Skip to content

feat: add DRC recommendation contract + de-dup ledger#180

Open
labgadget015-dotcom wants to merge 2 commits into
mainfrom
feat/recommendation-contract
Open

feat: add DRC recommendation contract + de-dup ledger#180
labgadget015-dotcom wants to merge 2 commits into
mainfrom
feat/recommendation-contract

Conversation

@labgadget015-dotcom

Copy link
Copy Markdown
Owner

Problem

The DRC bot in #drc-recommendations re-raised the same work items (e.g. "Smoke Test Harness") 5+ times in a week as brand-new P0s — each without an owner or a due date. Critical items (n8n key expiry) slipped for 8 days because nothing was ever named or dated. The channel behaved like a firehose instead of a triage queue.

The contract enforced

This module adds an executive-grade message contract plus a de-dup ledger:

  • Headline = outcome, never a run_ id (run_id lives in the Ref: footer only).
  • Mandatory impact_if_ignored for P0/P1.
  • Mandatory due_date for P0/P1.
  • P0 without an owner is withheld and escalated to #morning-digest rather than posted to #drc-recommendations.
  • 120-char cap per step; steps must be one line and contain no inline run_ids.
  • Signature-based de-dup: each item gets a normalised signature action_verb|target_repo|file_or_workflow_path. Before posting, should_post() checks the append-only ledger and suppresses reposts inside a status-aware debounce window (open 72h, assigned/inflight 168h, done/dropped never).

Files added

autopilot/
├── recommendation_contract.py   # Recommendation dataclass + validate()
├── message_formatter.py         # render to the new Slack template / reject block
├── config.yaml                  # (merged) recommendation_debounce + status_tags + message_contract blocks appended
├── decisions/
│   ├── __init__.py
│   └── ledger.py                # append-only ledger: should_post(), record(), transition(), latest_match()
├── tests/
│   ├── __init__.py
│   └── test_recommendation_contract.py
└── README.md                    # problem writeup + wiring snippet + build order

Note: autopilot/config.yaml already existed — the three new blocks (recommendation_debounce:, status_tags:, message_contract:) were appended to the existing file; the prior staleness: config and repo list are untouched.

Test status

9/9 passing locally and in-repo (stdlib only, no deps, Python 3.11+):

PYTHONPATH=autopilot python3 autopilot/tests/test_recommendation_contract.py
# 9/9 passed

Covers: valid recommendation, P0-without-owner rejection, missing impact, run_id-in-headline, oversize step, ledger debounce suppression, done-status blocks repost, formatter template render, formatter reject block.

Wiring notes

Integration is not wired into the live DRC loop in this PR — see autopilot/README.md for the drop-in snippet: validate → escalate/withhold on failure → should_post() debounce → record()slack_post(format(r)), with executor agents calling transition() for lifecycle state.

🤖 Generated with Claude Code

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings July 2, 2026 05:16
@github-actions github-actions Bot added the autopilot Changes to autopilot/ label Jul 2, 2026
@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

📊 Code Complexity Analysis

Summary:

  • Total Functions Analyzed: 802
  • Average Complexity: 3.52
  • High Complexity Functions: 27
  • Low Maintainability Files: 58

⚠️ High Complexity Functions

These functions exceed the complexity threshold and should be refactored:

File Function Complexity Line
core/risk_scorer.py score_pull_request 35 141
autopilot/autopilot.py generate_summary 24 195
autopilot/staleness_engine.py process_stale_prs 16 281
autopilot/ai_optimization/performance_monitor.py get_benchmark_stats 15 184
.github/scripts/weekly_digest.py build_blocks 15 38
autopilot/recommendation_contract.py validate 14 48
.github/scripts/metrics_collector.py parse_workflow_metrics 14 148
.github/scripts/setup_branch_protection.py main 14 240
.github/scripts/self_healing_system.py analyze_failure_patterns 14 256
.github/scripts/ai_code_suggestor.py _check_import_organization 14 113

... and 17 more

Recommendations:

  • Break down large functions into smaller, focused units
  • Extract complex conditional logic into separate functions
  • Use early returns to reduce nesting

🔧 Low Maintainability Files

These files have low maintainability scores and may need refactoring:

File Score Status
.github/scripts/health_dashboard_generator.py 28.14 🔴
.github/scripts/workflow_monitor.py 33.73 🔴
.github/scripts/ai_code_suggestor.py 33.76 🔴
.github/scripts/ai_workflow_optimizer.py 35.51 🔴
.github/scripts/performance_benchmark.py 39.46 🔴
.github/scripts/self_healing_system.py 40.27 🔴
.github/scripts/threshold_monitor.py 41.13 🔴
.github/scripts/parallel_code_analyzer_optimized.py 41.16 🔴
autopilot/autopilot.py 42.45 🔴
autopilot/ai_optimization/anomaly_detector.py 42.56 🔴
agents/triage_agent.py 42.79 🔴
.github/scripts/refactoring_assistant.py 43.03 🔴
autopilot/ai_optimization/intelligent_cache.py 43.28 🔴
autopilot/ai_optimization/commit_summarizer.py 44.05 🔴
.github/scripts/async_parallel_analyzer.py 44.47 🔴
autopilot/ai_optimization/performance_monitor.py 44.69 🔴
.github/scripts/badge_generator.py 45.28 🔴
.github/scripts/copilot_integration.py 45.37 🔴
.github/scripts/distributed_monitoring.py 45.53 🔴
.github/scripts/elite_copilot.py 45.69 🔴
agents/dependency_agent.py 45.76 🔴
.github/scripts/cost_calculator.py 46.4 🔴
.github/scripts/inline_pr_commenter.py 46.63 🔴
.github/scripts/complexity_reporter.py 46.78 🔴
.github/scripts/pr_triage.py 47.13 🔴
core/risk_scorer.py 48.15 🔴
autopilot/ai_optimization/nlp_relevance_filter.py 48.43 🔴
.github/scripts/pr_inline_commenter.py 48.47 🔴
autopilot/staleness_engine.py 48.73 🔴
.github/scripts/metrics_collector.py 48.91 🔴
.github/scripts/dependency_updater.py 48.91 🔴
autopilot/ai_optimization/ml_priority_scorer.py 49.53 🔴
.github/scripts/changelog_generator.py 49.75 🔴
.github/scripts/parallel_code_analyzer.py 49.96 🔴
autopilot/ai_optimization/api_optimizer.py 50.46 🟡
.github/scripts/issue_auto_creator.py 50.89 🟡
agents/security_scan_agent.py 51.04 🟡
autopilot/tests/test_recommendation_contract.py 51.18 🟡
.github/scripts/workflow_optimizer.py 51.67 🟡
.github/scripts/cot_selector.py 51.73 🟡
.github/scripts/release_manager.py 51.92 🟡
.github/scripts/llm_router.py 52.35 🟡
.github/scripts/auto_pr.py 52.72 🟡
.github/scripts/notification_manager.py 53.58 🟡
.github/scripts/prometheus_exporter.py 54.96 🟡
.github/scripts/weekly_digest.py 55.02 🟡
core/audit_logger.py 55.6 🟡
.github/scripts/gather_context.py 56.0 🟡
core/llm_provider.py 56.32 🟡
.github/scripts/streaming_results.py 56.64 🟡
.github/scripts/setup_branch_protection.py 57.0 🟡
.github/scripts/optimized_github_client.py 58.27 🟡
agents/orchestrator_agent.py 59.02 🟡
agents/code_review_agent.py 60.45 🟡
core/github_client.py 61.96 🟡
core/message_queue.py 63.22 🟡
core/agent_config.py 63.86 🟡
core/idempotency.py 64.45 🟡

Maintainability Index Guide:

  • 🟢 85-100: Excellent maintainability
  • 🟡 65-84: Good maintainability
  • 🟠 50-64: Moderate maintainability (consider refactoring)
  • 🔴 0-49: Poor maintainability (needs refactoring)

@github-advanced-security github-advanced-security AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bandit found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

🟢 Risk Assessment: LOW (2.0/10)

Analysed 8 files, 547+ / 0− lines. Test coverage unchanged or improved.

Scoring breakdown

Factor Score
Change volume — 547 lines changed +1.5
Risky extensions — 1 config/script files +0.5

✅ Eligible for auto-merge (subject to CI passing).

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

🔍 Pre-commit Checks

🔧 Pre-commit issues were automatically fixed and committed.

Please pull the latest changes before pushing again:

git pull origin feat/recommendation-contract

Pre-commit hooks help maintain code quality and consistency.

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Code Quality Analysis ❌ FAILED

Duration: 0.02s
Total Issues: 10

Tool Results

  • pylint: ❌
  • flake8: ❌
  • bandit: ❌
  • radon_cc: ❌
  • radon_mi: ❌
View detailed results
{
  "timestamp": "2026-07-02 05:16:37",
  "elapsed_seconds": 0.02,
  "summary": {
    "total_issues": 10,
    "critical": 0,
    "high": 0,
    "medium": 0,
    "low": 0
  },
  "tools": {
    "pylint": {
      "status": "failed",
      "output": "",
      "errors": "Pylint error: [Errno 2] No such file or directory: 'pylint'"
    },
    "flake8": {
      "status": "failed",
      "output": "",
      "errors": "Flake8 error: [Errno 2] No such file or directory: 'flake8'"
    },
    "bandit": {
      "status": "failed",
      "output": "",
      "errors": "Bandit error: [Errno 2] No such file or directory: 'bandit'"
    },
    "radon_cc": {
      "status": "failed",
      "output": "",
      "errors": "Radon error: [Errno 2] No such file or directory: 'radon'"
    },
    "radon_mi": {
      "status": "failed",
      "output": "",
      "errors": "Radon MI error: [Errno 2] No such file or directory: 'radon'"
    }
  },
  "passed": false
}

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

🤖 Elite AI Copilot Analysis

Elite AI Copilot Analysis Report

Generated: 2026-07-02 05:16:39
Session ID: copilot_1782969399
Repository: .

