feat: 階段四 - findings 寫入與 comment 依序發布（舊問題→非嚴重→嚴重）

.gitea/workflows/review.yaml

@@ -29,7 +29,7 @@ jobs:
       uses: https://gitea.jsc.idv.tw/jiantw83/code-review@v${{ needs.version.outputs.version }}
       with:
         OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-        OPENAI_BASE_URL: https://api.openai.com/v1
+        OPENAI_BASE_URL: https://openrouter.ai/api/v1
     permissions:
       contents: write
       pull-requests: write

README.md

@@ -44,7 +44,7 @@ jobs:
         # Github (h3285@evertrust.com.tw)
         # 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
         OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-        OPENAI_BASE_URL: https://api.openai.com/v1
+        OPENAI_BASE_URL: https://openrouter.ai/api/v1
     permissions:
       contents: write
       pull-requests: write

app/comments.js

@@ -0,0 +1,70 @@
+import fs from 'fs';
+import path from 'path';
+import { postComment } from './gitea.js';
+import { FINDINGS_PATH } from './config.js';
+
+const LEVEL_EMOJI = { critical: '🔴', warning: '🟡', info: '🔵' };
+const LEVEL_LABEL = { critical: '嚴重', warning: '警告', info: '建議' };
+
+function findingRow(f) {
+  return `| ${LEVEL_EMOJI[f.level] || ''} ${LEVEL_LABEL[f.level] || f.level} | ${f.role} | ${f.location} | ${f.suggestion} |`;
+}
+
+function buildTable(findings) {
+  const rows = findings.map(findingRow).join('\n');
+  return `| 等級 | 審查員 | 位置 | 建議 |\n|------|--------|------|------|\n${rows}`;
+}
+
+/**
+ * 寫入 findings.json 到 workspace
+ */
+export function saveFindings(workspace, findings) {
+  const fullPath = path.join(workspace, FINDINGS_PATH);
+  fs.mkdirSync(path.dirname(fullPath), { recursive: true });
+  fs.writeFileSync(fullPath, JSON.stringify(findings, null, 2), 'utf8');
+  console.log(`  ✅ findings 寫入: ${fullPath} (${findings.length} 筆)`);
+}
+
+/**
+ * 發布所有舊問題 comment（一次發布，依等級排序）
+ */
+export async function postOldFindingsComment(findings) {
+  const old = findings.filter(f => !f.is_new);
+  if (old.length === 0) {
+    console.log('  無舊問題，跳過');
+    return;
+  }
+  const body = `## 📋 舊有未解決問題（${old.length} 筆）\n\n${buildTable(old)}`;
+  await postComment(body);
+  console.log(`  ✅ 舊問題 comment 發布 (${old.length} 筆)`);
+}
+
+/**
+ * 發布新問題中非 critical 的 comment（一次發布）
+ */
+export async function postNewNonCriticalComment(findings) {
+  const items = findings.filter(f => f.is_new && f.level !== 'critical');
+  if (items.length === 0) {
+    console.log('  無新的非嚴重問題，跳過');
+    return;
+  }
+  const body = `## 🔍 新發現問題（${items.length} 筆）\n\n${buildTable(items)}`;
+  await postComment(body);
+  console.log(`  ✅ 新問題（非嚴重）comment 發布 (${items.length} 筆)`);
+}
+
+/**
+ * 每個新 critical 問題各發一個 comment
+ */
+export async function postNewCriticalComments(findings) {
+  const criticals = findings.filter(f => f.is_new && f.level === 'critical');
+  if (criticals.length === 0) {
+    console.log('  無新的嚴重問題，跳過');
+    return;
+  }
+  for (const f of criticals) {
+    const body = `## 🚨 嚴重問題\n\n| 審查員 | 位置 | 建議 |\n|--------|------|------|\n| ${f.role} | ${f.location} | ${f.suggestion} |`;
+    await postComment(body);
+    console.log(`  ✅ 嚴重問題 comment 發布: [${f.role}] ${f.location}`);
+  }
+}

