Fix all ruff lint issues — 0 errors, 92 tests passing

app/agents/synthesizer.py

@@ -87,7 +87,7 @@ def deduplicate_findings(findings: list[Finding]) -> list[Finding]:
     deduped = []
     duplicates_removed = 0
 
-    for key, group in groups.items():
+    for _key, group in groups.items():
         if len(group) == 1:
             deduped.append(group[0])
             continue

app/context/retriever.py

@@ -85,6 +85,7 @@ async def retrieve_context(
             results["documents"][0],
             results["metadatas"][0],
             results["distances"][0],
+            strict=False,
         ):
             filepath = metadata.get("filepath", "unknown")
             start = metadata.get("start_line", "?")

app/db/postgres.py

@@ -14,7 +14,6 @@ Schema is auto-created on first connection via ensure_tables().
 from __future__ import annotations
 
 import json
-from datetime import datetime, timezone
 from uuid import uuid4
 
 import structlog

app/github/comment_formatter.py

@@ -131,8 +131,8 @@ def format_summary_comment(review: SynthesizedReview) -> str:
         "",
         "### Findings Summary",
         "",
-        f"| Severity | Count |",
-        f"|----------|-------|",
+        "| Severity | Count |",
+        "|----------|-------|",
         f"| \U0001f6a8 Critical | {review.critical_count} |",
         f"| \U0001f7e0 High | {review.high_count} |",
         f"| \U0001f7e1 Medium | {review.medium_count} |",
@@ -162,7 +162,7 @@ def format_summary_comment(review: SynthesizedReview) -> str:
     if review.findings:
         lines.append("### Detailed Findings")
         lines.append("")
-        for i, finding in enumerate(review.findings, 1):
+        for _i, finding in enumerate(review.findings, 1):
             severity_emoji = SEVERITY_EMOJI.get(finding.severity, "")
             agent_emoji = AGENT_EMOJI.get(finding.agent, "")
             lines.append(

app/main.py

@@ -22,32 +22,25 @@ import asyncio
 import json
 import traceback
 
+import structlog
 from fastapi import (
-    BackgroundTasks, Depends, FastAPI, Header, HTTPException,
-    Request, Response, Security,
+    BackgroundTasks,
+    Depends,
+    FastAPI,
+    Header,
+    HTTPException,
+    Request,
+    Response,
+    Security,
 )
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.security import APIKeyHeader
-import structlog
-
-from app.config import settings
-
-# ── API Key auth for dashboard endpoints ──────────────────────────────────
-_api_key_header = APIKeyHeader(name="X-API-Key", auto_error=False)
-
-
-async def verify_api_key(api_key: str = Security(_api_key_header)):
-    """Reject dashboard API requests that don't carry a valid API key."""
-    if not settings.dashboard_api_key:
-        return  # No key configured → allow (dev mode)
-    if api_key != settings.dashboard_api_key:
-        raise HTTPException(status_code=403, detail="Invalid or missing API key")
-
 
 from app.agents.performance_agent import PerformanceAgent
 from app.agents.security_agent import SecurityAgent
 from app.agents.style_agent import StyleAgent
 from app.agents.synthesizer import synthesize
+from app.config import settings
 from app.context.indexer import index_repo_files
 from app.context.retriever import retrieve_context
 from app.db.postgres import save_review
@@ -55,11 +48,24 @@ from app.db.redis_cache import is_already_reviewed, mark_as_reviewed
 from app.github.client import GitHubClient
 from app.github.comment_formatter import (
     findings_to_review_comments,
-    format_inline_comment,
     format_summary_comment,
 )
 from app.github.webhook import validate_webhook_signature
 
+# ── API Key auth for dashboard endpoints ──────────────────────────────────
+_api_key_header = APIKeyHeader(name="X-API-Key", auto_error=False)
+
+
+async def verify_api_key(api_key: str = Security(_api_key_header)):
+    """Reject dashboard API requests that don't carry a valid API key."""
+    if not settings.dashboard_api_key:
+        return
+    if api_key != settings.dashboard_api_key:
+        raise HTTPException(status_code=403, detail="Invalid or missing API key")
+
+
+_verify_api_key = Depends(verify_api_key)
+
 logger = structlog.get_logger()
 
 _is_production = settings.environment == "production"
@@ -108,7 +114,7 @@ async def health_check():
 
 
 @app.get("/api/repos/{owner}/{repo}/reviews")
-async def get_reviews(owner: str, repo: str, _=Depends(verify_api_key)):
+async def get_reviews(owner: str, repo: str, _=_verify_api_key):
     """Get recent PR reviews for a repo (used by dashboard)."""
     from app.db.postgres import get_repo_reviews
     repo_full_name = f"{owner}/{repo}"
@@ -117,7 +123,7 @@ async def get_reviews(owner: str, repo: str, _=Depends(verify_api_key)):
 
