fix(#130): enforce HTTPS scheme consistently in GitHub client write methods

PostReview, DeleteReview, and RequestReviewer were calling c.httpClient.Do
directly, bypassing the scheme check in doRequest that rejects http:// URLs
unless AllowInsecureHTTP is explicitly enabled.

Introduce doRequestWithBody(ctx, method, url, body) with the same HTTPS guard,
and refactor all three write methods to use it. This ensures tokens are never
sent over plaintext regardless of which API path is exercised.

Add scheme validation tests for each method.

.gitea/actions/review/action.yml

@@ -130,17 +130,6 @@ inputs:
     description: 'Path to custom persona JSON file'
     required: false
     default: ''
-  doc-map:
-    description: >-
-      Path to a YAML file mapping source path globs to governing design docs.
-      review-bot intersects the map with changed PR paths and injects matching
-      docs as context alongside the diff.
-    required: false
-    default: ''
-  doc-map-max-bytes:
-    description: 'Maximum bytes of injected doc content from doc-map (default 102400 = 100KB)'
-    required: false
-    default: '102400'
 
 runs:
   using: 'composite'
@@ -504,8 +493,6 @@ runs:
         SYSTEM_PROMPT_FILE: ${{ inputs.system-prompt-file }}
         PERSONA: ${{ inputs.persona }}
         PERSONA_FILE: ${{ inputs.persona-file }}
-        DOC_MAP_FILE: ${{ inputs.doc-map }}
-        DOC_MAP_MAX_BYTES: ${{ inputs.doc-map-max-bytes }}
         AICORE_CLIENT_ID: ${{ inputs.aicore-client-id }}
         AICORE_CLIENT_SECRET: ${{ inputs.aicore-client-secret }}
         AICORE_AUTH_URL: ${{ inputs.aicore-auth-url }}

CHANGELOG.md

@@ -1,33 +0,0 @@
-# CHANGELOG
-
-## Unreleased
-
-### Added
-
-- **`doc-map` input** (`--doc-map` flag / `DOC_MAP_FILE` env var): Path to a YAML file mapping source path globs to governing design docs. review-bot intersects the map with changed PR paths and injects matching docs into the system prompt under a `## Design Documents` heading. ([#137](https://gitea.weiker.me/rodin/review-bot/issues/137))
-- **`doc-map-max-bytes` input** (`--doc-map-max-bytes` flag / `DOC_MAP_MAX_BYTES` env var): Cap on total injected design doc content in bytes. Default: 102400 (100 KB). Prevents accidental context overflow when a PR touches many modules.
-- **`DesignDocs` budget section**: Design docs are included in the context budget and trimmed after conventions, before file context, if the total exceeds the model's context limit.
-
-### Doc-map config format
-
-```yaml
-mappings:
-  - paths:
-      - "lib/gargoyle/engine/signal_risk/**"
-    docs:
-      - docs/domain/contexts/risk/risk-controls.md
-  - paths:
-      - "lib/gargoyle/trading/**"
-    docs:
-      - docs/domain/contexts/trading/
-```
-
-- `paths` — glob patterns (including `**`) matched against changed file paths in the PR
-- `docs` — local file paths or directories (all `.md` files under a directory) to inject
-- Multiple mappings can reference the same doc; docs are deduplicated
-- Missing doc files: warn and skip (review continues without them)
-- No matching paths: no docs injected, review runs normally
-
-## v0.3.2
-
-- Previous releases tracked in Gitea release notes.

DEV_LOOP_HEALTH.md

@@ -1,50 +0,0 @@
-# Dev Loop Health Check — 2026-05-15 01:33 UTC
-
-## Status: ✅ OPTIMAL
-
-### Test Results
-- All packages: **PASS** ✅ (6/6, fresh -count=1 run)
-- Build: ✅ successful
-- Vet: ✅ clean
-
-### Coverage (current)
-
-| Package | Coverage |
-|---------|----------|
-| budget | 91.8% |
-| cmd/review-bot | 46.1% |
-| gitea | 85.2% |
-| github | 86.3% |
-| llm | 81.3% |
-| review | 92.0% |
-
-### Recent Activity (since last check 01:28 UTC)
-- Pulled `d0b0b0b` (dev-loop health update from 01:28 cycle)
-- No new commits from dev work
-- No open issues or PRs
-- Working tree: clean, up to date with origin/main
-
-### Notes on Coverage
-- `cmd/review-bot` at 46.1% — main() itself at 26.5%; lowest coverage package
-  - Potential: integration test harness (issue #TBD)
-- `vcs.go` adapter wrappers intentionally 0% — thin delegation, real logic tested in gitea/github packages
-
-### Next Phase Priorities
-1. **PR Submission (#132+)** — Enable review-bot to create PRs
-2. **`github.Client.DismissReview`** — method referenced in orphaned files, not in client.go; file issue
-3. **GitHub Enterprise Support** — Enterprise URL patterns, token scopes
-4. **Increase cmd/review-bot coverage** — integration test harness for main()
-5. **Performance & Observability** — Metrics, load testing, audit logging
-
-### System Health
-- ✅ All tests passing
-- ✅ No warnings or lint issues
-- ✅ Code clean, working tree clean
-- ✅ No open issues or PRs on Gitea
-- ✅ Ready for next development cycle
-
----
-
-**Previous check:** 2026-05-15 01:28 UTC
-**This check:** 2026-05-15 01:33 UTC
-**Action:** NONE — healthy, no work to do

DEV_LOOP_STATUS.txt

@@ -1,43 +0,0 @@
-=============================================================================
-REVIEW-BOT DEV LOOP STATUS — 2026-05-15 01:48 UTC (post-sync)
-=============================================================================
-
-OVERALL STATUS: ✅ OPTIMAL
-
-Test Results (fresh run post-sync):
-  - All 6 packages: PASS ✅
-  - Build: ✅ clean
-  - Vet: ✅ clean
-  - Fresh run: -count=1 verified
-
-Recent Major Changes (synced from origin/main):
-  - Significant new GitHub client methods (~360 lines added)
-  - New validateurl package for URL validation
-  - New vcs adapter layer for VCS abstraction
-  - New gitea/ipcheck package for IP validation
-  - Expanded integration tests in cmd/review-bot
-  - All changes verified passing tests
-
-Coverage (current post-sync):
-  - review: 92.0%
-  - budget: 91.8%
-  - github: 86.3%
-  - gitea: 85.2%
-  - llm: 81.3%
-  - cmd/review-bot: 46.1%
-
-Repository:
-  - Branch: main (synced with origin — 4ffa6b6)
-  - Working tree: clean
-  - Open issues: 0
-  - Open PRs: 0
-
-System Health: ✅ GREEN
-  ✓ All tests passing (33 commits synced)
-  ✓ No warnings
-  ✓ Code clean
-  ✓ Ready for feature work
-
-Next Cycle: Ready to pick up feature work
-
-=============================================================================

