repopilot 0.15.0

Local-first CLI for repository audit, architecture risk detection, baseline tracking, and CI-friendly code review.
Documentation
name: RepoPilot
description: "Run RepoPilot static analysis on your repository"
author: "MykytaStel"

branding:
  icon: shield
  color: blue

inputs:
  command:
    description: "Command to run: scan | review | compare | doctor | ai-context | ai-plan | ai-prompt"
    required: false
    default: "scan"
  format:
    description: "Output format: auto | console | json | markdown | sarif. auto uses sarif for scan and markdown for review/compare/doctor; AI commands emit Markdown."
    required: false
    default: "auto"
  path:
    description: "Path passed to scan, review, doctor, or AI commands."
    required: false
    default: "."
  config:
    description: "Optional repopilot.toml path."
    required: false
    default: ""
  baseline:
    description: "Optional baseline path for scan/review."
    required: false
    default: ""
  fail-on:
    description: "Optional scan/review failure threshold, e.g. new-high."
    required: false
    default: ""
  fail-on-priority:
    description: "Optional scan/review failure threshold by risk priority: p0 | p1 | p2 | p3."
    required: false
    default: ""
  min-severity:
    description: "Optional minimum rendered severity, e.g. high."
    required: false
    default: ""
  min-priority:
    description: "Optional minimum rendered risk priority: p0 | p1 | p2 | p3."
    required: false
    default: ""
  rule:
    description: "Optional scan rule filter. For multiple rules, provide a space-separated list of rule IDs."
    required: false
    default: ""
  timing:
    description: "Print per-phase scan timing breakdown for scan commands."
    required: false
    default: "false"
  base:
    description: "Optional Git base ref for review."
    required: false
    default: ""
  head:
    description: "Optional Git head ref for review; requires base."
    required: false
    default: ""
  focus:
    description: "Optional AI focus: security | arch | architecture | quality | framework | all."
    required: false
    default: ""
  budget:
    description: "Optional AI token budget: 2k | 4k | 8k | 16k or a positive integer."
    required: false
    default: ""
  output:
    description: "Optional output path for commands that write reports."
    required: false
    default: ""
  receipt:
    description: "Optional audit receipt JSON path for scan."
    required: false
    default: ""
  args:
    description: "Advanced extra CLI arguments appended after typed inputs. Prefer typed inputs for CI workflows."
    required: false
    default: ""
  version:
    description: "npm version tag to install. Pin this for reproducible CI (e.g. 0.15.0)."
    required: false
    default: "0.15.0"
  upload-sarif:
    description: "Automatically upload SARIF output to GitHub Code Scanning"
    required: false
    default: "true"

outputs:
  sarif-file:
    description: "Path to the generated SARIF file (only set when format is sarif)"
    value: ${{ steps.run.outputs.sarif_file }}
  receipt-file:
    description: "Path to the generated audit receipt JSON file (only set when receipt is provided for scan)"
    value: ${{ steps.run.outputs.receipt_file }}

runs:
  using: composite
  steps:
    - name: Install repopilot
      shell: bash
      run: npm install -g repopilot@${{ inputs.version }}

    - name: Run repopilot
      id: run
      shell: bash
      env:
        INPUT_COMMAND: ${{ inputs.command }}
        INPUT_FORMAT: ${{ inputs.format }}
        INPUT_PATH: ${{ inputs.path }}
        INPUT_CONFIG: ${{ inputs.config }}
        INPUT_BASELINE: ${{ inputs.baseline }}
        INPUT_FAIL_ON: ${{ inputs.fail-on }}
        INPUT_FAIL_ON_PRIORITY: ${{ inputs.fail-on-priority }}
        INPUT_MIN_SEVERITY: ${{ inputs.min-severity }}
        INPUT_MIN_PRIORITY: ${{ inputs.min-priority }}
        INPUT_RULE: ${{ inputs.rule }}
        INPUT_TIMING: ${{ inputs.timing }}
        INPUT_BASE: ${{ inputs.base }}
        INPUT_HEAD: ${{ inputs.head }}
        INPUT_FOCUS: ${{ inputs.focus }}
        INPUT_BUDGET: ${{ inputs.budget }}
        INPUT_OUTPUT: ${{ inputs.output }}
        INPUT_RECEIPT: ${{ inputs.receipt }}
        INPUT_ARGS: ${{ inputs.args }}
      run: |
        bash "$GITHUB_ACTION_PATH/scripts/repopilot-action.sh"

    - name: Upload SARIF to GitHub Code Scanning
      if: inputs.upload-sarif == 'true' && steps.run.outputs.sarif_file != ''
      uses: github/codeql-action/upload-sarif@v4
      with:
        sarif_file: ${{ steps.run.outputs.sarif_file }}