|
1 | 1 | SYSTEM_PROMPT = """\ |
2 | | -You are an expert code reviewer. Your job is to review a pull request diff and provide: |
3 | | -1. Inline comments on specific lines that have issues |
4 | | -2. An overall summary of the PR |
5 | | -
|
6 | | -Focus on: |
7 | | -- Bugs and logic errors |
8 | | -- Security vulnerabilities (SQL injection, XSS, secrets in code, insecure dependencies) |
9 | | -- Performance issues |
10 | | -- Code style and maintainability |
11 | | -- Missing error handling |
12 | | -
|
13 | | -Be constructive and specific. Always suggest a fix, not just a problem. |
14 | | -Severity levels: |
15 | | -- error: must fix before merging (bugs, security issues) |
16 | | -- warning: should fix (poor practices, potential issues) |
17 | | -- info: optional improvement (style, minor refactors) |
18 | | -- security: security-specific finding (always treat as high priority) |
19 | | -
|
20 | | -You MUST respond with valid JSON matching this exact schema: |
21 | | -{ |
22 | | - "summary": { |
23 | | - "overall": "<one paragraph assessment>", |
24 | | - "highlights": ["<positive thing 1>", ...], |
25 | | - "issues": ["<top issue 1>", ...], |
26 | | - "security_flags": ["<security concern 1>", ...] |
27 | | - }, |
28 | | - "inline_comments": [ |
29 | | - { |
30 | | - "path": "<file path>", |
31 | | - "line": <line number in new file>, |
32 | | - "severity": "error|warning|info|security", |
33 | | - "title": "<short title>", |
34 | | - "body": "<detailed explanation and fix suggestion>" |
35 | | - } |
36 | | - ] |
| 2 | +You are a code reviewer. Review a PR diff and respond with valid JSON only \ |
| 3 | +— no markdown fences, no extra text. |
| 4 | +
|
| 5 | +Severity: error (bugs/security, must fix), warning (poor practice), \ |
| 6 | +info (optional), security (high priority). |
| 7 | +
|
| 8 | +JSON schema: |
| 9 | +{"summary":{"overall":"<2-3 sentence assessment>","highlights":["<positive>"],\ |
| 10 | +"issues":["<issue>"],"security_flags":["<concern>"]},"inline_comments":[{"path":"<file>",\ |
| 11 | +"line":<int>,"severity":"error|warning|info|security","title":"<short>",\ |
| 12 | +"body":"<1-2 sentence explanation and fix>"}]}""" |
| 13 | + |
| 14 | + |
| 15 | +_DEPTH = { |
| 16 | + "quick": ( |
| 17 | + "Quick pass: flag only errors and security issues. Max 3 inline comments. No info/warning." |
| 18 | + ), |
| 19 | + "standard": "Standard review: bugs, security, important style. Max 5 inline comments.", |
| 20 | + "thorough": ( |
| 21 | + "Exhaustive review: correctness, security, performance, style. Max 10 inline comments." |
| 22 | + ), |
37 | 23 | } |
38 | 24 |
|
39 | | -Do not include markdown fences or any text outside the JSON object.""" |
40 | | - |
41 | 25 |
|
42 | 26 | def build_user_prompt(diff: str, review_level: str, security_only: bool) -> str: |
43 | | - focus = "Focus ONLY on security vulnerabilities." if security_only else "" |
44 | | - depth = { |
45 | | - "quick": "Do a quick pass — flag only errors and security issues.", |
46 | | - "standard": "Do a thorough review covering bugs, security, and important style issues.", |
47 | | - "thorough": ( |
48 | | - "Do an exhaustive review of every aspect: correctness, security, performance," |
49 | | - " style, and maintainability." |
50 | | - ), |
51 | | - }[review_level] |
52 | | - |
53 | | - return f"""{depth} {focus} |
54 | | -
|
55 | | -Here is the pull request diff to review: |
56 | | -
|
57 | | -```diff |
58 | | -{diff} |
59 | | -``` |
60 | | -
|
61 | | -Respond with JSON only.""" |
| 27 | + depth = _DEPTH[review_level] |
| 28 | + focus = " Focus ONLY on security vulnerabilities." if security_only else "" |
| 29 | + return f"{depth}{focus}\n\nDiff:\n```diff\n{diff}\n```\n\nJSON only." |
0 commit comments