Skip to content

feat(requirements): import OpenSpec requirement evidence#342

Merged
djm81 merged 7 commits into
devfrom
feature/openspec-01-intent-trace
Jul 14, 2026
Merged

feat(requirements): import OpenSpec requirement evidence#342
djm81 merged 7 commits into
devfrom
feature/openspec-01-intent-trace

Conversation

@djm81

@djm81 djm81 commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Summary

Scope

This PR delivers the requirements-module adapter work for #168. It also includes a small companion specfact-code-review correction: the KISS parameter-count analyzer now identifies actual Typer applications before exempting their callbacks. That prevents the requirements CLI from producing a false-positive warning while retaining checks for unrelated *.command and *.callback decorators.

Bundle impact

  • nold-ai/specfact-requirements released as 0.2.3, with synchronized registry artifact and integrity metadata.
  • nold-ai/specfact-code-review released as 0.47.51, with synchronized registry artifact and integrity metadata.

Validation

  • hatch run test — 884 passed, with 2 third-party deprecation warnings.
  • hatch run smart-test — 884 passed.
  • hatch run contract-test — 28 passed.
  • openspec validate openspec-01-intent-trace --strict — passed.
  • Changed-code review — 0 findings.
  • Module signature/version-bump verification — passed.

Documentation

  • Updated the Requirements bundle overview, generated command references, and llms.txt for optional native-source paths.
  • Recorded failing-before and passing-after evidence in the active OpenSpec change.

CI and checklist

  • Formatter, lint, type, import-boundary, manifest, and signature checks pass.
  • Requirements and code-review regression coverage added.
  • Registry artifacts match the released manifest versions.
  • No CI-skip markers are used.

Closes #168

@coderabbitai

coderabbitai Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

📝 Walkthrough

Bundle and module surface

  • Adds native OpenSpec and Spec Kit imports via core evidence-adapter helpers:
    • requirements import --from-openspec [SOURCE_PATH]
    • requirements import --from-speckit [SOURCE_PATH]
  • Adds conservative auto-detection, read-only source handling, fail-closed schema errors, atomic persistence, and preserved sidecar/merge behavior.
  • Makes validation profiles optional, resolving omitted profiles through layered configuration while honoring explicit overrides.
  • Surfaces core diagnostics unchanged and reports gate-finding counts in list and coverage.
  • Corrects Typer callback exemptions in specfact-code-review Radon checks.

Manifest and integrity

  • Releases specfact-requirements 0.2.3, requiring core >=0.52.0,<1.0.0.
  • Releases specfact-code-review 0.47.51.
  • Regenerates package checksums, signatures, and registry metadata.

Cross-repo

  • Aligns the requirements module with shipped core native-import helpers, profile resolution, diagnostics, and gate-count APIs.
  • Updates command-overview generation to correctly inspect Click arguments and options.
  • No module-owned parsing, hashing, gate evaluation, fallback parsing, or upstream artifact writes were introduced.

Docs

  • Updates the Requirements bundle overview, CLI examples, generated llms.txt, and compatibility guidance for CLI 0.52.0+.
  • Documents native import behavior, profile precedence, diagnostics, read-only guarantees, and core delegation.
  • Updates docs/Gemfile.lock to concurrent-ruby 1.3.7.

OpenSpec change and scenario coverage

  • Completes openspec-01-intent-trace, including TDD evidence and strict validation.
  • Covers OpenSpec/Spec Kit imports, auto-detection excluding archives, read-only sources, layered profiles, gate counts, unsupported schemas, advisory pass-through, and prevention of partial persistence.
  • Validation completed with 884 passing tests, 28 contract tests, strict OpenSpec validation, passing signature/version checks, and no changed-code review findings.

Walkthrough

The requirements module adds native OpenSpec and Spec Kit imports, core-delegated validation and diagnostics, gate-finding counts, CLI documentation updates, and release metadata. The code-review module refines Typer callback analysis and updates its release artifacts.