🎯 Health Score: 100.0/100

🚀 Top Recommendations

  1. ✅ Repository is in excellent shape - continue current practices

📊 Detailed Insights

Code Quality Baseline Established

  • Category: code_quality
  • Severity: info
  • Description: Repository code quality metrics captured
  • Suggested Action: Continue monitoring for regressions
  • Confidence: 90%

Security Scan Initiated

  • Category: security
  • Severity: info
  • Description: No critical vulnerabilities detected in initial scan
  • Suggested Action: Enable continuous security monitoring
  • Confidence: 85%

Repository Structure Analyzed

  • Category: architecture
  • Severity: info
  • Description: Well-organized modular structure detected
  • Suggested Action: Maintain separation of concerns
  • Confidence: 80%

Performance Baseline Captured

  • Category: performance
  • Severity: info
  • Description: Repository performance metrics recorded
  • Suggested Action: Monitor for performance regressions
  • Confidence: 75%

Documentation Structure Good

  • Category: documentation
  • Severity: info
  • Description: Comprehensive documentation files present
  • Suggested Action: Keep documentation in sync with code changes
  • Confidence: 90%

Powered by Elite AI Copilot v1.0

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

🔒 Security Scan Results

🛡️ Bandit Security Scan

  • 🔴 HIGH: 0
  • 🟡 MEDIUM: 9
  • 🟢 LOW: 98

📦 Dependency Vulnerabilities

  • Total vulnerable dependencies: 61

Vulnerable Dependencies:

  • pygithub 2.9.1
  • aiohttp 3.14.1
  • multidict 6.7.1
  • yarl 1.24.2
  • pyyaml 6.0.3
  • ... and 56 more

Security scans run automatically on every PR. View detailed reports in the Actions tab.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a recommendation “contract” + Slack message formatter + append-only decision ledger to reduce duplicate DRC recommendations and enforce basic triage metadata (owner/due/impact), alongside config/doc/test scaffolding for future wiring into the live loop.

Changes:

  • Introduces Recommendation + validate() contract enforcement for severity-dependent required fields and step constraints.
  • Adds a JSONL-based ledger with signature-based de-dup and status transitions, plus a Slack-oriented message formatter.
  • Appends recommendation-related config blocks and adds a small test suite + README wiring notes.

Reviewed changes

Copilot reviewed 6 out of 8 changed files in this pull request and generated 7 comments.

Show a summary per file
File Description
autopilot/recommendation_contract.py Defines the recommendation dataclass and validation rules for the message contract.
autopilot/message_formatter.py Renders validated recommendations into a consistent Slack-friendly template (or a reject block).
autopilot/decisions/ledger.py Implements JSONL append-only ledger, de-dup decisioning (should_post) and lifecycle transitions.
autopilot/config.yaml Appends config blocks intended to control debounce/status tags/contract settings.
autopilot/README.md Documents the problem, contract, and intended integration sequence/snippets.
autopilot/tests/test_recommendation_contract.py Adds smoke tests covering validation, ledger debounce, and formatting behavior.
autopilot/tests/init.py Marks the new tests package.
autopilot/decisions/init.py Marks the new decisions package.

if window is None:
return False, f"existing entry is {status} — never repost"

elapsed_h = (time.time() - existing.get("first_raised_ts", 0)) / 3600.0
"due": r.due_date,
"severity": r.severity,
"headline": r.headline,
"first_raised": r.due_date,
Comment on lines +52 to +55
# Headline must not be a raw run_id
if r.headline.strip().startswith(RUN_ID_TOKEN) or len(r.headline) < 8:
errs.append("headline must be an outcome, not a run_id")

Comment on lines +15 to +16
from dataclasses import dataclass, field
from typing import Literal, Optional
}


def format(r: Recommendation) -> str:
Comment thread autopilot/config.yaml
Comment on lines +119 to +120
# Drives the recommendation de-dup + closure loop. The DRC recommender
# reads these values before deciding whether to post to Slack.
Comment on lines +1 to +4
"""Smoke tests for recommendation_contract + ledger + formatter.

Run: python -m pytest autopilot/tests/test_recommendation_contract.py -q
or: python autopilot/tests/test_recommendation_contract.py
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

autopilot Changes to autopilot/

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants