[codex] Add guided simplification review enforcement

[djm81]

Summary

Adds guided simplification review enforcement for the code-review and project modules. The change teaches review reports to distinguish safe mechanical cleanup, test-dependent simplification, design-judgment cases, and preserve decisions so IDE/headless LLM agents can apply clean-code fixes without removing meaningful contracts.

What changed

• Added the OpenSpec change code-review-12-guided-simplification-enforcement and linked backlog tracking for [Change] Guided simplification enforcement for code review #286 under parent feature [Feature] Code Review Simplification Feedback Loop #275 / epic [Epic] specfact code #162.
• Extended simplify review output with guidance fields, action status, simplification summaries, shadow/enforce behavior, and fix evidence.
• Updated AI-bloat and Semgrep mapping so simplification findings carry LLM-readable guidance metadata.
• Enhanced the simplify prompt and code-review skill so users without SpecFact internals are walked through review loading, walkthrough level selection, evidence logging, and headless one-file-at-a-time flow.
• Added focused tests for review command output, findings serialization, AI-bloat/Semgrep guidance, runner summaries, and prompt/skill resources.

Validation

• hatch run format
• targeted simplify/Semgrep guidance unit tests
• hatch run pytest tests/unit/specfact_code_review/tools/test_semgrep_runner.py --cov packages/specfact-code-review/src/specfact_code_review --cov-report=term-missing --cov-fail-under=0 -q - 42 passed; semgrep_runner.py coverage 80.20%
• hatch run type-check
• hatch run lint
• hatch run sign-modules --changed-only --payload-from-filesystem --bump-version patch --base-ref origin/dev --allow-unsigned
• hatch run verify-modules-signature --payload-from-filesystem --enforce-version-bump --version-check-base origin/dev
• SPECFACT_ALLOW_UNSIGNED=1 SPECFACT_CODE_REVIEW_TARGETED_TEST_TIMEOUT=300 hatch run specfact code review run --bug-hunt --json --out .specfact/tmp-local-dev-link-review/changed-bughunt-clean-final.json --scope changed
• openspec validate code-review-12-guided-simplification-enforcement --strict
• pre-commit Block 1 quality gates passed
• pre-commit Block 2 review + contract tests passed: 753 passed, 2 warnings

Closes #286.

[strix-security]

Strix is installed on this repository, but we could not run this PR security review because this workspace does not have an active plan. If you'd like to continue receiving code reviews, you can add a payment method or manage billing here.

[coderabbitai]

📝 Walkthrough

OpenSpec Change & Governance

Change ID: code-review-12-guided-simplification-enforcement (feature/code-review-12-guided-simplification-enforcement)

• Adds new runtime change under "Code review and sidecar validation improvements" (order 05)
• Linked backlog: parent feature #275, epic #162; closes issue #286
• Specifications added for guided-simplification-review, review-finding-model, and review-run-command
• Design doc confirms JSON schema backward-compatibility via optional fields; schema version auto-advances to "1.2" when guided metadata present

Module Package & Integrity

specfact-code-review: 0.47.20 → 0.47.21

• Checksum and signature values updated; module-package.yaml integrity section replaced

specfact-project: 0.41.12 → 0.41.13

• Checksum and signature values updated; module-package.yaml integrity section replaced

PublicAPI Surface Changes

New Types & Constants

• New ReviewFocus type: Literal["simplify"] (focus argument constraint)
• New constants exported from findings.py:
  • GUIDANCE_KINDS = ("safe_mechanical", "needs_tests", "design_judgment", "preserve")
  • ACTION_STATUSES = ("recommended", "applied", "kept", "skipped", "failed")
• New model: SimplificationSummary with per_kind_counts, per_action_status_counts, blocking_simplification_count

ReviewFinding Extensions

Extended with 10 new optional fields (all nullable when guidance_kind is absent):

• guidance_kind, recommended_action, clean_code_principle, rationale, safety_checks, preserve_reason
• action_status, before_ref, after_ref, improvement

Validation Rules (Pydantic model validators):

• When guidance_kind is present, recommended_action, clean_code_principle, rationale, safety_checks, and action_status are required
• preserve_reason is required when guidance_kind == "preserve"
• New instance methods added:
  • is_safe_mechanical_simplification() → bool (true when guidance_kind=="safe_mechanical" and action_status in {None, "recommended", "failed"})
  • has_guided_simplification_metadata() → bool
  • Existing is_blocking() method now accounts for blocking simplifications

