Implement requested changes: default to osvm.ai, AI enabled by default, GitHub repo parsing

Copilot · 0xrinegade · Copilot · commit 2a03ab3ba7dd · 2025-09-16T10:53:37.000Z
Co-authored-by: 0xrinegade &lt;101195284+0xrinegade@users.noreply.github.com&gt;
diff --git a/src/clparse.rs b/src/clparse.rs
@@ -802,6 +802,12 @@ pub fn parse_command_line() -> clap::ArgMatches {
         .subcommand(
             Command::new("audit")
                 .about("Generate comprehensive security audit report")
+                .arg(
+                    Arg::new("repository")
+                        .help("Repository to audit (format: owner/repo or owner/repo#branch)")
+                        .value_name("REPOSITORY")
+                        .index(1)
+                )
                 .arg(
                     Arg::new("output")
                         .long("output")
@@ -832,10 +838,16 @@ pub fn parse_command_line() -> clap::ArgMatches {
                         .help("Generate test audit report with sample data")
                 )
                 .arg(
-                    Arg::new("ai-analysis")
-                        .long("ai-analysis")
+                    Arg::new("noai")
+                        .long("noai")
                         .action(ArgAction::SetTrue)
-                        .help("Enable AI-powered security analysis using OpenAI (requires OPENAI_API_KEY)")
+                        .help("Disable AI-powered security analysis")
+                )
+                .arg(
+                    Arg::new("api-url")
+                        .long("api-url")
+                        .value_name("URL")
+                        .help("Custom API URL for AI analysis (default: https://osvm.ai/api/getAnswer)")
                 )
                 .arg(
                     Arg::new("gh")
diff --git a/src/main.rs b/src/main.rs
@@ -205,9 +205,31 @@ async fn handle_audit_command(
     let format = matches.get_one::<String>("format").unwrap().to_string();
     let verbose = matches.get_count("verbose");
     let test_mode = matches.get_flag("test");
-    let ai_analysis = matches.get_flag("ai-analysis");
-    let gh_repo = matches.get_one::<String>("gh").map(|s| s.to_string());
+    
+    // AI analysis is enabled by default, disabled only if --noai is provided
+    let ai_analysis = !matches.get_flag("noai");
+    
+    // Handle repository parsing - check positional argument first, then --gh flag
+    let gh_repo = if let Some(repo) = matches.get_one::<String>("repository") {
+        // Parse positional argument as GitHub repo
+        if repo.contains('/') {
+            // Looks like owner/repo format
+            if repo.contains('#') {
+                Some(repo.to_string())
+            } else {
+                // No branch specified, try main first, then default branch
+                Some(format!("{}#main", repo))
+            }
+        } else {
+            // Not a repo format, treat as regular path
+            None
+        }
+    } else {
+        matches.get_one::<String>("gh").map(|s| s.to_string())
+    };
+    
     let template_path = matches.get_one::<String>("template").map(|s| s.to_string());
+    let api_url = matches.get_one::<String>("api-url").map(|s| s.to_string());
 
     let request = AuditRequest {
         output_dir,
@@ -218,22 +240,21 @@ async fn handle_audit_command(
         gh_repo,
         template_path,
         no_commit,
+        api_url,
     };
 
-    // Create the audit service with or without AI
+    // Create the audit service with custom API URL if provided
     let service = if ai_analysis {
-        // Check if OpenAI API key is available, otherwise use internal AI
-        match std::env::var("OPENAI_API_KEY") {
-            Ok(api_key) if !api_key.trim().is_empty() => {
-                println!("🤖 Using OpenAI API with provided key");
-                AuditService::with_ai(api_key)
-            }
-            _ => {
-                println!("🤖 Using internal OSVM AI service");
-                AuditService::with_internal_ai()
-            }
+        if let Some(api_url) = &request.api_url {
+            println!("🤖 Using custom AI API: {}", api_url);
+            AuditService::with_custom_ai(api_url.clone())
+        } else {
+            // Use default (osvm.ai unless explicitly configured for OpenAI)
+            println!("🤖 Using default OSVM AI service");
+            AuditService::with_internal_ai()
         }
     } else {
+        println!("🤖 AI analysis disabled");
         AuditService::new()
     };
 
diff --git a/src/services/ai_service.rs b/src/services/ai_service.rs
@@ -49,19 +49,45 @@ pub struct AiService {
 