app/findings.js

@@ -61,3 +61,35 @@ export function mergeFindings(oldFindings, newFindings) {
 export function sortByLevel(findings) {
   return [...findings].sort((a, b) => LEVELS.indexOf(a.level) - LEVELS.indexOf(b.level));
 }
+
+/**
+ * 呼叫 LLM 進行語意去重，回傳去重後的 findings
+ * 失敗時降級回傳原始 findings
+ */
+export async function deduplicateWithAI(findings) {
+  if (findings.length === 0) return findings;
+
+  const systemPrompt = `你是一位程式碼審查問題去重專家。
+給你一份問題清單（JSON 陣列），請移除語意重複的問題（即使描述文字不同，但指的是同一個問題）。
+保留等級較高的版本，優先保留 critical > warning > info。
+只回傳去重後的 JSON 陣列，不要有其他文字。`;
+
+  const userContent = `以下是問題清單，請去除語意重複的項目：\n\n${JSON.stringify(findings, null, 2)}`;
+
+  try {
+    const result = await chatJSON(systemPrompt, userContent);
+    if (Array.isArray(result) && result.length > 0) {
+      console.log(`  AI 去重: ${findings.length} -> ${result.length} 筆`);
+      return result;
+    }
+    throw new Error('AI 回傳空陣列');
+  } catch (e) {
+    const status = e.response?.status;
+    if (status === 402 || status === 429) {
+      console.log(`  ⚠️  AI 去重失敗（${status} 額度/限流），降級：保留所有問題`);
+    } else {
+      console.log(`  ⚠️  AI 去重失敗（${e.message}），降級：保留所有問題`);
+    }
+    return findings;
+  }
+}

app/main.js

@@ -1,7 +1,8 @@
 import { GITEA_REPOSITORY, PR_NUMBER, PR_HEAD_BRANCH, PR_BASE_BRANCH, getLLMConfig } from './config.js';
 import { loadRoles, getRoleIntro } from './roles.js';
 import { getPRDiff, postComment } from './gitea.js';
-import { analyzeWithRole, loadOldFindings, mergeFindings, sortByLevel } from './findings.js';
+import { analyzeWithRole, loadOldFindings, mergeFindings, sortByLevel, deduplicateWithAI } from './findings.js';
+import { saveFindings, postOldFindingsComment, postNewNonCriticalComment, postNewCriticalComments } from './comments.js';
 
 const WORKSPACE = process.env.GITHUB_WORKSPACE || '/workspace';
 
@@ -66,11 +67,26 @@ async function main() {
   console.log('\n🔀 Step3: Findings 合併');
   const oldFindings = loadOldFindings(WORKSPACE);
   const mergedFindings = mergeFindings(oldFindings, newFindings);
-  const sorted = sortByLevel(mergedFindings);
+  console.log(`  Step3 merged findings total=${mergedFindings.length}`);
-  console.log(`  Step3 merged findings total=${sorted.length} (critical=${sorted.filter(f=>f.level==='critical').length} warning=${sorted.filter(f=>f.level==='warning').length} info=${sorted.filter(f=>f.level==='info').length})`);
 
-  console.log('\n📝 Step4: Findings 寫入與 Comment 發布（待實作）');
+  // Step3b: AI 語意去重
-  console.log('  [stub] 寫入 findings.json，發布 comment...');
+  console.log('\n🤖 Step3b: AI 語意去重');
+  const deduped = await deduplicateWithAI(mergedFindings);
+  const sorted = sortByLevel(deduped);
+  console.log(`  Step3b dedup findings total=${sorted.length} (critical=${sorted.filter(f=>f.level==='critical').length} warning=${sorted.filter(f=>f.level==='warning').length} info=${sorted.filter(f=>f.level==='info').length})`);
+
+  // Step4: 寫入 findings.json，依序發布 comment
+  console.log('\n📝 Step4: Findings 寫入與 Comment 發布');
+  saveFindings(WORKSPACE, sorted);
+
+  try {
+    await postOldFindingsComment(sorted);
+    await postNewNonCriticalComment(sorted);
+    await postNewCriticalComments(sorted);
+    console.log('  Step4 完成');
+  } catch (e) {
+    console.log(`  ⚠️  comment 發布失敗（繼續執行）: ${e.message}`);
+  }
 
   console.log('\n💾 Step5: 記憶區 Commit/Push（待實作）');
   console.log('  [stub] commit & push findings.json...');