ReviewReport Extensions

• New optional field: simplification_summary: SimplificationSummary | None
• Schema version logic updated: auto-sets to "1.2" when guided simplification metadata present; "1.1" for simplification-only; "1.0" baseline
• Report verdict enforcement: --focus simplify with --mode enforce forces verdict to FAIL (ci_exit_code=1) if simplification_summary.blocking_simplification_count > 0

Command-Level Behavior

Simplified Review Focus

• run_review() now accepts constrained focus parameter: must be "simplify" or None (raises TypeError otherwise)
• When focus=="simplify", scoring is biased neutral (simplification_score_neutral=True)
• Enforcement is deterministic: only unresolved safe_mechanical findings trigger failure

Simplification Fix Pipeline (New)

• New internal function: _apply_simplification_fixes(report, files) in commands.py (+145 lines)
  • Parses affected files with Python AST
  • Applies deterministic rewrites for safe_mechanical findings marked fixable=True
  • Records changes and reruns review (existing Ruff autofix step follows)
  • Triggered when flags.review_focus == "simplify" and autofix enabled

Runner Changes

• run_review() simplified test-path derivation; returns None if source-relative path unavailable
• Final report verdict override logic: if simplify focus and blocking simplifications exist, forces FAIL verdict

Scanner Integration

AI-Bloat Runner

• Extended to emit guided simplification metadata for all ai-bloat findings (+157 lines)
• Decorator-aware logic: preserves abstractmethod signatures (marks as "preserve", not removable)
• Findings now include guidance_kind, recommended_action, clean_code_principle, rationale, safety_checks, preserve_reason, action_status
• Heuristics updated: empty-collection, constant-equality, dead-branch patterns refined

Semgrep Runner

• New _AiBloatGuidance model and AI_BLOAT_GUIDANCE mapping (module-level constant) for ai-bloat rule specifics
• _ai_bloat_finding_from_result() helper constructs rich findings with confidence, canonical pattern, rewrite hint, estimated deletion, and guidance metadata
• Semgrep command execution: bundle_root parameter explicitly deleted/ignored (function signature unchanged)

Documentation & Prompts

Prompt & Skill Updates

• specfact.08-simplify: Added walkthrough-level concept (vibe-coder, junior, senior/pro, headless-agent); headless mode enforces no-interactive, safest-flow, applies only locally-provable safe_mechanical items
• specfact-code-review skill (repo-local & packaged): Updated with guidance on walkthrough levels, guidance_kind interpretation, logging/evidence requirements, required headless-mode action table format (file/line/rule/guidance_kind/action_status/evidence)

Schema & Contract

• All new fields are optional (preserves backward compatibility); legacy payloads without guided metadata remain valid
• When any guided field is emitted, report schema version auto-advances to "1.2"

Testing Coverage

• Unit tests for _apply_simplification_fixes() covering inlining, verbose-bool collapse, pattern mismatch skip scenarios
• Extended ReviewFinding tests: validates required guidance metadata, preserve_reason enforcement
• New ReviewReport tests: schema version 1.2 selection, simplification_summary population
• Enforcement tests: only safe_mechanical findings block in enforce mode; design_judgment and preserve pass
• AI-bloat runner tests: assert new guidance fields, abstract method preservation
• Semgrep runner tests: AI_BLOAT_GUIDANCE mapping, empty-file handling, tool-error scenarios
• Guided simplify resource tests: verify prompt walkthrough levels, skill guidance table structure

Cross-Module Impact

No specfact-cli Changes Required

• All new types and logic contained within specfact-code-review and specfact-project modules
• No new imports or contracts from specfact-cli-core

Registry & Packaging

• Both module packages bumped; signatures revalidated
• Pre-commit quality gates: 753 contract tests passed, 2 warnings; targeted tests (42) passed; semgrep_runner.py coverage 80.20%

Walkthrough

This PR implements guided simplification enforcement for code review, enriching simplification findings with safety classifications (safe_mechanical, preserve, needs_tests, design_judgment), constraining enforcement and auto-fixes to deterministic safe mechanical changes, and adapting prompt/skill guidance by walkthrough level (IDE vs. headless agent).