PLAN-137.md

@@ -1,194 +0,0 @@
-# Plan: Issue #137 — doc-map input for path-scoped doc injection
-
-## Problem
-
-review-bot currently injects context via `patterns-repo` (external VCS repos) and `conventions-file` (a single file from the reviewed repo). There is no mechanism to inject local repo documentation files scoped to the paths changed in a PR.
-
-First consumer: `grgl/gargoyle#778` wants a "doc adherence" reviewer that checks code against the module's governing design doc, without injecting every doc in the tree.
-
-## Constraints
-
-- Must work with existing `budget.Fit` architecture (docs go into `SystemBase` section, never trimmed — or added as a new section below `Conventions`)
-- Must not fail the review if doc files are missing (warn + skip)
-- Context guard: default 100KB total injected doc content (configurable)
-- YAML parsing must use `github.com/goccy/go-yaml` (the only approved YAML library)
-- No new third-party dependencies (Go standard library + approved packages only)
-- Path security: doc files must be read via VCS API (not local filesystem), so they are always fetched from the PR head ref within the repo workspace — same path used by `conventions-file` loading
-
-Wait — re-reading the issue: the issue says "local repo files". In the CI action context, the action runner has the repo checked out. The design doc says "read each doc file from the local checkout". But review-bot has no local checkout — it runs as a binary and reads files via VCS API. Let me reconcile:
-
-- `conventions-file` uses `vcs.GetFileContent` (fetches from VCS API, default branch)
-- The doc-map docs should also be read via VCS API
-- The doc-map config file itself (`doc-map` input) is a local file in the workspace (like `system-prompt-file`)
-- The doc paths inside the config ARE relative to the repo root, to be fetched via VCS API
-
-**Conclusion:** The `doc-map` YAML file is read from local filesystem (like `system-prompt-file`). The doc files listed inside are fetched from the VCS API.
-
-Actually, re-reading more carefully: "Read each doc file (or all .md files under a directory) from the local checkout". But review-bot doesn't have a local checkout. Since `system-prompt-file` and `conventions-file` are both read locally, I should follow the same approach consistently.
-
-**Final decision:** The `doc-map` config file is local (passed via `--doc-map` flag, read with `os.ReadFile` after workspace validation). The listed doc paths (and directory expansion) are read via VCS `GetFileContent` / `GetAllFilesInPath` — matching the `conventions-file` pattern for consistency, and enabling it to work on any branch (not just the checked-out one).
-
-## Proposed Approach
-
-### New files
-
-1. `review/docmap.go` — `DocMap` type, YAML parsing, glob matching, doc loading logic
-2. `review/docmap_test.go` — unit tests
-
-### Modified files
-
-1. `cmd/review-bot/main.go` — add `--doc-map` flag, wire up in Step 6c
-2. `.gitea/actions/review/action.yml` — add `doc-map` input, pass as `DOC_MAP_FILE` env var
-3. `budget/budget.go` — add `DesignDocs` section (between `SystemBase`/`Conventions` and `Diff`)
-4. `CHANGELOG.md` — update
-
-### DocMap types (review/docmap.go)
-
-```go
-// DocMapping maps a set of path globs to doc files/directories.
-type DocMapping struct {
-    Paths []string `yaml:"paths"` // glob patterns
-    Docs  []string `yaml:"docs"`  // file paths or directories
-}
-
-// DocMapConfig is the top-level YAML structure.
-type DocMapConfig struct {
-    Mappings []DocMapping `yaml:"mappings"`
-}
-
-// DocMapOptions controls doc loading behavior.
-type DocMapOptions struct {
-    MaxBytes int // default 100*1024
-}
-```
-
-### Key functions
-
-```go
-// ParseDocMapConfig parses the YAML config file from a local path.
-func ParseDocMapConfig(path string) (*DocMapConfig, error)
-
-// MatchDocs returns deduplicated doc paths for the given changed files.
-func MatchDocs(cfg *DocMapConfig, changedFiles []string) []string
-
-// LoadMatchingDocs fetches doc content via VCS, respecting size limit.
-// Returns (content, error). Missing files are warned and skipped.
-func LoadMatchingDocs(ctx context.Context, fetcher DocFetcher, owner, repo string, docPaths []string, opts DocMapOptions) (string, error)
-```
-
-### DocFetcher interface
-
-```go
-// DocFetcher fetches files and directory listings from VCS.
-// Subset of vcsClient, defined here to keep review package free of cmd-level deps.
-type DocFetcher interface {
-    GetFileContent(ctx context.Context, owner, repo, filepath string) (string, error)
-    GetAllFilesInPath(ctx context.Context, owner, repo, path string) (map[string]string, error)
-}
-```
-
-### Glob matching
-
-Use `path.Match` from the Go standard library. It matches patterns like `lib/gargoyle/engine/signal_risk/**`. The `**` glob is NOT natively supported by `path.Match`, so we need either:
-
-a) Use `filepath.Match` which also doesn't support `**`
-b) Implement simple `**` support: `**` matches any number of path segments
-
-**Decision:** Implement minimal `**` support: split path on `/`, split pattern on `/`, match each segment with `filepath.Match`. When a pattern segment is `**`, it consumes any number of remaining segments. This covers the primary use case without a new dependency.
-
-### Budget integration
-
-Add `DesignDocs` field to `budget.Sections`. Position: after `Conventions`, before `FileContext` (trimming order: Patterns → Conventions → DesignDocs → FileContext → Diff). Inject under `## Design Documents` heading in system prompt.
-
-### Context size guard
-
-Accumulate doc content bytes. If total would exceed `MaxBytes`, truncate last doc with a notice and stop loading more.
-
-## State/Data Model
-
-```
-DocMapConfig
-  └── []DocMapping
-        ├── Paths []string  (glob patterns against changed file paths)
-        └── Docs  []string  (local doc paths or directories in target repo)
-
-Flow:
-  1. Parse doc-map YAML → DocMapConfig
-  2. GetPullRequestFiles → []string of changed paths
-  3. MatchDocs(cfg, changedPaths) → deduplicated []string doc paths
-  4. For each doc path:
-       - If path ends with "/" or is a "directory" → GetAllFilesInPath, filter .md
-       - Otherwise → GetFileContent
-  5. Accumulate, respect size limit
-  6. Inject into system prompt
-```
-
-## Error Cases
-
-| Situation | Behavior |
-|-----------|----------|
-| `--doc-map` file not found | Fatal error (like `--system-prompt-file`) |
-| `--doc-map` file invalid YAML | Fatal error with descriptive message |
-| Unknown keys in YAML | Log warning, continue |
-| Doc file not found in VCS | Log warning, skip |
-| Doc directory empty | Log debug, skip |
-| Total size exceeds limit | Truncate with notice, log warning |
-| No changed paths match | No docs injected, review runs normally |
-| `paths` list empty in a mapping | Skip that mapping (no match possible) |
-| `docs` list empty in a mapping | Skip that mapping (nothing to inject) |
-
-## Edge Cases
-
-- Empty `mappings` list → no docs injected, no error
-- Same doc matched by multiple mappings → deduplicate by path
-- Directory with no `.md` files → skip silently (log debug)
-- Very large single doc file → counts against limit, may truncate
-- Symlinks/special files in VCS → GetFileContent handles or errors (warn + skip)
-- `doc-map` path outside workspace → fatal error (validateWorkspacePath)
-- Directory path specified as `docs` entry without trailing `/` → check if it's a directory via ListContents or GetAllFilesInPath; if error, try GetFileContent
-
-## Testing Strategy
-
-### Unit tests (review/docmap_test.go)
-
-1. **ParseDocMapConfig** — valid YAML, invalid YAML, unknown keys (warning), empty file
-2. **MatchDocs** — no match, single match, multi-match, deduplication, `**` glob, exact match
-3. **LoadMatchingDocs** — with mock DocFetcher:
-   - file path → content returned
-   - missing file → warned + skipped
-   - directory path → expands .md files
-   - directory with no .md → empty
-   - size guard → truncation with notice
-   - deduplication in combined results
-
-### Integration coverage
-
-The existing `main_test.go` tests cover flag wiring — add a test for `--doc-map` flag parsing and workspace path validation.
-
-## Open Questions
-
-1. **Directory detection**: The issue says "directory paths expand to all .md files". But review-bot has no local filesystem. When a `docs` entry is `docs/domain/contexts/trading/`, we can call `GetAllFilesInPath`. But what if someone writes `docs/domain/contexts/trading` (no trailing slash)? We could try GetFileContent first, and if it fails with a 404 or "is directory" error, fall back to GetAllFilesInPath. OR we could just always call GetAllFilesInPath and if it returns content, use it; if it returns empty, try GetFileContent. 
-   **Decision**: Try GetAllFilesInPath first (always). If it returns ≥1 file, treat as directory. If it returns 0 files AND no error, try GetFileContent. If GetAllFilesInPath returns an error, try GetFileContent.
-
-2. **Budget section placement**: The issue says docs go in "system prompt after system-prompt-file content". That means docs are part of the system prompt. Current budget: SystemBase (includes additionalPrompt) → Patterns → Conventions. I'll add DesignDocs after Conventions (trim after Conventions). Docs are injected into system prompt via `buildResult`.
-   **Decision**: DesignDocs section in budget, trimmed after Conventions, before FileContext.
-
-3. **Configurable size limit**: The issue says "configurable". Add `--doc-map-max-bytes` flag (default 102400). Pass via `DocMapOptions`.
-   **Decision**: Add flag. Default 100KB (102400 bytes).
-
-## Completion Checklist
-
-1. `doc-map` input added to action.yml with correct env var passthrough
-2. `--doc-map` and `--doc-map-max-bytes` flags parsed in main.go
-3. `doc-map` file validated with `validateWorkspacePath` before reading
-4. YAML parsed with `go-yaml`, unknown keys warned not errored
-5. Glob matching handles `**` segments
-6. Changed files list from PR drives intersection (not hardcoded)
-7. Docs deduplicated before fetching
-8. Missing doc files: warn + skip, not fatal
-9. Context size guard truncates with notice, logs warning
-10. `DesignDocs` section added to `budget.Sections` and `buildResult`
-11. Tests cover: match, no-match, dedup, missing file, directory expansion, size guard, YAML parse error
-12. `go test ./...` passes
-13. `go vet ./...` passes
-14. CHANGELOG updated

README.md

@@ -6,11 +6,10 @@ AI-powered code review bot for Gitea pull requests. Fetches diff + context, send
 
 - **Multi-provider**: OpenAI-compatible, Anthropic Messages API, and SAP AI Core
 - **Context-aware**: Fetches full file content, conventions, language patterns, CI status
-- **Path-scoped docs**: `doc-map` config injects only the governing design docs for changed paths
 - **Smart budget**: Automatically trims context to fit model token limits
 - **Idempotent reviews**: Posts new review, then cleans up stale ones (one review per bot)
 - **Custom prompts**: Load additional instructions from a file (e.g. security-focused review)
-- **Minimal dependencies**: Go stdlib + `github.com/goccy/go-yaml` only
+- **Minimal dependencies**: Go stdlib + `gopkg.in/yaml.v3` only
 
 ## Quick Start: Composite Action
 

TODO.md

@@ -1,37 +1,79 @@
-## Dev Loop Status: 2026-05-15 02:28 UTC
+## Dev Loop: review-bot — 2026-05-14 20:10 UTC
 
-**Repository:** review-bot (rodin/review-bot on Gitea)  
-**Status:** ✅ OPTIMAL
-
-### Health Check
-
-- **Working tree:** clean
-- **Branch:** main (up to date with origin)
-- **Build:** ✅ passes (`go build ./cmd/review-bot`)
-- **Tests:** ✅ ALL PASS (6/6 packages)
-- **Vet:** ✅ clean
-- **Open issues:** 0
-- **Open PRs:** 0
-
-### Recent Changes
-
-Last commit: `dcfd360` (2026-05-15 01:48) — health check post-sync
-
-### Coverage
-
-| Package | Coverage |
-|---------|----------|
-| cmd/review-bot | 46.1% |
-| gitea | 85.2% |
-| github | 86.3% |
-| review | 92.0% |
-
-### Next Priority
-
-- Increase cmd/review-bot coverage (lowest at 46.1%)
-- Monitor prod logs for edge cases
-- VCS integration stable; GitHub + Gitea paths clear
+### Latest: ✅ STABLE STATE — REPO HEALTH COMPLETE
+- **Last action:** health check; verified tests pass, repo clean, no action needed
+- **Repository:** Clean, all merges complete, no open issues/PRs
+- **Main branch:** Up to date with origin/main
+- **Test suite:** All passing (cached)
 
