JSON Import Schema

RefactorStack accepts JSON in the following format. Use this schema when configuring your code review prompts.

Schema Overview

Top-Level Structure

run_metadata (optional) - Information about the review run
issues (array) - List of findings from the review
summary_and_plan (optional) - Executive summary and recommendations

Issue Object

issue_id (required) - Unique identifier for the issue
issue_name (required) - Human-readable name/title
severity (required) - low, medium, high, or critical
category_group (optional) - Group like "Security" or "Maintainability"
category_name (optional) - Specific category
explanation (optional) - Detailed explanation of the issue
agentic_ai_impact (optional) - How this affects AI agent work
locations (optional) - Array of file locations
evidence_snippets (optional) - Code snippets showing the issue
suggested_fix (optional) - How to fix the issue

Suggested Fix Types

agent_prompt - AI agent can fix with the provided prompt
manual_steps - Requires human intervention with step-by-step guide
mixed - Combination of both approaches

Example JSON

{
  "run_metadata": {
    "run_id": "review-2024-01-15-abc123",
    "timestamp": "2024-01-15T10:30:00Z",
    "repository": "my-org/my-app",
    "branch": "main",
    "commit_sha": "a1b2c3d4e5f6",
    "tool_version": "1.0.0"
  },
  "issues": [
    {
      "issue_id": "MAINT-001",
      "issue_name": "Long method exceeds complexity threshold",
      "severity": "medium",
      "category_group": "Maintainability",
      "category_name": "Method Complexity",
      "explanation": "The processOrder method has a cyclomatic complexity of 15, exceeding the recommended threshold of 10.",
      "agentic_ai_impact": "High complexity makes it difficult for AI agents to safely modify this code without introducing regressions.",
      "locations": [
        {
          "file_path": "src/services/order.ts",
          "start_line": 45,
          "end_line": 120,
          "symbol": "processOrder"
        }
      ],
      "evidence_snippets": [
        {
          "file_path": "src/services/order.ts",
          "start_line": 45,
          "end_line": 60,
          "language": "typescript",
          "snippet": "async function processOrder(order: Order) {\n  if (order.status === 'pending') {\n    // ... complex nested logic\n  }\n}"
        }
      ],
      "suggested_fix": {
        "fix_type": "agent_prompt",
        "agent_prompt": "Extract the validation logic from processOrder into a separate validateOrder function. Then extract the payment processing into processPayment. The main function should orchestrate these smaller functions."
      }
    },
    {
      "issue_id": "SEC-001",
      "issue_name": "SQL injection vulnerability",
      "severity": "critical",
      "category_group": "Security",
      "category_name": "Injection",
      "explanation": "User input is directly concatenated into SQL query without parameterization.",
      "locations": [
        {
          "file_path": "src/db/users.ts",
          "start_line": 23,
          "end_line": 25,
          "symbol": "findUserByEmail"
        }
      ],
      "evidence_snippets": [
        {
          "file_path": "src/db/users.ts",
          "start_line": 23,
          "end_line": 25,
          "language": "typescript",
          "snippet": "const result = await db.query(`SELECT * FROM users WHERE email = '${email}'`);"
        }
      ],
      "suggested_fix": {
        "fix_type": "manual_steps",
        "manual_steps": [
          "Replace string concatenation with parameterized query",
          "Use db.query('SELECT * FROM users WHERE email = $1', [email])",
          "Verify all other queries in the file follow the same pattern",
          "Add input validation for email format"
        ]
      }
    }
  ],
  "summary_and_plan": {
    "executive_summary": "Found 2 issues: 1 critical security vulnerability requiring immediate attention, and 1 medium maintainability issue.",
    "prioritized_recommendations": [
      {
        "priority": 1,
        "title": "Fix SQL injection vulnerability",
        "description": "The SQL injection in users.ts must be fixed before any deployment.",
        "related_issue_ids": ["SEC-001"],
        "type": "human_only"
      },
      {
        "priority": 2,
        "title": "Refactor processOrder for maintainability",
        "description": "Break down the complex method to improve maintainability and AI-friendliness.",
        "related_issue_ids": ["MAINT-001"],
        "type": "agent_eligible"
      }
    ],
    "ci_gate_definition": {
      "block_on_critical": true,
      "block_on_high": true,
      "max_medium_issues": 5,
      "required_categories": ["Security", "Reliability"]
    }
  }
}

Supported File Names

When uploading files, use these naming patterns for automatic recognition:

REFACTOR_WORKS_*.json - Primary output format
findings_pass1.json - Initial findings
findings_validated.json - Validated findings
summary_and_plan.json - Summary and recommendations