Changes

Guided Simplification Enforcement for Code Review

Layer / File(s)	Summary
Review Finding Model with Guidance Metadata packages/specfact-code-review/src/specfact_code_review/run/findings.py, tests/unit/specfact_code_review/run/test_findings.py	GUIDANCE_KINDS and ACTION_STATUSES constants added; ReviewFinding extended with guidance_kind, recommended_action, clean_code_principle, rationale, safety_checks, preserve_reason, action_status, before_ref, after_ref, improvement. SimplificationSummary model and optional simplification_summary field added to ReviewReport; schema version set to 1.2 when guided metadata present.
AI Bloat Findings Enriched with Guidance packages/specfact-code-review/src/specfact_code_review/tools/ai_bloat_runner.py, tests/unit/specfact_code_review/tools/test_ai_bloat_runner.py	ai_bloat_runner enriches all simplification heuristics with guidance metadata (guidance_kind, recommended_action, rationale, safety_checks). Adds decorator-aware logic to preserve abstractmethod signatures; updates unused-optional-param, dead-branch, loc-vs-complexity, redundant-intermediate, verbose-bool-return, and other patterns with guidance kind taxonomy and safety rationale.
Semgrep AI-Bloat Guidance Mapping packages/specfact-code-review/src/specfact_code_review/tools/semgrep_runner.py, tests/unit/specfact_code_review/tools/test_semgrep_runner.py	Introduces _AiBloatGuidance dataclass and AI_BLOAT_GUIDANCE lookup table mapping ai-bloat.* rules to guidance metadata; _ai_bloat_finding_from_result routes ai_bloat findings through new guidance enrichment path.
Enforcement & Simplification Verdict packages/specfact-code-review/src/specfact_code_review/run/runner.py, tests/unit/specfact_code_review/run/test_runner.py	run_review now fails CI only when simplify focus and blocking_simplification_count > 0 (i.e., unresolved safe_mechanical findings); preserve, needs_tests, and design_judgment findings do not block.
AST-Based Safe Mechanical Fix Pipeline packages/specfact-code-review/src/specfact_code_review/run/commands.py, tests/unit/specfact_code_review/run/test_commands.py	_apply_simplification_fixes parses source with ast, matches safe-mechanical patterns (redundant-intermediate inlining, verbose-bool-return collapse), and deterministically rewrites matching line ranges; applied before Ruff autofix and report re-run when --fix enabled in simplify focus.
Simplification Prompt Walkthrough Guidance packages/specfact-project/resources/prompts/specfact.08-simplify.md	Expanded with walkthrough-level selection (vibe_coder, junior_developer, senior_pro, headless_agent), evidence grounding on .specfact/code-review-simplify.json, intent_key-based grouping, detailed per-rewrite confirmation with guidance_kind, recommended_action, safety_checks, and action-status recording.
House Rules & Skill Documentation .vibe/skills/specfact-code-review/SKILL.md, packages/specfact-code-review/src/specfact_code_review/resources/skills/specfact-code-review/SKILL.md, packages/specfact-code-review/src/specfact_code_review/rules/updater.py, skills/specfact-code-review/SKILL.md, tests/unit/test_guided_simplify_resources.py	Skill documentation carries consistent guided simplification decision policy: interpret guidance_kind with preserve_reason, log simplification actions with evidence, emit per-file action tables in headless mode with rule/line/guidance/action_status fields; synced across .vibe/, packages/, and skills/ locations.
OpenSpec Change Documentation openspec/CHANGE_ORDER.md, openspec/changes/code-review-12-guided-simplification-enforcement/*.md, openspec/changes/code-review-12-guided-simplification-enforcement/specs/*.md	Formal specification defining code-review-12-guided-simplification-enforcement via proposal, design, TDD evidence, and three spec files covering guidance-kind taxonomy, schema advancement, report summary structure, enforce/fix mode constraints, and interactive prompt behavior.
Module Versioning & Integrity packages/specfact-code-review/module-package.yaml, packages/specfact-project/module-package.yaml	specfact-code-review version bumped to 0.47.21; specfact-project to 0.41.13; both integrity checksums and signatures refreshed.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

The PR introduces a multi-layer feature spanning guided finding metadata, safety classification, enforcement rules, AST-based rewrites, and adaptive UI/prompt guidance. While each component follows established patterns, the interactions across the review model, multiple tool runners, enforcement logic, and prompt workflows require careful verification of the guidance kind semantics, safety constraints (especially the preserve classification for meaningful contracts), deterministic rewrite correctness, and backward compatibility of the JSON schema. The extensive test coverage and OpenSpec documentation mitigate review complexity but do not eliminate the need to reason through edge cases (decorator detection, pattern matching, headless mode behavior, and the interaction between enforce and fix modes).

