ci: switch adapter token to Gemini and bump version to v4.12

[AnkanSaha]

Summary

This PR updates the CI/CD workflow to use the Gemini API key instead of the Adaptive API key and bumps the project version from v4.11 to v4.12.

Changes

• Workflow Update: Replaced ADAPTIVE_API_KEY with GEMINI_API_KEY in .github/workflows/review_buddy.yml.
• Version Bump: Updated VERSION file from v4.11 to v4.12.

Verification

• Ensure the GEMINI_API_KEY secret is configured in the repository settings.
• Verify that the workflow correctly picks up the new secret.

[Copilot]

Pull request overview

This PR attempts to bump the version from v4.11 to v4.12 in the VERSION file. However, the change introduces a critical formatting issue that will break the automated release workflow.

Changes:

• VERSION file updated from v4.11 to v4.12 (but with incorrect formatting)

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The VERSION file format is incorrect. The file should contain only the version string (e.g., "v4.12"), but this change introduces a line number prefix " 1 |" before the version. The auto-release workflow at .github/workflows/auto-release.yml (lines 28, 44) reads this file and strips whitespace with tr -d '[:space:]', which will result in "1|v4.12" instead of "v4.12". This will break the automated release process. The file should contain just "v4.12" without any line numbers or extra formatting.

[github-actions]

🤖 Review Buddy - General Code Review

👥 Attention: @AnkanSaha

Oye @AnkanSaha! Ye 'Adeddd' kya bawasir title likha hai? Keyboard pe so gaye the ya nashe mein commit maar diya?

Bhai, sirf do line ka change hai aur tumne version bump kar diya jaise koi bahut bada 'shaktimaan' wala kaam kiya ho. Ek API key swap ki hai aur version v4.11 se v4.12 kar diya. Logic toh zero hai, bas configuration badli hai. Isse zyada mehnat toh log status daalne mein karte hain.

Code Quality Score: 3/10 (Sirf isliye kyunki yaml syntax sahi hai, varna 0 milta).

---

Generated by Review Buddy | Tone: roast | Language: hinglish

[github-actions]

⚡ Review Buddy - Performance Analysis

👥 Attention: @AnkanSaha

Bhai Ankan, tune sirf ek environment variable ka naam badla hai, isme performance analysis mangna waisa hi hai jaise Cycle mein Petrol daal ke mileage puchna!

Lekin chalo, tumne pucha hai toh suno:

1. API Latency Ki Kahani:
   Pehle tum ADAPTIVE_API_KEY use kar rahe the, ab GEMINI_API_KEY.
   Adaptive API se Gemini pe shift hone ka matlab hai ki ab requests Google ke servers pe jayengi.
   Google ki latency agar tere logic jaisi 'slow' hui, toh poora workflow latak jayega.
   Gemini ke response times vary karte hain based on model size.
   Tune adapter toh Gemini kar diya, lekin kya tune check kiya ki Gemini 1.5 Pro ya Flash use ho raha hai?
   Agar model heavy hai, toh CI/CD runner ka waiting time badhega.
   Zyada waiting time = Zyada cost (agar private runner hai toh).

2. Workflow Execution Overhead:
   GitHub Actions ke runner ko setup hone mein time lagta hai.
   Is change se runner ki performance pe koi asar nahi padega,
   lekin tere 'vague' commit message ki wajah se reviewer ka 'brain performance' zaroor down ho jayega.

3. Network Hops:
   Adaptive API ke endpoints aur Gemini ke endpoints ka route alag hoga.
   Agar Gemini ke servers US mein hain aur tera runner Europe mein, toh ping badhega.
   Isse performance mein miliseconds ka fark padega, lekin 'bade bade deshon mein aisi chhoti chhoti baatein hoti rehti hain'.

4. Memory Footprint:
   Environment variable swap karne se memory usage mein 0.00001% ka bhi fark nahi padega.
   Tum bas ek pointer badal rahe ho.
   Memory leak ka toh sawal hi nahi uthta kyunki ye shell script level pe inject ho raha hai.

5. Concurrency & Rate Limiting:
   Gemini API ke apne rate limits hote hain.
   Agar tumne 50 PRs ek saath khol di, toh Gemini bolega 'Control Majnu Control'.
   Adaptive API ke limits shayad alag the.
   Ye switch karne se pehle rate-limiting test kiya? Ya bas 'Jai Mata Di' bol ke push kar diya?

6. Cold Start:
   Gemini API kabhi kabhi cold start leti hai agar model warm na ho.
   Isse tere workflow ka 'Time to First Token' badh jayega.
   Lekin tumhare paas toh bahut time hai, tabhi toh 'Adeddd' title likh rahe ho.

7. YAML Parsing:
   GitHub Actions YAML parse karta hai.
   Tune ek line badli, parser ko 1 microsecond kam ya zyada lagega.
   Uthega toh parser hi, chahe tum kuch bhi likho.

8. Secrets Retrieval:
   GitHub secrets retrieve karne mein constant time lagta hai.
   Chahe secret ka naam ADAPTIVE ho ya GEMINI, vault se nikaalne mein wahi O(1) time lagega.

9. Conclusion on Performance:
   Is PR se performance na badhi hai na ghati hai.
   Bas tumhari laziness ka performance graph upar gaya hai.

10. Recommendation:
    Agli baar performant code likhna, sirf configuration badal ke expert mat bano.
    Check the regional availability of Gemini to minimize network latency.
    Ensure that the Gemini API version used is optimized for low-latency responses.
    Aur haan, PR title sudharo, varna performance reviewer ka BP badha degi.

