Test/phase2 coverage

.github/dependabot.yml

@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"

.github/workflows/ci.yml

@@ -7,31 +7,79 @@ on:
     branches: [ "main", "master" ]
 
 jobs:
-  test:
+  lint:
     runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Set up Python 3.10
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.10"
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install ruff
+    - name: Lint with Ruff
+      run: |
+        ruff check .
+        ruff format --check .
+
+  typecheck:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Set up Python 3.10
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.10"
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install mypy
+        pip install -e ".[dev]"
+    - name: Type checking with mypy
+      continue-on-error: true
+      run: |
+        mypy --strict src/
+
+  test:
+    runs-on: ${{ matrix.os }}
     strategy:
       matrix:
         python-version: ["3.10", "3.11", "3.12"]
-
+        os: [ubuntu-latest, macos-latest, windows-latest]
     steps:
     - uses: actions/checkout@v4
-
     - name: Set up Python ${{ matrix.python-version }}
       uses: actions/setup-python@v5
       with:
         python-version: ${{ matrix.python-version }}
-
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
-        pip install ruff pytest pytest-asyncio
-        pip install -e .
-
-    - name: Lint with Ruff
-      run: |
-        ruff check .
-        ruff format --check .
-
+        pip install -e ".[dev]"
     - name: Test with pytest
       run: |
-        pytest tests/
+        pytest tests/ --cov-report=xml
+    - name: Upload coverage to Codecov
+      uses: codecov/codecov-action@v4
+      with:
+        token: ${{ secrets.CODECOV_TOKEN }}
+        file: ./coverage.xml
+
+  security:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Set up Python 3.10
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.10"
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install pip-audit
+        pip install -e .
+    - name: Run pip-audit
+      run: |
+        pip-audit

.github/workflows/docs.yml

@@ -0,0 +1,35 @@
+name: Deploy docs
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - "docs/**"
+      - "mkdocs.yml"
+      - ".github/workflows/docs.yml"
+  workflow_dispatch:
+
+permissions:
+  contents: write
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
+      - name: Install dependencies
+        run: |
+          pip install mkdocs-material
+      - name: Build docs
+        run: mkdocs build
+      - name: Deploy docs
+        uses: peaceiris/actions-gh-pages@v3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./site
+          publish_branch: gh-pages

.github/workflows/release.yml

@@ -0,0 +1,33 @@
+name: Publish to PyPI
+
+on:
+  push:
+    tags:
+      - "v*"
+
+jobs:
+  publish:
+    name: Build and Publish
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.10"
+
+      - name: Install build tool
+        run: |
+          python -m pip install --upgrade pip
+          pip install build
+
+      - name: Build package
+        run: python -m build
+
+      - name: Publish package
+        uses: pypa/gh-action-pypi-publish@release/v1

CHANGELOG.md

@@ -0,0 +1,40 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Added
+- GitHub Actions workflow for MkDocs deployment (Phase 5).
+- Comprehensive metadata to `pyproject.toml`.
+- Docstrings across public modules (`ai_api.py`, `policy_engine.py`, `scanner.py`, `models.py`).
+
+## [3.0.0] - 2026-06-27
+
+### Added
+- **Semantic Catalog (P3 Blueprint)**: Transformed into an AI-powered Intelligent Code Infrastructure Catalog.
+- **Git Worktree Manager (P2)**: Created linked worktrees for efficient branch management.
+- Multi-provider AI configuration panel (OpenAI, OpenRouter, Ollama, Azure).
+- Semantic context extraction (hash-based project tree analysis).
+- Auto-tagging system (heuristic + AI).
+- Local strict code reviewer.
+- AI-generated release notes (`gitauditor repo changelog`).
+
+## [2.0.0] - 2025-10-15
+
+### Added
+- SQLite local database via `SQLModel` (`~/.gitauditor/catalog.db`).
+- Improved repository discovery and deduplication.
+
+### Changed
+- Refactored core modules for better testability.
+
+## [1.0.0] - 2025-01-10
+
+### Added
+- Initial release.
+- Basic CLI structure using `Typer` and `Rich`.
+- Local script capabilities to scan repositories.

README.md

@@ -1,5 +1,7 @@
 # GitAuditor 🤖
 
+[![CI](https://github.com/refernandes/gitauditor/actions/workflows/ci.yml/badge.svg)](https://github.com/refernandes/gitauditor/actions/workflows/ci.yml)
+[![codecov](https://codecov.io/gh/refernandes/gitauditor/graph/badge.svg?token=YOUR_TOKEN_HERE)](https://codecov.io/gh/refernandes/gitauditor)
 *[Leia esta documentação em Português / Read this in Portuguese](README_pt.md)*
 
 **GitAuditor** has evolved from a simple local script into an **AI-powered Intelligent Code Infrastructure Catalog**.

README_pt.md

@@ -1,5 +1,7 @@
 # GitAuditor 🤖
 
+[![CI](https://github.com/refernandes/gitauditor/actions/workflows/ci.yml/badge.svg)](https://github.com/refernandes/gitauditor/actions/workflows/ci.yml)
+[![codecov](https://codecov.io/gh/refernandes/gitauditor/graph/badge.svg?token=YOUR_TOKEN_HERE)](https://codecov.io/gh/refernandes/gitauditor)
 **GitAuditor** evoluiu de um simples script local para um **Catálogo Inteligente de Infraestrutura de Código turbinado por Inteligência Artificial**.
 Construído em Python com `Typer`, `SQLModel` e `Rich`, ele transforma pastas de repositórios espalhadas pela sua máquina em um banco de dados local perfeitamente gerenciável, ao mesmo tempo que entende o contexto semântico do seu código usando provedores de IA como OpenAI, OpenRouter ou Ollama local.
 

