Dedicated ReviewCount vs KeepCount fields

data-douser · data-douser · commit f4e270694c33 · 2026-04-13T16:09:31.000-06:00
diff --git a/client/cmd/code_scanning_apply.go b/client/cmd/code_scanning_apply.go
@@ -6,8 +6,9 @@ import (
 	"os"
 	"time"
 
-	gh "github.com/advanced-security/codeql-development-mcp-server/client/internal/github"
 	"github.com/spf13/cobra"
+
+	gh "github.com/advanced-security/codeql-development-mcp-server/client/internal/github"
 )
 
 // ---------------------------------------------------------------------------
diff --git a/client/cmd/code_scanning_assess.go b/client/cmd/code_scanning_assess.go
@@ -37,6 +37,7 @@ type assessSummary struct {
 	KeepDismissed    int `json:"keepDismissedCount"`
 	KeepFixed        int `json:"keepFixedCount"`
 	DiscardCount     int `json:"discardCount"`
+	ReviewCount      int `json:"reviewCount"`
 	ChurnRiskCount   int `json:"churnRiskCount"`
 	OverlapPairCount int `json:"overlapPairCount"`
 }
@@ -147,7 +148,7 @@ func buildAssessReport(baseReport codeScanningReport, assessed []assessedAlert)
 		case "discard":
 			summary.DiscardCount++
 		case "review":
-			summary.KeepCount++ // counted as keep until user decides
+			summary.ReviewCount++
 		}
 		if a.ChurnRisk != "" {
 			summary.ChurnRiskCount++
diff --git a/client/cmd/code_scanning_assess_test.go b/client/cmd/code_scanning_assess_test.go
@@ -129,3 +129,29 @@ func TestBuildAssessReport_Summary(t *testing.T) {
 		t.Error("expected at least 1 keep recommendation")
 	}
 }
+
+func TestBuildAssessReport_ReviewCountSeparateFromKeep(t *testing.T) {
+	// Alert 1 is open with an overlap to a dismissed alert -> "review"
+	// Alert 2 is dismissed -> "keep-dismissed"
+	// Alert 3 is open, no overlaps -> "keep"
+	alerts := []alertEntry{
+		{Number: 1, State: "open", Rule: ruleEntry{ID: "js/sql-injection-v2"}, Location: locationEntry{Path: "src/db.js", StartLine: 42}},
+		{Number: 2, State: "dismissed", Rule: ruleEntry{ID: "js/sql-injection"}, Location: locationEntry{Path: "src/db.js", StartLine: 42},
+			DismissedReason: strPtr("false positive")},
+		{Number: 3, State: "open", Rule: ruleEntry{ID: "js/xss"}, Location: locationEntry{Path: "src/views.js", StartLine: 30}},
+	}
+
+	report := buildReport("test/repo", nil, alerts)
+	assessed := assessAlerts(alerts)
+	assessReport := buildAssessReport(report, assessed)
+
+	if assessReport.Summary.ReviewCount != 1 {
+		t.Errorf("reviewCount = %d, want 1", assessReport.Summary.ReviewCount)
+	}
+	if assessReport.Summary.KeepCount != 1 {
+		t.Errorf("keepCount = %d, want 1 (only pure keep, not review)", assessReport.Summary.KeepCount)
+	}
+	if assessReport.Summary.KeepDismissed != 1 {
+		t.Errorf("keepDismissedCount = %d, want 1", assessReport.Summary.KeepDismissed)
+	}
+}
diff --git a/client/cmd/code_scanning_report.go b/client/cmd/code_scanning_report.go
@@ -8,8 +8,9 @@ import (
 	"sort"
 	"time"
 
-	gh "github.com/advanced-security/codeql-development-mcp-server/client/internal/github"
 	"github.com/spf13/cobra"
+
+	gh "github.com/advanced-security/codeql-development-mcp-server/client/internal/github"
 )
 
 // ---------------------------------------------------------------------------
@@ -179,7 +180,7 @@ func init() {
 	f.StringVar(&reportFlags.repo, "repo", "", "Repository in owner/repo format (required)")
 	f.StringVar(&reportFlags.ref, "ref", "", "Git ref to filter by (e.g. refs/heads/main)")
 	f.StringVar(&reportFlags.toolName, "tool-name", "", "Tool name to filter by (e.g. CodeQL)")
-	f.StringVar(&reportFlags.state, "state", "", "Alert state filter: open, closed, dismissed, fixed")
+	f.StringVar(&reportFlags.state, "state", "", "Alert state filter: open, dismissed, fixed")
 	f.StringVar(&reportFlags.output, "output", "", "Output file path (default: <owner>_<repo>.cs-report.json)")
 	f.BoolVar(&reportFlags.includeSarif, "include-sarif", false, "Also download SARIF files for each analysis")
 	f.IntVar(&reportFlags.perPage, "per-page", 100, "Results per page for API calls (max 100)")
diff --git a/client/cmd/code_scanning_report_test.go b/client/cmd/code_scanning_report_test.go
@@ -228,8 +228,3 @@ func TestBuildReport_JSONRoundTripWithDismissal(t *testing.T) {
 		t.Error("dismissedBy lost in JSON roundtrip")
 	}
 }
-
-// strPtr returns a pointer to s.
-func strPtr(s string) *string {
-	return &s
-}
diff --git a/client/cmd/helpers_test.go b/client/cmd/helpers_test.go
@@ -29,3 +29,8 @@ func TestParseRepo_Invalid(t *testing.T) {
 		}
 	}
 }
+
+// strPtr returns a pointer to s.
+func strPtr(s string) *string {
+	return &s
+}

Original file line number	Diff line number	Diff line change
`@@ -6,8 +6,9 @@ import (`
`6`	`6`	`"os"`
`7`	`7`	`"time"`
`8`	`8`
`9`		`- gh "github.com/advanced-security/codeql-development-mcp-server/client/internal/github"`
`10`	`9`	`"github.com/spf13/cobra"`
	`10`	`+`
	`11`	`+ gh "github.com/advanced-security/codeql-development-mcp-server/client/internal/github"`
`11`	`12`	`)`
`12`	`13`
`13`	`14`	`// ---------------------------------------------------------------------------`
Original file line number	Diff line number	Diff line change
`@@ -228,8 +228,3 @@ func TestBuildReport_JSONRoundTripWithDismissal(t *testing.T) {`
`228`	`228`	`t.Error("dismissedBy lost in JSON roundtrip")`
`229`	`229`	`}`
`230`	`230`	`}`
`231`		`-`
`232`		`-// strPtr returns a pointer to s.`
`233`		`-func strPtr(s string) *string {`
`234`		`- return &s`
`235`		`-}`
Original file line number	Diff line number	Diff line change
`@@ -29,3 +29,8 @@ func TestParseRepo_Invalid(t *testing.T) {`
`29`	`29`	`}`
`30`	`30`	`}`
`31`	`31`	`}`
	`32`	`+`
	`33`	`+// strPtr returns a pointer to s.`
	`34`	`+func strPtr(s string) *string {`
	`35`	`+ return &s`
	`36`	`+}`