---

Generated by Review Buddy | Tone: roast | Language: hinglish

[github-actions]

🔐 Review Buddy - Security Audit

👥 Attention: @AnkanSaha

Security ke naam pe tumne wahi kiya hai jo log password ko 'password123' rakh ke karte hain.

• Issue: Secret Name Change
• Severity: Low (Technically)
• Location: .github/workflows/review_buddy.yml line 19
• Exploit Scenario: Agar GEMINI_API_KEY GitHub Secrets mein properly set nahi hai, toh workflow crash kar jayega. Aur agar kisi ne fork karke actions run kiye (agar settings allow karti hain), toh unauthorized access ka risk rehta hai.
• Remediation: Make sure the secret is environment-scoped and not accessible to unauthorized forks. Verify that GEMINI_API_KEY has minimal permissions (Least Privilege Principle).
• OWASP: A01:2021-Broken Access Control (if secrets are misconfigured).

Bhai, secret ka naam badalne se pehle purana wala ADAPTIVE_API_KEY delete kiya ya nahi? Ya usko aise hi 'yaadgar' ke liye chhod diya? Security audit mein 'Stale Secrets' ek bada red flag hota hai.

---

Generated by Review Buddy | Tone: roast | Language: hinglish

[github-actions]

📊 Review Buddy - Code Quality & Maintainability Analysis

👥 Attention: @AnkanSaha

🎯 Overall Benchmark: 40/100 (Poor)

Quality Analysis? Arre bhai, 'Quality' word ki toh tumne 'Adeddd' bol ke izzat hi loot li!

1. PR Title (The Crime):
   'Adeddd' - Ye kya hai? Kya ye coding hai?
   Bhai, commit messages aur PR titles 'Conventional Commits' follow karne chahiye.
   'feat:', 'fix:', 'ci:', kuch toh lagao!
   Tumne toh aise title likha hai jaise koi bachha keyboard pe dahi gira diya ho.

2. Manual Versioning (The Sin):
   VERSION file mein v4.11 se v4.12 manual change kiya?
   2024 mein jee rahe ho ya 1990 mein?
   Semantic Versioning (SemVer) ka naam suna hai?
   Automated versioning use karo (like semantic-release or standard-version).
   Manual change karoge toh kabhi na kabhi conflict aayega aur phir 'Maa Da Laadla Bigad Gaya' wala scene ho jayega.

3. No Newline at End of File:
   VERSION file aur YAML dono mein 'No newline at end of file' ka warning aa raha hai.
   Bhai, POSIX standard toh follow kar lo!
   Har file ke end mein ek empty line honi chahiye.
   Ye basic hygiene hai, jaise khane se pehle haath dhona.

4. Inconsistent Naming:
   Pehle adapter ADAPTER variable se aa raha tha, token ADAPTIVE_API_KEY se.
   Ab token GEMINI_API_KEY hai.
   Kya adapter bhi change hua? Diff mein toh sirf token dikh raha hai.
   Agar adapter 'Adaptive' hi reh gaya aur token 'Gemini' ka hai, toh error aayega 'Babu Rao ka style hai'.

5. Documentation Gap:
   README mein mention kiya ki ab Gemini use ho raha hai?
   Nahi na? Documentation update karna toh tum bhool hi jaate ho.
   Code self-documenting nahi hai yahan, ye configuration hai.

6. CI/CD Best Practices:
   Hardcoding secret keys (even if they are names) should be handled carefully.
   Is change ka koi test case hai? Ki switch karne ke baad workflow chalta bhi hai?

7. Technical Debt:
   Tumne purana secret rename kar diya, lekin purane code mein jahan bhi ye reference hoga, sab toot jayega.
   Isse kehte hain 'Aa bail mujhe maar'.

8. Naming Convention:
   gemini_api_key vs adaptive_api_token.
   Ek jagah 'token' bolte ho, ek jagah 'key'. Consistency ka 'C' bhi nahi hai yahan.

9. Redundancy:
   Version bump ke liye alag commit hona chahiye tha aur CI change ke liye alag.
   Mixing concerns is a bad habit, like mixing whiskey and lassi.

10. Final Roast:
    Ankan, sudhar jao. Ye PR quality ke maamle mein 'Gunda' movie se bhi buri hai.
    'Mere paas Maa hai' lekin tere paas 'Standards' nahi hain.
    Refactor this PR, fix the title, fix the newlines, and follow SemVer.
    Otherwise, main bolunga: 'Tumse na ho payega!'

---

Generated by Review Buddy | Tone: roast | Language: hinglish

[github-actions]

⚠️ Review Buddy - Final Recommendation

👥 Attention: @AnkanSaha

Recommendation: REQUEST CHANGES

Changes chahiye, bhai! Abhi approve nahi kar sakte.

Reasoning:

• PR title 'Adeddd' is unacceptable and vague.
• Manual version bumping is prone to errors; use automation.
• No newline at end of file in VERSION and YAML files.
• Inconsistency in naming: changed 'token' to 'key' without checking wider impact.
• Potential mismatch between ADAPTER and the new API key type.

---

📋 Review Checklist for Reviewers:

• Code changes align with the PR description
• No security vulnerabilities introduced
• Performance considerations addressed
• Code follows project conventions
• Tests are adequate (if applicable)
• Documentation updated (if needed)

🎯 Next Steps:

⚠️ Pehle suggestions address karo, phir approve karna.

Generated by Review Buddy | Tone: roast | Language: hinglish