 ---
 
-_Dev-loop cycle complete at 02:28 UTC._
+## Repository Status
+
+### ✅ Merged to main (recent):
+- issue-123 (IP-level SSRF defense) — 6 commits, main at 4440823
+- issue-125 (VCS_URL rename + deprecation) — merged
+- issue-124 (multi-arch binary support) — merged  
+- issue-120 (GitHub Actions + VCS abstraction) — merged
+- issue-121 (VCS host type detection for binary download) — merged
+
+### 🧹 Cleanup COMPLETE:
+- ✅ Removed old worktrees (issue-123, review-bot-issue-125)
+- ✅ Test suite passes (all packages)
+- ✅ No TODO/FIXME in code except expected GitHub client notes
+- ✅ No open issues or pull requests
+- ✅ Dependencies up to date
+
+---
+
+## Current Feature Completeness
+
+✅ **Core Capabilities:**
+- Multi-provider LLM support (OpenAI, Anthropic, SAP AI Core)
+- Gitea PR integration with structured reviews
+- SSRF defense with IP-level validation
+- VCS abstraction (Gitea/GitHub support)
+- Multi-architecture binary support
+- GitHub Actions composite action
+
+✅ **Recent Security Work:**
+- RFC6598 CGN range detection
+- IP fallback dialing for local endpoint rejection
+- URL validation for SSRF prevention
+
+✅ **Code Quality:**
+- Comprehensive test coverage (all packages tested)
+- Consistent error handling with context propagation
+- Secure credential handling (unexported fields)
+- Concurrency-safe designs
+
+---
+
+## Next Priority Actions
+
+### Phase 2: Feature Exploration (NEXT SESSION)
+- Scan code for potential improvements per REVIEW.md findings
+- Assess performance under load
+- Review REVIEW.md findings for targeted fixes
+- Consider backlog items from design docs
+
+### Phase 3: Optional Enhancements (BACKLOG)
+- Address REVIEW.md context propagation findings (if prioritized)
+- Additional LLM provider support
+- Enhanced context detection
+- Custom report formats
+- Webhook management improvements
+
+---
+
+## Worktrees Status
+All old worktrees cleaned up. Ready for new issue work.
+
+---
+
+## Dev-Loop Metadata
+- **Repo:** /home/ubuntu/review-bot
+- **Main branch SHA:** ed3a5dd (last commit)
+- **Cron ID:** 5342ac81-4bbc-4e4c-a123-347a7788d50c
+- **Scheduled:** Every 4 hours
+- **Last health check:** 2026-05-14 20:10 UTC (✅ all healthy)

budget/budget.go

@@ -63,8 +63,7 @@ type Sections struct {
 	SystemBase  string // Core instructions (never trimmed)
 	Patterns    string // Language patterns (trimmed first)
 	Conventions string // Repo conventions (trimmed second)
-	DesignDocs  string // Path-scoped design documents (trimmed third)
-	FileContext string // Full file content (trimmed fourth)
+	FileContext string // Full file content (trimmed third)
 	Diff        string // The actual diff (trimmed last, only truncated)
 	UserMeta    string // PR title, description, CI status (truncated only if base exceeds budget)
 }
@@ -104,7 +103,6 @@ func Fit(model string, sections Sections) Result {
 	entries := []entry{
 		{"patterns", &sections.Patterns},
 		{"conventions", &sections.Conventions},
-		{"design docs", &sections.DesignDocs},
 		{"file context", &sections.FileContext},
 	}
 
@@ -187,10 +185,6 @@ func buildResult(s Sections, trimmed []string, estTokens int) Result {
 		sys.WriteString("\n\n## Repository Conventions\n\nThe repository has the following coding conventions that must be respected:\n\n")
 		sys.WriteString(s.Conventions)
 	}
-	if s.DesignDocs != "" {
-		sys.WriteString("\n\n## Design Documents\n\nThe following design documents govern the changed code. Review the diff for adherence:\n\n")
-		sys.WriteString(s.DesignDocs)
-	}
 
 	var usr strings.Builder
 	usr.WriteString(s.UserMeta)

budget/budget_test.go

@@ -157,6 +157,7 @@ func TestFit_PreservesNoteInOutput(t *testing.T) {
 	}
 }
 
+
 func TestFit_HugeUserMeta(t *testing.T) {
 	// UserMeta so large that base alone exceeds limit
 	// Use a unique marker past the truncation point

cmd/review-bot/integration_test.go

@@ -10,7 +10,6 @@ import (
 	"testing"
 
 	"gitea.weiker.me/rodin/review-bot/gitea"
-	"gitea.weiker.me/rodin/review-bot/github"
 	"gitea.weiker.me/rodin/review-bot/llm"
 	"gitea.weiker.me/rodin/review-bot/review"
 )
@@ -160,85 +159,3 @@ func TestIntegration_PostAndCleanup(t *testing.T) {
 		t.Logf("Warning: could not delete test review %d: %v", posted.ID, err)
 	}
 }
-
-// TestIntegration_GitHub_PostAndVerifyReview exercises the full VCS routing path
-// for GitHub when INTEGRATION_GITHUB_TOKEN and INTEGRATION_GITHUB_REPO are set.
-// It verifies that the GitHub adapter is selected via VCS_TYPE=github and that
-// PostReview succeeds against a real GitHub PR.
-//
-// Required environment variables:
-//
-//	INTEGRATION_GITHUB_TOKEN  - GitHub personal access token with repo access
-//	INTEGRATION_GITHUB_REPO   - owner/repo with an open PR (e.g. Rodin-AI/review-bot)
-//	INTEGRATION_GITHUB_PR     - PR number to test against
-//
-// The test skips gracefully when these variables are absent.
-func TestIntegration_GitHub_PostAndVerifyReview(t *testing.T) {
-	githubToken := os.Getenv("INTEGRATION_GITHUB_TOKEN")
-	githubRepo := os.Getenv("INTEGRATION_GITHUB_REPO")
-	prNumStr := os.Getenv("INTEGRATION_GITHUB_PR")
-
-	if githubToken == "" || githubRepo == "" || prNumStr == "" {
-		t.Skip("INTEGRATION_GITHUB_TOKEN, INTEGRATION_GITHUB_REPO, and INTEGRATION_GITHUB_PR not set, skipping")
-	}
-
-	prNumber, err := strconv.Atoi(prNumStr)
-	if err != nil {
-		t.Fatalf("Invalid PR number %q: %v", prNumStr, err)
-	}
-
-	parts := strings.SplitN(githubRepo, "/", 2)
-	if len(parts) != 2 || parts[0] == "" || parts[1] == "" {
-		t.Fatalf("Invalid repo format %q, expected owner/repo", githubRepo)
-	}
-	owner, repoName := parts[0], parts[1]
-
-	ctx := context.Background()
-	ghClient := github.NewClient(githubToken, "https://api.github.com")
-
-	// Verify adapter selection: GetAuthenticatedUser must succeed.
-	user, err := ghClient.GetAuthenticatedUser(ctx)
-	if err != nil {
-		t.Fatalf("GetAuthenticatedUser: %v — check INTEGRATION_GITHUB_TOKEN", err)
-	}
-	t.Logf("Authenticated as: %s", user)
-
-	// Verify PR is accessible via GitHub adapter.
-	pr, err := ghClient.GetPullRequest(ctx, owner, repoName, prNumber)
-	if err != nil {
-		t.Fatalf("GetPullRequest: %v", err)
-	}
-	t.Logf("PR: %s (sha: %s)", pr.Title, pr.Head.Sha)
-
-	// Post a COMMENT review — does not require PR approval permissions.
-	sentinel := "<!-- review-bot:integration-test -->"
-	testBody := "# Integration Test Review (GitHub)\n\nThis is an automated integration test.\n\n" + sentinel
-	posted, err := ghClient.PostReview(ctx, owner, repoName, prNumber, "COMMENT", testBody, "", nil)
-	if err != nil {
-		t.Fatalf("PostReview: %v", err)
-	}
-	t.Logf("Posted review ID: %d", posted.ID)
-
-	// Verify the review appears in ListReviews.
-	reviews, err := ghClient.ListReviews(ctx, owner, repoName, prNumber)
-	if err != nil {
-		t.Fatalf("ListReviews: %v", err)
-	}
-	found := false
-	for _, r := range reviews {
-		if r.ID == posted.ID && strings.Contains(r.Body, sentinel) {
-			found = true
-			break
-		}
-	}
-	if !found {
-		t.Errorf("posted review ID %d not found in ListReviews output", posted.ID)
-	}
-
-	// Attempt cleanup — GitHub does not allow deleting submitted reviews,
-	// so this is expected to fail with ErrCannotDeleteSubmittedReview (422).
-	// Log it as informational only.
-	if err := ghClient.DeleteReview(ctx, owner, repoName, prNumber, posted.ID); err != nil {
-		t.Logf("Note: DeleteReview returned (expected for submitted GitHub reviews): %v", err)
-	}
-}

cmd/review-bot/main.go

@@ -97,8 +97,6 @@ func main() {
 	aicoreAuthURL := flag.String("aicore-auth-url", envOrDefault("AICORE_AUTH_URL", ""), "SAP AI Core auth URL (for provider=aicore)")
 	aicoreAPIURL := flag.String("aicore-api-url", envOrDefault("AICORE_API_URL", ""), "SAP AI Core API URL (for provider=aicore)")
 	aicoreResourceGroup := flag.String("aicore-resource-group", envOrDefault("AICORE_RESOURCE_GROUP", "default"), "SAP AI Core resource group (for provider=aicore)")
-	docMapFile := flag.String("doc-map", envOrDefault("DOC_MAP_FILE", ""), "Path to YAML file mapping source path globs to governing design docs")
-	docMapMaxBytes := flag.Int("doc-map-max-bytes", envOrDefaultInt("DOC_MAP_MAX_BYTES", review.DefaultDocMapMaxBytes), "Maximum bytes of injected doc content (default 102400)")
 
 	flag.Parse()
 
@@ -352,46 +350,6 @@ func main() {
 		slog.Debug("loaded system prompt file", "file", *systemPromptFile, "bytes", len(additionalPrompt))
 	}
 
