Skip to content

feat: use altimate-code check for deterministic SQL analysis#3

Merged
anandgupta42 merged 3 commits intomainfrom
feat/use-check-command
Mar 25, 2026
Merged

feat: use altimate-code check for deterministic SQL analysis#3
anandgupta42 merged 3 commits intomainfrom
feat/use-check-command

Conversation

@anandgupta42
Copy link
Contributor

@anandgupta42 anandgupta42 commented Mar 24, 2026

What does this PR do?

Routes all SQL analysis through altimate-code check CLI instead of the hand-written regex rules. This unlocks all altimate-core capabilities (26 lint rules, DataFusion validation, safety scanning, policy enforcement, PII detection) while maintaining the correct architecture:

altimate-code-actions → altimate-code check → Dispatcher → altimate-core-internal

Never imports @altimateai/altimate-core directly.

Changes

New: src/analysis/cli-check.ts

  • Wraps altimate-code check --format json --checks lint,safety,...
  • Parses JSON output into SQLIssue[] with category prefixes (lint/L001, safety/injection)
  • isCheckCommandAvailable() probes CLI before use

Updated: src/analysis/sql-review.ts

  • Static mode: tries altimate-code check first, falls back to regex rules
  • Graceful degradation when CLI unavailable

Updated: src/config/schema.ts

  • V2 config types: per-check enable/disable, schema source, policy file
  • buildCheckOptionsFromV2() converts config to CLI arguments

Updated: src/index.ts

  • V2 config detection routes to runV2CheckAnalysis() — single CLI invocation for all checks
  • Falls back to v1 path when CLI unavailable

Updated: src/reporting/comment.ts

  • Groups issues by category prefix (Lint, Safety, PII, etc.) with subsection headers

New: .altimate.yml.example

  • V2 config format with all check options documented

Type of change

  • New feature
  • Enhancement to existing feature

How did you verify your code works?

  • 368 tests, 0 failures
  • TypeScript typecheck passes
  • Build produces dist/index.js

Checklist

  • No direct @altimateai/altimate-core import
  • Routes through altimate-code CLI
  • Regex rules preserved as fallback
  • Backward compatible with v1 config

Depends on: AltimateAI/altimate-code#453

anandgupta42 and others added 3 commits March 24, 2026 14:29
@anandgupta42 @claude
feat: use altimate-code check CLI instead of hand-written regex rules
edae4e2 
- Add `src/analysis/cli-check.ts` wrapping `altimate-code check` with
  structured JSON parsing — maps findings to `SQLIssue[]` with category
  prefixes (e.g. `lint/L001`, `safety/injection`, `pii/email`)
- Update `sql-review.ts` static mode to try CLI `check` first, fall back
  to the regex `RuleRegistry` when the CLI is unavailable
- Add v2 config types in `config/schema.ts` (`AltimateConfigV2`) that map
  directly to `altimate-code check --checks` options
- Update `index.ts` to detect v2 config and route through a single CLI
  invocation with all enabled checks
- Enhance `comment.ts` to group issues by check category (Lint, Safety,
  Policy, PII, Validate) with subsection headers
- Update `.altimate.yml.example` with full v2 configuration reference
- Add unit tests for `parseCheckOutput`, `buildCheckOptionsFromV2`, and
  category-grouped comment rendering (368 tests, all passing)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@anandgupta42 @claude
docs: comprehensive v2 check integration documentation and tests
8610596 
- Add v2 configuration reference to `docs/configuration.md` with checks
  reference, lint rules L001-L026, schema config, and policy config
- Create `docs/v2-migration.md` with step-by-step v1-to-v2 upgrade guide
- Create `docs/policy-guide.md` with full policy file format, rule
  categories (`cost_control`, `data_protection`, `query_patterns`,
  `tag_rules`), and practical examples
- Update `README.md` with "Powered by altimate-code" section, v2 feature
  comparison table, and quick start config
- Expand `cli-check.test.ts` from 12 to 24 tests: null/undefined results,
  missing fields, 1500-finding stress test, all severity case variations,
  all 7 category prefixes, non-number line handling
- Expand `config-v2.test.ts` from 7 to 26 tests: all-enabled config,
  mixed enable/disable, multiple dialects, empty/missing schema paths,
  `LintCheckConfig`/`PolicyCheckConfig`/`PIICheckConfig` type checks,
  inline policy handling
- Create `test/e2e/v2-check-integration.test.ts` with 8 end-to-end tests:
  full v2 flow (config -> options -> parse -> comment), category grouping,
  subsection headers, mixed v1/v2 issues, single-category rendering

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@anandgupta42 @claude
fix: resolve lint errors (duplicate imports) and format
3a330b4 
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@anandgupta42 anandgupta42 merged commit cdd5613 into main Mar 25, 2026
11 of 15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@anandgupta42