Possibly Related PRs

• nold-ai/specfact-cli-modules#280: Introduces simplification feedback loop and intent/rewrite_hint metadata that form the precursor to this PR's guided enforcement and action-status tracking.
• nold-ai/specfact-cli-modules#278: Adds simplification focusing and review filtering that this PR builds on for --focus simplify mode enforcement and fix behavior.
• nold-ai/specfact-cli-modules#271: Enriches ai_bloat detection that this PR extends with guidance metadata and classification-driven safety enforcement.

Suggested labels

openspec, module

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title does not follow the Conventional Commits style prefix requirement (feat:, fix:, docs:, test:, refactor:, chore:).	Update the title to use a Conventional Commits prefix, e.g., 'feat: Add guided simplification review enforcement' or similar.
Docstring Coverage	⚠️ Warning	Docstring coverage is 10.23% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description check	✅ Passed	The PR description comprehensively covers summary, scope, validation evidence, module signing/versioning, and linked issue closure with detailed validation results.
Linked Issues check	✅ Passed	All acceptance criteria from issue #286 are met: backward-compatible JSON, enforce/fix behavior for safe-mechanical findings, preserve/design-judgment protection, adaptive walkthrough prompts/skills, and validation gates passed.
Out of Scope Changes check	✅ Passed	All changes are scoped to OpenSpec design, review findings enrichment, AI-bloat/Semgrep guidance mappings, prompt/skill enhancements, package versioning, and targeted testing—all directly addressing issue #286 objectives.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/code-review-12-guided-simplification-enforcement

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 849d97503b

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Apply safe-mechanical rewrites in stable line order

The --fix simplification pass uses each finding’s original line value while mutating files in-place, but this loop processes findings in report order. If an earlier rewrite deletes lines, later findings in the same file shift and no longer match (stmt.lineno != finding.line), so only some deterministic fixes are applied and unresolved safe-mechanical findings can still fail simplify enforce runs after --fix.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Auto-fix every rule marked fixable safe-mechanical

This switch only applies rewrites for two rule IDs, but the analyzer now emits other guidance_kind="safe_mechanical" findings with fixable=True (for example ai-bloat.dead-branch and ai-bloat.pass-through-try-except in ai_bloat_runner.py). Those findings are advertised as auto-fixable yet are silently skipped here, so specfact code review run --focus simplify --fix leaves claimed-fixable debt unresolved.

Useful? React with 👍 / 👎.

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/specfact-code-review/src/specfact_code_review/rules/updater.py (1)

31-57: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Add the missing headless action-table rule to the generated template.

Line 31–57 define canonical DO rules, but the required headless behavior (“one file at a time” + emitted action table fields) is missing here while present in SKILL docs. If updater regenerates files, this drops policy-critical guidance and creates drift.

Suggested patch

 DEFAULT_DO_RULES = (
@@
     "- Log each simplification action as recommended, applied, kept, skipped, failed, with evidence of improvement "
     "or preserved contract",
+    "- In headless mode, process one file at a time and emit an action table: file, line, rule, guidance_kind, "
+    "recommended_action, action_status, evidence",
     "- For merge-quality review, run `specfact code review run --scope changed --bug-hunt --json "
     "--out .specfact/code-review.json`",

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/specfact-code-review/src/specfact_code_review/rules/updater.py`
around lines 31 - 57, DEFAULT_DO_RULES is missing the headless action-table
rule; update the DEFAULT_DO_RULES tuple in updater.py to include a rule that
mandates headless runs process one file at a time and emit the action table
fields (e.g., action, target_path, start_line, end_line, edit_text, confidence,
preserve_reason) so regenerated templates keep policy-critical guidance; modify
the string list in DEFAULT_DO_RULES (the constant named DEFAULT_DO_RULES) to add
a concise rule sentence covering "headless: one file at a time" and the required
emitted action-table fields.

🧹 Nitpick comments (1)

tests/unit/test_guided_simplify_resources.py (1)

29-40: ⚡ Quick win

Extend coverage to enforce skill-copy parity across all shipped locations.