-	// Step 6c: Load path-scoped design docs if doc-map specified
-	designDocs := ""
-	if *docMapFile != "" {
-		resolvedDocMap, err := validateWorkspacePath(*docMapFile, "doc-map")
-		if err != nil {
-			slog.Error("invalid doc-map path", "error", err)
-			os.Exit(1)
-		}
-		docMapCfg, err := review.ParseDocMapConfig(resolvedDocMap)
-		if err != nil {
-			slog.Error("failed to parse doc-map file", "file", *docMapFile, "error", err)
-			os.Exit(1)
-		}
-
-		// Collect changed file paths from the PR for intersection.
-		var changedPaths []string
-		for _, f := range files {
-			changedPaths = append(changedPaths, f.Filename)
-		}
-
-		matchedDocs := review.MatchDocs(docMapCfg, changedPaths)
-		slog.Debug("doc-map: matched docs", "count", len(matchedDocs), "docs", matchedDocs)
-
-		if len(matchedDocs) > 0 {
-			docMapOpts := review.DocMapOptions{MaxBytes: *docMapMaxBytes}
-			designDocs, err = review.LoadMatchingDocs(ctx, vcs, owner, repoName, matchedDocs, docMapOpts)
-			if err != nil {
-				// Non-fatal: individual missing files are already warned; log and continue.
-				slog.Warn("doc-map: partial failure loading docs", "error", err)
-			}
-			if designDocs != "" {
-				slog.Info("doc-map: injected design docs", "matched", len(matchedDocs), "bytes", len(designDocs))
-			} else {
-				slog.Debug("doc-map: no doc content loaded (all files missing or empty)")
-			}
-		} else {
-			slog.Debug("doc-map: no changed paths matched any mapping")
-		}
-	}
-
 	// Step 7: Budget-aware prompt assembly
 	var systemBase string
 	if persona != nil {
@@ -407,7 +365,6 @@ func main() {
 		SystemBase:  systemBase,
 		Patterns:    patterns,
 		Conventions: conventions,
-		DesignDocs:  designDocs,
 		FileContext: fileContext,
 		Diff:        diff,
 		UserMeta:    review.BuildUserMeta(pr.Title, pr.Body, ciPassed, ciDetails),
@@ -944,3 +901,5 @@ func shouldSkipStaleReview(evaluatedSHA, currentSHA string) bool {
 	}
 	return evaluatedSHA != currentSHA
 }
+
+

cmd/review-bot/main_test.go

@@ -2,9 +2,7 @@ package main
 
 import (
 	"bytes"
-	"context"
 	"flag"
-	"fmt"
 	"log/slog"
 	"os"
 	"os/exec"
@@ -12,7 +10,6 @@ import (
 	"strings"
 	"testing"
 
-	"gitea.weiker.me/rodin/review-bot/review"
 )
 
 func TestValidateReviewerName(t *testing.T) {
@@ -633,48 +630,6 @@ func TestEvaluateCIStatus(t *testing.T) {
 	}
 }
 
-func TestGithubAPIURL(t *testing.T) {
-	tests := []struct {
-		name  string
-		input string
-		want  string
-	}{
-		{
-			name:  "empty string defaults to api.github.com",
-			input: "",
-			want:  "https://api.github.com",
-		},
-		{
-			name:  "github.com maps to api.github.com",
-			input: "https://github.com",
-			want:  "https://api.github.com",
-		},
-		{
-			name:  "github.com with trailing slash maps to api.github.com",
-			input: "https://github.com/",
-			want:  "https://api.github.com",
-		},
-		{
-			name:  "GHES host gets /api/v3 suffix",
-			input: "https://ghe.example.com",
-			want:  "https://ghe.example.com/api/v3",
-		},
-		{
-			name:  "GHES concur domain does not map to api.github.com",
-			input: "https://github.concur.com",
-			want:  "https://github.concur.com/api/v3",
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			got := githubAPIURL(tt.input)
-			if got != tt.want {
-				t.Errorf("githubAPIURL(%q) = %q, want %q", tt.input, got, tt.want)
-			}
-		})
-	}
-}
-
 func TestEnvOrDefault(t *testing.T) {
 	// Test with unset env var
 	os.Unsetenv("TEST_ENV_OR_DEFAULT_UNSET")
@@ -1015,7 +970,7 @@ func TestMainSubprocess_InvalidProvider(t *testing.T) {
 	}
 }
 
-// cleanEnv returns environ without any GITEA/LLM/REVIEWER/VCS env vars that would
+// cleanEnv returns environ without any GITEA/LLM/REVIEWER env vars that would
 // interfere with testing missing-flag scenarios.
 func cleanEnv() []string {
 	var env []string
@@ -1030,8 +985,7 @@ func cleanEnv() []string {
 			strings.HasPrefix(key, "CONVENTIONS_"),
 			strings.HasPrefix(key, "SYSTEM_PROMPT_"),
 			strings.HasPrefix(key, "PATTERNS_"),
-			strings.HasPrefix(key, "UPDATE_"),
-			strings.HasPrefix(key, "VCS_"):
+			strings.HasPrefix(key, "UPDATE_"):
 			continue
 		default:
 			env = append(env, e)
@@ -1110,276 +1064,3 @@ func TestShouldSkipStaleReview(t *testing.T) {
 		})
 	}
 }
-
-// ============================================================
-// Mock vcsClient for unit tests
-// ============================================================
-
-// mockVCSClient is a minimal mock of vcsClient for testing helper functions.
-// Only the methods exercised by the test code need implementations; all others
-// panic with a clear message to catch accidental calls.
-type mockVCSClient struct {
-	fileContents    map[string]string // key: "owner/repo/ref/path"
-	fileContentsErr map[string]error  // key same as above → error to return
-	dirContents     map[string][]review.ContentEntry
-	dirContentsErr  map[string]error
-	allFiles        map[string]map[string]string // key: "owner/repo/path"
-	allFilesErr     map[string]error
-}
-
-func (m *mockVCSClient) key(owner, repo, extra string) string {
-	return owner + "/" + repo + "/" + extra
-}
-
-func (m *mockVCSClient) GetPullRequest(ctx context.Context, owner, repo string, number int) (*vcsPullRequest, error) {
-	panic("GetPullRequest not implemented in mockVCSClient")
-}
-
-func (m *mockVCSClient) GetPullRequestDiff(ctx context.Context, owner, repo string, number int) (string, error) {
-	panic("GetPullRequestDiff not implemented in mockVCSClient")
-}
-
-func (m *mockVCSClient) GetPullRequestFiles(ctx context.Context, owner, repo string, number int) ([]vcsChangedFile, error) {
-	panic("GetPullRequestFiles not implemented in mockVCSClient")
-}
-
-func (m *mockVCSClient) GetCommitStatuses(ctx context.Context, owner, repo, sha string) ([]vcsCommitStatus, error) {
-	panic("GetCommitStatuses not implemented in mockVCSClient")
-}
-
-func (m *mockVCSClient) GetFileContent(ctx context.Context, owner, repo, filepath string) (string, error) {
-	panic("GetFileContent not implemented in mockVCSClient")
-}
-
-func (m *mockVCSClient) GetFileContentRef(ctx context.Context, owner, repo, path, ref string) (string, error) {
-	k := m.key(owner, repo, ref+"/"+path)
-	if err, ok := m.fileContentsErr[k]; ok {
-		return "", err
-	}
-	if content, ok := m.fileContents[k]; ok {
-		return content, nil
-	}
-	return "", fmt.Errorf("HTTP 404: not found")
-}
-
-func (m *mockVCSClient) ListContents(ctx context.Context, owner, repo, path string) ([]review.ContentEntry, error) {
-	k := m.key(owner, repo, path)
-	if err, ok := m.dirContentsErr[k]; ok {
-		return nil, err
-	}
-	if entries, ok := m.dirContents[k]; ok {
-		return entries, nil
-	}
-	return nil, fmt.Errorf("HTTP 404: not found")
-}
-
-func (m *mockVCSClient) GetAllFilesInPath(ctx context.Context, owner, repo, path string) (map[string]string, error) {
-	k := m.key(owner, repo, path)
-	if err, ok := m.allFilesErr[k]; ok {
-		return nil, err
-	}
-	if files, ok := m.allFiles[k]; ok {
-		return files, nil
-	}
-	return nil, fmt.Errorf("HTTP 404: not found")
-}
-
-func (m *mockVCSClient) PostReview(ctx context.Context, owner, repo string, number int, event, body, commitID string, comments []vcsReviewComment) (*vcsReview, error) {
-	panic("PostReview not implemented in mockVCSClient")
-}
-
-func (m *mockVCSClient) ListReviews(ctx context.Context, owner, repo string, number int) ([]vcsReview, error) {
-	panic("ListReviews not implemented in mockVCSClient")
-}
-
-func (m *mockVCSClient) DeleteReview(ctx context.Context, owner, repo string, number int, reviewID int64) error {
-	panic("DeleteReview not implemented in mockVCSClient")
-}
-
-func (m *mockVCSClient) GetAuthenticatedUser(ctx context.Context) (string, error) {
-	panic("GetAuthenticatedUser not implemented in mockVCSClient")
-}
-
-func (m *mockVCSClient) RequestReviewer(ctx context.Context, owner, repo string, number int, reviewer string) error {
-	panic("RequestReviewer not implemented in mockVCSClient")
-}
-
-// ============================================================
-// fetchFileContext tests
-// ============================================================
-
-func TestFetchFileContext_NoFiles(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{}
-	got := fetchFileContext(ctx, client, "owner", "repo", "main", nil)
-	if got != "" {
-		t.Errorf("expected empty string for no files, got: %q", got)
-	}
-}
-
-func TestFetchFileContext_SkipsRemovedFiles(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{}
-	files := []vcsChangedFile{
-		{Filename: "gone.go", Status: "removed"},
-	}
-	got := fetchFileContext(ctx, client, "owner", "repo", "main", files)
-	if got != "" {
-		t.Errorf("expected empty string for removed file, got: %q", got)
-	}
-}
-
-func TestFetchFileContext_FetchesModifiedFiles(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{
-		fileContents: map[string]string{
-			"owner/repo/main/foo.go": "package main\n\nfunc main() {}\n",
-		},
-	}
-	files := []vcsChangedFile{
-		{Filename: "foo.go", Status: "modified"},
-	}
-	got := fetchFileContext(ctx, client, "owner", "repo", "main", files)
-	if !strings.Contains(got, "--- foo.go ---") {
-		t.Errorf("expected file header in output, got: %q", got)
-	}
-	if !strings.Contains(got, "package main") {
-		t.Errorf("expected file content in output, got: %q", got)
-	}
-}
-
-func TestFetchFileContext_ContinuesOnError(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{
-		fileContents: map[string]string{
-			"owner/repo/main/good.go": "package good\n",
-		},
-		fileContentsErr: map[string]error{
-			"owner/repo/main/bad.go": fmt.Errorf("network error"),
-		},
-	}
-	files := []vcsChangedFile{
-		{Filename: "bad.go", Status: "modified"},
-		{Filename: "good.go", Status: "modified"},
-	}
-	got := fetchFileContext(ctx, client, "owner", "repo", "main", files)
-	// bad.go fails, good.go should still be included
-	if strings.Contains(got, "bad.go") {
-		t.Errorf("should not include failed file, got: %q", got)
-	}
-	if !strings.Contains(got, "good.go") {
-		t.Errorf("should include successful file, got: %q", got)
-	}
-}
-
-func TestFetchFileContext_RespectsContextCancellation(t *testing.T) {
-	ctx, cancel := context.WithCancel(context.Background())
-	cancel() // Cancel immediately
-
-	client := &mockVCSClient{
-		fileContents: map[string]string{
-			"owner/repo/main/foo.go": "package foo\n",
-		},
-	}
-	files := []vcsChangedFile{
-		{Filename: "foo.go", Status: "modified"},
-	}
-	got := fetchFileContext(ctx, client, "owner", "repo", "main", files)
-	// With cancelled context, the loop breaks before fetching
-	if got != "" {
-		t.Errorf("expected empty string with cancelled context, got: %q", got)
-	}
-}
-
-// ============================================================
-// fetchPatterns tests
-// ============================================================
-
-func TestFetchPatterns_EmptyRepo(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{}
-	got := fetchPatterns(ctx, client, "", "")
-	if got != "" {
-		t.Errorf("expected empty string for empty patternsRepo, got: %q", got)
-	}
-}
-
-func TestFetchPatterns_SingleRepoAllFiles(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{
-		allFiles: map[string]map[string]string{
-			"rodin/patterns/": {
-				"patterns/go.md":  "# Go patterns\n\nUse interfaces.",
-				"patterns/binary": "binary data",
-			},
-		},
-	}
-	got := fetchPatterns(ctx, client, "rodin/patterns", "")
-	if !strings.Contains(got, "# Go patterns") {
-		t.Errorf("expected markdown content, got: %q", got)
-	}
-	// Binary file should be excluded
-	if strings.Contains(got, "binary data") {
-		t.Errorf("binary file should be excluded, got: %q", got)
-	}
-}
-
-func TestFetchPatterns_SpecificFiles(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{
-		allFiles: map[string]map[string]string{
-			"rodin/patterns/go.md": {
-				"go.md": "# Go idioms\n",
-			},
-		},
-	}
-	got := fetchPatterns(ctx, client, "rodin/patterns", "go.md")
-	if !strings.Contains(got, "# Go idioms") {
-		t.Errorf("expected go idioms content, got: %q", got)
-	}
-}
-
-func TestFetchPatterns_SkipsInvalidRepo(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{}
-	// "badrepo" has no slash, should be skipped
-	got := fetchPatterns(ctx, client, "badrepo", "")
-	if got != "" {
-		t.Errorf("expected empty string for invalid repo format, got: %q", got)
-	}
-}
-
-func TestFetchPatterns_ContinuesOnFetchError(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{
-		allFilesErr: map[string]error{
-			"owner/repo/": fmt.Errorf("server error"),
-		},
-	}
-	// Should not panic; should return empty string
-	got := fetchPatterns(ctx, client, "owner/repo", "")
-	if got != "" {
-		t.Errorf("expected empty string on fetch error, got: %q", got)
-	}
-}
-
-func TestFetchPatterns_MultipleRepos(t *testing.T) {
-	ctx := context.Background()
-	client := &mockVCSClient{
-		allFiles: map[string]map[string]string{
-			"org/go-patterns/": {
-				"idioms.md": "# Go idioms\n",
-			},
-			"org/elixir-patterns/": {
-				"pipes.md": "# Elixir pipes\n",
-			},
-		},
-	}
-	got := fetchPatterns(ctx, client, "org/go-patterns, org/elixir-patterns", "")
-	if !strings.Contains(got, "# Go idioms") {
-		t.Errorf("expected Go idioms content, got: %q", got)
-	}
-	if !strings.Contains(got, "# Elixir pipes") {
-		t.Errorf("expected Elixir pipes content, got: %q", got)
-	}
-}

