feat: add /get/ installation page for CLI installer

[Aureliolo]

Summary

• Add synthorg.io/get/ as a branded CLI installation page — an Astro page on the existing GitHub Pages site with install commands, script audit links, direct download, manual download instructions, and a pointer to the docs for Docker Compose setup
• Extract footer from index.astro into shared Footer.astro component with new "Get Started" link
• Update hero/final CTAs on landing page to point to /get/
• Update install URLs across README, user guide, and install script comments from raw.githubusercontent.com to synthorg.io/get/
• Copy cli/scripts/install.sh and install.ps1 into site/dist/get/ in CI (both pages.yml and pages-preview.yml) — canonical source stays in cli/scripts/, no duplication
• Expand Docker Compose manual section in user guide (container descriptions, env vars table, first-run setup)
• Fix git tool env isolation: strip GIT_DIR/GIT_WORK_TREE from subprocess env in both production code (_build_git_env) and test fixtures, preventing pre-push hook env leakage from breaking 79 git tool tests
• Update CLAUDE.md: CI section (install script copy step + path triggers), Documentation section (/get/ page mention), Package Structure (add site/ layout)

Closes #399

Test plan

• Verify site/src/pages/get.astro renders correctly with all 6 sections (hero, quick install, audit, direct download, manual download, CLI is optional)
• Verify Footer.astro renders on both index and get pages with "Get Started" link
• Verify install URLs are consistent across README, user guide, install scripts, get.astro, and index.astro
• Verify CI copies install scripts into site/dist/get/ after Astro build (check pages.yml and pages-preview.yml)
• Verify git tool tests pass in worktree environments (pre-push hook with GIT_DIR set)
• Verify cli.yml release note URLs are NOT changed (version-pinned raw GitHub URLs)

Review coverage

• Pre-reviewed by 3 agents (docs-consistency, infra-reviewer, issue-resolution-verifier)
• 4 findings from docs-consistency, 3 implemented (1 was a partial duplicate)
• 0 findings from infra-reviewer (CI changes clean)
• Issue resolution: all 10 acceptance criteria verified RESOLVED (98-99% confidence)

Release-As: 0.2.0

[github-actions]

All contributors have signed the CLA. Thank you!
_{Posted by the CLA Assistant Lite bot.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the user experience for installing the SynthOrg CLI by introducing a dedicated, branded installation page and standardizing installation URLs. It also improves the Docker Compose setup documentation and includes a critical fix for Git tool environment isolation, ensuring more robust and predictable behavior during development and testing.

Highlights

• New CLI Installation Page: Added a dedicated Astro page at synthorg.io/get/ providing comprehensive CLI installation instructions, including quick install commands, script audit links, direct downloads, and manual download guidance.
• Improved Site Structure and Navigation: Extracted the footer content into a reusable Footer.astro component and updated the landing page's primary call-to-action (CTA) links to direct users to the new /get/ installation page.
• Standardized Installation URLs: Updated all CLI installation URLs across the README.md, user guide, and install script comments to use the new synthorg.io/get/ domain, replacing raw.githubusercontent.com.
• CI/CD Enhancements: Configured the CI pipeline (pages.yml and pages-preview.yml) to automatically copy the install.sh and install.ps1 scripts into the site/dist/get/ directory after the Astro build, ensuring they are served from the new branded URL.
• Expanded Docker Compose Documentation: Enhanced the Docker Compose manual setup section in the user guide with detailed container descriptions, an environment variables table, and clear first-run setup instructions.
• Git Tool Environment Isolation Fix: Implemented a fix to prevent pre-push hook environment variable leakage (GIT_DIR, GIT_WORK_TREE) from breaking git tool tests by explicitly stripping these discovery variables from subprocess environments in both production code and test fixtures.

Changelog

• .claude/hookify.function-length.md
  • Removed the hookify rule for function length reminders.
• .claude/hookify.missing-logger.md
  • Removed the hookify rule for missing logger imports.
• .claude/hookify.no-future-annotations.md
  • Removed the hookify rule prohibiting from __future__ import annotations.
• .claude/hookify.pep758-except.md
  • Removed the hookify rule for PEP 758 except syntax.
• CLAUDE.md
  • Updated the description of the site/ directory to reflect the addition of the /get/ page and Footer component.
  • Added the new site/ directory structure to the package layout section.
  • Modified the CI section to include copying CLI install scripts and updated path triggers for the pages.yml workflow.
• README.md
  • Updated CLI installation URLs to point to the new synthorg.io/get/ domain.
• cli/scripts/install.ps1
  • Updated the usage comment to reflect the new synthorg.io/get/install.ps1 URL.
• cli/scripts/install.sh
  • Updated the usage comment to reflect the new synthorg.io/get/install.sh URL.
• docs/user_guide.md
  • Updated the CLI installation URL.
  • Expanded the Docker Compose manual setup section with container descriptions, environment variables, and first-run setup instructions.
• site/src/components/Footer.astro
  • Added a new Astro component for the site's shared footer.
• site/src/pages/get.astro
  • Added a new Astro page providing detailed CLI installation instructions.
• site/src/pages/index.astro
  • Imported and utilized the new Footer component.
  • Updated the 'Start Building' and 'Get Started' call-to-action links to point to the new /get/ page.
  • Modified the quick start terminal commands to use the new synthorg.io/get/install.sh URL.
• src/ai_company/tools/_git_base.py
  • Defined a set of Git discovery environment variables (_GIT_DISCOVERY_VARS).
  • Modified the _build_git_env function to remove these Git discovery variables from subprocess environments.
• tests/unit/tools/git/conftest.py
  • Added GIT_CONFIG_GLOBAL to the _GIT_ENV dictionary.
  • Removed Git discovery environment variables from the _GIT_ENV dictionary.
  • Introduced an autouse pytest fixture _isolate_git_env to strip Git discovery environment variables from the test environment.