docs/architecture.md

@@ -0,0 +1,12 @@
+# Architecture
+
+GitAuditor is structured around several core components:
+
+## Core Modules
+
+- **CLI (`cli.py`, `commands/`)**: Uses `typer` to provide a robust command-line interface. State is managed via `typer.Context` and an `AppState` object.
+- **Catalog (`catalog_db.py`, `models.py`)**: Uses `sqlmodel` for local SQLite database management. Tracks cloned repositories and configuration.
+- **AI Engine (`ai_api.py`)**: An abstraction layer for talking to multiple LLM providers (OpenAI, OpenRouter, Azure, Ollama).
+- **Scanner (`scanner.py`)**: Handles Git parsing and semantic extraction (hash calculation, tree generation).
+- **Policy Engine (`policy_engine.py`)**: Applies security and standard rules across repositories.
+- **Worktree Manager**: Orchestrates linked Git worktrees for efficient multi-branch development without full clones.

docs/changelog.md

@@ -0,0 +1,40 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Added
+- GitHub Actions workflow for MkDocs deployment (Phase 5).
+- Comprehensive metadata to `pyproject.toml`.
+- Docstrings across public modules (`ai_api.py`, `policy_engine.py`, `scanner.py`, `models.py`).
+
+## [3.0.0] - 2026-06-27
+
+### Added
+- **Semantic Catalog (P3 Blueprint)**: Transformed into an AI-powered Intelligent Code Infrastructure Catalog.
+- **Git Worktree Manager (P2)**: Created linked worktrees for efficient branch management.
+- Multi-provider AI configuration panel (OpenAI, OpenRouter, Ollama, Azure).
+- Semantic context extraction (hash-based project tree analysis).
+- Auto-tagging system (heuristic + AI).
+- Local strict code reviewer.
+- AI-generated release notes (`gitauditor repo changelog`).
+
+## [2.0.0] - 2025-10-15
+
+### Added
+- SQLite local database via `SQLModel` (`~/.gitauditor/catalog.db`).
+- Improved repository discovery and deduplication.
+
+### Changed
+- Refactored core modules for better testability.
+
+## [1.0.0] - 2025-01-10
+
+### Added
+- Initial release.
+- Basic CLI structure using `Typer` and `Rich`.
+- Local script capabilities to scan repositories.

docs/commands/catalog.md

@@ -0,0 +1,7 @@
+# Catalog Commands
+
+Manage your local SQLite catalog of repositories.
+
+- `gitauditor catalog sync <path>`: Scans a folder recursively, finds Git repositories, and syncs them into the catalog.
+- `gitauditor catalog status`: Shows the current overview of tracked repositories.
+- `gitauditor catalog tag`: Triggers auto-tagging of repositories.

docs/commands/policy.md

@@ -0,0 +1,6 @@
+# Policy Commands
+
+Enforce and check policies across your code infrastructure.
+
+- `gitauditor policy check`: Runs pre-commit checks locally or globally.
+- `gitauditor policy apply`: Re-applies fixes if necessary.

docs/commands/repo.md

@@ -0,0 +1,6 @@
+# Repo Commands
+
+Analyze repository content and history.
+
+- `gitauditor repo analyze`: Scans the current repository to extract metadata and summaries.
+- `gitauditor repo changelog`: Uses AI to generate a semantic changelog based on the latest commits.

docs/commands/ssh.md

@@ -0,0 +1,5 @@
+# SSH Commands
+
+Audit SSH keys and connections for security policies.
+
+- `gitauditor ssh check`: Scans current SSH agent and config for insecure keys.

docs/commands/worktree.md

@@ -0,0 +1,7 @@
+# Worktree Commands
+
+Manage Git worktrees effortlessly.
+
+- `gitauditor worktree add <branch>`: Creates a new linked worktree for the given branch.
+- `gitauditor worktree list`: Lists all active worktrees for the current repository.
+- `gitauditor worktree clean`: Removes defunct worktrees.

docs/configuration.md

@@ -0,0 +1,31 @@
+# Configuration
+
+GitAuditor supports multiple AI providers for its semantic features. 
+
+## Setting up Providers
+
+You can configure the active provider using:
+
+```bash
+gitauditor config set provider <provider_name>
+```
+
+Currently supported providers:
+- `openai`
+- `ollama` (Local)
+- `openrouter`
+- `azure`
+
+## Managing Keys
+
+Set API keys for cloud providers:
+
+```bash
+gitauditor config set api_key <your_api_key>
+```
+
+For custom endpoint configurations (like Azure or Ollama):
+
+```bash
+gitauditor config set endpoint_url <url>
+```

docs/getting-started.md

@@ -0,0 +1,34 @@
+# Getting Started
+
+Welcome to GitAuditor! This guide will help you install and run GitAuditor for the first time.
+
+## Installation
+
+You can install GitAuditor from PyPI:
+
+```bash
+pip install gitauditor
+```
+
+Or from source:
+
+```bash
+git clone https://github.com/refernandes/gitauditor.git
+cd gitauditor
+pip install -e .
+```
+
+## First Run
+
+Initialize your catalog database:
+
+```bash
+gitauditor catalog sync ~/projects/
+```
+
+Configure your AI provider:
+
+```bash
+gitauditor config set provider openai
+gitauditor config set api_key sk-xxxx
+```