gitea/client_test.go

@@ -971,7 +971,6 @@ func TestDoGet_RespectsContextCancellation(t *testing.T) {
 		t.Errorf("attempts = %d, expected 1 before context cancel during backoff", attempts)
 	}
 }
-
 // mockTransport is a test helper that returns errors for the first N calls,
 // then delegates to a real server.
 type mockTransport struct {
@@ -1420,80 +1419,3 @@ func TestNewSafeHTTPClient_PreservesDefaultTransportSettings(t *testing.T) {
 		t.Error("DialContext is nil; expected safeDialContext")
 	}
 }
-
-func TestGetTimelineReviewCommentIDForReview(t *testing.T) {
-	const reviewID = int64(42)
-	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		switch r.URL.Path {
-		case "/api/v1/repos/owner/repo/pulls/5/reviews/42":
-			w.Write([]byte(`{"body": "The review body <!-- review-bot:sonnet -->", "user": {"login": "sonnet-review"}}`))
-		case "/api/v1/repos/owner/repo/issues/5/timeline":
-			w.Write([]byte(`[
-				{"id": 100, "type": "comment", "body": "unrelated", "user": {"login": "sonnet-review"}},
-				{"id": 200, "type": "review", "body": "The review body <!-- review-bot:sonnet -->", "user": {"login": "sonnet-review"}}
-			]`))
-		default:
-			t.Errorf("unexpected path: %s", r.URL.Path)
-			w.WriteHeader(http.StatusNotFound)
-		}
-	}))
-	defer server.Close()
-
-	client := NewTestClient(server.URL, "test-token")
-	id, err := client.GetTimelineReviewCommentIDForReview(context.Background(), "owner", "repo", 5, reviewID)
-	if err != nil {
-		t.Fatalf("GetTimelineReviewCommentIDForReview() error = %v", err)
-	}
-	if id != 200 {
-		t.Errorf("got id=%d, want 200", id)
-	}
-}
-
-func TestGetTimelineReviewCommentIDForReview_ReviewFetchError(t *testing.T) {
-	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.WriteHeader(http.StatusNotFound)
-		w.Write([]byte(`{"message":"not found"}`))
-	}))
-	defer server.Close()
-
-	client := NewTestClient(server.URL, "test-token")
-	_, err := client.GetTimelineReviewCommentIDForReview(context.Background(), "owner", "repo", 5, 99)
-	if err == nil {
-		t.Fatal("expected error for missing review, got nil")
-	}
-}
-
-func TestGetTimelineReviewCommentIDForReview_EmptyBody(t *testing.T) {
-	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Write([]byte(`{"body": "", "user": {"login": "bot"}}`))
-	}))
-	defer server.Close()
-
-	client := NewTestClient(server.URL, "test-token")
-	_, err := client.GetTimelineReviewCommentIDForReview(context.Background(), "owner", "repo", 5, 42)
-	if err == nil {
-		t.Fatal("expected error for empty body, got nil")
-	}
-	if !strings.Contains(err.Error(), "empty body") {
-		t.Errorf("error = %q, want to contain 'empty body'", err.Error())
-	}
-}
-
-func TestGetTimelineReviewCommentIDForReview_NotFoundInTimeline(t *testing.T) {
-	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		switch r.URL.Path {
-		case "/api/v1/repos/owner/repo/pulls/5/reviews/42":
-			w.Write([]byte(`{"body": "review content <!-- review-bot:sonnet -->", "user": {"login": "bot"}}`))
-		default:
-			// Timeline returns events that don't match (different user)
-			w.Write([]byte(`[{"id": 1, "type": "review", "body": "review content <!-- review-bot:sonnet -->", "user": {"login": "other-user"}}]`))
-		}
-	}))
-	defer server.Close()
-
-	client := NewTestClient(server.URL, "test-token")
-	_, err := client.GetTimelineReviewCommentIDForReview(context.Background(), "owner", "repo", 5, 42)
-	if err == nil {
-		t.Fatal("expected error when review not found in timeline, got nil")
-	}
-}