Changes

Requirements evidence runtime

Layer / File(s) Summary
Native source import flow
packages/specfact-requirements/..., tests/integration/specfact_requirements/*, tests/unit/specfact_requirements/*
Native OpenSpec and Spec Kit sources can be selected or auto-detected, imported through core, persisted only without error diagnostics, and tested for read-only and rejection behavior.
Profile validation and gate counts
packages/specfact-requirements/..., tests/unit/specfact_requirements/*, openspec/changes/.../spec.md
Validation accepts layered or explicit profiles, and list/coverage expose counts keyed by core validation codes.
Behavior specifications and validation evidence
openspec/changes/openspec-01-intent-trace/*
Design, scenarios, tasks, validation status, and TDD evidence document core delegation, diagnostic pass-through, and persistence constraints.
Generated command overview parity
scripts/generate-command-overview.py, llms.txt, tests/unit/docs/*
Click argument detection and generated command signatures now represent optional and required positional arguments, including native requirements import options.
Requirements documentation and release metadata
docs/bundles/requirements/overview.md, packages/specfact-requirements/module-package.yaml, registry/*
Requirements documentation, compatibility bounds, versions, signatures, registry metadata, and checksums are updated for the runtime release.

Code review Radon rule update

Layer / File(s) Summary
Typer callback exemption behavior
packages/specfact-code-review/..., tests/unit/specfact_code_review/...
Radon parameter-count exemptions use statically detected Typer command ownership, with parametrized regression coverage.
Code-review module release metadata
packages/specfact-code-review/module-package.yaml, registry/index.json, registry/modules/*
The code-review module version, integrity metadata, registry entry, and checksum artifact are updated.

Estimated code review effort: 4 (Complex) | ~45 minutes

Possibly related issues

Possibly related PRs

Suggested labels: module

Suggested reviewers: cursoragent

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 18.75% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title uses a conventional feat prefix and clearly matches the native OpenSpec requirement-evidence import work.
Description check ✅ Passed The description covers summary, scope, bundle impact, validation, docs, and checklist sections, and is mostly complete.
Linked Issues check ✅ Passed The runtime, docs, tests, manifests, and validation changes match the #168 requirements for native import, auto-detection, profile resolution, and gate reporting.
Out of Scope Changes check ✅ Passed The changes stay within the stated requirements-module/runtime work, release updates, docs, and the named companion analyzer fix.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feature/openspec-01-intent-trace

Comment @coderabbitai help to get the list of available commands.

@djm81 djm81 self-assigned this Jul 14, 2026
@djm81 djm81 added enhancement New feature or request dependencies Pull requests that update a dependency file labels Jul 14, 2026
@djm81 djm81 moved this from Todo to In Progress in SpecFact CLI Jul 14, 2026
@djm81 djm81 linked an issue Jul 14, 2026 that may be closed by this pull request
@djm81
djm81 marked this pull request as ready for review July 14, 2026 18:25
@strix-security

Copy link
Copy Markdown

Strix is installed on this repository, but we couldn't run this PR security review because this workspace's trial has ended. Add a card to resume code reviews here.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: c659c6a01b

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread packages/specfact-requirements/src/specfact_requirements/requirements/runtime.py Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 7

🧹 Nitpick comments (1)
tests/integration/specfact_requirements/test_command_apps.py (1)

146-170: 🎯 Functional Correctness | 🔵 Trivial | ⚡ Quick win

Add a CLI contract test for --from-speckit.

The new integration coverage exercises explicit and auto-detected OpenSpec only; a Spec Kit case is covered only at the lower runtime layer. A regression in Typer source selection or Spec Kit auto-detection could therefore pass this suite. Add at least the explicit --from-speckit invocation.