 impl AiService {
     pub fn new() -> Self {
-        let openai_url = env::var("OPENAI_URL").ok();
-        let openai_key = env::var("OPENAI_KEY").ok();
-        
-        let (api_url, use_openai) = if let (Some(url), Some(_)) = (&openai_url, &openai_key) {
-            (url.clone(), true)
+        Self::with_api_url(None)
+    }
+
+    pub fn with_api_url(custom_api_url: Option<String>) -> Self {
+        let (api_url, use_openai) = match custom_api_url {
+            Some(url) => {
+                // Check if it's an OpenAI URL and we have an API key
+                if url.contains("openai.com") || url.contains("api.openai.com") {
+                    if let Some(key) = env::var("OPENAI_KEY").ok().filter(|k| !k.trim().is_empty()) {
+                        (url, true)
+                    } else {
+                        eprintln!("⚠️  OpenAI URL provided but no OPENAI_KEY found, falling back to OSVM AI");
+                        ("https://osvm.ai/api/getAnswer".to_string(), false)
+                    }
+                } else {
+                    // Custom URL, treat as external API
+                    (url, false)
+                }
+            }
+            None => {
+                // Default behavior: use osvm.ai unless explicitly configured for OpenAI
+                if let (Some(url), Some(_)) = (env::var("OPENAI_URL").ok(), env::var("OPENAI_KEY").ok()) {
+                    (url, true)
+                } else {
+                    ("https://osvm.ai/api/getAnswer".to_string(), false)
+                }
+            }
+        };
+
+        let api_key = if use_openai {
+            env::var("OPENAI_KEY").ok()
         } else {
-            ("https://osvm.ai/api/getAnswer".to_string(), false)
+            None
         };
 
         Self {
             client: reqwest::Client::new(),
             api_url,
-            api_key: openai_key,
+            api_key,
             use_openai,
         }
     }
diff --git a/src/services/audit_service.rs b/src/services/audit_service.rs
@@ -36,6 +36,7 @@ pub struct AuditRequest {
     pub gh_repo: Option<String>,
     pub template_path: Option<String>,
     pub no_commit: bool,
+    pub api_url: Option<String>,
 }
 
 pub struct AuditResult {
@@ -69,6 +70,12 @@ impl AuditService {
         }
     }
 
+    pub fn with_custom_ai(api_url: String) -> Self {
+        Self {
+            coordinator: AuditCoordinator::with_custom_ai(api_url),
+        }
+    }
+
     pub fn with_optional_ai(api_key: Option<String>) -> Self {
         Self {
             coordinator: AuditCoordinator::with_optional_ai(api_key),
diff --git a/src/utils/audit.rs b/src/utils/audit.rs
@@ -952,6 +952,21 @@ impl AuditCoordinator {
         }
     }
 
+    /// Create a new audit coordinator with custom AI API
+    pub fn with_custom_ai(api_url: String) -> Self {
+        Self {
+            ai_client: None,
+            internal_ai_service: Some(AiService::with_api_url(Some(api_url))),
+            modular_coordinator: ModularAuditCoordinator::new(),
+            template_generator: TemplateReportGenerator::new().unwrap_or_else(|e| {
+                log::warn!("Failed to initialize template generator: {}", e);
+                panic!("Template generator is required for audit functionality");
+            }),
+            ai_disabled: false,
+            ai_circuit_breaker: AICircuitBreaker::new(3, Duration::from_secs(300)), // 3 failures, 5 min recovery
+        }
+    }
+
     /// Create a new audit coordinator with optional AI capabilities
     /// Now defaults to internal AI service, with fallback to OpenAI if api_key is provided
     pub fn with_optional_ai(api_key: Option<String>) -> Self {
@@ -7176,58 +7191,88 @@ This security audit provides a comprehensive assessment of the OSVM CLI applicat
         Ok(report)
     }
 
-    /// Parse repository specification (owner/repo#branch)
+    /// Parse repository specification (owner/repo#branch or owner/repo)
     fn parse_repo_spec(&self, repo_spec: &str) -> Result<(String, String)> {
         let parts: Vec<&str> = repo_spec.split('#').collect();
-        if parts.len() != 2 {
-            anyhow::bail!("Invalid repository specification. Expected format: owner/repo#branch");
+        
+        if parts.len() > 2 {
+            anyhow::bail!("Invalid repository specification. Expected format: owner/repo or owner/repo#branch");
         }
 
         let repo_path = parts[0];
-        let branch = parts[1];
+        let branch = if parts.len() == 2 {
+            parts[1].to_string()
+        } else {
+            // No branch specified, default to "main"
+            "main".to_string()
+        };
 
         if !repo_path.contains('/') {
             anyhow::bail!("Invalid repository path. Expected format: owner/repo");
         }
 
         let repo_url = format!("https://github.com/{}.git", repo_path);
-        Ok((repo_url, branch.to_string()))
+        Ok((repo_url, branch))
     }
 