github/client_test.go

@@ -1130,98 +1130,3 @@ func TestEscapePath_SpecialChars(t *testing.T) {
 		}
 	}
 }
-
-func TestGetAllFilesInPath_DirectoryWithFiles(t *testing.T) {
-	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		switch r.URL.Path {
-		case "/repos/owner/repo/contents/patterns":
-			// Directory listing
-			w.WriteHeader(http.StatusOK)
-			w.Write([]byte(`[{"name":"go.md","path":"patterns/go.md","type":"file"}]`))
-		case "/repos/owner/repo/contents/patterns/go.md":
-			// GitHub file response with base64 content
-			w.WriteHeader(http.StatusOK)
-			w.Write([]byte(`{"name":"go.md","path":"patterns/go.md","type":"file","encoding":"base64","content":"IyBHbyBwYXR0ZXJucwo="}`))
-		default:
-			t.Errorf("unexpected path: %s", r.URL.Path)
-			w.WriteHeader(http.StatusNotFound)
-		}
-	}))
-	defer srv.Close()
-
-	c := NewClient("tok", srv.URL, AllowInsecureHTTPForTest())
-	files, err := c.GetAllFilesInPath(context.Background(), "owner", "repo", "patterns")
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if len(files) != 1 {
-		t.Fatalf("len(files) = %d, want 1", len(files))
-	}
-	if files["patterns/go.md"] != "# Go patterns\n" {
-		t.Errorf("unexpected content: %q", files["patterns/go.md"])
-	}
-}
-
-func TestGetAllFilesInPath_404FallsBackToFile(t *testing.T) {
-	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		switch r.URL.Path {
-		case "/repos/owner/repo/contents/README.md":
-			// ListContents returns 404 for file paths
-			w.WriteHeader(http.StatusNotFound)
-			w.Write([]byte(`{"message":"Not Found"}`))
-		default:
-			t.Errorf("unexpected path: %s", r.URL.Path)
-			w.WriteHeader(http.StatusNotFound)
-		}
-	}))
-	defer srv.Close()
-
-	c := NewClient("tok", srv.URL, AllowInsecureHTTPForTest())
-	// GetFileContent also goes to /contents/ — this will 404 too.
-	// The function should return the path-not-found error.
-	_, err := c.GetAllFilesInPath(context.Background(), "owner", "repo", "README.md")
-	if err == nil {
-		t.Fatal("expected error when both dir and file 404, got nil")
-	}
-}
-
-func TestGetAllFilesInPath_DirectoryWithSubdir(t *testing.T) {
-	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		switch r.URL.Path {
-		case "/repos/owner/repo/contents/src":
-			w.WriteHeader(http.StatusOK)
-			w.Write([]byte(`[
-				{"name":"main.go","path":"src/main.go","type":"file"},
-				{"name":"sub","path":"src/sub","type":"dir"}
-			]`))
-		case "/repos/owner/repo/contents/src/main.go":
-			w.WriteHeader(http.StatusOK)
-			w.Write([]byte(`{"name":"main.go","path":"src/main.go","type":"file","encoding":"base64","content":"cGFja2FnZSBtYWluCg=="}`))
-		case "/repos/owner/repo/contents/src/sub":
-			w.WriteHeader(http.StatusOK)
-			w.Write([]byte(`[{"name":"util.go","path":"src/sub/util.go","type":"file"}]`))
-		case "/repos/owner/repo/contents/src/sub/util.go":
-			w.WriteHeader(http.StatusOK)
-			w.Write([]byte(`{"name":"util.go","path":"src/sub/util.go","type":"file","encoding":"base64","content":"cGFja2FnZSBzdWIK"}`))
-		default:
-			t.Errorf("unexpected path: %s", r.URL.Path)
-			w.WriteHeader(http.StatusNotFound)
-		}
-	}))
-	defer srv.Close()
-
-	c := NewClient("tok", srv.URL, AllowInsecureHTTPForTest())
-	files, err := c.GetAllFilesInPath(context.Background(), "owner", "repo", "src")
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if len(files) != 2 {
-		t.Fatalf("len(files) = %d, want 2: %v", len(files), files)
-	}
-	if files["src/main.go"] != "package main\n" {
-		t.Errorf("src/main.go content unexpected: %q", files["src/main.go"])
-	}
-	if files["src/sub/util.go"] != "package sub\n" {
-		t.Errorf("src/sub/util.go content unexpected: %q", files["src/sub/util.go"])
-	}
-}

llm/client_test.go

@@ -210,6 +210,7 @@ func TestWithTimeout(t *testing.T) {
 	}
 }
 
+
 func TestComplete_Anthropic_Success(t *testing.T) {
 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if r.URL.Path != "/messages" {

review/docmap.go

@@ -1,303 +0,0 @@
-// Package review provides doc-map parsing and doc injection for path-scoped
-// design document context in AI code reviews.
-package review
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-	"os"
-	"path/filepath"
-	"strings"
-	"unicode/utf8"
-
-	"github.com/goccy/go-yaml"
-)
-
-const (
-	// DefaultDocMapMaxBytes is the default cap on total injected doc content.
-	DefaultDocMapMaxBytes = 100 * 1024 // 100 KB
-)
-
-// DocMapping maps a set of path glob patterns to governing doc files/directories.
-type DocMapping struct {
-	Paths []string `yaml:"paths"` // glob patterns matched against changed PR files
-	Docs  []string `yaml:"docs"`  // doc file paths or directories in the reviewed repo
-}
-
-// DocMapConfig is the top-level structure of a doc-map YAML file.
-type DocMapConfig struct {
-	Mappings []DocMapping `yaml:"mappings"`
-}
-
-// DocMapOptions configures behavior for doc loading.
-type DocMapOptions struct {
-	// MaxBytes caps the total size of injected doc content. Default: DefaultDocMapMaxBytes.
-	MaxBytes int
-}
-
-// DocFetcher reads file and directory content from a VCS repository.
-// It is a subset of vcsClient, defined here to keep the review package free
-// of cmd-level dependencies.
-type DocFetcher interface {
-	// GetFileContent returns the content of a single file at default branch.
-	GetFileContent(ctx context.Context, owner, repo, path string) (string, error)
-	// GetAllFilesInPath returns all files (path → content) under a directory.
-	GetAllFilesInPath(ctx context.Context, owner, repo, path string) (map[string]string, error)
-}
-
-// ParseDocMapConfig reads and parses a doc-map YAML file from a local path.
-// Unknown top-level keys produce a warning but are not fatal.
-func ParseDocMapConfig(localPath string) (*DocMapConfig, error) {
-	data, err := readFileBytes(localPath)
-	if err != nil {
-		return nil, fmt.Errorf("read doc-map file %q: %w", localPath, err)
-	}
-
-	var cfg DocMapConfig
-	if err := yaml.UnmarshalWithOptions(data, &cfg, yaml.Strict()); err != nil {
-		// Re-parse without strict mode to log which keys are unknown.
-		var relaxed DocMapConfig
-		if err2 := yaml.Unmarshal(data, &relaxed); err2 != nil {
-			return nil, fmt.Errorf("parse doc-map YAML %q: %w", localPath, err)
-		}
-		slog.Warn("doc-map YAML contains unknown keys (ignored)", "file", localPath, "error", err)
-		cfg = relaxed
-	}
-	return &cfg, nil
-}
-
-// MatchDocs returns deduplicated doc paths for the given changed file paths.
-// A mapping matches if any of its path globs matches any of the changed files.
-func MatchDocs(cfg *DocMapConfig, changedFiles []string) []string {
-	seen := make(map[string]struct{})
-	var result []string
-
-	for _, mapping := range cfg.Mappings {
-		if len(mapping.Paths) == 0 || len(mapping.Docs) == 0 {
-			continue
-		}
-		if mappingMatches(mapping.Paths, changedFiles) {
-			for _, doc := range mapping.Docs {
-				if doc == "" {
-					continue
-				}
-				if _, ok := seen[doc]; !ok {
-					seen[doc] = struct{}{}
-					result = append(result, doc)
-				}
-			}
-		}
-	}
-	return result
-}
-
-// mappingMatches returns true if any glob in patterns matches any file in files.
-func mappingMatches(patterns, files []string) bool {
-	for _, pat := range patterns {
-		for _, f := range files {
-			if globMatch(pat, f) {
-				return true
-			}
-		}
-	}
-	return false
-}
-
-// globMatch matches a path against a glob pattern that may contain **.
-// It supports:
-//   - Standard path.Match patterns (*, ?, [range])
-//   - ** as a path segment that matches zero or more segments
-//   - Trailing /** to match a directory and all its contents
-//
-// The pattern and path use forward slash as separator.
-func globMatch(pattern, path string) bool {
-	return globMatchParts(splitPath(pattern), splitPath(path))
-}
-
-// splitPath splits a slash-separated path into non-empty parts.
-func splitPath(p string) []string {
-	// Clean and split on "/"
-	parts := strings.Split(p, "/")
-	result := make([]string, 0, len(parts))
-	for _, part := range parts {
-		if part != "" {
-			result = append(result, part)
-		}
-	}
-	return result
-}
-
-// globMatchParts recursively matches pattern parts against path parts.
-func globMatchParts(patParts, pathParts []string) bool {
-	for len(patParts) > 0 {
-		pat := patParts[0]
-		if pat == "**" {
-			patParts = patParts[1:]
-			if len(patParts) == 0 {
-				// Trailing **: matches any remaining path (including empty).
-				return true
-			}
-			// ** in the middle: try matching the rest at every position.
-			for i := 0; i <= len(pathParts); i++ {
-				if globMatchParts(patParts, pathParts[i:]) {
-					return true
-				}
-			}
-			return false
-		}
-		// Non-** segment: path must have a segment here.
-		if len(pathParts) == 0 {
-			return false
-		}
-		matched, err := filepath.Match(pat, pathParts[0])
-		if err != nil || !matched {
-			return false
-		}
-		patParts = patParts[1:]
-		pathParts = pathParts[1:]
-	}
-	// All pattern parts consumed; path must also be consumed.
-	return len(pathParts) == 0
-}
-
-// LoadMatchingDocs fetches content for the given doc paths via VCS and returns
-// a formatted string suitable for injection into the system prompt.
-//
-// Behavior:
-//   - Paths that look like directories (end with /, or GetAllFilesInPath returns files)
-//     are expanded to all .md files under them.
-//   - Missing files are logged as warnings and skipped.
-//   - Total content is capped at opts.MaxBytes; truncation is noted inline.
-func LoadMatchingDocs(ctx context.Context, fetcher DocFetcher, owner, repo string, docPaths []string, opts DocMapOptions) (string, error) {
-	if opts.MaxBytes <= 0 {
-		opts.MaxBytes = DefaultDocMapMaxBytes
-	}
-
-	var sb strings.Builder
-	totalBytes := 0
-	limitReached := false
-
-	for _, docPath := range docPaths {
-		if ctx.Err() != nil {
-			break
-		}
-		if limitReached {
-			slog.Warn("doc-map: context size limit reached, skipping remaining docs",
-				"remaining_path", docPath, "limit_bytes", opts.MaxBytes)
-			break
-		}
-
-		entries, err := loadDocEntries(ctx, fetcher, owner, repo, docPath)
-		if err != nil {
-			slog.Warn("doc-map: could not load doc, skipping", "path", docPath, "error", err)
-			continue
-		}
-		if len(entries) == 0 {
-			slog.Debug("doc-map: no .md files found under path", "path", docPath)
-			continue
-		}
-
-		for _, entry := range entries {
-			if limitReached {
-				break
-			}
-			available := opts.MaxBytes - totalBytes
-			if available <= 0 {
-				limitReached = true
-				sb.WriteString("\n\n> ⚠️ Design document context truncated — size limit reached.\n")
-				break
-			}
-
-			content := entry.content
-			truncated := false
-			if len(content) > available {
-				content = truncateUTF8(content, available)
-				truncated = true
-				limitReached = true
-			}
-
-			sb.WriteString("### ")
-			sb.WriteString(entry.path)
-			sb.WriteString("\n\n")
-			sb.WriteString(content)
-			sb.WriteString("\n")
-			if truncated {
-				sb.WriteString("\n> ⚠️ (truncated — size limit reached)\n")
-			}
-			totalBytes += len(content)
-			slog.Debug("doc-map: injected doc", "path", entry.path, "bytes", len(content))
-		}
-	}
-
-	if sb.Len() == 0 {
-		return "", nil
-	}
-	return sb.String(), nil
-}
-
-// docEntry holds a single doc file path and content.
-type docEntry struct {
-	path    string
-	content string
-}
-
-// loadDocEntries returns the doc content for a given path.
-// If the path is a directory, all .md files under it are returned.
-// If it's a file, a single entry is returned.
-func loadDocEntries(ctx context.Context, fetcher DocFetcher, owner, repo, docPath string) ([]docEntry, error) {
-	// Try directory expansion first.
-	files, err := fetcher.GetAllFilesInPath(ctx, owner, repo, docPath)
-	if err == nil && len(files) > 0 {
-		// Filter for .md files only.
-		var entries []docEntry
-		for path, content := range files {
-			if isMDFile(path) {
-				entries = append(entries, docEntry{path: path, content: content})
-			}
-		}
-		// Sort for deterministic output.
-		sortDocEntries(entries)
-		return entries, nil
-	}
-
-	// Try as a single file.
-	content, fileErr := fetcher.GetFileContent(ctx, owner, repo, docPath)
-	if fileErr != nil {
-		// Return the file error (more specific than directory error).
-		return nil, fmt.Errorf("fetch doc %q: %w", docPath, fileErr)
-	}
-	return []docEntry{{path: docPath, content: content}}, nil
-}
-
-// isMDFile returns true if the file has a .md extension.
-func isMDFile(path string) bool {
-	return strings.HasSuffix(strings.ToLower(path), ".md")
-}
-
-// sortDocEntries sorts entries by path for deterministic output.
-func sortDocEntries(entries []docEntry) {
-	// Simple insertion sort (doc lists are small).
-	for i := 1; i < len(entries); i++ {
-		for j := i; j > 0 && entries[j].path < entries[j-1].path; j-- {
-			entries[j], entries[j-1] = entries[j-1], entries[j]
-		}
-	}
-}
-
-// readFileBytes reads the contents of a local file.
-func readFileBytes(path string) ([]byte, error) {
-	return os.ReadFile(path)
-}
-
-// truncateUTF8 truncates s to at most maxBytes without splitting multi-byte
-// UTF-8 characters. Returns a valid UTF-8 string of at most maxBytes bytes.
-func truncateUTF8(s string, maxBytes int) string {
-	if len(s) <= maxBytes {
-		return s
-	}
-	for maxBytes > 0 && !utf8.RuneStart(s[maxBytes]) {
-		maxBytes--
-	}
-	return s[:maxBytes]
-}