This test validates only the bundled skill path. Drift in .vibe/skills/specfact-code-review/SKILL.md or skills/specfact-code-review/SKILL.md would currently pass, which weakens release integrity for synchronized guidance surfaces.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/unit/test_guided_simplify_resources.py` around lines 29 - 40, The test
test_code_review_skill_teaches_llms_how_to_apply_simplification_guidance only
checks the bundled SKILL via SKILL.read_text; extend it to also load and assert
parity for the other shipped SKILL copies by reading the other SKILL.md
locations (e.g., the workspace copy and the .vibe copy) and asserting they
contain the same required strings and/or that their contents are identical to
SKILL.read_text(); update the test to iterate candidate paths, read_text or open
each file, and run the same assertions (or an equality assertion against
SKILL.read_text()) so drift across all shipped locations is caught.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@openspec/changes/code-review-12-guided-simplification-enforcement/specs/review-run-command/spec.md`:
- Around line 9-13: The clause requiring guidance metadata for simplify-focused
findings is currently marked as "SHOULD" but must be normative; change the term
"SHOULD" to "SHALL" in the sentence that reads "retained findings SHOULD include
guidance metadata for actionability, preservation, or design judgment" so the
spec mandates guidance metadata for simplify-focused findings; ensure the
surrounding lines mentioning "simplification-focused findings", the `specfact
code review run --focus simplify --json --out .specfact/code-review.json`
WHEN/THEN/AND block, and the requirement for a "simplification summary" remain
semantically consistent after this change.

In `@packages/specfact-code-review/src/specfact_code_review/run/findings.py`:
- Around line 359-361: The current computation of blocking_simplification_count
only counts safe-mechanical findings where finding.action_status ==
"recommended", which skips unresolved "failed" items; update the generator over
guided (the expression that uses finding.is_safe_mechanical_simplification() and
finding.action_status) so it treats both "recommended" and "failed" as blocking
(for example, check finding.action_status in ("recommended", "failed") or
equivalently that action_status != "resolved") to ensure failed safe-mechanical
items are counted as blocking unresolved findings.
- Around line 189-205: The validator _validate_guided_metadata currently returns
early when guidance_kind is None, allowing guided fields to be set without a
guidance_kind; change it to first check whether any guided-related fields
(recommended_action, clean_code_principle, rationale, safety_checks,
action_status, preserve_reason) are non-null and if so raise ValueError
requiring guidance_kind, then proceed with the existing validation (ensure
recommended_action, clean_code_principle, rationale, safety_checks,
action_status are present when guidance_kind is set and require preserve_reason
when guidance_kind == "preserve"); update _validate_guided_metadata to enforce
presence of guidance_kind whenever any of those guided fields are provided.

---

Outside diff comments:
In `@packages/specfact-code-review/src/specfact_code_review/rules/updater.py`:
- Around line 31-57: DEFAULT_DO_RULES is missing the headless action-table rule;
update the DEFAULT_DO_RULES tuple in updater.py to include a rule that mandates
headless runs process one file at a time and emit the action table fields (e.g.,
action, target_path, start_line, end_line, edit_text, confidence,
preserve_reason) so regenerated templates keep policy-critical guidance; modify
the string list in DEFAULT_DO_RULES (the constant named DEFAULT_DO_RULES) to add
a concise rule sentence covering "headless: one file at a time" and the required
emitted action-table fields.

---

Nitpick comments:
In `@tests/unit/test_guided_simplify_resources.py`:
- Around line 29-40: The test
test_code_review_skill_teaches_llms_how_to_apply_simplification_guidance only
checks the bundled SKILL via SKILL.read_text; extend it to also load and assert
parity for the other shipped SKILL copies by reading the other SKILL.md
locations (e.g., the workspace copy and the .vibe copy) and asserting they
contain the same required strings and/or that their contents are identical to
SKILL.read_text(); update the test to iterate candidate paths, read_text or open
each file, and run the same assertions (or an equality assertion against
SKILL.read_text()) so drift across all shipped locations is caught.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 55881d54-953f-47e4-afcb-94eaa3d9827c

📥 Commits

Reviewing files that changed from the base of the PR and between 47c3a84 and 849d975.