-    /// Clone repository to temporary directory
+    /// Clone repository to temporary directory with branch fallback
     fn clone_repository(&self, repo_url: &str, branch: &str) -> Result<std::path::PathBuf> {
         let temp_dir =
             std::env::temp_dir().join(format!("osvm-audit-{}", chrono::Utc::now().timestamp()));
 
         println!("📥 Cloning repository to: {}", temp_dir.display());
 
-        // Use timeout for git operations to prevent hanging
-        let output = self.execute_git_with_timeout(
-            &[
-                "clone",
-                "--branch",
-                branch,
-                "--single-branch",
-                repo_url,
-                temp_dir.to_str().unwrap(),
-            ],
-            Some(&std::env::temp_dir()),
-            Duration::from_secs(300), // 5 minute timeout
-        )?;
+        // Try to clone with the specified branch first
+        let branches_to_try = if branch == "main" {
+            // If user didn't specify a branch and we defaulted to "main", try fallbacks
+            vec!["main", "master", "develop"]
+        } else {
+            // User specified a branch, only try that one
+            vec![branch]
+        };
 
-        if !output.status.success() {
-            let error_msg = String::from_utf8_lossy(&output.stderr);
-            anyhow::bail!("Git clone failed: {}", error_msg);
-        }
+        let mut last_error = String::new();
 
-        // Verify the repository was cloned successfully
-        if !temp_dir.exists() {
-            anyhow::bail!(
-                "Repository clone directory does not exist: {}",
-                temp_dir.display()
-            );
+        for branch_name in branches_to_try {
+            println!("🌿 Trying branch: {}", branch_name);
+            
+            // Use timeout for git operations to prevent hanging
+            let output = self.execute_git_with_timeout(
+                &[
+                    "clone",
+                    "--branch",
+                    branch_name,
+                    "--single-branch",
+                    repo_url,
+                    temp_dir.to_str().unwrap(),
+                ],
+                Some(&std::env::temp_dir()),
+                Duration::from_secs(180), // 3 minute timeout per attempt
+            )?;
+
+            if output.status.success() {
+                // Verify the repository was cloned successfully
+                if temp_dir.exists() {
+                    println!("✅ Successfully cloned with branch: {}", branch_name);
+                    return Ok(temp_dir);
+                } else {
+                    last_error = format!("Repository clone directory does not exist: {}", temp_dir.display());
+                    break;
+                }
+            } else {
+                last_error = String::from_utf8_lossy(&output.stderr).to_string();
+                println!("❌ Failed to clone with branch '{}': {}", branch_name, last_error);
+                
+                // Clean up any partial clone attempt
+                if temp_dir.exists() {
+                    let _ = std::fs::remove_dir_all(&temp_dir);
+                }
+            }
         }
 
+        anyhow::bail!("Git clone failed for all attempted branches. Last error: {}", last_error)
+    }
+
         Ok(temp_dir)
     }
 

Original file line number	Diff line number	Diff line change
`@@ -36,6 +36,7 @@ pub struct AuditRequest {`
`36`	`36`	`pub gh_repo: Option<String>,`
`37`	`37`	`pub template_path: Option<String>,`
`38`	`38`	`pub no_commit: bool,`
	`39`	`+ pub api_url: Option<String>,`
`39`	`40`	`}`
`40`	`41`
`41`	`42`	`pub struct AuditResult {`
`@@ -69,6 +70,12 @@ impl AuditService {`
`69`	`70`	`}`
`70`	`71`	`}`
`71`	`72`
	`73`	`+ pub fn with_custom_ai(api_url: String) -> Self {`
	`74`	`+ Self {`
	`75`	`+ coordinator: AuditCoordinator::with_custom_ai(api_url),`
	`76`	`+ }`
	`77`	`+ }`
	`78`	`+`
`72`	`79`	`pub fn with_optional_ai(api_key: Option<String>) -> Self {`
`73`	`80`	`Self {`
`74`	`81`	`coordinator: AuditCoordinator::with_optional_ai(api_key),`