review/docmap_test.go

@@ -1,394 +0,0 @@
-package review
-
-import (
-	"context"
-	"errors"
-	"os"
-	"path/filepath"
-	"strings"
-	"testing"
-)
-
-// fakeDocFetcher is a mock DocFetcher for tests.
-type fakeDocFetcher struct {
-	files map[string]string // path -> content
-	dirs  map[string]map[string]string // dir path -> (file path -> content)
-}
-
-func (f *fakeDocFetcher) GetFileContent(_ context.Context, _, _, path string) (string, error) {
-	if content, ok := f.files[path]; ok {
-		return content, nil
-	}
-	return "", errors.New("file not found: " + path)
-}
-
-func (f *fakeDocFetcher) GetAllFilesInPath(_ context.Context, _, _, path string) (map[string]string, error) {
-	if files, ok := f.dirs[path]; ok {
-		return files, nil
-	}
-	// Return empty (not an error) for unknown directories.
-	return nil, nil
-}
-
-// ============================================================
-// ParseDocMapConfig
-// ============================================================
-
-func TestParseDocMapConfig_Valid(t *testing.T) {
-	yaml := `
-mappings:
-  - paths:
-      - "lib/foo/**"
-    docs:
-      - docs/foo.md
-  - paths:
-      - "lib/bar/**"
-      - "lib/baz.go"
-    docs:
-      - docs/bar.md
-      - docs/shared/
-`
-	f := writeTempYAML(t, yaml)
-	cfg, err := ParseDocMapConfig(f)
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if len(cfg.Mappings) != 2 {
-		t.Fatalf("expected 2 mappings, got %d", len(cfg.Mappings))
-	}
-	if cfg.Mappings[0].Paths[0] != "lib/foo/**" {
-		t.Errorf("unexpected path: %q", cfg.Mappings[0].Paths[0])
-	}
-	if cfg.Mappings[1].Docs[1] != "docs/shared/" {
-		t.Errorf("unexpected doc: %q", cfg.Mappings[1].Docs[1])
-	}
-}
-
-func TestParseDocMapConfig_InvalidYAML(t *testing.T) {
-	f := writeTempYAML(t, "mappings: [{{invalid")
-	_, err := ParseDocMapConfig(f)
-	if err == nil {
-		t.Fatal("expected error for invalid YAML, got nil")
-	}
-}
-
-func TestParseDocMapConfig_EmptyMappings(t *testing.T) {
-	f := writeTempYAML(t, "mappings: []\n")
-	cfg, err := ParseDocMapConfig(f)
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if len(cfg.Mappings) != 0 {
-		t.Errorf("expected 0 mappings, got %d", len(cfg.Mappings))
-	}
-}
-
-func TestParseDocMapConfig_UnknownKeys(t *testing.T) {
-	// Unknown keys should produce a warning but not fail.
-	yaml := `
-mappings:
-  - paths: ["lib/foo/**"]
-    docs: ["docs/foo.md"]
-extra_key: ignored
-`
-	f := writeTempYAML(t, yaml)
-	// Should succeed (lenient parsing).
-	cfg, err := ParseDocMapConfig(f)
-	if err != nil {
-		t.Fatalf("unexpected error for unknown keys: %v", err)
-	}
-	if len(cfg.Mappings) != 1 {
-		t.Errorf("expected 1 mapping, got %d", len(cfg.Mappings))
-	}
-}
-
-func TestParseDocMapConfig_FileNotFound(t *testing.T) {
-	_, err := ParseDocMapConfig("/nonexistent/path/doc-map.yml")
-	if err == nil {
-		t.Fatal("expected error for missing file, got nil")
-	}
-}
-
-// ============================================================
-// MatchDocs
-// ============================================================
-
-func TestMatchDocs_NoMatch(t *testing.T) {
-	cfg := &DocMapConfig{
-		Mappings: []DocMapping{
-			{Paths: []string{"lib/foo/**"}, Docs: []string{"docs/foo.md"}},
-		},
-	}
-	got := MatchDocs(cfg, []string{"lib/bar/baz.go"})
-	if len(got) != 0 {
-		t.Errorf("expected no matches, got %v", got)
-	}
-}
-
-func TestMatchDocs_SingleMatch(t *testing.T) {
-	cfg := &DocMapConfig{
-		Mappings: []DocMapping{
-			{Paths: []string{"lib/foo/**"}, Docs: []string{"docs/foo.md"}},
-		},
-	}
-	got := MatchDocs(cfg, []string{"lib/foo/bar.go"})
-	if len(got) != 1 || got[0] != "docs/foo.md" {
-		t.Errorf("expected [docs/foo.md], got %v", got)
-	}
-}
-
-func TestMatchDocs_MultipleMatchesDeduplicated(t *testing.T) {
-	cfg := &DocMapConfig{
-		Mappings: []DocMapping{
-			{Paths: []string{"lib/foo/**"}, Docs: []string{"docs/shared.md", "docs/foo.md"}},
-			{Paths: []string{"lib/bar/**"}, Docs: []string{"docs/shared.md", "docs/bar.md"}},
-		},
-	}
-	got := MatchDocs(cfg, []string{"lib/foo/a.go", "lib/bar/b.go"})
-	// Both match; docs/shared.md should appear only once.
-	wantSet := map[string]bool{
-		"docs/shared.md": true,
-		"docs/foo.md":    true,
-		"docs/bar.md":    true,
-	}
-	if len(got) != 3 {
-		t.Errorf("expected 3 docs, got %d: %v", len(got), got)
-	}
-	for _, d := range got {
-		if !wantSet[d] {
-			t.Errorf("unexpected doc: %q", d)
-		}
-	}
-}
-
-func TestMatchDocs_EmptyPaths(t *testing.T) {
-	// Mapping with empty paths list should not match anything.
-	cfg := &DocMapConfig{
-		Mappings: []DocMapping{
-			{Paths: []string{}, Docs: []string{"docs/foo.md"}},
-		},
-	}
-	got := MatchDocs(cfg, []string{"lib/foo/bar.go"})
-	if len(got) != 0 {
-		t.Errorf("expected no matches for empty paths, got %v", got)
-	}
-}
-
-func TestMatchDocs_EmptyDocs(t *testing.T) {
-	// Mapping with empty docs list should produce nothing.
-	cfg := &DocMapConfig{
-		Mappings: []DocMapping{
-			{Paths: []string{"lib/foo/**"}, Docs: []string{}},
-		},
-	}
-	got := MatchDocs(cfg, []string{"lib/foo/bar.go"})
-	if len(got) != 0 {
-		t.Errorf("expected no docs for empty docs list, got %v", got)
-	}
-}
-
-func TestMatchDocs_ExactMatch(t *testing.T) {
-	cfg := &DocMapConfig{
-		Mappings: []DocMapping{
-			{Paths: []string{"lib/baz.go"}, Docs: []string{"docs/baz.md"}},
-		},
-	}
-	got := MatchDocs(cfg, []string{"lib/baz.go"})
-	if len(got) != 1 || got[0] != "docs/baz.md" {
-		t.Errorf("expected [docs/baz.md], got %v", got)
-	}
-}
-
-// ============================================================
-// globMatch
-// ============================================================
-
-func TestGlobMatch(t *testing.T) {
-	tests := []struct {
-		name    string
-		pattern string
-		path    string
-		want    bool
-	}{
-		{"exact match", "lib/foo/bar.go", "lib/foo/bar.go", true},
-		{"exact no match", "lib/foo/bar.go", "lib/foo/baz.go", false},
-		{"star wildcard", "lib/foo/*.go", "lib/foo/bar.go", true},
-		{"star no match cross-dir", "lib/foo/*.go", "lib/foo/sub/bar.go", false},
-		{"trailing doublestar", "lib/foo/**", "lib/foo/bar.go", true},
-		{"trailing doublestar nested", "lib/foo/**", "lib/foo/sub/deep/bar.go", true},
-		// Note: trailing ** matches the parent path too; PR file lists contain file paths
-		// (not directories), so this corner case does not arise in practice.
-		{"trailing doublestar matches parent", "lib/foo/**", "lib/foo", true},
-		{"doublestar in middle", "lib/**/bar.go", "lib/foo/sub/bar.go", true},
-		{"doublestar in middle no match", "lib/**/bar.go", "lib/foo/sub/baz.go", false},
-		{"leading doublestar", "**/bar.go", "lib/foo/bar.go", true},
-		{"leading doublestar top-level", "**/bar.go", "bar.go", true},
-		{"question mark", "lib/foo/ba?.go", "lib/foo/bar.go", true},
-		{"question mark no match", "lib/foo/ba?.go", "lib/foo/ba.go", false},
-		{"star matches none in segment", "lib/*/bar.go", "lib/bar.go", false},
-		{"star single segment", "lib/*/bar.go", "lib/foo/bar.go", true},
-	}
-
-	for _, tc := range tests {
-		t.Run(tc.name, func(t *testing.T) {
-			got := globMatch(tc.pattern, tc.path)