 
 @app.get("/api/repos/{owner}/{repo}/stats")
-async def get_stats(owner: str, repo: str, _=Depends(verify_api_key)):
+async def get_stats(owner: str, repo: str, _=_verify_api_key):
     """Get aggregate stats for a repo (used by dashboard)."""
     from app.db.postgres import get_repo_reviews
     repo_full_name = f"{owner}/{repo}"

app/models/findings.py

@@ -2,7 +2,7 @@
 
 from __future__ import annotations
 
-from typing import Literal, Optional
+from typing import Literal
 from uuid import UUID, uuid4
 
 from pydantic import BaseModel, Field
@@ -20,7 +20,7 @@ class Finding(BaseModel):
     title: str
     description: str
     suggested_fix: str = ""
-    cwe_id: Optional[str] = None
+    cwe_id: str | None = None
     confidence: float = Field(ge=0.0, le=1.0)
 
 

app/models/webhook_payloads.py

@@ -2,8 +2,6 @@
 
 from __future__ import annotations
 
-from typing import Optional
-
 from pydantic import BaseModel
 
 
@@ -30,9 +28,9 @@ class PullRequest(BaseModel):
     state: str
     head: PullRequestHead
     draft: bool = False
-    changed_files: Optional[int] = None
-    additions: Optional[int] = None
-    deletions: Optional[int] = None
+    changed_files: int | None = None
+    additions: int | None = None
+    deletions: int | None = None
 
 
 class PullRequestEvent(BaseModel):
@@ -52,4 +50,4 @@ class Installation(BaseModel):
 class PullRequestEventWithInstallation(PullRequestEvent):
     """Pull request event with GitHub App installation context."""
 
-    installation: Optional[Installation] = None
+    installation: Installation | None = None

dashboard/app/page.tsx

@@ -261,8 +261,8 @@ export default function HomePage() {
 
           <StaggerContainer className="grid grid-cols-1 sm:grid-cols-3 gap-5">
             {AGENTS.map((agent) => (
-              <StaggerItem key={agent.title}>
-                <HoverCard>
+              <StaggerItem key={agent.title} className="h-full">
+                <HoverCard className="h-full">
                   <div
                     className={`glass rounded-2xl p-6 border ${agent.border} transition-all duration-300 h-full`}
                   >

tests/eval/run_eval.py

@@ -36,8 +36,8 @@ async def evaluate_single_pr(test_case: dict) -> EvalResult:
     A finding is considered a true positive if it matches an expected
     finding on the same file_path and within 3 lines of the expected line.
     """
-    from app.agents.security_agent import SecurityAgent
     from app.agents.performance_agent import PerformanceAgent
+    from app.agents.security_agent import SecurityAgent
     from app.agents.style_agent import StyleAgent
     from app.agents.synthesizer import synthesize
     from app.github.client import PRData

tests/unit/test_parallel_agents.py

@@ -25,7 +25,6 @@ from app.agents.performance_agent import PerformanceAgent
 from app.agents.security_agent import SecurityAgent
 from app.agents.style_agent import StyleAgent
 
-
 # ─── Agent Identity Tests ─────────────────────────────────────────────────
 
 
@@ -41,8 +40,8 @@ class TestAgentIdentities:
 
     def test_all_agents_load_prompts(self):
         """Each agent should load its system prompt without errors."""
-        for AgentClass in [SecurityAgent, PerformanceAgent, StyleAgent]:
-            agent = AgentClass()
+        for agent_class in [SecurityAgent, PerformanceAgent, StyleAgent]:
+            agent = agent_class()
             prompt = agent.system_prompt
             assert len(prompt) > 100, f"{agent.agent_name} prompt is too short"
 

tests/unit/test_performance_agent.py

@@ -23,7 +23,6 @@ from app.agents.performance_agent import PerformanceAgent
 from app.github.client import PRData
 from app.tools.radon_tool import run_radon
 
-
 # ─── Fixtures ──────────────────────────────────────────────────────────────
 
 
@@ -120,13 +119,13 @@ class TestPerformanceAgent:
         """LLM failure should return empty list, not crash."""
         mock_chain = AsyncMock(side_effect=Exception("Groq rate limit"))
 
