# Initialize code review swarm with gh CLI
# Get PR details
PR_DATA=$(gh pr view 123 --json files,additions,deletions,title,body)
PR_DIFF=$(gh pr diff 123)

# Post initial review status
gh pr comment 123 --body "🔍 Multi-agent code review initiated"

# Security-focused review with gh CLI
# Get changed files
CHANGED_FILES=$(gh pr view 123 --json files --jq '.files[].path')

# Post security findings (always flags for human review)
if echo "$SECURITY_RESULTS" | grep -q "patterns_found"; then
  # Flag for security team review
  gh pr comment 123 --body "$SECURITY_RESULTS"
  # Add label to indicate security review needed
  gh pr edit 123 --add-label "needs-security-review"
else
  # Post patterns as informational comment
  gh pr comment 123 --body "$SECURITY_RESULTS"
fi

# .github/review-swarm.yml
version: 1
review:
  auto-trigger: true
  required-agents:
    - security
    - performance
    - style
  optional-agents:
    - architecture
    - accessibility
    - i18n

  thresholds:
    security: flag    # Flag for human security review
    performance: warn
    style: suggest

  rules:
    security:
      - no-eval
      - no-hardcoded-secrets
      - proper-auth-checks
    performance:
      - no-n-plus-one
      - efficient-queries
      - proper-caching
    architecture:
      - max-coupling: 5
      - min-cohesion: 0.7
      - follow-patterns

// Security pattern identification (requires human verification)
{
  "patterns_flagged": [
    "Potential SQL query construction patterns",
    "Dynamic content rendering patterns",
    "Authentication flow changes",
    "Authorization logic modifications",
    "Cryptographic function usage",
    "Dependency additions/updates",
    "Sensitive data handling patterns",
    "CORS configuration changes"
  ],
  "actions": [
    "Flag PRs requiring security team review",
    "Suggest secure coding patterns",
    "Recommend security test coverage",
    "Link to security documentation"
  ]
}

// Performance pattern analysis (heuristic-based)
{
  "patterns_identified": [
    "Algorithm complexity indicators",
    "Query patterns and joins",
    "Memory allocation patterns",
    "Cache usage patterns",
    "Network request patterns",
    "Bundle import patterns",
    "Component render patterns"
  ],
  "recommendations": [
    "Suggest benchmark additions",
    "Identify potential hotspots for profiling",
    "Flag patterns that may need optimization",
    "Recommend performance monitoring"
  ]
}

// Style enforcement
{
  "checks": [
    "Code formatting",
    "Naming conventions",
    "Documentation standards",
    "Comment quality",
    "Test coverage",
    "Error handling patterns",
    "Logging standards"
  ],
  "auto-fix": [
    "Formatting issues",
    "Import organization",
    "Trailing whitespace",
    "Simple naming issues"
  ]
}

// Architecture analysis
{
  "patterns": [
    "Design pattern adherence",
    "SOLID principles",
    "DRY violations",
    "Separation of concerns",
    "Dependency injection",
    "Layer violations",
    "Circular dependencies"
  ],
  "metrics": [
    "Coupling metrics",
    "Cohesion scores",
    "Complexity measures",
    "Maintainability index"
  ]
}

# .github/workflows/auto-review.yml
name: Automated Code Review
on:
  pull_request:
    types: [opened, synchronize]

jobs:
  swarm-review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Setup GitHub CLI
        run: echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token

      - name: Run Review Swarm
        run: |
          # Get PR context with gh CLI
          PR_NUM=${{ github.event.pull_request.number }}
          PR_DATA=$(gh pr view $PR_NUM --json files,title,body,labels)

          # Post review results
          echo "$REVIEW_OUTPUT" | gh pr review $PR_NUM --comment -F -