As per path instructions, tests under tests/**/*.py must provide contract-first integration coverage and targeted coverage for adapter/bridge changes.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/integration/specfact_requirements/test_command_apps.py` around lines
146 - 170, Extend
test_requirements_import_openspec_accepts_explicit_and_auto_detected_sources or
add a nearby integration test to invoke the import CLI with an explicit
--from-speckit source and assert successful JSON output with imported equal to
1. Build the required Spec Kit fixture using the existing test helpers or an
equivalent minimal fixture, while preserving the existing OpenSpec explicit and
auto-detected coverage.

Source: Path instructions

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/bundles/requirements/overview.md`:
- Line 21: Update the CLI prerequisite in the requirements overview to state the
supported range as SpecFact CLI >=0.52.0 and <1.0.0, matching the package
metadata; do not leave the wording as “0.52.0 or later.”

In `@llms.txt`:
- Line 102: Regenerate the llms.txt command artifact for specfact requirements
import so its args column exposes the optional positional source path accepted
with --from-openspec and --from-speckit, while preserving the existing options
and command metadata.

In `@openspec/changes/openspec-01-intent-trace/proposal.md`:
- Around line 40-41: Update the proposal’s validation gate diagnostic list to
remove unsupported-source-schema, keeping it scoped to native import output.
Preserve the existing import-time behavior documented in the nearby lines and
retain the other validation diagnostics and gate semantics.

In `@openspec/changes/openspec-01-intent-trace/tasks.md`:
- Around line 26-30: Mark tasks 3.1 through 3.3c as completed in the change task
list, since the import options, runtime delegation and error messaging,
validation and count reporting, layered profile resolution, required-field
advisories, and fail-closed unsupported-schema handling are implemented.

In `@openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md`:
- Around line 12-13: Update the failing-before evidence in TDD_EVIDENCE to
reference the current test symbol import_native_requirements_to_bundle instead
of import_openspec_change_to_bundle. Regenerate the capture or revise the
recorded ImportError so it accurately reflects the reproducible
pre-implementation failure.

In `@packages/specfact-requirements/module-package.yaml`:
- Line 2: Select one intended semver release and regenerate the complete signed
artifact set consistently: update the manifest version and integrity metadata in
packages/specfact-requirements/module-package.yaml at lines 2 and 21-23, then
update registry/index.json lines 97-99 with the matching version, URL, and
checksum, and rename/recompute the checksum sidecar at
registry/modules/specfact-requirements-0.2.0.tar.gz.sha256 line 1 for that exact
package payload.

In
`@packages/specfact-requirements/src/specfact_requirements/requirements/commands.py`:
- Around line 72-77: Update _optional_source_path to validate the resolved
source path before returning it: reject a missing path or a regular file with
typer.BadParameter, while preserving the existing positional-argument and
--from-file checks. Ensure invalid native source paths fail as CLI usage errors
before import_native_requirements_to_bundle is dispatched.

---

Nitpick comments:
In `@tests/integration/specfact_requirements/test_command_apps.py`:
- Around line 146-170: Extend
test_requirements_import_openspec_accepts_explicit_and_auto_detected_sources or
add a nearby integration test to invoke the import CLI with an explicit
--from-speckit source and assert successful JSON output with imported equal to
1. Build the required Spec Kit fixture using the existing test helpers or an
equivalent minimal fixture, while preserving the existing OpenSpec explicit and
auto-detected coverage.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 39b474aa-8e97-4e24-b4ec-4148652b0f80

📥 Commits

Reviewing files that changed from the base of the PR and between f7a4d69 and c659c6a.