-			if got != tc.want {
-				t.Errorf("globMatch(%q, %q) = %v, want %v", tc.pattern, tc.path, got, tc.want)
-			}
-		})
-	}
-}
-
-// ============================================================
-// LoadMatchingDocs
-// ============================================================
-
-func TestLoadMatchingDocs_FileInjection(t *testing.T) {
-	fetcher := &fakeDocFetcher{
-		files: map[string]string{
-			"docs/foo.md": "# Foo Design\n\nThis is the foo doc.",
-		},
-	}
-	content, err := LoadMatchingDocs(context.Background(), fetcher, "owner", "repo",
-		[]string{"docs/foo.md"}, DocMapOptions{MaxBytes: DefaultDocMapMaxBytes})
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if !strings.Contains(content, "# Foo Design") {
-		t.Errorf("expected doc content, got: %q", content)
-	}
-	if !strings.Contains(content, "### docs/foo.md") {
-		t.Errorf("expected heading with path, got: %q", content)
-	}
-}
-
-func TestLoadMatchingDocs_MissingFileSkipped(t *testing.T) {
-	fetcher := &fakeDocFetcher{
-		files: map[string]string{
-			"docs/present.md": "present",
-		},
-	}
-	content, err := LoadMatchingDocs(context.Background(), fetcher, "owner", "repo",
-		[]string{"docs/missing.md", "docs/present.md"}, DocMapOptions{MaxBytes: DefaultDocMapMaxBytes})
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if !strings.Contains(content, "present") {
-		t.Errorf("expected present doc content, got: %q", content)
-	}
-	// Missing file should be skipped, not cause a failure.
-}
-
-func TestLoadMatchingDocs_DirectoryExpansion(t *testing.T) {
-	fetcher := &fakeDocFetcher{
-		dirs: map[string]map[string]string{
-			"docs/domain/": {
-				"docs/domain/a.md": "# A",
-				"docs/domain/b.md": "# B",
-				"docs/domain/c.go": "package domain", // should be skipped (not .md)
-			},
-		},
-	}
-	content, err := LoadMatchingDocs(context.Background(), fetcher, "owner", "repo",
-		[]string{"docs/domain/"}, DocMapOptions{MaxBytes: DefaultDocMapMaxBytes})
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if !strings.Contains(content, "# A") {
-		t.Errorf("expected doc A content, got: %q", content)
-	}
-	if !strings.Contains(content, "# B") {
-		t.Errorf("expected doc B content, got: %q", content)
-	}
-	if strings.Contains(content, "package domain") {
-		t.Errorf("non-.md file should not be injected, got: %q", content)
-	}
-}
-
-func TestLoadMatchingDocs_DirectoryNoMDFiles(t *testing.T) {
-	fetcher := &fakeDocFetcher{
-		dirs: map[string]map[string]string{
-			"src/": {
-				"src/main.go": "package main",
-			},
-		},
-	}
-	content, err := LoadMatchingDocs(context.Background(), fetcher, "owner", "repo",
-		[]string{"src/"}, DocMapOptions{MaxBytes: DefaultDocMapMaxBytes})
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if content != "" {
-		t.Errorf("expected empty content for dir with no .md files, got: %q", content)
-	}
-}
-
-func TestLoadMatchingDocs_NoMatchingPaths(t *testing.T) {
-	fetcher := &fakeDocFetcher{}
-	content, err := LoadMatchingDocs(context.Background(), fetcher, "owner", "repo",
-		[]string{}, DocMapOptions{MaxBytes: DefaultDocMapMaxBytes})
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if content != "" {
-		t.Errorf("expected empty content for no paths, got: %q", content)
-	}
-}
-
-func TestLoadMatchingDocs_ContextSizeGuard(t *testing.T) {
-	bigContent := strings.Repeat("x", 200)
-	fetcher := &fakeDocFetcher{
-		files: map[string]string{
-			"docs/a.md": bigContent,
-			"docs/b.md": bigContent,
-			"docs/c.md": bigContent,
-		},
-	}
-	// Limit to 350 bytes — enough for a.md fully and part of b.md.
-	content, err := LoadMatchingDocs(context.Background(), fetcher, "owner", "repo",
-		[]string{"docs/a.md", "docs/b.md", "docs/c.md"}, DocMapOptions{MaxBytes: 350})
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if len(content) > 600 {
-		t.Errorf("content too large, expected ≤600 bytes total, got %d", len(content))
-	}
-	if !strings.Contains(content, "truncated") {
-		t.Errorf("expected truncation notice, got: %q", content)
-	}
-}
-
-func TestLoadMatchingDocs_Deduplication(t *testing.T) {
-	fetcher := &fakeDocFetcher{
-		files: map[string]string{
-			"docs/shared.md": "shared content",
-		},
-	}
-	// MatchDocs deduplicates before calling LoadMatchingDocs, but test it with
-	// duplicates in input too.
-	content, err := LoadMatchingDocs(context.Background(), fetcher, "owner", "repo",
-		[]string{"docs/shared.md"}, DocMapOptions{MaxBytes: DefaultDocMapMaxBytes})
-	if err != nil {
-		t.Fatalf("unexpected error: %v", err)
-	}
-	if !strings.Contains(content, "shared content") {
-		t.Errorf("expected shared content, got: %q", content)
-	}
-}
-
-// ============================================================
-// Helpers
-// ============================================================
-
-func writeTempYAML(t *testing.T, content string) string {
-	t.Helper()
-	f, err := os.CreateTemp(t.TempDir(), "doc-map-*.yml")
-	if err != nil {
-		t.Fatalf("failed to create temp file: %v", err)
-	}
-	defer f.Close()
-	if _, err := f.WriteString(content); err != nil {
-		t.Fatalf("failed to write temp file: %v", err)
-	}
-	return filepath.Clean(f.Name())
-}

review/persona_test.go

@@ -957,51 +957,3 @@ func TestYAMLMergeKeyDepthCheck(t *testing.T) {
 		t.Errorf("error = %q, want to contain 'depth'", err.Error())
 	}
 }
-
-func TestLoadPersona_NonexistentFile(t *testing.T) {
-	_, err := LoadPersona("/tmp/nonexistent-persona-file-xyz.yaml")
-	if err == nil {
-		t.Fatal("expected error for nonexistent file, got nil")
-	}
-}
-
-func TestLoadPersona_NotARegularFile(t *testing.T) {
-	// Use a directory as the path — directories are not regular files.
-	dir := t.TempDir()
-	_, err := LoadPersona(dir)
-	if err == nil {
-		t.Fatal("expected error for directory path, got nil")
-	}
-	if !strings.Contains(err.Error(), "not a regular file") {
-		t.Errorf("error = %q, want to contain 'not a regular file'", err.Error())
-	}
-}
-
-func TestLoadPersona_OversizedFile(t *testing.T) {
-	dir := t.TempDir()
-	path := filepath.Join(dir, "big.yaml")
-	// Write a file larger than MaxPersonaFileSize
-	data := make([]byte, MaxPersonaFileSize+1)
-	for i := range data {
-		data[i] = 'x'
-	}
-	if err := os.WriteFile(path, data, 0644); err != nil {
-		t.Fatalf("failed to create test file: %v", err)
-	}
-	_, err := LoadPersona(path)
-	if err == nil {
-		t.Fatal("expected error for oversized file, got nil")
-	}
-	if !strings.Contains(err.Error(), "exceeds maximum size") {
-		t.Errorf("error = %q, want to contain 'exceeds maximum size'", err.Error())
-	}
-}
-
-func TestCapitalizeFirst_RuneError(t *testing.T) {
-	// An invalid UTF-8 byte sequence should return the original string unchanged.
-	invalid := string([]byte{0xFF, 0xFE})
-	got := CapitalizeFirst(invalid)
-	if got != invalid {
-		t.Errorf("CapitalizeFirst(%q) = %q, want original %q", invalid, got, invalid)
-	}
-}

review/prompt_test.go

@@ -117,6 +117,7 @@ func TestBuildUserPrompt_WithoutFileContext(t *testing.T) {
 	}
 }
 
+
 func TestBuildSystemBase(t *testing.T) {
 	result := BuildSystemBase()
 	if result == "" {