📒 Files selected for processing (27)

• .vibe/skills/specfact-code-review/SKILL.md
• openspec/CHANGE_ORDER.md
• openspec/changes/code-review-12-guided-simplification-enforcement/.openspec.yaml
• openspec/changes/code-review-12-guided-simplification-enforcement/TDD_EVIDENCE.md
• openspec/changes/code-review-12-guided-simplification-enforcement/design.md
• openspec/changes/code-review-12-guided-simplification-enforcement/proposal.md
• openspec/changes/code-review-12-guided-simplification-enforcement/specs/guided-simplification-review/spec.md
• openspec/changes/code-review-12-guided-simplification-enforcement/specs/review-finding-model/spec.md
• openspec/changes/code-review-12-guided-simplification-enforcement/specs/review-run-command/spec.md
• openspec/changes/code-review-12-guided-simplification-enforcement/tasks.md
• packages/specfact-code-review/module-package.yaml
• packages/specfact-code-review/src/specfact_code_review/resources/skills/specfact-code-review/SKILL.md
• packages/specfact-code-review/src/specfact_code_review/rules/updater.py
• packages/specfact-code-review/src/specfact_code_review/run/commands.py
• packages/specfact-code-review/src/specfact_code_review/run/findings.py
• packages/specfact-code-review/src/specfact_code_review/run/runner.py
• packages/specfact-code-review/src/specfact_code_review/tools/ai_bloat_runner.py
• packages/specfact-code-review/src/specfact_code_review/tools/semgrep_runner.py
• packages/specfact-project/module-package.yaml
• packages/specfact-project/resources/prompts/specfact.08-simplify.md
• skills/specfact-code-review/SKILL.md
• tests/unit/specfact_code_review/run/test_commands.py
• tests/unit/specfact_code_review/run/test_findings.py
• tests/unit/specfact_code_review/run/test_runner.py
• tests/unit/specfact_code_review/tools/test_ai_bloat_runner.py
• tests/unit/specfact_code_review/tools/test_semgrep_runner.py
• tests/unit/test_guided_simplify_resources.py

📜 Review details

🧰 Additional context used

📓 Path-based instructions (5)

packages/**/module-package.yaml

⚙️ CodeRabbit configuration file

packages/**/module-package.yaml: Validate metadata: name, version, commands, dependencies, and parity with packaged src.
Call out semver and signing implications when manifests or payloads change.

Files:

• packages/specfact-project/module-package.yaml
• packages/specfact-code-review/module-package.yaml

openspec/**/*.md

⚙️ CodeRabbit configuration file

openspec/**/*.md: Specification truth: proposal/tasks/spec deltas vs. bundle behavior, CHANGE_ORDER, and
drift vs. shipped modules or docs.

Files:

• openspec/changes/code-review-12-guided-simplification-enforcement/specs/review-run-command/spec.md
• openspec/changes/code-review-12-guided-simplification-enforcement/specs/review-finding-model/spec.md
• openspec/CHANGE_ORDER.md
• openspec/changes/code-review-12-guided-simplification-enforcement/specs/guided-simplification-review/spec.md
• openspec/changes/code-review-12-guided-simplification-enforcement/tasks.md
• openspec/changes/code-review-12-guided-simplification-enforcement/proposal.md
• openspec/changes/code-review-12-guided-simplification-enforcement/TDD_EVIDENCE.md
• openspec/changes/code-review-12-guided-simplification-enforcement/design.md

**/*.{js,ts,tsx,jsx,py,java,cs,go,rb,php,cpp,c,h}

📄 CodeRabbit inference engine (CLAUDE.md)

Preserve the clean-code compliance gate and its category references (naming, kiss, yagni, dry, and solid)

Files:

• tests/unit/test_guided_simplify_resources.py
• packages/specfact-code-review/src/specfact_code_review/rules/updater.py
• packages/specfact-code-review/src/specfact_code_review/run/runner.py
• tests/unit/specfact_code_review/run/test_findings.py
• packages/specfact-code-review/src/specfact_code_review/run/commands.py
• tests/unit/specfact_code_review/tools/test_ai_bloat_runner.py
• tests/unit/specfact_code_review/run/test_commands.py
• packages/specfact-code-review/src/specfact_code_review/run/findings.py
• tests/unit/specfact_code_review/tools/test_semgrep_runner.py
• packages/specfact-code-review/src/specfact_code_review/tools/semgrep_runner.py
• tests/unit/specfact_code_review/run/test_runner.py
• packages/specfact-code-review/src/specfact_code_review/tools/ai_bloat_runner.py

tests/**/*.py

⚙️ CodeRabbit configuration file

tests/**/*.py: Contract-first and integration tests: migration suites, bundle validation, and flakiness.
Ensure changes to adapters or bridges have targeted coverage.