⛔ Files ignored due to path filters (3)
  • docs/reference/commands.generated.json is excluded by !**/*.generated.*
  • docs/reference/commands.generated.md is excluded by !**/*.generated.*
  • registry/modules/specfact-requirements-0.2.0.tar.gz is excluded by !**/*.gz
📒 Files selected for processing (16)
  • docs/bundles/requirements/overview.md
  • llms.txt
  • openspec/changes/openspec-01-intent-trace/CHANGE_VALIDATION.md
  • openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md
  • openspec/changes/openspec-01-intent-trace/design.md
  • openspec/changes/openspec-01-intent-trace/proposal.md
  • openspec/changes/openspec-01-intent-trace/specs/requirements-module/spec.md
  • openspec/changes/openspec-01-intent-trace/tasks.md
  • packages/specfact-requirements/module-package.yaml
  • packages/specfact-requirements/src/specfact_requirements/requirements/commands.py
  • packages/specfact-requirements/src/specfact_requirements/requirements/runtime.py
  • registry/index.json
  • registry/modules/specfact-requirements-0.2.0.tar.gz.sha256
  • tests/integration/specfact_requirements/test_command_apps.py
  • tests/unit/docs/test_bundle_overview_cli_examples.py
  • tests/unit/specfact_requirements/test_requirements_runtime.py
🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:

📜 Review details
⏰ Context from checks skipped due to timeout. (3)
  • GitHub Check: quality (3.13)
  • GitHub Check: quality (3.11)
  • GitHub Check: quality (3.12)
🧰 Additional context used
📓 Path-based instructions (7)
registry/**

⚙️ CodeRabbit configuration file

registry/**: Registry and index consistency: bundle listings, version pins, and compatibility with
published module artifacts.

Files:

  • registry/modules/specfact-requirements-0.2.0.tar.gz.sha256
  • registry/index.json
packages/**/module-package.yaml

⚙️ CodeRabbit configuration file

packages/**/module-package.yaml: Validate metadata: name, version, commands, dependencies, and parity with packaged src.
Call out semver and signing implications when manifests or payloads change.

Files:

  • packages/specfact-requirements/module-package.yaml
openspec/**/*.md

⚙️ CodeRabbit configuration file

openspec/**/*.md: Specification truth: proposal/tasks/spec deltas vs. bundle behavior, CHANGE_ORDER, and
drift vs. shipped modules or docs.

Files:

  • openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md
  • openspec/changes/openspec-01-intent-trace/CHANGE_VALIDATION.md
  • openspec/changes/openspec-01-intent-trace/design.md
  • openspec/changes/openspec-01-intent-trace/specs/requirements-module/spec.md
  • openspec/changes/openspec-01-intent-trace/proposal.md
  • openspec/changes/openspec-01-intent-trace/tasks.md
docs/**/*.md

⚙️ CodeRabbit configuration file

docs/**/*.md: User-facing and cross-site accuracy: Jekyll front matter, links per documentation-url-contract,
CLI examples matching bundled commands.

Files:

  • docs/bundles/requirements/overview.md
**/*.{js,ts,tsx,jsx,py,java,cs,go,rb,php,cpp,c,h}

📄 CodeRabbit inference engine (CLAUDE.md)

Preserve the clean-code compliance gate and its category references (naming, kiss, yagni, dry, and solid)

Files:

  • tests/integration/specfact_requirements/test_command_apps.py
  • tests/unit/docs/test_bundle_overview_cli_examples.py
  • tests/unit/specfact_requirements/test_requirements_runtime.py
  • packages/specfact-requirements/src/specfact_requirements/requirements/commands.py
  • packages/specfact-requirements/src/specfact_requirements/requirements/runtime.py
tests/**/*.py

⚙️ CodeRabbit configuration file

tests/**/*.py: Contract-first and integration tests: migration suites, bundle validation, and flakiness.
Ensure changes to adapters or bridges have targeted coverage.

Files:

  • tests/integration/specfact_requirements/test_command_apps.py
  • tests/unit/docs/test_bundle_overview_cli_examples.py
  • tests/unit/specfact_requirements/test_requirements_runtime.py
packages/**/src/**/*.py

⚙️ CodeRabbit configuration file

packages/**/src/**/*.py: Focus on adapter and bridge patterns: imports from specfact_cli (models, runtime, validators),
Typer/Rich command surfaces, and clear boundaries so core upgrades do not silently break bundles.
Flag breaking assumptions about registry loading, lazy imports, and environment/mode behavior.

