docs: update query benchmarks (3.9.2) #9289
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Claude Code | |
| on: | |
| pull_request: | |
| types: [opened] | |
| issue_comment: | |
| types: [created] | |
| pull_request_review_comment: | |
| types: [created] | |
| issues: | |
| types: [opened, assigned] | |
| pull_request_review: | |
| types: [submitted] | |
| jobs: | |
| automated-review: | |
| if: github.event_name == 'pull_request' && github.event.pull_request.user.type != 'Bot' | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| issues: read | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 1 | |
| - name: Run Automated AI Review | |
| id: automated-review | |
| uses: anthropics/claude-code-action@beta | |
| with: | |
| anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} | |
| direct_prompt: | | |
| ## Review this pull request | |
| You are reviewing a PR for **codegraph** — a local code dependency graph CLI that parses | |
| codebases with tree-sitter (WASM), builds function-level dependency graphs in SQLite, and | |
| supports semantic search with local embeddings. | |
| ### Phase 1: Root Cause Analysis | |
| Before reviewing code, determine: | |
| - **What problem is this PR solving?** Is it fixing a real issue or hiding symptoms? | |
| - **Is the approach justified?** Are configuration/linting changes relaxing rules to silence errors? | |
| - ⚠️ REJECT if changes silence warnings without fixing underlying issues | |
| - ⚠️ REJECT if test expectations are lowered to make tests pass | |
| - If you cannot determine the root cause, REQUEST MORE INFORMATION | |
| ### Phase 2: Configuration Change Detection (HIGH SCRUTINY) | |
| Check for HIGH-RISK changes: | |
| - Biome/linting rules disabled or relaxed | |
| - Test timeouts increased or coverage thresholds lowered | |
| - Build configuration or module resolution modified | |
| - TypeScript strict mode flags disabled | |
| - **If >3 rules are relaxed → REQUEST justification for each** | |
| ### Phase 3: Test Integrity | |
| Watch for RED FLAGS: | |
| - Removed or weakened assertions | |
| - Tests made less strict (conditional assertions, skipped validation) | |
| - Test files modified alongside the code they test without clear reason | |
| - `eslint-disable` or workaround comments without justification | |
| - Large PRs (>20 files) mixing unrelated concerns | |
| ### Phase 4: Code Quality | |
| Only after passing Phases 1-3: | |
| - Code quality and best practices | |
| - Potential bugs (especially in tree-sitter extractors, import resolution, SQLite operations) | |
| - Security concerns (command injection in CLI, SQL injection in queries) | |
| - Performance (unnecessary full rebuilds, missing incremental hash checks) | |
| - Test coverage for new functionality | |
| ### Phase 5: Backlog Compliance (grade the feature like BACKLOG.md) | |
| Rate the functionality this PR implements on the same axes used in `docs/roadmap/BACKLOG.md`: | |
| **Zero-dep** — Does this PR add new runtime dependencies (`dependencies` in package.json)? | |
| - ✓ = no new deps, builds on tree-sitter/SQLite/existing AST | |
| - ✗ = adds a new npm runtime package → flag it, require strong justification | |
| - Git CLI usage is acceptable (already assumed) | |
| **Foundation-aligned** — Does it comply with FOUNDATION.md core principles? | |
| Red flags that indicate misalignment: | |
| - Adds cloud API calls to the core pipeline → violates P1 (always-current) and P4 (zero-cost core) | |
| - Requires Docker, external DB, or non-npm toolchain → violates zero-infrastructure goal | |
| - Generates code, edits files, or makes decisions → violates P8 (we are not an agent) | |
| - Primarily optimizes for CI/CD or linting → deprioritized by P8 | |
| - Breaks programmatic API contract → check against P5 (embeddable-first) | |
| - ✓ = fully aligned, ✗ = conflicts with at least one principle | |
| **Problem-fit (1-5)** — How directly does this address the core problem: | |
| *AI coding assistants waste tokens re-orienting in large codebases, hallucinate dependencies, and miss blast radius.* | |
| - 5 = directly reduces token waste, prevents hallucinated deps, or catches blast-radius breakage | |
| - 4 = improves agent accuracy or reduces round-trips for common tasks | |
| - 3 = useful but doesn't address the core "lost AI" problem | |
| - 2 = nice-to-have, tangential to the stated problem | |
| - 1 = cool feature, doesn't help AI agents navigate codebases | |
| **Breaking** — Does this PR change existing behavior incompatibly? | |
| - Check: CLI output format changes, API signature changes, DB schema changes, | |
| MCP tool contract changes (renamed/removed tools, changed parameter schemas) | |
| - Breaking = Yes → requires major version bump justification | |
| - Breaking = No → purely additive, no concern | |
| **Tier classification and blocking rules:** | |
| - **Tier 1** (zero-dep ✓ + foundation-aligned ✓): No objection on these axes. | |
| - **Tier 2** (foundation-aligned ✓ + zero-dep ✗): ⚠️ REQUEST justification for the new dependency — what does it enable that existing deps cannot? | |
| - **Tier 3** (foundation-aligned ✗): ⚠️ REQUEST CHANGES — needs a deliberate exception with written justification for which principle is being violated and why it's worth it. | |
| - **Problem-fit ≤ 2**: ⚠️ Flag as low-priority / tangential — recommend deferring unless bundled with higher-fit work. | |
| - **Breaking = Yes without major version bump plan**: ⚠️ REQUEST CHANGES — breaking changes must be tracked and versioned. | |
| ### Rating (STRICT — default to 2-3 stars) | |
| - ⭐ Critical issues, REJECT | |
| - ⭐⭐ Significant concerns, REQUEST CHANGES | |
| - ⭐⭐⭐ Acceptable with minor concerns, APPROVE with conditions | |
| - ⭐⭐⭐⭐ Good quality, well-tested, APPROVE | |
| - ⭐⭐⭐⭐⭐ Exceptional (< 5% of PRs) | |
| ### Final Assessment (MANDATORY) | |
| ``` | |
| ## Root Cause Analysis | |
| **Problem Being Solved**: [...] | |
| **Why This Approach**: [...] | |
| **Risk Assessment**: [...] | |
| ## Backlog Compliance | |
| - Zero-dep: [✓ | ✗ — reason] | |
| - Foundation-aligned: [✓ | ✗ — which principle violated] | |
| - Problem-fit: [1-5] — [reason] | |
| - Breaking: [Yes — what breaks | No] | |
| - Tier: [1 | 2 | 3] | |
| ## Critical Concerns (if any) | |
| [...] | |
| ## Final Recommendation | |
| - Rating: ⭐⭐☆☆☆ (X/5) | |
| - Action: [REJECT | REQUEST CHANGES | APPROVE WITH CONDITIONS | APPROVE] | |
| - Reasoning: [...] | |
| ``` | |
| Be skeptical but fair. Reference exact line numbers. Explain WHY something is problematic. | |
| NEVER default to approval — require the PR to prove its value. | |
| interactive-claude: | |
| if: | | |
| (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) || | |
| (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) || | |
| (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || | |
| (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| issues: read | |
| id-token: write | |
| actions: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| with: | |
| fetch-depth: 1 | |
| - name: Run Interactive AI Assistant | |
| id: interactive-claude | |
| uses: anthropics/claude-code-action@beta | |
| with: | |
| anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} | |
| additional_permissions: | | |
| actions: read |