Ignored Files

• Ignored by pattern: .github/workflows/** (2)
  • .github/workflows/pages-preview.yml
  • .github/workflows/pages.yml

Activity

• Pre-reviewed by 3 agents (docs-consistency, infra-reviewer, issue-resolution-verifier).
• 4 findings from docs-consistency, with 3 implemented (1 was a partial duplicate).
• 0 findings from infra-reviewer, indicating clean CI changes.
• Issue resolution: all 10 acceptance criteria verified RESOLVED with 98-99% confidence.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Adds a branded /get/ CLI installation page and Footer component, updates homepage CTAs and docs/README URLs to synthorg.io/get/, copies CLI installer scripts into the Pages build via CI workflow changes, and tightens git env isolation in tests.

Changes

Cohort / File(s)	Summary
GitHub Actions workflows ​.github/workflows/pages.yml, ​.github/workflows/pages-preview.yml	Add cli/scripts/install.sh and cli/scripts/install.ps1 to workflow path triggers; add build step to copy those scripts into site/dist/get/ after Astro build.
Site pages & components site/src/pages/get.astro, site/src/pages/index.astro, site/src/components/Footer.astro	Add new /get/ Astro page with quick-install blocks, audit/download links and copy-to-clipboard; extract/add Footer and update index to use Footer and point CTAs to /get/.
Documentation & README README.md, CLAUDE.md, docs/user_guide.md	Update install URLs to https://synthorg.io/get/...; rewrite README presentation; expand docs user_guide with container and first-run setup details.
Installer scripts (comments only) cli/scripts/install.sh, cli/scripts/install.ps1	Update usage/comment URLs to https://synthorg.io/get/install.sh and /install.ps1; no functional changes.
Git env isolation for tests src/ai_company/tools/_git_base.py, tests/unit/tools/git/conftest.py	Add _GIT_DISCOVERY_VARS and remove those env vars in _build_git_env; tests import constant, prune _GIT_ENV, and add autouse fixture to delete discovery env vars during tests.

Sequence Diagram(s)

sequenceDiagram
    participant Dev as Developer
    participant GH as GitHub Actions
    participant Astro as Astro Build
    participant Dist as site/dist
    participant Pages as GitHub Pages
    participant User as Browser/CLI

    Dev->>GH: push/PR (includes cli/scripts/install.*)
    GH->>Astro: run site build (astro build)
    Astro->>Dist: produce site/dist/get/index.html
    GH->>Dist: copy cli/scripts/install.sh & install.ps1 -> site/dist/get/
    GH->>Pages: deploy site/dist to Pages hosting
    User->>Pages: GET /get/ and GET /get/install.sh or /get/install.ps1

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

Possibly related PRs

• feat: add PR preview deployments via Cloudflare Pages #302: Modifies the pages-preview workflow — directly overlaps the preview workflow edits here.
• docs: set up documentation site, release CI, and sandbox hardening #298: Adjusts the Pages workflow and build steps — related to adding workflow triggers and copy steps.
• feat: add static OpenAPI reference page with Scalar UI #319: Changes Pages workflows (build/export tasks) and touches similar deployment flow.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	Title clearly summarizes the main change: adding a new /get/ installation page for the CLI installer, matching the primary objective.
Description check	✅ Passed	Description is comprehensive and directly related to the changeset, covering all major modifications: /get/ page, footer extraction, URL updates, CI changes, Docker docs expansion, and git env isolation fixes.
Linked Issues check	✅ Passed	All requirements from issue #399 are implemented: get.astro page with 6 sections, Footer.astro component with /get/ link, index.astro updated, install URLs changed, CI copy steps added, user guide expanded, install script comments updated, and git env isolation fixed.
Out of Scope Changes check	✅ Passed	All changes are within scope of issue #399: site pages, footer extraction, CI workflows, documentation updates, install scripts, and git environment isolation (required for git tool test fixes).
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/get-install-page

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch feat/get-install-page

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR adds a /get/ CLI installation page to the Astro-based site at synthorg.io, extracts the footer into a shared component, updates install URLs across documentation and scripts, fixes git tool environment isolation for pre-push hook scenarios, and updates CLAUDE.md to reflect the new structure. It also deletes all .claude/hookify.*.md files (not documented in the PR description).

Changes:

• New /get/ Astro page with install commands, script audit links, direct download, and manual download sections; shared Footer.astro component extracted from index.astro
• Install URLs updated from raw.githubusercontent.com to synthorg.io/get/ across README, user guide, and install script comments; CI workflows copy install scripts into site/dist/get/
• Git tool env isolation: strips GIT_DIR/GIT_WORK_TREE and related vars from subprocess env in both production code and test fixtures

Reviewed changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
site/src/pages/get.astro	New CLI installation page with 6 sections
site/src/components/Footer.astro	Shared footer extracted from index, with new "Get Started" link
site/src/pages/index.astro	CTAs updated to /get/, inline footer replaced with <Footer />
.github/workflows/pages.yml	Copies install scripts into site/dist/get/; adds cli/scripts to path triggers
.github/workflows/pages-preview.yml	Same CI copy step and path trigger additions
README.md	Install URLs updated to synthorg.io/get/
docs/user_guide.md	Install URL updated; expanded Docker Compose manual section
cli/scripts/install.sh	Usage comment URL updated
cli/scripts/install.ps1	Usage comment URL updated
src/ai_company/tools/_git_base.py	Strips git discovery env vars in _build_git_env()
tests/unit/tools/git/conftest.py	Strips git discovery env vars from _GIT_ENV and adds _isolate_git_env fixture
CLAUDE.md	Documents /get/ page, site layout, CI install script copy step
.claude/hookify.*.md (4 files)	Deleted (undocumented in PR description)

Comments suppressed due to low confidence (1)

.claude/hookify.pep758-except.md:1

• The deletion of all .claude/hookify.*.md files (pep758-except, no-future-annotations, missing-logger, function-length-reminder) is not mentioned in the PR description or issue #399. These are unrelated to the /get/ installation page feature. If this is intentional, the PR description should document it; if not, these deletions should be reverted.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[gemini-code-assist]

Code Review

This pull request introduces a new /get/ installation page for the CLI, centralizing installation instructions and providing a branded URL. The changes include creating the new Astro page, refactoring the site footer into a shared component, and updating all installation URLs across the documentation and scripts to point to the new page. Additionally, this PR includes an important fix for git tool environment isolation, preventing environment variable leakage from pre-push hooks from affecting tests. The changes are well-structured and the documentation updates are comprehensive. I have one suggestion regarding code duplication in the test fixtures.