Files:

  • packages/specfact-requirements/src/specfact_requirements/requirements/commands.py
  • packages/specfact-requirements/src/specfact_requirements/requirements/runtime.py
🪛 LanguageTool
docs/bundles/requirements/overview.md

[style] ~111-~111: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...alidation findings and coverage gaps. - It delegates parsing, hashing, compatibili...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

🔇 Additional comments (19)
docs/bundles/requirements/overview.md (1)

33-36: LGTM!

Also applies to: 72-97, 111-111

packages/specfact-requirements/module-package.yaml (1)

17-17: LGTM!

registry/index.json (1)

108-109: LGTM!

packages/specfact-requirements/src/specfact_requirements/requirements/runtime.py (4)

23-80: LGTM!


161-230: LGTM!


233-296: LGTM!


330-330: LGTM!

packages/specfact-requirements/src/specfact_requirements/requirements/commands.py (3)

15-70: LGTM!


145-161: LGTM!


202-204: LGTM!

openspec/changes/openspec-01-intent-trace/proposal.md (1)

42-51: LGTM!

Also applies to: 70-70

openspec/changes/openspec-01-intent-trace/specs/requirements-module/spec.md (1)

41-58: LGTM!

openspec/changes/openspec-01-intent-trace/tasks.md (1)

20-23: LGTM!

tests/unit/docs/test_bundle_overview_cli_examples.py (1)

63-78: LGTM!

tests/unit/specfact_requirements/test_requirements_runtime.py (1)

18-21: LGTM!

Also applies to: 51-99, 212-271

tests/integration/specfact_requirements/test_command_apps.py (1)

52-73: LGTM!

Also applies to: 173-187

openspec/changes/openspec-01-intent-trace/CHANGE_VALIDATION.md (1)

3-34: LGTM!

openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md (1)

1-11: LGTM!

Also applies to: 15-18, 20-45

openspec/changes/openspec-01-intent-trace/design.md (1)

58-76: LGTM!

Comment thread docs/bundles/requirements/overview.md Outdated
Comment thread llms.txt Outdated
Comment thread openspec/changes/openspec-01-intent-trace/proposal.md Outdated
Comment thread openspec/changes/openspec-01-intent-trace/tasks.md Outdated
Comment thread openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md Outdated
Comment thread packages/specfact-requirements/module-package.yaml Outdated
Comment thread packages/specfact-requirements/src/specfact_requirements/requirements/commands.py Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md`:
- Around line 74-75: Reconcile the test totals reported in the PR objectives,
TDD evidence, and release summary by confirming the actual results of both hatch
commands. Update all relevant specification entries consistently to the verified
count, preserving the command outcomes and warning details.

In `@packages/specfact-code-review/module-package.yaml`:
- Around line 26-27: Update the checksum field in
packages/specfact-code-review/module-package.yaml to exactly match the SHA-256
value in registry/modules/specfact-code-review-0.47.49.tar.gz.sha256 at line 1;
no direct change is needed in the registry checksum file.

In
`@packages/specfact-code-review/src/specfact_code_review/tools/radon_runner.py`:
- Line 177: Update _has_typer_command_decorator() to recognize only Typer-owned
command and callback decorators, excluding unrelated decorators such as Click or
custom implementations. Add a negative regression test proving non-Typer
decorators do not bypass the parameter-count KISS check.

In `@tests/unit/specfact_code_review/tools/test_radon_runner.py`:
- Line 20: Update the assertions for run_radon in the affected tests to
explicitly require an empty list by comparing the result to []. Preserve the
existing test scenarios while ensuring falsey values such as None do not satisfy
the assertions.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: b89004ad-83c5-485a-a056-8cc3987fbbc5

📥 Commits

Reviewing files that changed from the base of the PR and between c659c6a and 32935b0.

