aptu-cli 0.2.15

CLI for Aptu - Gamified OSS issue triage with AI assistance
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

<p align="center">
  <img src="https://raw.githubusercontent.com/clouatre-labs/aptu/main/assets/logo-light.png" alt="Aptu Logo" width="128">
</p>

<h1 align="center">Aptu</h1>

<p align="center">
  <a href="https://crates.io/crates/aptu-cli"><img alt="crates.io" src="https://img.shields.io/crates/v/aptu-cli.svg?style=for-the-badge&color=fc8d62&logo=rust" height="20"></a>
  <a href="https://docs.rs/aptu-core"><img alt="docs.rs" src="https://img.shields.io/badge/docs.rs-aptu--core-66c2a5?style=for-the-badge&labelColor=555555&logo=docs.rs" height="20"></a>
  <a href="https://api.reuse.software/info/github.com/clouatre-labs/aptu"><img alt="REUSE" src="https://api.reuse.software/badge/github.com/clouatre-labs/aptu" height="20"></a>
  <a href="https://slsa.dev"><img alt="SLSA Level 3" src="https://slsa.dev/images/gh-badge-level3.svg" height="20"></a>
  <a href="https://www.bestpractices.dev/projects/11662"><img alt="OpenSSF Best Practices" src="https://www.bestpractices.dev/projects/11662/badge" height="20"></a>
</p>

<p align="center"><strong>AI-Powered Triage Utility</strong> - A CLI for OSS issue triage with AI assistance.</p>

Aptu is a context-engineering experiment: instead of throwing big models at problems, it crafts tight prompts that let smaller models do the job with fewer tokens and surprising precision.

## Demo

![Aptu Demo](https://raw.githubusercontent.com/clouatre-labs/aptu/main/assets/demo.gif)

## Why It Works

Aptu uses **task specialization** over raw model capability:

| Factor | Aptu | General Agent |
|--------|------|---------------|
| Context | Only the diff | Entire conversation + tools |
| Prompt | Tuned for code review patterns | General reasoning |
| Attention | 100% on code quality | Split across many tasks |

The small specialized model is not smarter, just less distracted. In real-world testing, aptu's PR review (using the default gemini-3-flash-preview) caught regex-based HTML parsing and missing error handling that claude-opus-4.5 shipped as "done".

## Features

- **AI Triage** - Summaries, suggested labels, clarifying questions, and contributor guidance
- **Issue Discovery** - Find good-first-issues from curated repositories
- **PR Analysis** - AI-powered pull request review and feedback
- **Release Notes** - AI-curated changelogs from merged PRs
- **GitHub Action** - Auto-triage incoming issues with labels and comments
- **MCP Server** - Model Context Protocol integration for AI assistants
- **Multiple Providers** - Gemini (default), Cerebras, Groq, OpenRouter, Z.AI, and ZenMux
- **Local History** - Track your contributions offline
- **Multiple Outputs** - Text, JSON, YAML, Markdown, and SARIF

## Installation

```bash
# Homebrew (macOS/Linux)
brew install clouatre-labs/tap/aptu

# Snap (Linux)
snap install aptu

# Cargo-binstall (fast)
cargo binstall aptu-cli

# Cargo
cargo install aptu-cli
```

## Quick Start

```bash
aptu auth login            # Authenticate with GitHub
aptu repo list             # List curated repositories
aptu issue list block/goose          # Browse issues
aptu issue triage block/goose#123    # Triage with AI
aptu issue triage block/goose#123 --dry-run  # Preview
aptu history               # View your contributions
```

## Security Scanning

Aptu includes built-in security pattern detection for PR reviews. Scanning is performed locally, and no code is sent to external services.

```bash
aptu pr review owner/repo#123                       # Review with security scanning
aptu pr review owner/repo#123 --output sarif        # SARIF for GitHub Code Scanning
```

See [docs/SECURITY_SCANNING.md](docs/SECURITY_SCANNING.md) for SARIF upload and GitHub integration.

## GitHub Action

Auto-triage new issues with AI using any supported provider.

```yaml
- uses: clouatre-labs/aptu@v0
  with:
    github-token: ${{ secrets.GITHUB_TOKEN }}
    gemini-api-key: ${{ secrets.GEMINI_API_KEY }}
```

Options: `apply-labels`, `no-comment`, `skip-labeled`, `dry-run`, `model`, `provider`.

See [docs/GITHUB_ACTION.md](docs/GITHUB_ACTION.md) for setup and examples.

## Configuration

See [docs/CONFIGURATION.md](docs/CONFIGURATION.md) for AI provider setup.

## Security

- **SLSA Level 3** - Provenance attestations for all releases
- **REUSE/SPDX** - License compliance for all files
- **Signed Commits** - GPG-signed commits required
- **Dependency Scanning** - Automated updates via Renovate

See [SECURITY.md](SECURITY.md) for reporting and verification.

## Contributing

We welcome contributions! See [CONTRIBUTING.md](https://github.com/clouatre-labs/aptu/blob/main/CONTRIBUTING.md) for guidelines.

## License

Apache-2.0. See [LICENSE](https://github.com/clouatre-labs/aptu/blob/main/LICENSE).