[gemini-code-assist]

This list of Git discovery environment variables is duplicated from _GIT_DISCOVERY_VARS in src/ai_company/tools/_git_base.py. To avoid duplication and ensure tests stay in sync with the implementation, consider importing and using the constant here.

# At top of file
from ai_company.tools._git_base import _GIT_DISCOVERY_VARS

# In fixture
for key in _GIT_DISCOVERY_VARS:
    monkeypatch.delenv(key, raising=False)

This would also apply to the loop at lines 32-40.

[greptile-apps]

Greptile Summary

This PR adds synthorg.io/get/ as a branded CLI installation page, extracts the site footer into a shared component, updates install URLs across docs and scripts from raw.githubusercontent.com to the new canonical domain, and fixes a pre-push hook env leakage bug in the git tool layer. The changes are well-scoped and the approach (copying scripts into site/dist/get/ at CI time rather than duplicating them in source) keeps a clean canonical source for the install scripts.

• New /get/ page (site/src/pages/get/index.astro): Full installation page with quick-install terminals, copy buttons with clipboard fallback and SR live region, script audit links, direct download, and manual Docker Compose path. Well-structured and accessible.
• Script viewer pages (get/view/install-sh.astro, get/view/install-ps1.astro): Read and render the canonical scripts at build time using path.resolve("../cli/scripts/..."), which is CWD-dependent. This works reliably with the current working-directory: site CI convention, but would break if the Astro build is invoked from the repo root. Using import.meta.url-based path resolution would be more robust.
• Footer extraction: Footer moved from inline in index.astro into Footer.astro, hardcoded copyright year replaced with new Date().getFullYear() (evaluated at build time in SSG).
• Git env isolation fix (_git_base.py, conftest.py): _GIT_DISCOVERY_VARS are now stripped from the subprocess environment in _build_git_env() and from _GIT_ENV in test fixtures, preventing GIT_DIR/GIT_WORK_TREE inherited from pre-push hooks from causing the 79 git tool tests to resolve the wrong repository. The autouse=True _isolate_git_env fixture provides a clean second layer of isolation via monkeypatch.
• CI workflows: Both pages.yml and pages-preview.yml now copy the install scripts into site/dist/get/ after the Astro build and add cli/scripts/*.{sh,ps1} path triggers.
• Docs and URL updates: README.md, user_guide.md, and install script comments all updated to the new synthorg.io/get/ URL. The user guide gains a Containers table, Environment Variables table, and First-Run Setup section.

Confidence Score: 5/5

• This PR is safe to merge — changes are well-scoped, the one fragility (CWD-dependent path resolution in view pages) is low-risk given the CI convention, and the git env fix is a clear correctness improvement.
• All 14 changed files are clean. The git env isolation fix is correct and well-tested. CI workflows are consistent between production and preview. The only finding is a style-level fragility in the path.resolve calls in the two view pages, which works fine under the current build convention and does not affect production correctness.
• site/src/pages/get/view/install-sh.astro and site/src/pages/get/view/install-ps1.astro — CWD-dependent path resolution (low risk, works with current CI setup)

Important Files Changed

Filename	Overview
site/src/pages/get/view/install-sh.astro	New page that renders the install.sh script for auditing. Uses CWD-dependent path.resolve() to locate the script file, which works with the current CI setup (working-directory: site) but is fragile if the build is invoked from the repo root.
site/src/pages/get/view/install-ps1.astro	New page that renders the install.ps1 script for auditing. Same CWD-dependent path.resolve() fragility as install-sh.astro.
site/src/pages/get/index.astro	New branded CLI installation page with hero, quick-install terminals, script audit links, direct download, manual binary, and Docker Compose path. Copy buttons use navigator.clipboard with proper fallback handling and SR live region for accessibility.
src/ai_company/tools/_git_base.py	Adds _GIT_DISCOVERY_VARS frozenset and strips those vars from the subprocess environment in _build_git_env(), correctly preventing GIT_DIR/GIT_WORK_TREE inherited from pre-push hooks from hijacking repo detection.
tests/unit/tools/git/conftest.py	Adds GIT_CONFIG_GLOBAL=/dev/null to _GIT_ENV, strips _GIT_DISCOVERY_VARS from _GIT_ENV (which spreads os.environ so inherited vars are correctly purged), and adds an autouse _isolate_git_env fixture that patches os.environ for tool-side isolation. Well-structured two-layer defense.
site/src/components/Footer.astro	Footer extracted from index.astro into a shared component, with a new "Get Started" link added to the Learn section and the hardcoded 2026 copyright year replaced by the dynamic new Date().getFullYear().
.github/workflows/pages.yml	Adds cli/scripts path triggers and a post-build step to copy install.sh and install.ps1 into site/dist/get/. The copy runs after the Astro build so it correctly lands in the merged output.
.github/workflows/pages-preview.yml	Same path-trigger and script-copy changes as pages.yml, keeping the preview workflow consistent with production.
site/src/pages/index.astro	Hero and final CTA links updated from /docs/user_guide/ to /get/, terminal code updated to use the curl install command, clipboard fallback handling added, and inline footer replaced with the new shared Footer component.