-        with patch("app.agents.base_agent.ChatGroq") as MockChatGroq:
+        with patch("app.agents.base_agent.ChatGroq") as mock_chat_groq:
             mock_llm_instance = MagicMock()
             mock_llm_instance.with_structured_output.return_value = MagicMock(
                 __ror__=MagicMock(return_value=mock_chain),
                 __or__=MagicMock(return_value=mock_chain),
             )
-            MockChatGroq.return_value = mock_llm_instance
+            mock_chat_groq.return_value = mock_llm_instance
 
             agent = PerformanceAgent()
             with patch.object(agent, "run_static_analysis", return_value=""):

tests/unit/test_rag_pipeline.py

@@ -16,10 +16,9 @@ from unittest.mock import patch
 import pytest
 
 from app.context.embedder import chunk_code
-from app.context.indexer import index_repo_files, _collection_name
+from app.context.indexer import _collection_name, index_repo_files
 from app.context.retriever import retrieve_context
 
-
 # ─── Code Chunking Tests ─────────────────────────────────────────────────
 
 

tests/unit/test_security_agent.py

@@ -18,18 +18,17 @@ from unittest.mock import AsyncMock, MagicMock, patch
 
 import pytest
 
-from app.agents.base_agent import AgentFindings, BaseAgent, FindingOutput
+from app.agents.base_agent import AgentFindings, FindingOutput
 from app.agents.security_agent import SecurityAgent
 from app.github.client import PRData
 from app.github.comment_formatter import (
+    findings_to_review_comments,
     format_inline_comment,
     format_summary_comment,
-    findings_to_review_comments,
 )
 from app.models.findings import Finding, SynthesizedReview
 from app.tools.bandit_tool import run_bandit
 
-
 # ─── Fixtures ──────────────────────────────────────────────────────────────
 
 
@@ -164,13 +163,13 @@ class TestSecurityAgent:
         # Patch at the class level since ChatGroq is a Pydantic model
         mock_chain = AsyncMock(side_effect=Exception("Groq API timeout"))
 
-        with patch("app.agents.base_agent.ChatGroq") as MockChatGroq:
+        with patch("app.agents.base_agent.ChatGroq") as mock_chat_groq:
             mock_llm_instance = MagicMock()
             mock_llm_instance.with_structured_output.return_value = MagicMock(
                 __ror__=MagicMock(return_value=mock_chain),
                 __or__=MagicMock(return_value=mock_chain),
             )
-            MockChatGroq.return_value = mock_llm_instance
+            mock_chat_groq.return_value = mock_llm_instance
 
             agent = SecurityAgent()
             with patch.object(agent, "run_static_analysis", return_value=""):

tests/unit/test_style_agent.py

@@ -22,7 +22,6 @@ from app.agents.style_agent import StyleAgent
 from app.github.client import PRData
 from app.tools.linter_tool import run_ruff
 
-
 # ─── Fixtures ──────────────────────────────────────────────────────────────
 
 
@@ -135,13 +134,13 @@ class TestStyleAgent:
         """LLM failure should return empty list, not crash."""
         mock_chain = AsyncMock(side_effect=Exception("Groq API timeout"))
 
-        with patch("app.agents.base_agent.ChatGroq") as MockChatGroq:
+        with patch("app.agents.base_agent.ChatGroq") as mock_chat_groq:
             mock_llm_instance = MagicMock()
             mock_llm_instance.with_structured_output.return_value = MagicMock(
                 __ror__=MagicMock(return_value=mock_chain),
                 __or__=MagicMock(return_value=mock_chain),
             )
-            MockChatGroq.return_value = mock_llm_instance
+            mock_chat_groq.return_value = mock_llm_instance
 
             agent = StyleAgent()
             with patch.object(agent, "run_static_analysis", return_value=""):

tests/unit/test_synthesizer.py

@@ -10,7 +10,6 @@ These tests verify:
 6. Ranking puts critical findings first
 """
 
-import pytest
 
 from app.agents.synthesizer import (
     deduplicate_findings,
@@ -35,7 +34,7 @@ def _make_finding(agent="security", severity="high", file_path="app.py",
         title=kwargs.get("title", f"Test {category}"),
         description=kwargs.get("description", "Test finding description."),
         suggested_fix=kwargs.get("suggested_fix", ""),
-        cwe_id=kwargs.get("cwe_id", None),
+        cwe_id=kwargs.get("cwe_id"),
         confidence=confidence,
     )
 

tests/unit/test_webhook_validation.py

@@ -27,7 +27,6 @@ from fastapi.testclient import TestClient
 
 from app.github.webhook import validate_webhook_signature
 
-
 # Create a minimal FastAPI app just for testing the webhook dependency
 # This isolates the test from the rest of the application
 test_app = FastAPI()