feat: AI bug catching (aiReview and aiFuzz)#10
Merged
Conversation
aiReview(response) returns a list of likely problems (bad or inconsistent types, missing fields, leaked secrets or PII, status/body mismatches). aiFuzz generates adversarial request payloads to probe an endpoint. Both reuse the two-go/ai provider, parse JSON out of the reply tolerantly, and are advisory. Types, README, CHANGELOG, and stubbed unit tests.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #9.
Use the AI layer to find bugs, not just author tests.
aiReview(response, options)returns{ severity, field, message }[]: bad or inconsistent types, missing fields, suspicious values, leaked secrets or PII, status/body mismatches, pagination issues. Tolerant JSON parsing, returns [] when nothing is wrong or the reply is unparseable.aiFuzz(options)generates adversarial request payloads (boundary values, wrong types, missing fields, injection-like strings) to send with the normal client.two-go/aiprovider, exported fromtwo-go/aiand the main entry, with types.616 unit tests green (5 new, provider stubbed so no network), tsc clean, no em dashes. Next: MCP server.