@nihal1983/cli

v0.2.3

Published

9 days ago

Review Policy CLI - AI-powered code review with policy-as-code

0High
0Medium
0Low

nihal1983

code-review policy-as-code ai code-quality security compliance owasp hipaa soc2 pull-request

Review Policy CLI

AI-powered code review with policy-as-code. Define review policies in CODE-POLICY.md and get intelligent, context-aware code reviews.

Installation

npm install -g @nihal1983/cli

Quick Start

# 1. Configure API keys (one-time)
review-policy config setup

# 2. Create a policy using templates
review-policy compose --interactive

# Or initialize a basic policy
review-policy init

# Validate your policy
review-policy validate CODE-POLICY.md

# Scan repository context
review-policy scan

# Review a pull request
review-policy review-pr <pr-number>

Template System (New!)

Generate professional policies from industry-standard templates:

# List available templates
review-policy list-templates

# Show template details
review-policy show-template owasp-top-10-2025

# Interactive wizard
review-policy compose --interactive

# Direct composition
review-policy compose \
  --templates basic,owasp-top-10-2025,google-typescript-style \
  --persona security-auditor \
  --output CODE-POLICY.md

Available Templates (13)

Security:

OWASP Top 10 2025
HIPAA Security Compliance
PCI DSS 4.0
SOC 2 Security Controls

Code Style:

Google Python Style Guide
Google TypeScript Style Guide

Application Types:

Frontend Development
Backend/API
Microservices
Infrastructure as Code (Terraform AWS)

Personas:

Product-Minded Engineer (balanced)
Security Auditor (strict)
Performance Expert (optimization-focused)
Mentoring Coach (educational)

Features

✅ Policy-as-Code - Define review rules in YAML format ✅ Template System - Generate policies from 13 authoritative templates ✅ AI-Powered Reviews - Context-aware code analysis ✅ Multi-Persona - Choose AI reviewer personality ✅ Compliance Ready - OWASP, HIPAA, PCI DSS, SOC 2 templates ✅ CLI & Dashboard - Use from terminal or web UI

Commands

Configuration

# Interactive setup (recommended)
review-policy config setup

# Manual configuration
review-policy config set <key> <value>    # Set API key
review-policy config get <key>            # View key (masked)
review-policy config list                 # List all keys
review-policy config delete <key>         # Remove key
review-policy config path                 # Show config file location

Supported keys:

ANTHROPIC_API_KEY - Anthropic Claude API key
OPENAI_API_KEY - OpenAI GPT API key
GITHUB_TOKEN - GitHub Personal Access Token

Config file location: ~/.review-policy/config.json

Policy Management

# Initialize new policy
review-policy init [--force]

# Validate policy syntax
review-policy validate [--policy CODE-POLICY.md]

# Compose from templates
review-policy compose [options]
  -t, --templates <ids>    Comma-separated template IDs
  -p, --persona <id>       Reviewer persona
  -o, --output <file>      Output file (default: CODE-POLICY.md)
  -i, --interactive        Launch interactive wizard
  --validate               Validate generated policy (default: true)

# List templates
review-policy list-templates

# Show template details
review-policy show-template <template-id>

Repository Operations

# Scan repository context
review-policy scan

# Review pull request
review-policy review-pr <pr-number>

# Index repository for knowledge graph
review-policy index-repo

# Initialize knowledge graph
review-policy init-knowledge-graph

Workspace Management

# Create workspace
review-policy workspace create <name>

# List workspaces
review-policy workspace list

# Analyze baseline
review-policy analyze-baseline [options]

Example Workflows

Startup (TypeScript SaaS)

review-policy compose \
  --templates frontend,soc2-security-controls,google-typescript-style \
  --persona base-business-context \
  --output CODE-POLICY.md

HealthTech (Python)

review-policy compose \
  --templates backend-api,hipaa-security-compliance,owasp-top-10-2025,google-python-style \
  --persona security-auditor \
  --output CODE-POLICY.md

Open Source (Educational)

review-policy compose \
  --templates basic,google-typescript-style \
  --persona junior-mentor \
  --output CODE-POLICY.md

CODE-POLICY.md Format

---
meta:
  version: "2.0"
  enforcement_level: "BLOCK"
  
# Inherit from a persona
extends:
  - base-business-context
  
# Compose multiple templates
compose:
  - owasp-top-10-2025
  - google-typescript-style

# Agent configuration
agent:
  persona: "Product-Minded Engineer"
  focus_areas:
    - "Web Application Security"
    - "TypeScript Code Style"
---

# Your policy rules here

Environment Variables

# API Configuration
ANTHROPIC_API_KEY=sk-ant-...
OPENAI_API_KEY=sk-...

# Database
DATABASE_URL=postgresql://...

# GitHub Integration
GITHUB_TOKEN=ghp_...

Development

# Build
npm run build

# Test
npm test

# Local development
npm link
review-policy --help

License

MIT

Support

Documentation: https://github.com/nihal1983/review-policy
Issues: https://github.com/nihal1983/review-policy/issues
Community: https://github.com/nihal1983/review-policy/discussions