warestack · dkargatzis · Dec 27, 2025 · Dec 27, 2025 · gemini-code-assist · Dec 27, 2025
@@ -95,6 +95,7 @@ class RepositoryAnalysisRequest(BaseModel):
     repository_url: str | None = Field(default=None, description="GitHub repository URL")
     repository_full_name: str | None = Field(default=None, description="Full repository name (owner/repo)")
     installation_id: int | None = Field(default=None, description="GitHub App installation ID")
+    user_token: str | None = Field(default=None, description="User token for GitHub operations (optional)")
-    user_token: str | None = Field(default=None, description="User token for GitHub operations (optional)")
+    user_token: SecretStr | None = Field(default=None, description="User token for GitHub operations (optional)")
-    user_token: str | None = Field(default=None, description="User token for GitHub operations (optional)")
+    user_token: SecretStr | None = Field(default=None, description="User token for GitHub operations (optional)")
     max_prs: int = Field(default=10, ge=0, le=50, description="Max PRs to sample for analysis")
 
     @field_validator("repository_full_name", mode="before")

@@ -9,7 +9,6 @@
 from __future__ import annotations
 
 import logging
-import textwrap
 from typing import Any
 
 import yaml
@@ -258,7 +257,7 @@ def _default_recommendations(
 severity: medium
 event_types:
   - pull_request
-    parameters:
+parameters:
   source_patterns:
 {source_patterns_yaml}
   test_patterns:
@@ -294,17 +293,14 @@ def _default_recommendations(
 
     recommendations.append(
         RuleRecommendation(
-            yaml_rule=textwrap.dedent(
-                """
-                description: "Ensure PRs include context"
+            yaml_rule="""description: "Ensure PRs include context"
 enabled: true
-                severity: low
+severity: low
 event_types:
   - pull_request
-    parameters:
-                  min_description_length: 50
-                """
-            ).strip(),
+parameters:
+  min_description_length: 50
+""".strip(),
             confidence=desc_confidence,
             reasoning=desc_reasoning,
             strategy_used="static",
@@ -313,18 +309,15 @@ def _default_recommendations(
 
     # Add a repository-specific rule if we detect specific patterns
     if state.repository_features.has_workflows:
-        workflow_rule = textwrap.dedent(
-            """
-            description: "Protect CI/CD workflows"
+        workflow_rule = """description: "Protect CI/CD workflows"
 enabled: true
-            severity: high
+severity: high
 event_types:
   - pull_request
-    parameters:
-              file_patterns:
-                - ".github/workflows/**"
-            """
-        ).strip()
+parameters:
+  file_patterns:
+    - ".github/workflows/**"
+""".strip()
 
         recommendations.append(
             RuleRecommendation(