⛔ Files ignored due to path filters (5)
  • docs/Gemfile.lock is excluded by !**/*.lock
  • docs/reference/commands.generated.json is excluded by !**/*.generated.*
  • docs/reference/commands.generated.md is excluded by !**/*.generated.*
  • registry/modules/specfact-code-review-0.47.49.tar.gz is excluded by !**/*.gz
  • registry/modules/specfact-requirements-0.2.3.tar.gz is excluded by !**/*.gz
📒 Files selected for processing (20)
  • docs/bundles/requirements/overview.md
  • llms.txt
  • openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md
  • openspec/changes/openspec-01-intent-trace/design.md
  • openspec/changes/openspec-01-intent-trace/proposal.md
  • openspec/changes/openspec-01-intent-trace/specs/requirements-module/spec.md
  • openspec/changes/openspec-01-intent-trace/tasks.md
  • packages/specfact-code-review/module-package.yaml
  • packages/specfact-code-review/src/specfact_code_review/tools/radon_runner.py
  • packages/specfact-requirements/module-package.yaml
  • packages/specfact-requirements/src/specfact_requirements/requirements/commands.py
  • packages/specfact-requirements/src/specfact_requirements/requirements/runtime.py
  • registry/index.json
  • registry/modules/specfact-code-review-0.47.49.tar.gz.sha256
  • registry/modules/specfact-requirements-0.2.3.tar.gz.sha256
  • scripts/generate-command-overview.py
  • tests/integration/specfact_requirements/test_command_apps.py
  • tests/unit/docs/test_llms_overview_freshness.py
  • tests/unit/specfact_code_review/tools/test_radon_runner.py
  • tests/unit/specfact_requirements/test_requirements_runtime.py
🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:

🚧 Files skipped from review as they are similar to previous changes (7)
  • packages/specfact-requirements/module-package.yaml
  • openspec/changes/openspec-01-intent-trace/proposal.md
  • tests/unit/specfact_requirements/test_requirements_runtime.py
  • openspec/changes/openspec-01-intent-trace/design.md
  • packages/specfact-requirements/src/specfact_requirements/requirements/commands.py
  • packages/specfact-requirements/src/specfact_requirements/requirements/runtime.py
  • openspec/changes/openspec-01-intent-trace/tasks.md
📜 Review details
🧰 Additional context used
📓 Path-based instructions (8)
registry/**

⚙️ CodeRabbit configuration file

registry/**: Registry and index consistency: bundle listings, version pins, and compatibility with
published module artifacts.

Files:

  • registry/modules/specfact-code-review-0.47.49.tar.gz.sha256
  • registry/modules/specfact-requirements-0.2.3.tar.gz.sha256
  • registry/index.json
packages/**/module-package.yaml

⚙️ CodeRabbit configuration file

packages/**/module-package.yaml: Validate metadata: name, version, commands, dependencies, and parity with packaged src.
Call out semver and signing implications when manifests or payloads change.

Files:

  • packages/specfact-code-review/module-package.yaml
**/*.{js,ts,tsx,jsx,py,java,cs,go,rb,php,cpp,c,h}

📄 CodeRabbit inference engine (CLAUDE.md)

Preserve the clean-code compliance gate and its category references (naming, kiss, yagni, dry, and solid)

Files:

  • packages/specfact-code-review/src/specfact_code_review/tools/radon_runner.py
  • tests/unit/docs/test_llms_overview_freshness.py
  • tests/integration/specfact_requirements/test_command_apps.py
  • tests/unit/specfact_code_review/tools/test_radon_runner.py
  • scripts/generate-command-overview.py
packages/**/src/**/*.py

⚙️ CodeRabbit configuration file

packages/**/src/**/*.py: Focus on adapter and bridge patterns: imports from specfact_cli (models, runtime, validators),
Typer/Rich command surfaces, and clear boundaries so core upgrades do not silently break bundles.
Flag breaking assumptions about registry loading, lazy imports, and environment/mode behavior.

Files:

  • packages/specfact-code-review/src/specfact_code_review/tools/radon_runner.py
tests/**/*.py

⚙️ CodeRabbit configuration file

tests/**/*.py: Contract-first and integration tests: migration suites, bundle validation, and flakiness.
Ensure changes to adapters or bridges have targeted coverage.