Comments Outside Diff (1)

1. site/src/pages/get/view/install-sh.astro, line 6-7 (link)

   CWD-dependent path resolution

   path.resolve("../cli/scripts/install.sh") resolves relative to process.cwd() at build time, so it only works correctly when the Astro build is invoked from the site/ directory. If anyone runs npx astro build or npx astro dev from the repo root (e.g., passing --root site/), the path would resolve one level above the repo root and fs.readFileSync would throw at build time.

   Using import.meta.url-based resolution (available in Astro frontmatter) makes this independent of CWD:

   The same issue exists in site/src/pages/get/view/install-ps1.astro line 6 (path.resolve("../cli/scripts/install.ps1")) and should be updated identically.

Prompt To Fix All With AI

This is a comment left during a code review.
Path: site/src/pages/get/view/install-sh.astro
Line: 6-7

Comment:
**CWD-dependent path resolution**

`path.resolve("../cli/scripts/install.sh")` resolves relative to `process.cwd()` at build time, so it only works correctly when the Astro build is invoked from the `site/` directory. If anyone runs `npx astro build` or `npx astro dev` from the repo root (e.g., passing `--root site/`), the path would resolve one level above the repo root and `fs.readFileSync` would throw at build time.

Using `import.meta.url`-based resolution (available in Astro frontmatter) makes this independent of CWD:

```suggestion
const scriptPath = new URL("../../../../cli/scripts/install.sh", import.meta.url).pathname;
const content = fs.readFileSync(scriptPath, "utf-8");
```

The same issue exists in `site/src/pages/get/view/install-ps1.astro` line 6 (`path.resolve("../cli/scripts/install.ps1")`) and should be updated identically.

How can I resolve this? If you propose a fix, please make it concise.

_{Last reviewed commit: fa94998}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@site/src/components/Footer.astro`:
- Around line 37-39: In Footer.astro replace the hard-coded "2026" inside the
copyright div with a dynamic year expression so it always shows the current
year; locate the div in Footer.astro (the element with class "max-w-6xl...
text-xs" containing "© 2026 SynthOrg. Built with Astro.") and render the current
year via a JavaScript Date getFullYear() expression in the Astro template so the
year updates automatically on build/server render.

In `@site/src/pages/get.astro`:
- Around line 234-241: The click handler attached via
document.querySelectorAll('.copy-btn') currently only handles
navigator.clipboard.writeText success; add explicit failure handling to avoid
unhandled promise rejections and give user feedback. Update the event listener
(the anonymous function using const code and el) to catch writeText errors
(either append a .catch() or make the handler async and try/catch) and on
failure set el.textContent to a failure message like "Copy failed" (and
optionally revert to "Copy" after a timeout), and also log or surface the error
for debugging.

In `@tests/unit/tools/git/conftest.py`:
- Around line 30-40: Duplicate hard-coded git discovery key lists cause drift;
define a single module-level constant (e.g., GIT_DISCOVERY_VARS) containing the
tuple/list of keys and replace both the loop that pops from _GIT_ENV and the
other occurrence (lines around where the second list is used) to iterate over
that constant instead; update references to use GIT_DISCOVERY_VARS so both the
fixture cleanup and subprocess env cleanup share the same source of truth
(_GIT_ENV should be popped using GIT_DISCOVERY_VARS).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 0e478dbe-2a4e-4678-ad4c-e6724aa36d42

📥 Commits

Reviewing files that changed from the base of the PR and between 8ea51f5 and 4c3be2c.

📒 Files selected for processing (16)

• .claude/hookify.function-length.md
• .claude/hookify.missing-logger.md
• .claude/hookify.no-future-annotations.md
• .claude/hookify.pep758-except.md
• .github/workflows/pages-preview.yml
• .github/workflows/pages.yml
• CLAUDE.md
• README.md
• cli/scripts/install.ps1
• cli/scripts/install.sh
• docs/user_guide.md
• site/src/components/Footer.astro
• site/src/pages/get.astro
• site/src/pages/index.astro
• src/ai_company/tools/_git_base.py
• tests/unit/tools/git/conftest.py

💤 Files with no reviewable changes (4)

• .claude/hookify.pep758-except.md
• .claude/hookify.function-length.md
• .claude/hookify.no-future-annotations.md
• .claude/hookify.missing-logger.md

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Upload results
• GitHub Check: CLI Test (windows-latest)
• GitHub Check: Build Backend
• GitHub Check: Build Web
• GitHub Check: Test (Python 3.14)
• GitHub Check: Greptile Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (7)

.github/workflows/pages-preview.yml

📄 CodeRabbit inference engine (CLAUDE.md)

PR Preview workflow (.github/workflows/pages-preview.yml): builds site on PRs, injects 'Development Preview' banner, deploys to Cloudflare Pages project synthorg-pr-preview for each PR at pr-<number>.synthorg-pr-preview.pages.dev. Requires CLOUDFLARE_API_TOKEN + CLOUDFLARE_ACCOUNT_ID secrets. Cleanup job deletes preview on PR close.

Files:

• .github/workflows/pages-preview.yml

docs/**/*.md

📄 CodeRabbit inference engine (CLAUDE.md)

Documentation source in docs/ built with Zensical. Design spec in docs/design/ (7 pages). Auto-generate library reference from docstrings via mkdocstrings + Griffe (AST-based, no imports).

Files:

• docs/user_guide.md

.github/workflows/pages.yml

📄 CodeRabbit inference engine (CLAUDE.md)

Pages workflow (.github/workflows/pages.yml): exports OpenAPI schema (scripts/export_openapi.py), builds Astro landing + Zensical docs, merges, deploys to GitHub Pages on push to main. Triggers on docs/**, site/**, mkdocs.yml, pyproject.toml, uv.lock, src/ai_company/**, scripts/**, workflow file changes, and workflow_dispatch.

Files:

• .github/workflows/pages.yml

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: Do NOT use from __future__ import annotations — Python 3.14 has PEP 649 native lazy annotations
Use except A, B: exception syntax (no parentheses) for Python 3.14 — ruff enforces PEP 758 except syntax
All public functions must have type hints. Enforce with mypy strict mode.
Use Google style docstrings on all public classes and functions — enforced by ruff D rules
Create new objects instead of mutating existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.
For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).
Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.
Use Pydantic v2 with adopted conventions: use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr (from core.types) for all identifier/name fields — including optional and tuple variants — instead of manual whitespace validators.
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code (e.g., multiple tool invocations, parallel agent calls). Prefer structured concurrency over bare create_task. Existing code is being migrated incrementally.
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow them. Validate at system boundaries (user input, external APIs, config files).
Line length: 88 characters (ruff)

Files:

• tests/unit/tools/git/conftest.py
• src/ai_company/tools/_git_base.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest markers: @pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, @pytest.mark.slow for test organization
Set asyncio_mode = "auto" for pytest — no manual @pytest.mark.asyncio needed. Set test timeout to 30 seconds per test.
Use @pytest.mark.parametrize for testing similar cases in test files
Tests must use generic vendor names like test-provider, test-small-001, etc. — never use real vendor names like Claude, GPT, etc.

Files:

• tests/unit/tools/git/conftest.py

src/ai_company/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/ai_company/**/*.py: Every module with business logic MUST have: from ai_company.observability import get_logger then logger = get_logger(__name__). Never use import logging / logging.getLogger() / print() in application code. Variable name must be logger.
Always use event name constants from the domain-specific module under ai_company.observability.events for logging (e.g., PROVIDER_CALL_START from events.provider). Import directly: from ai_company.observability.events.<domain> import EVENT_CONSTANT.
Always log with structured kwargs: logger.info(EVENT, key=value) — never logger.info('msg %s', val). All error paths must log at WARNING or ERROR with context before raising. All state transitions must log at INFO. DEBUG for object creation, internal flow, entry/exit of key functions.
Use Google style docstrings in Python source files for mkdocstrings auto-generation. Docstrings are required on all public classes/functions.

Files:

• src/ai_company/tools/_git_base.py

src/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

Never use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples. Use generic names: example-provider, example-large-001, example-medium-001, example-small-001. Test files must use test-provider, test-small-001, etc. Vendor names may only appear in: (1) docs/design/operations.md, (2) .claude/ files, (3) third-party import paths.

Files:

• src/ai_company/tools/_git_base.py

🧠 Learnings (17)

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/pages.yml : Pages workflow (`.github/workflows/pages.yml`): exports OpenAPI schema (`scripts/export_openapi.py`), builds Astro landing + Zensical docs, merges, deploys to GitHub Pages on push to main. Triggers on `docs/**`, `site/**`, `mkdocs.yml`, `pyproject.toml`, `uv.lock`, `src/ai_company/**`, `scripts/**`, workflow file changes, and `workflow_dispatch`.

Applied to files:

• .github/workflows/pages-preview.yml
• CLAUDE.md
• .github/workflows/pages.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/pages-preview.yml : PR Preview workflow (`.github/workflows/pages-preview.yml`): builds site on PRs, injects 'Development Preview' banner, deploys to Cloudflare Pages project `synthorg-pr-preview` for each PR at `pr-<number>.synthorg-pr-preview.pages.dev`. Requires `CLOUDFLARE_API_TOKEN` + `CLOUDFLARE_ACCOUNT_ID` secrets. Cleanup job deletes preview on PR close.

Applied to files:

• .github/workflows/pages-preview.yml
• CLAUDE.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/ci.yml : CI uses `dorny/paths-filter` to detect Python/dashboard/docker changes; jobs only run when their domain is affected. CLI has its own workflow (`cli.yml`).

Applied to files:

• .github/workflows/pages-preview.yml
• CLAUDE.md
• .github/workflows/pages.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/cli.yml : CLI workflow (`.github/workflows/cli.yml`): Go lint (golangci-lint + go vet) + test (-race -coverprofile) + build (cross-compile matrix: linux/darwin/windows × amd64/arm64) + vulnerability check (govulncheck) on `cli/**` changes. GoReleaser release on `v*` tags (attaches assets to existing Release Please release). Post-release pins checksums in install scripts and appends to GitHub Release notes.

Applied to files:

• .github/workflows/pages-preview.yml
• CLAUDE.md
• .github/workflows/pages.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/dependency-review.yml : Dependency review: license allow-list (permissive only), PR comment summaries

Applied to files:

• .github/workflows/pages-preview.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/cla.yml : CLA workflow (`.github/workflows/cla.yml`): Contributor License Agreement signature check on PRs via `contributor-assistant/github-action`. Triggers on `pull_request_target` and `issue_comment`. Skips Dependabot. Signatures stored in `.github/cla-signatures.json` on the `cla-signatures` branch.

Applied to files:

• .github/workflows/pages-preview.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/dependabot.yml : Dependabot: daily uv + github-actions + npm + pre-commit + docker + gomod updates, grouped minor/patch, no auto-merge. Use `/review-dep-pr` to review Dependabot PRs before merging.

Applied to files:

• .github/workflows/pages-preview.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Go CLI build commands: `cd cli && go build -o synthorg ./main.go`, `cd cli && go test ./...`, `cd cli && go vet ./...`, `cd cli && golangci-lint run`

Applied to files:

• docs/user_guide.md
• CLAUDE.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to docker/** : Docker configuration: all files in `docker/` — Dockerfiles, compose, `.env.example`. Use 3-stage build (builder → setup → distroless runtime), Chainguard Python base, non-root (UID 65532), CIS-hardened. Both images build with `context: .`

Applied to files:

• docs/user_guide.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to docs/**/*.md : Documentation source in `docs/` built with Zensical. Design spec in `docs/design/` (7 pages). Auto-generate library reference from docstrings via mkdocstrings + Griffe (AST-based, no imports).