Files:

• tests/unit/test_guided_simplify_resources.py
• tests/unit/specfact_code_review/run/test_findings.py
• tests/unit/specfact_code_review/tools/test_ai_bloat_runner.py
• tests/unit/specfact_code_review/run/test_commands.py
• tests/unit/specfact_code_review/tools/test_semgrep_runner.py
• tests/unit/specfact_code_review/run/test_runner.py

packages/**/src/**/*.py

⚙️ CodeRabbit configuration file

packages/**/src/**/*.py: Focus on adapter and bridge patterns: imports from specfact_cli (models, runtime, validators),
Typer/Rich command surfaces, and clear boundaries so core upgrades do not silently break bundles.
Flag breaking assumptions about registry loading, lazy imports, and environment/mode behavior.

Files:

• packages/specfact-code-review/src/specfact_code_review/rules/updater.py
• packages/specfact-code-review/src/specfact_code_review/run/runner.py
• packages/specfact-code-review/src/specfact_code_review/run/commands.py
• packages/specfact-code-review/src/specfact_code_review/run/findings.py
• packages/specfact-code-review/src/specfact_code_review/tools/semgrep_runner.py
• packages/specfact-code-review/src/specfact_code_review/tools/ai_bloat_runner.py

🪛 LanguageTool

openspec/changes/code-review-12-guided-simplification-enforcement/proposal.md

[style] ~33-~33: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ... required fields remain compatible. - Affected prompt resources: `packages/specfact-...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

---

[style] ~34-~34: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...s/prompts/specfact.08-simplify.md. - **Affected skill resources:** packages/specfact-c...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

openspec/changes/code-review-12-guided-simplification-enforcement/design.md

[style] ~26-~26: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...efactor for design-judgment findings. - No breaking removal of existing simplifica...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

---

[style] ~27-~27: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...sting simplification metadata fields. - No claim that findings prove AI authorship...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

🔇 Additional comments (24)

packages/specfact-code-review/src/specfact_code_review/run/runner.py (2)

103-105: LGTM!

---

654-659: LGTM!

tests/unit/specfact_code_review/run/test_runner.py (2)

57-84: LGTM!

---

226-287: LGTM!

packages/specfact-code-review/src/specfact_code_review/run/commands.py (2)

5-5: LGTM!

Also applies to: 283-416

---

515-517: LGTM!

Also applies to: 537-542

tests/unit/specfact_code_review/run/test_commands.py (2)

31-60: LGTM!

---

306-390: LGTM!

openspec/CHANGE_ORDER.md (1)

105-105: LGTM!

openspec/changes/code-review-12-guided-simplification-enforcement/.openspec.yaml (1)

1-2: LGTM!

openspec/changes/code-review-12-guided-simplification-enforcement/TDD_EVIDENCE.md (1)

1-61: LGTM!

openspec/changes/code-review-12-guided-simplification-enforcement/design.md (1)

1-70: LGTM!

openspec/changes/code-review-12-guided-simplification-enforcement/proposal.md (1)

1-46: LGTM!

openspec/changes/code-review-12-guided-simplification-enforcement/specs/guided-simplification-review/spec.md (1)

1-64: LGTM!

openspec/changes/code-review-12-guided-simplification-enforcement/specs/review-finding-model/spec.md (1)

1-19: LGTM!

openspec/changes/code-review-12-guided-simplification-enforcement/tasks.md (1)

1-53: LGTM!

packages/specfact-code-review/module-package.yaml (1)

2-2: LGTM!

Also applies to: 26-27

packages/specfact-project/module-package.yaml (1)

2-2: LGTM!

Also applies to: 30-31

packages/specfact-code-review/src/specfact_code_review/run/findings.py (1)

30-31: LGTM!

Also applies to: 116-187, 220-243, 265-273, 290-318, 345-358, 362-364

tests/unit/specfact_code_review/run/test_findings.py (1)

42-51: LGTM!

Also applies to: 118-155, 281-312

packages/specfact-code-review/src/specfact_code_review/tools/ai_bloat_runner.py (1)

8-9: LGTM!

Also applies to: 30-37, 52-63, 127-139, 150-150, 164-186, 214-228, 275-292, 314-321, 360-366, 390-397, 463-472, 499-504, 532-538, 553-556, 590-595, 619-624, 647-648, 702-709

tests/unit/specfact_code_review/tools/test_ai_bloat_runner.py (1)

33-35: LGTM!