Files:

  • tests/unit/docs/test_llms_overview_freshness.py
  • tests/integration/specfact_requirements/test_command_apps.py
  • tests/unit/specfact_code_review/tools/test_radon_runner.py
openspec/**/*.md

⚙️ CodeRabbit configuration file

openspec/**/*.md: Specification truth: proposal/tasks/spec deltas vs. bundle behavior, CHANGE_ORDER, and
drift vs. shipped modules or docs.

Files:

  • openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md
  • openspec/changes/openspec-01-intent-trace/specs/requirements-module/spec.md
docs/**/*.md

⚙️ CodeRabbit configuration file

docs/**/*.md: User-facing and cross-site accuracy: Jekyll front matter, links per documentation-url-contract,
CLI examples matching bundled commands.

Files:

  • docs/bundles/requirements/overview.md
scripts/**/*.py

⚙️ CodeRabbit configuration file

scripts/**/*.py: Deterministic tooling: signing, publishing, docs generation; subprocess and path safety.

Files:

  • scripts/generate-command-overview.py
🔇 Additional comments (13)
scripts/generate-command-overview.py (3)

163-166: LGTM!


211-214: LGTM!


157-159: 🎯 Functional Correctness

No fallback needed here _command_options() only runs on real click.Command objects from get_command(app), so the click.Option branch is sufficient. The SimpleNamespace fixture in tests/unit/test_check_prompt_commands_script.py targets scripts/check-prompt-commands.py, not this script.

			> Likely an incorrect or invalid review comment.
llms.txt (1)

28-53: LGTM!

Also applies to: 66-76, 93-93, 102-102

tests/unit/docs/test_llms_overview_freshness.py (1)

16-16: LGTM!

Also applies to: 56-64

tests/integration/specfact_requirements/test_command_apps.py (1)

74-98: LGTM!

Also applies to: 171-177, 180-205, 207-220, 222-235, 237-251

openspec/changes/openspec-01-intent-trace/specs/requirements-module/spec.md (1)

26-32: LGTM!

Also applies to: 43-52, 53-61

openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md (1)

1-19: LGTM!

Also applies to: 20-34, 35-51, 52-65, 66-73, 76-77

docs/bundles/requirements/overview.md (1)

21-21: LGTM!

Also applies to: 33-36, 72-97, 111-111

registry/index.json (2)

81-83: LGTM!


97-109: 🗄️ Data Integrity & Integration

Resolve the requirements release version across all artifacts.

The registry and checksum consistently reference 0.2.3, while the supplied PR objectives state 0.2.0. Confirm the intended release before publishing.

  • registry/index.json#L97-L109: Align the version, artifact URL, package metadata, and checksum with the confirmed release.
  • registry/modules/specfact-requirements-0.2.3.tar.gz.sha256#L1-L1: Regenerate the digest from the final tarball after the version is settled.

Source: Path instructions

tests/unit/specfact_code_review/tools/test_radon_runner.py (1)

134-139: LGTM!

packages/specfact-code-review/module-package.yaml (1)

2-2: LGTM!

Comment thread openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md Outdated
Comment thread packages/specfact-code-review/module-package.yaml Outdated
Comment thread packages/specfact-code-review/src/specfact_code_review/tools/radon_runner.py Outdated
Comment thread tests/unit/specfact_code_review/tools/test_radon_runner.py Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/specfact-code-review/module-package.yaml`:
- Around line 26-27: Update the manifest integrity block in module-package.yaml
to use the published tarball checksum matching registry/index.json and
registry/modules/specfact-code-review-0.47.51.tar.gz.sha256, then regenerate the
corresponding signature on the following line. Validate metadata and
packaged-src parity, and note any semver or signing implications caused by the
manifest or payload change.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: c9f494e6-7873-447a-87f5-6a4a8e790c1d

📥 Commits

Reviewing files that changed from the base of the PR and between 32935b0 and 6ca04ac.

⛔ Files ignored due to path filters (1)
  • registry/modules/specfact-code-review-0.47.51.tar.gz is excluded by !**/*.gz
📒 Files selected for processing (6)
  • openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md
  • packages/specfact-code-review/module-package.yaml
  • packages/specfact-code-review/src/specfact_code_review/tools/radon_runner.py
  • registry/index.json
  • registry/modules/specfact-code-review-0.47.51.tar.gz.sha256
  • tests/unit/specfact_code_review/tools/test_radon_runner.py
🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:

🚧 Files skipped from review as they are similar to previous changes (1)
  • openspec/changes/openspec-01-intent-trace/TDD_EVIDENCE.md
📜 Review details
🧰 Additional context used
📓 Path-based instructions (5)
packages/**/module-package.yaml

⚙️ CodeRabbit configuration file

packages/**/module-package.yaml: Validate metadata: name, version, commands, dependencies, and parity with packaged src.
Call out semver and signing implications when manifests or payloads change.

Files:

  • packages/specfact-code-review/module-package.yaml
registry/**

⚙️ CodeRabbit configuration file

registry/**: Registry and index consistency: bundle listings, version pins, and compatibility with
published module artifacts.

Files:

  • registry/modules/specfact-code-review-0.47.51.tar.gz.sha256
  • registry/index.json
**/*.{js,ts,tsx,jsx,py,java,cs,go,rb,php,cpp,c,h}

📄 CodeRabbit inference engine (CLAUDE.md)

Preserve the clean-code compliance gate and its category references (naming, kiss, yagni, dry, and solid)

Files:

  • packages/specfact-code-review/src/specfact_code_review/tools/radon_runner.py
  • tests/unit/specfact_code_review/tools/test_radon_runner.py
packages/**/src/**/*.py

⚙️ CodeRabbit configuration file

packages/**/src/**/*.py: Focus on adapter and bridge patterns: imports from specfact_cli (models, runtime, validators),
Typer/Rich command surfaces, and clear boundaries so core upgrades do not silently break bundles.
Flag breaking assumptions about registry loading, lazy imports, and environment/mode behavior.

Files:

  • packages/specfact-code-review/src/specfact_code_review/tools/radon_runner.py
tests/**/*.py

⚙️ CodeRabbit configuration file

tests/**/*.py: Contract-first and integration tests: migration suites, bundle validation, and flakiness.
Ensure changes to adapters or bridges have targeted coverage.

Files:

  • tests/unit/specfact_code_review/tools/test_radon_runner.py
🪛 ast-grep (0.44.1)
tests/unit/specfact_code_review/tools/test_radon_runner.py

[info] 20-20: use jsonify instead of json.dumps for JSON output
Context: json.dumps({str(file_path): []})
Note: [CWE-116] Improper Encoding or Escaping of Output.

(use-jsonify)

🔇 Additional comments (5)
packages/specfact-code-review/src/specfact_code_review/tools/radon_runner.py (1)

109-116: LGTM!

Also applies to: 169-180, 193-268

tests/unit/specfact_code_review/tools/test_radon_runner.py (1)

8-35: LGTM!

Also applies to: 78-79, 128-169

packages/specfact-code-review/module-package.yaml (1)

2-2: LGTM!

registry/index.json (1)

81-83: LGTM!

Also applies to: 97-99, 108-109

registry/modules/specfact-code-review-0.47.51.tar.gz.sha256 (1)

1-1: LGTM!

Comment thread packages/specfact-code-review/module-package.yaml
@djm81
djm81 merged commit c6b7893 into dev Jul 14, 2026
16 checks passed
@github-project-automation github-project-automation Bot moved this from In Progress to Done in SpecFact CLI Jul 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file enhancement New feature or request

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

OpenSpec and Spec Kit Import Runtime for Requirement Evidence

1 participant