Skip to content

feat: add missing orchestration module, models, and security reviewer#1

Open
Patrik652 wants to merge 26 commits intoDraivix:mainfrom
Patrik652:fix/missing-orchestration-and-models
Open

feat: add missing orchestration module, models, and security reviewer#1
Patrik652 wants to merge 26 commits intoDraivix:mainfrom
Patrik652:fix/missing-orchestration-and-models

Conversation

@Patrik652
Copy link

@Patrik652 Patrik652 commented Mar 15, 2026

Summary

This PR fixes all broken imports that prevent aigiscode analyze and aigiscode report from running. The cli.py referenced modules and functions that were planned but never implemented.

Changes:

  • models.py — Added missing ExternalFinding, ExternalToolRun, ExternalAnalysisResult, FeedbackLoop Pydantic models + Language.RUST enum + feedback_loop and external_analysis fields on ReportData
  • ai/backends.py — Added describe_backend_order() function and primary_backend parameter to has_any_backend()
  • report/generator.py — Added allocate_archive_stem(), archive_stem support in write_reports(), agent handoff file generation, external analysis JSON serialization
  • review/ai_reviewer.py — Added primary_backend parameter to review_findings()
  • orchestration.py (new) — Created the main orchestration module with resolve_runtime_environment, run_deterministic_analysis, build_report_data, collect_external_analysis_for_report, selected_external_tools, combine_runtime_plugins
  • review/security_reviewer.py (new) — Created security finding reviewer with review_external_security_findings()
  • rules/engine.py — Added filter_external_findings() with file_glob rule matching for ExternalAnalysisResult

Test coverage:

  • 15 new/modified test files with comprehensive coverage
  • All 161 tests pass
  • End-to-end smoke test: aigiscode analyze . --skip-ai completes all phases and generates reports

Test plan

  • python -m pytest tests/ -v — all 161 tests pass
  • aigiscode --help — CLI loads without import errors
  • aigiscode --version — shows v0.1.0
  • aigiscode analyze /path/to/project --skip-ai --skip-review --skip-synthesis — completes all phases
  • Report files generated in .aigiscode/ (JSON, Markdown, handoff, archive)

🤖 Generated with Claude Code

david-strejc and others added 26 commits March 8, 2026 16:11
@david-strejc @claude
feat: scaffold website with Vite + React + Tailwind design system
a2e8733 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc @claude
docs: add SEO-optimized README with full project documentation
bc952f1 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc @claude
docs: add GitHub issue and PR templates
5cb851d 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc @claude
feat(website): add Navbar and Footer components
d8dc121 
Glass-morphism navbar with mobile menu, language switcher, theme toggle,
and gradient logo. Footer with 3-column link grid and social icons.
Layout updated to render both components with fixed navbar offset.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc @claude
feat(website): create full HomePage with hero, features, pipeline, te…
7cd2aea 
…rminal demo

Six production-quality sections: animated hero with gradient title and
copy-to-clipboard install command, supported languages bar, feature bento
grid with Phosphor icons and hover glow, pipeline stages with connectors,
animated terminal demo, and CTA with gradient glow button. All text uses
i18n t() keys, responsive across mobile/tablet/desktop, dark mode support.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc @claude
feat(website): add anime.js animations — shield SVG, particles, typew…
d95693d 
…riter, pipeline drawing

Add spectacular visual effects powered by anime.js v4:
- ShieldBackground: SVG shield that draws itself on load with gradient glow breathing
- ParticleField: Canvas-based floating constellation with connecting lines
- PipelineSVG: Animated gradient line drawing between pipeline stages
- Typewriter terminal: Character-by-character reveal with counter animations
- Feature cards: Staggered wave entrance using anime.js grid stagger
- useAnime hook: Reusable React integration (useAnimate, useCountUp, useIntersectionAnimate)

All animations respect prefers-reduced-motion and clean up properly.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc @claude
feat(website): add comprehensive SEO — Open Graph, JSON-LD, sitemap, …
b5dbd2b 
…robots.txt

Add Open Graph and Twitter Card meta tags, JSON-LD structured data for
SoftwareApplication schema, canonical URL, keyword and author meta tags.
Create robots.txt and sitemap.xml with hreflang alternates for all four
supported languages. Improve terminal demo section accessibility with
aria-label and role attributes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc @claude
feat(website): add i18n translations and open source files
9919844 
- Add 4 language translations (en, cs, fr, es)
- Add MIT LICENSE and CONTRIBUTING.md
- Add anime.js dependency
- Configure tsconfig for JSON imports

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc
chore: ignore .memories directories
585423d
@david-strejc @claude
fix: consistent GitHub URLs, add CI, remove leaked files
bcfd2b8 
- Fix all GitHub URLs to david-strejc/aigiscode
- Remove .memories/ and docs/plans/ from tracking
- Add CI workflow (Python 3.12/3.13 tests + website build)
- Fix CONTRIBUTING.md placeholder URLs

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc @claude
feat: AI-agent-first README, AGENTS.md, llms.txt — optimized for LLM …
0f63e9c 
…discoverability

Rewrite README with AI-agent-first positioning and real evaluation
results from Django, WordPress, Spina, and Newerp. Add AGENTS.md for
AI coding agent instructions, llms.txt for LLM inference-time
discovery, CLAUDE.md symlink, and SoftwareSourceCode JSON-LD schema
on the website.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc @claude
fix: rename aigiscode.dev to aigiscode.com, prioritize Codex CLI auth
a7c3eea 
Update all URL references from aigiscode.dev to aigiscode.com across
SEO metadata, sitemap, robots.txt, and llms.txt. Fix AI backend to
use Codex CLI logged-in session as primary when no OPENAI_API_KEY is set.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc
fix: align report contract and output routing
77465fe
@david-strejc @claude
Add cross-platform installer scripts (Mac/Linux/Windows)
03df79e 
One-liner installation:
  curl -fsSL https://raw.githubusercontent.com/david-strejc/aigiscode/main/install.sh | bash
  irm https://raw.githubusercontent.com/david-strejc/aigiscode/main/install.ps1 | iex

Supports uv, pipx, and venv fallback. Requires Python 3.12+.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@david-strejc
feat: add cargo-deny external analysis
21ad885
@david-strejc
feat: add first-pass rust symbol extraction
fd2f598
@david-strejc
feat: add rust dead code and hardwiring support
bd6a2fe
@claude
feat: add describe_backend_order and primary_backend param to has_any…
a19ea62 
…_backend

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
feat: add primary_backend param to review_findings
c80b8ba 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
feat: add ExternalFinding, ExternalToolRun, ExternalAnalysisResult, F…
7a67055 
…eedbackLoop models

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
feat: add allocate_archive_stem and archive_stem support to write_rep…
3139752 
…orts

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
feat: add filter_external_findings stub to rules engine
7b42c22 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
feat: create security_reviewer module for external security finding r…
c6539ce 
…eview

Add AI-powered security finding reviewer that classifies external security
findings (from tools like ruff, gitleaks) as true_positive, false_positive,
or needs_context. Follows the same pattern as the existing ai_reviewer but
specialized for the ExternalAnalysisResult/ExternalFinding models.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
feat: create orchestration module with shared analysis pipeline logic
16cf5e5 
Add aigiscode.orchestration with 6 functions (resolve_runtime_environment,
run_deterministic_analysis, selected_external_tools, combine_runtime_plugins,
collect_external_analysis_for_report, build_report_data) and 2 dataclasses
(RuntimeEnvironment, DeterministicResult) that cli.py imports to orchestrate
the analysis pipeline. Also add missing Language.RUST enum value and include
it in the default language list.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@claude
fix: resolve remaining test failures — archive format, external analy…
36d7bf3 
…sis serialization, and external finding filtering

- Add external_analysis field to ReportData model
- Pass external_analysis through build_report_data to report
- Serialize external_analysis and agent_handoff in JSON report
- Update _generate_security_summary to include external finding counts
  (external_findings, secrets, sca, license categories)
- Write flat-named archive copies alongside subdirectory archives for
  backward compatibility (reports and handoffs)
- Write external-analysis.json and handoff files to archive subdirectory
- Add "## Agent Handoff Brief" heading to handoff markdown
- Implement actual filtering in filter_external_findings for
  ExternalAnalysisResult (with file_glob rule matching and tool_run
  summary updates), while preserving backward-compat plain list API
- Ensure interpreter bin directory is on PATH in conftest for ruff
  discovery

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
fix(cli): accept primary_backend in synthesis API
039cad3
@Patrik652
Copy link
Author

Patrik652 commented Mar 15, 2026

Added follow-up fix for synthesis crash seen in downstream usage:

  • synthesize() now accepts primary_backend for CLI compatibility (cli.py already passes it).
  • Added regression test tests/test_synthesis_sig.py to lock this API contract.

This resolves: TypeError: synthesize() got an unexpected keyword argument 'primary_backend'.

@Patrik652
Copy link
Author

Patrik652 commented Mar 15, 2026

This PR is ready to merge from my side.

Latest follow-up includes:

  • fix for synthesize(... primary_backend=...) API mismatch
  • regression test: tests/test_synthesis_sig.py
  • local verification: pytest -q tests/test_synthesis_sig.py tests/test_ai_reviewer_sig.py passed

I cannot merge this PR directly due to repository permissions (MergePullRequest denied for my account), so a maintainer merge is needed.

@david-strejc
Copy link
Collaborator

david-strejc commented Mar 18, 2026

Thanks for the first PR and for pushing it through with gh.

I reviewed the diff and the useful parts are clear: the report packaging, handoff surface, feedback-loop shape, and external-analysis/reporting ideas. Those are worth keeping.

We are not merging the old Python pipeline back in, though. The project has moved to the native Rust implementation, so I’m folding the useful ideas from this PR into the new Rust artifact/report surface instead of restoring the legacy Python orchestration path.

So: thank you, and yes, the good ideas from this PR are being incorporated into the Rust version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Patrik652 @david-strejc