497  �C�C��
	D
��

$�

$���
	J
��3�A�3�7�c�j�j�I�I��
	J
��

$�

$��
498  �
	F
��/�
�s�3�#�*�*�E�E��
	F
��

$�

$��
499  �
	F
��/�
�s�3�#�*�*�E�E��
	F
�s��+R9�R,�A%R9�+S;�S.�A%S;�+T=�T0�?T=�U?�U2�0?U?�,R6�1R9�9	S+�S&�&S+�.S8�3S;�;	T-�T(�(T-�0T:�5T=�=	U/�U*�*U/�2U<�7U?�?	V1�V,�,V1r�r'c

500  ���d
ddd�}
ddddd	d
501  �}g}|j
d|
j|jd��d��

|j
d
�

|j
d|j���

|j
d
�

|j
d|j���

|j
d
�

|j�
r�|j
d�

|j
d
�

|jD�
]�}|jdd�}|j|d	�}|j
d|�d|jdd����

|j
d
�

|j
d|���

|jd�
r$|j
d|jd�
�d��

|jd�
r#|j
d|jd�
���

|jd�
r#|j
d|jd�
���

|j
d
�

|j
|jdd
��

|j
d
�

|jd �
s|jd!�
s�
�x|j
d"|jd �
x
s
|jd!�
���

|j
d
�

�
��|j
d#�

|j
d$|j
502  �d%|jd&�d'��

d(j|�
S))z0Format review result as Markdown comment for PR.u✅u⚠️u💬)�APPROVE�REQUEST_CHANGESr�u🔴u🟠u🟡u🔵uℹ️)r�
�high�medium�lowrp
z## z Claude CI Reviewrz**Recommendation:** z
**Summary:** z### Findingsrz
rp
z#### r�
ra
�Findingz**Severity:** r�z**File:** `�
`r"
z
503  **Line:** r�
z	**CWE:** r��
504  suggestion�remediationz**Suggestion:** r�
u-*🤖 Automated review by Claude CI | Model: z
505   | Cost: $rw
�
*r�)r_r�r&
r'
r(
r*
r-
r�)r��	emoji_map�severity_emoji�linesrY�sev�emojis       rGr�
r�
�s����#���I�������N�
�E�	�L�L�3�y�}�}�V�%:�%:�F�C�D�DU�V�W�	�L�L���	�L�L�'��(=�(=�'>�?�@�	�L�L���	�L�L�=���� 0�1�2�	�L�L���
���
���^�$�
���R�����	!�A��%�%�
506  �F�+�C�"�&�&�s�H�5�E��L�L�5���q����w�	�)B�(C�D�E��L�L����L�L�>�#��/�0��u�u�V�}����{�1�5�5��=�/��;�<��u�u�V�}����z�!�%�%��-��9�:��u�u�X�����y����x��(9�:�;��L�L����L�L����}�b�1�2��L�L����u�u�\�"�a�e�e�M�&:����/�
���l�0C�0[�q�u�u�]�G[�/\�]�^����R� �#	!�&
507  �L�L���	�L�L�@�����
O
�!�/�/��4�A�
7�
8��9�9�U��rIc��t
jd
tj��}|jddd��
|j	dd�	�}
|
jd
508  d��}|
jdd
��}|jdddd��
|jddtdd��
|jddd��
|
jdd��}|jdddd��
|jd d!d"��
|jddd��
|
jd#d$��}|jdddd��
|jddd��
|
jd%d&��}|jd'd(��
|jd)d*��
|jddd��
|
jd+d,��}|jdddd��
|jddd��
|
jd-d.��}|jddd��
|jddd��
|jd/d0��
|jd1d2��
|jd3d4��
|jd5d6��
|j�}	|	js%|j�
tjd7�

|	jr tj|	j�
}
509  ntj�}
510  d
511  d-h}|
512  j!�}|rH|	j|v
r:|D] }
t#d8|
��tj$�9�
�"tjd7�

t&t(t*t,t.t0t2d:�}|j5|	j�
}|r	||	|
513  �
y|j�
tjd7�

y#t6$rS}t#d;|��tj$�9�
t9j:d<�
r
�tjd7�

Yd}~yd}~w
wxYw
)=Nz.Claude CI Integration for Alpha/Delta Protocol)r��formatter_classz--configz-czPath to YAML config file)
�help�command�Commands)�destr�
�context-infozShow context informationr�
zReview a pull request via APIz--repoz-rTzRepository (owner/repo))�requiredr�
z--prr�z	PR number)�typer�
r�
z--json�
514  store_truezOutput JSON)�actionr�
�	pr-reviewzReview PR using local diff filez--diffz-dz Path to diff file or - for stdinz--titlez-tzPR title for context�security-reviewzSecurity-focused review�
validate-archzValidate architecturez--commitzCommit SHA to validatez--repo-pathzPath to repository�	docs-synczCheck documentation sync�post-commentz"Post combined review comment to PRz--reviewzPath to review-result.jsonz
515  --securityzPath to security-result.jsonz--archzPath to arch-result.jsonz--docszPath to docs-result.jsonrT
u❌ Config error: r)r�
r�
r�
r�
r�
r�
r�
u❌ Error: �DEBUG)�argparse�ArgumentParser�RawDescriptionHelpFormatter�add_argument�add_subparsers�
516  add_parserrC�
517  parse_argsr�
�
518  print_helpr�r�
rrr
r]rHrbr�r�rq
r�
r�
r�
r�
r�
r�
r�r�rArB)�parser�
519  subparsers�
520  ctx_parser�
review_parser�pr_review_parser�
521  sec_parser�arch_parser�docs_parser�comment_parserrn
rr�skip_validation_commandsra�error�commands�cmd_funcr�s                 rG�mainr�
�s���
�
$�
$�D� �<�<��F�����D�
'���
522  �&�&�I�J�&�G�J��&�&�~�<V�&�W�J��)�)�(�9X�)�Y�M����x���C\��]����v�t�#��;��W����x��=��Q�"�,�,�[�?`�,�a���!�!�(�D�4�Fh�!�i��!�!�)�T�8N�!�O��!�!�(�<�m�!�T��&�&�'8�?X�&�Y�J����H�d�T�@b��c����H�\�
��N��'�'��>U�'�V�K����Z�.F��G����]�1E��F����X�l���O��'�'��:T�'�U�K����X�t�d�Ac��d����X�l���O� �*�*�>�@d�*�e�N������K��H�����4�>W��X����
523  �1M��N�����3Q��R�����/I��J�����/I��J�����D��<�<�����������{�{��#�#�D�K�K�0���"�"�$��!/��?��
�_�_�
�F�
�$�,�,�&>�>��
	A
�E��&�u�g�.�S�Z�Z�@�
	A
������)��"�.�*�"�(��H��|�|�D�L�L�)�H��	��T�6�"�	�����������	��K�
�s�#�#�*�*�5��y�y��!���H�H�Q�K�K��		�s�5	N%�%	P
�.A	O<�<P
�__main__),rfr�
r�rAr��hashlib�time�dataclassesrr�pathlibr�typingrrrr	r
524  rr9
r8
rSr�r�rUrRr
rlr�r�r�r%
r/
rq
r�
r�
r�
r�
r�
r�
rgr�
r�
rcr@rIrG�<module>r�

s�
�


�
�
��	�
525  ���(��,�,�(�
���M�
���L�
���H��c

�c

��c

�Tw


526  �w


527  �|Y


528  �Y


529  �@8
�8
�v
a

�a

�P�	
�	
��	
�L
W
�L
W
�f
�8�
�&
�X�&
�R
2
��2
�j
8
�h�8
�v
1
�H�1
�h
-
��-
�`
V

�8�V

�r1
�,�1
�3�1
�h
^

�B�z���F���u(�

��M�

���

��L�

���

��H�

�s5�C%�C2�C?�%C/�.
C/�2C<�;
C<�?D	�
D