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to cli/**/*.go : CLI Go code: Go 1.26+, dependencies in `cli/go.mod`. Commands include: init, start, stop, status, logs, doctor, update, uninstall, version. Build with GoReleaser for cross-compile (linux/darwin/windows × amd64/arm64).

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/ci.yml : CI jobs: lint (ruff) + type-check (mypy) + test (pytest + coverage) + python-audit (pip-audit) + dockerfile-lint (hadolint) + dashboard-lint/type-check/test/build/audit (npm) run in parallel → ci-pass (gate)

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/dast.yml : DAST workflow (`.github/workflows/dast.yml`): ZAP API scan against OpenAPI spec on push to main + weekly schedule. Builds backend image locally, starts container, runs ZAP. Results as workflow artifacts (no SARIF). Not on PRs (too slow).

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/docker.yml : Docker CI workflow (`.github/workflows/docker.yml`): builds backend + web images, pushes to GHCR, signs with cosign. Scans: Trivy (CRITICAL = hard fail, HIGH = warn-only) + Grype (critical cutoff). CVE triage via `.github/.trivyignore.yaml` and `.github/.grype.yaml`. Images only pushed after scans pass. Triggers on push to main and version tags (`v*`).

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/release.yml : Release workflow (`.github/workflows/release.yml`): Release Please auto-creates a release PR on every push to main. Merging the release PR creates a git tag (`vX.Y.Z`) + GitHub Release with changelog. Tag push triggers Docker workflow. Uses `RELEASE_PLEASE_TOKEN` secret so tag creation triggers downstream workflows. Config in `.github/release-please-config.json` and `.github/.release-please-manifest.json`. Auto-updates BSL Change Date in LICENSE to 3 years ahead after creating/updating release PR.

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/scorecard.yml : OSSF Scorecard workflow (`.github/workflows/scorecard.yml`): supply chain maturity scoring on push to main + weekly schedule. SARIF upload to Security tab. Contributes to OpenSSF ecosystem data via `publish_results: true`.

Applied to files:

• CLAUDE.md

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/gitleaks.yml : Gitleaks workflow on push/PR + weekly schedule for secret scanning. Enforced by pre-commit hook locally.

Applied to files:

• CLAUDE.md

🪛 LanguageTool

docs/user_guide.md

[style] ~53-~53: Using four (or more) nouns in a row may decrease readability.
Context: ..._COMPANY_MEMORY_DIR|/data/memory| Agent memory storage directory (inside container). | |BACKEND_PORT` ...

(FOUR_NN)

🪛 PSScriptAnalyzer (1.24.0)

cli/scripts/install.ps1

[warning] Missing BOM encoding for non-ASCII encoded file 'install.ps1'

(PSUseBOMForUnicodeEncodedFile)

🔇 Additional comments (15)

cli/scripts/install.sh (1)

3-3: Canonical installer URL update is correct.

Line 3 now points to the stable /get/ endpoint while keeping installer behavior unchanged.

cli/scripts/install.ps1 (1)

2-2: PowerShell usage URL update is aligned with the new install flow.

Line 2 consistently points users to https://synthorg.io/get/install.ps1.

.github/workflows/pages.yml (2)

14-15: Pages trigger coverage for installer scripts looks correct.

Adding both installer script paths ensures Pages rebuilds when install artifacts are updated.

---

72-76: Copy step placement is correct for publishing /get/install.*.

This keeps cli/scripts/ as the canonical source while emitting site/dist/get/install.sh and site/dist/get/install.ps1 in the deploy artifact.

.github/workflows/pages-preview.yml (2)

15-16: Preview trigger expansion for installer scripts is correct.

This ensures PR previews are regenerated when cli/scripts/install.sh or cli/scripts/install.ps1 changes.

---

136-140: Preview artifact copy into /get/ is implemented cleanly.

The step keeps script publication in CI and avoids duplicating files under site/public/.

src/ai_company/tools/_git_base.py (2)

74-87: Git discovery environment isolation is a strong hardening update.

Removing inherited discovery variables prevents parent Git context from overriding workspace-based repo detection.

---

268-275: _build_git_env implementation and docstring are now well-aligned.

The method now clearly documents and performs hardening overrides plus discovery-var stripping.

README.md (1)

77-89: README quick-install snippets are correctly aligned with /get/.

Both Linux/macOS and PowerShell commands now consistently use the new public install endpoints.

CLAUDE.md (2)

81-81: site/ documentation updates are clear and accurate.

The added references to the /get/ page and shared Footer component improve contributor orientation.

Also applies to: 157-161

---

245-245: CI documentation reflects the Pages workflow changes correctly.

The updated line captures both new trigger paths and /get/ installer artifact publication.

docs/user_guide.md (2)

15-15: CLI install URL update is correct.

Line 15 now uses the new canonical installer endpoint.

---

38-74: Manual Docker Compose guidance is substantially improved.

The new container overview, env-var table, and first-run setup steps make the manual path much more actionable.

site/src/pages/index.astro (1)

3-3: Looks good — CTA and install flow are consistently redirected to /get/.

Footer extraction and command/copy-text updates are coherent and match the install-page objective.

Also applies to: 37-37, 409-417, 426-426, 437-437

site/src/pages/get.astro (1)

6-230: Great implementation of the /get/ installation page requirements.

The page structure and links cover the requested install flows, auditability, direct downloads, and optional Docker Compose path.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.65%. Comparing base (5550fa1) to head (fa94998).
⚠️ Report is 8 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #413   +/-   ##
=======================================
  Coverage   93.65%   93.65%           
=======================================
  Files         469      469           
  Lines       22211    22214    +3     
  Branches     2141     2142    +1     
=======================================
+ Hits        20801    20804    +3     
  Misses       1097     1097           
  Partials      313      313           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@site/src/pages/get.astro`:
- Around line 217-231: The copy button updates are only visual; add an
accessible aria-live status update so screen readers announce success/failure.
In the script that handles .copy-btn clicks (the navigator.clipboard.writeText
promise handlers), locate or create a hidden status element (e.g., a sibling
<span> with class like "copy-status" and attributes role="status" and
aria-live="polite" or aria-atomic="true") and set its textContent to "Copied!"
or "Copy failed" alongside the visual label changes, then clear it after the
timeout; ensure the status element is present for each .copy-btn (or use a
single global live region) so assistive tech receives the announcements.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 074103ab-76db-4050-86b7-bc3eae99b724

📥 Commits

Reviewing files that changed from the base of the PR and between 4c3be2c and 75791ba.

📒 Files selected for processing (6)

• .github/workflows/pages-preview.yml
• .github/workflows/pages.yml
• site/src/components/Footer.astro
• site/src/pages/get.astro
• src/ai_company/tools/_git_base.py
• tests/unit/tools/git/conftest.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: CLI Test (windows-latest)
• GitHub Check: Test (Python 3.14)
• GitHub Check: Build Backend
• GitHub Check: Build Web
• GitHub Check: Greptile Review
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (6)

.github/workflows/pages-preview.yml

📄 CodeRabbit inference engine (CLAUDE.md)

PR Preview workflow (.github/workflows/pages-preview.yml): builds site on PRs, injects 'Development Preview' banner, deploys to Cloudflare Pages project synthorg-pr-preview for each PR at pr-<number>.synthorg-pr-preview.pages.dev. Requires CLOUDFLARE_API_TOKEN + CLOUDFLARE_ACCOUNT_ID secrets. Cleanup job deletes preview on PR close.

Files:

• .github/workflows/pages-preview.yml

.github/workflows/pages.yml

📄 CodeRabbit inference engine (CLAUDE.md)

Pages workflow (.github/workflows/pages.yml): exports OpenAPI schema (scripts/export_openapi.py), builds Astro landing + Zensical docs, merges, deploys to GitHub Pages on push to main. Triggers on docs/**, site/**, mkdocs.yml, pyproject.toml, uv.lock, src/ai_company/**, scripts/**, workflow file changes, and workflow_dispatch.

Files:

• .github/workflows/pages.yml

**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

**/*.py: Do NOT use from __future__ import annotations — Python 3.14 has PEP 649 native lazy annotations
Use except A, B: exception syntax (no parentheses) for Python 3.14 — ruff enforces PEP 758 except syntax
All public functions must have type hints. Enforce with mypy strict mode.
Use Google style docstrings on all public classes and functions — enforced by ruff D rules
Create new objects instead of mutating existing ones. For non-Pydantic internal collections (registries, BaseTool), use copy.deepcopy() at construction + MappingProxyType wrapping for read-only enforcement.
For dict/list fields in frozen Pydantic models, rely on frozen=True for field reassignment prevention and copy.deepcopy() at system boundaries (tool execution, LLM provider serialization, inter-agent delegation, serializing for persistence).
Use frozen Pydantic models for config/identity; use separate mutable-via-copy models (using model_copy(update=...)) for runtime state that evolves. Never mix static config fields with mutable runtime fields in one model.
Use Pydantic v2 with adopted conventions: use @computed_field for derived values instead of storing + validating redundant fields; use NotBlankStr (from core.types) for all identifier/name fields — including optional and tuple variants — instead of manual whitespace validators.
Prefer asyncio.TaskGroup for fan-out/fan-in parallel operations in new code (e.g., multiple tool invocations, parallel agent calls). Prefer structured concurrency over bare create_task. Existing code is being migrated incrementally.
Functions must be less than 50 lines; files must be less than 800 lines
Handle errors explicitly, never silently swallow them. Validate at system boundaries (user input, external APIs, config files).
Line length: 88 characters (ruff)

Files:

• src/ai_company/tools/_git_base.py
• tests/unit/tools/git/conftest.py

src/ai_company/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

src/ai_company/**/*.py: Every module with business logic MUST have: from ai_company.observability import get_logger then logger = get_logger(__name__). Never use import logging / logging.getLogger() / print() in application code. Variable name must be logger.
Always use event name constants from the domain-specific module under ai_company.observability.events for logging (e.g., PROVIDER_CALL_START from events.provider). Import directly: from ai_company.observability.events.<domain> import EVENT_CONSTANT.
Always log with structured kwargs: logger.info(EVENT, key=value) — never logger.info('msg %s', val). All error paths must log at WARNING or ERROR with context before raising. All state transitions must log at INFO. DEBUG for object creation, internal flow, entry/exit of key functions.
Use Google style docstrings in Python source files for mkdocstrings auto-generation. Docstrings are required on all public classes/functions.

Files:

• src/ai_company/tools/_git_base.py

src/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

Never use real vendor names (Anthropic, OpenAI, Claude, GPT, etc.) in project-owned code, docstrings, comments, tests, or config examples. Use generic names: example-provider, example-large-001, example-medium-001, example-small-001. Test files must use test-provider, test-small-001, etc. Vendor names may only appear in: (1) docs/design/operations.md, (2) .claude/ files, (3) third-party import paths.