Also applies to: 77-82, 94-100, 205-232

packages/specfact-code-review/src/specfact_code_review/tools/semgrep_runner.py (1)

9-10: LGTM!

Also applies to: 42-87, 254-255, 372-408

tests/unit/specfact_code_review/tools/test_semgrep_runner.py (1)

13-18: LGTM!

Also applies to: 166-170, 271-309, 345-399

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Strengthen guidance metadata requirement to avoid spec drift.

Line 11 uses SHOULD, but the guided simplification contract in this change set treats guidance metadata as required for simplify-focused findings. Keep this normative level aligned (SHALL) to prevent ambiguous implementations across bundles/CLI surfaces.

As per coding guidelines, "openspec/**/*.md: Specification truth: proposal/tasks/spec deltas vs. bundle behavior, CHANGE_ORDER, and drift vs. shipped modules or docs."

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@openspec/changes/code-review-12-guided-simplification-enforcement/specs/review-run-command/spec.md`
around lines 9 - 13, The clause requiring guidance metadata for simplify-focused
findings is currently marked as "SHOULD" but must be normative; change the term
"SHOULD" to "SHALL" in the sentence that reads "retained findings SHOULD include
guidance metadata for actionability, preservation, or design judgment" so the
spec mandates guidance metadata for simplify-focused findings; ensure the
surrounding lines mentioning "simplification-focused findings", the `specfact
code review run --focus simplify --json --out .specfact/code-review.json`
WHEN/THEN/AND block, and the requirement for a "simplification summary" remain
semantically consistent after this change.

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Enforce guidance_kind whenever guided fields are present.

This validator exits early when guidance_kind is missing, so payloads can carry recommended_action/action_status/etc. without a guidance class. That makes guided findings silently degrade into non-guided behavior (summary/enforcement/schema branching).

Proposed fix

 `@model_validator`(mode="after")
 def _validate_guided_metadata(self) -> ReviewFinding:
-    if self.guidance_kind is None:
-        return self
+    guided_fields_present = any(
+        value is not None
+        for value in (
+            self.recommended_action,
+            self.clean_code_principle,
+            self.rationale,
+            self.safety_checks,
+            self.preserve_reason,
+            self.action_status,
+            self.before_ref,
+            self.after_ref,
+            self.improvement,
+        )
+    )
+    if self.guidance_kind is None:
+        if guided_fields_present:
+            raise ValueError("guidance_kind is required when guided simplification fields are present")
+        return self

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/specfact-code-review/src/specfact_code_review/run/findings.py`
around lines 189 - 205, The validator _validate_guided_metadata currently
returns early when guidance_kind is None, allowing guided fields to be set
without a guidance_kind; change it to first check whether any guided-related
fields (recommended_action, clean_code_principle, rationale, safety_checks,
action_status, preserve_reason) are non-null and if so raise ValueError
requiring guidance_kind, then proceed with the existing validation (ensure
recommended_action, clean_code_principle, rationale, safety_checks,
action_status are present when guidance_kind is set and require preserve_reason
when guidance_kind == "preserve"); update _validate_guided_metadata to enforce
presence of guidance_kind whenever any of those guided fields are provided.

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Count failed safe-mechanical items as blocking unresolved findings.

blocking_simplification_count currently increments only for "recommended". Unresolved "failed" safe-mechanical items are excluded, which can under-report enforce blockers.

Proposed fix

-        blocking_simplification_count=sum(
-            finding.is_safe_mechanical_simplification() and finding.action_status == "recommended" for finding in guided
-        ),
+        blocking_simplification_count=sum(
+            finding.is_safe_mechanical_simplification() for finding in guided
+        ),

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/specfact-code-review/src/specfact_code_review/run/findings.py`
around lines 359 - 361, The current computation of blocking_simplification_count
only counts safe-mechanical findings where finding.action_status ==
"recommended", which skips unresolved "failed" items; update the generator over
guided (the expression that uses finding.is_safe_mechanical_simplification() and
finding.action_status) so it treats both "recommended" and "failed" as blocking
(for example, check finding.action_status in ("recommended", "failed") or
equivalently that action_status != "resolved") to ensure failed safe-mechanical
items are counted as blocking unresolved findings.