{"id":50953730,"url":"https://github.com/stephanos/nitpick-cli","last_synced_at":"2026-06-18T04:30:55.272Z","repository":{"id":356111762,"uuid":"1231059436","full_name":"stephanos/nitpick-cli","owner":"stephanos","description":"Run AI code reviews and chats from your terminal or Mac menu bar.","archived":false,"fork":false,"pushed_at":"2026-06-15T02:10:30.000Z","size":950,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-15T03:21:41.351Z","etag":null,"topics":["agent","ai","cli","code-review","developer-tools","local-first","macos"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stephanos.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-06T15:29:18.000Z","updated_at":"2026-06-15T02:10:33.000Z","dependencies_parsed_at":null,"dependency_job_id":"fe1cad84-67b6-40cd-895c-8d1f2bb74c42","html_url":"https://github.com/stephanos/nitpick-cli","commit_stats":null,"previous_names":["stephanos/nitpick-agent","stephanos/nitpick-cli"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/stephanos/nitpick-cli","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephanos%2Fnitpick-cli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephanos%2Fnitpick-cli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephanos%2Fnitpick-cli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephanos%2Fnitpick-cli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stephanos","download_url":"https://codeload.github.com/stephanos/nitpick-cli/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stephanos%2Fnitpick-cli/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34476727,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-18T02:00:06.871Z","response_time":128,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agent","ai","cli","code-review","developer-tools","local-first","macos"],"created_at":"2026-06-18T04:30:52.512Z","updated_at":"2026-06-18T04:30:55.260Z","avatar_url":"https://github.com/stephanos.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# nitpick-agent\n\nReusable agent runtime for Nitpick-style code review workflows.\n\nThis project is intended to become:\n\n- a Rust library that Nitpick can import for provider/session/review-agent behavior\n- a standalone CLI for using the same agent runtime outside the Nitpick app\n- a local host daemon that owns shared activity state for CLI and desktop clients\n- a macOS menu bar `.app` with Sparkle update checks\n\nNitpick should continue to own GitHub sync, dashboard state, app lifecycle, and UI. This crate should stay focused on generic agent concerns: provider execution, session continuity, review prompts, structured review output, and chat.\n\n## Storage Model\n\nReview results, review comments, summaries, chat responses, sessions, and activity metadata are local artifacts first. Local storage is the source of truth; GitHub is an outbound sync destination, not the authoritative store.\n\nBy default, the host reads config from:\n\n```text\n~/Library/Application Support/dev.nitpick.nitpick-agent/config.toml\n```\n\nand stores local source-of-truth data under:\n\n```text\n~/Library/Application Support/dev.nitpick.nitpick-agent\n```\n\nOverride these with `NITPICK_AGENT_CONFIG` and `NITPICK_AGENT_DATA_DIR`.\nGitHub PR checkouts are retained under the data directory at `checkouts/` by default, and can be moved with `NITPICK_AGENT_CHECKOUT_DIR`.\nWhen the macOS app starts the host daemon, stdout/stderr are appended to `logs/daemon.log` under the nitpick-agent data directory. By default this is `~/Library/Application Support/dev.nitpick.nitpick-agent/logs/daemon.log`.\n\nThe host API listens on `127.0.0.1:19783` by default when started with:\n\n```bash\nnitpick-agent-host daemon\n```\n\nOverride the bind address with `NITPICK_AGENT_HOST_ADDR`.\n\nThe CLI reads host status from the same local API:\n\nThe CLI command tree is now domain-first. Older flat commands such as `nitpick status`,\n`nitpick review-requests`, `nitpick reviews`, `nitpick logs`, and `nitpick resume` have been\nreplaced by the nested forms below.\n\n```bash\nnitpick system status\nnitpick review start acme/platform#42\nnitpick activity inspect acme/platform#42\nnitpick review requests\nnitpick review requests --new\nnitpick chat start acme/platform#42\nnitpick review list\nnitpick review list --all\nnitpick activity logs activity-1\nnitpick activity logs acme/platform#42\nnitpick activity logs daemon\nnitpick activity resume activity-1\nnitpick activity resume acme/platform#42\nnitpick review sync activity-1 acme/platform#42\nnitpick activity list\nnitpick artifact list activity-1\nnitpick artifact show artifact-1\nnitpick artifact sync artifact-1 github\nnitpick artifact sync artifact-1 github-review acme/platform#42\nnitpick artifact sync artifact-1 github acme/platform#42\nnitpick system sync-pending github\nnitpick system cleanup-checkouts\n```\n\nThe daemon can watch review sources and create local review activities automatically. GitHub is the first source adapter; additional source-code providers should plug into the same review-source API. Processed review heads are stored locally, so a review request is not reviewed again until its head SHA changes.\n\n```toml\n[sources.github.discovery]\nenabled = true\nauto_review = true\ninterval_seconds = 300\nallowlist = [\"stephanos/*\"]  # optional: scope discovery to specific owners/repos\n```\n\nThe older `[github.discovery]` config shape is still accepted for compatibility.\n\nWhen `allowlist` contains exact `owner/repo` entries or `owner/*`, nitpick scopes the underlying `gh search prs` queries to those repositories or owners before applying the local allowlist/denylist filters.\n\n`artifact sync ... github` without a target uses the GitHub dry-run destination and records the local artifact as pending sync. Provide a target such as `acme/platform#42` to post through `gh pr comment`; the local artifact is then marked synced with the returned comment URL/text. Use `github-review` with a target to stage one review artifact into a pending GitHub draft review. Use `review sync \u003cactivity-id\u003e \u003cpr-ref\u003e` to stage all review artifacts from an activity into one pending GitHub draft review. If a pending draft already exists, nitpick updates the draft summary when safe and refuses to add new inline comments until the existing draft is submitted or cleared manually.\n\nGitHub token permissions:\n\n- **Discovery and duplicate detection:** `Pull requests: read` for listing review requests, reading PR metadata and head SHAs, and checking existing PR reviews.\n- **Draft review sync (`github-review`, `review sync`):** `Pull requests: write`.\n- **Standalone PR comments (`artifact sync ... github \u003cpr-ref\u003e`):** `Issues: write`, because pull request conversation comments use the issues comment API.\n\nFor fine-grained PATs and GitHub App tokens, those repository permissions are the practical minimum. For classic PATs, `repo` is the practical minimum for private repositories; `public_repo` is enough for public-only repositories.\n\nAgent execution is handled by external commands. By default `provider = \"claude\"` runs `claude` and `provider = \"codex\"` runs `codex`; override the executable path with `command` in the config file. Review commands run from the checked-out PR repository with Nitpick MCP tools available. Agents read the PR description and conversation with `pull_request_context`, `pull_request_conversation_comments`, and `existing_review_comments`, record inline findings with `add_review_comment`, and call `finish_review` when done. Nitpick validates comments before creating local review comment artifacts, including rejecting absolute paths, `..` path escapes, missing files, empty comments, and invalid line numbers.\n\nReview command execution is sandboxed by default with `sandbox = \"nono\"`, which gives the provider read/write access to the checked-out repository and denies writes elsewhere. Disable this only for debugging:\n\n```toml\n[agent]\nsandbox = \"none\"\n```\n\nFor one-off CLI runs, pass `--no-sandbox` before the command:\n\n```bash\nnitpick --no-sandbox review start acme/platform#42\nnitpick --no-sandbox chat start acme/platform#42\nnitpick --no-sandbox activity resume acme/platform#42\n```\n\n`chat start \u003cpr-ref\u003e` opens a new interactive provider session in the cached PR checkout. It does not create or resume a stored provider session. `activity resume \u003cactivity-id|pr-ref\u003e` reopens a previously stored provider session.\n\nPR reviews get stable local provider session IDs; Claude receives them with `--session-id`, while Codex currently keeps the ID in local state only. Stored Claude and Codex sessions can be reopened with `nitpick activity resume \u003cactivity-id|pr-ref\u003e` when the activity has a provider session ID. If the provider reports that the saved session no longer exists, nitpick clears the stale local session ID and reports that the activity is no longer resumable. GitHub posting uses `gh` by default; override it with `github_command`.\n\n## Layout\n\n```text\ncrates/nitpick-agent-core    generic review/chat runtime\ncrates/nitpick-agent-cli     terminal entry point\ncrates/nitpick-agent-client  Rust client for the local host API\ncrates/nitpick-agent-host    local daemon process\ncrates/nitpick-agent-github  GitHub adapter helpers\ncrates/nitpick-agent-integration-tests\n                              host-level integration tests with stubs\nmacos/                       Swift menu bar app and Sparkle packaging\n```\n\n## Current Status\n\nThis is a scaffold. The core runtime now has the first activity/session/store boundary, command-based provider execution, local JSON-backed artifact storage, schema-versioned store metadata, GitHub review-request discovery, GitHub posting via `gh`, and a host API for status, activities, artifacts, asynchronous review submission, and asynchronous chat submission. The macOS app shell can build with Sparkle.\n\n## Commands\n\n```bash\nmise run setup\nmise run test\nmise run test-macos\nmise run build\nmise run macos-app\nmise run macos-appcast\nmise run install\nmise run verify\nmise exec -- cargo run -p nitpick-agent-cli --bin nitpick -- --help\n```\n\n`mise run macos-app` writes `target/macos/Nitpick Agent.app`. `mise run macos-appcast` signs a Sparkle appcast with the private EdDSA key from Keychain account `nitpick-agent` locally. In GitHub Actions, the release workflow reads the private key from the repository secret `SPARKLE_PRIVATE_ED_KEY`.\n\n`mise run install` installs `Nitpick Agent.app` into `/Applications` and launches it. When the app starts, it installs the bundled CLI as `~/.local/bin/nitpick`.\n\n## GitHub CI\n\nThe repository has two GitHub Actions workflows:\n\n- `test`: runs `mise run verify` on pushes and pull requests.\n- `release`: runs on `v*` tags, builds the signed app archive, generates the Sparkle appcast, and creates a GitHub release.\n\nRelease signing expects these GitHub secrets:\n\n- `CODESIGN_IDENTITY`: signing identity passed to `codesign`.\n- `SPARKLE_PRIVATE_ED_KEY`: private Sparkle EdDSA key stored as a GitHub repository secret for appcast signing.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstephanos%2Fnitpick-cli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstephanos%2Fnitpick-cli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstephanos%2Fnitpick-cli/lists"}