Files:

• src/ai_company/tools/_git_base.py

tests/**/*.py

📄 CodeRabbit inference engine (CLAUDE.md)

tests/**/*.py: Use pytest markers: @pytest.mark.unit, @pytest.mark.integration, @pytest.mark.e2e, @pytest.mark.slow for test organization
Set asyncio_mode = "auto" for pytest — no manual @pytest.mark.asyncio needed. Set test timeout to 30 seconds per test.
Use @pytest.mark.parametrize for testing similar cases in test files
Tests must use generic vendor names like test-provider, test-small-001, etc. — never use real vendor names like Claude, GPT, etc.

Files:

• tests/unit/tools/git/conftest.py

🧠 Learnings (6)

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/pages-preview.yml : PR Preview workflow (`.github/workflows/pages-preview.yml`): builds site on PRs, injects 'Development Preview' banner, deploys to Cloudflare Pages project `synthorg-pr-preview` for each PR at `pr-<number>.synthorg-pr-preview.pages.dev`. Requires `CLOUDFLARE_API_TOKEN` + `CLOUDFLARE_ACCOUNT_ID` secrets. Cleanup job deletes preview on PR close.

Applied to files:

• .github/workflows/pages-preview.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/ci.yml : CI uses `dorny/paths-filter` to detect Python/dashboard/docker changes; jobs only run when their domain is affected. CLI has its own workflow (`cli.yml`).

Applied to files:

• .github/workflows/pages-preview.yml
• .github/workflows/pages.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/pages.yml : Pages workflow (`.github/workflows/pages.yml`): exports OpenAPI schema (`scripts/export_openapi.py`), builds Astro landing + Zensical docs, merges, deploys to GitHub Pages on push to main. Triggers on `docs/**`, `site/**`, `mkdocs.yml`, `pyproject.toml`, `uv.lock`, `src/ai_company/**`, `scripts/**`, workflow file changes, and `workflow_dispatch`.

Applied to files:

• .github/workflows/pages-preview.yml
• .github/workflows/pages.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/dependency-review.yml : Dependency review: license allow-list (permissive only), PR comment summaries

Applied to files:

• .github/workflows/pages-preview.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/dependabot.yml : Dependabot: daily uv + github-actions + npm + pre-commit + docker + gomod updates, grouped minor/patch, no auto-merge. Use `/review-dep-pr` to review Dependabot PRs before merging.

Applied to files:

• .github/workflows/pages-preview.yml

📚 Learning: 2026-03-14T18:26:05.851Z

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Applies to .github/workflows/cli.yml : CLI workflow (`.github/workflows/cli.yml`): Go lint (golangci-lint + go vet) + test (-race -coverprofile) + build (cross-compile matrix: linux/darwin/windows × amd64/arm64) + vulnerability check (govulncheck) on `cli/**` changes. GoReleaser release on `v*` tags (attaches assets to existing Release Please release). Post-release pins checksums in install scripts and appends to GitHub Release notes.

Applied to files:

• .github/workflows/pages-preview.yml
• .github/workflows/pages.yml

🔇 Additional comments (13)

.github/workflows/pages.yml (2)

14-15: LGTM!

The path triggers are correctly added to ensure the workflow runs when the CLI install scripts are modified. This aligns with the PR objective to copy these scripts into the site output.

---

72-77: LGTM!

The copy step is correctly positioned after the Astro build and before the merge step. Using mkdir -p ensures idempotent directory creation, and the copy commands correctly place the scripts in site/dist/get/ where they'll be served at /get/install.sh and /get/install.ps1.

.github/workflows/pages-preview.yml (2)

15-16: LGTM!

Path triggers correctly mirror those in pages.yml, ensuring PR previews are triggered when CLI install scripts are modified.

---

136-141: LGTM!

The copy step is consistent with pages.yml and correctly positioned in the build pipeline. This ensures PR previews include the CLI install scripts at /get/install.sh and /get/install.ps1, allowing contributors to test the full installation page experience before merging.

src/ai_company/tools/_git_base.py (2)

74-87: LGTM!

Well-defined constant for git discovery environment variables with clear documentation. Using frozenset ensures immutability, and the Final annotation correctly signals this is a module-level constant.

---

264-280: LGTM!

The docstring accurately describes the updated behavior, and the implementation correctly strips discovery vars using pop(key, None) for safe removal. This defense-in-depth approach ensures cwd-based repo detection regardless of inherited environment from parent processes.

tests/unit/tools/git/conftest.py (3)

10-10: LGTM — past review comment addressed.

Importing _GIT_DISCOVERY_VARS from _git_base consolidates the single source of truth for these env vars, preventing drift between production code and test fixtures.

---

28-34: LGTM!

Adding GIT_CONFIG_GLOBAL aligns the test environment with production hardening. The import-time loop correctly uses the imported constant to strip discovery vars from _GIT_ENV, ensuring test helper functions (_run_git, _run_git_output) use cwd-based repo detection.

---

61-70: LGTM!

Good complementary isolation: the import-time stripping (lines 31-34) handles _GIT_ENV for test helper subprocess calls, while this autouse fixture handles os.environ for the code under test (_build_git_env). Using raising=False correctly avoids errors when vars don't exist.

site/src/components/Footer.astro (1)

1-40: LGTM!

The footer component is well-structured with semantic HTML and proper navigation groupings. The dynamic copyright year implementation (line 38) correctly addresses the previous review feedback. Tailwind v4 opacity syntax is used correctly throughout.

site/src/pages/get.astro (3)

1-23: LGTM — Hero section is well-structured.

Clean, responsive hero with appropriate gradient styling and semantic heading hierarchy.

---

25-105: LGTM — Quick Install section is well-implemented.

Consistent terminal-styled code blocks with appropriate copy functionality. The 
 HTML entity for newlines in data-code (line 91) will decode correctly when read via getAttribute().

---

107-209: LGTM — Options grid provides good installation alternatives.

The "Look before you pipe" section appropriately addresses security transparency for users concerned about piping scripts directly. Direct download links with the download attribute are correctly implemented.

[Copilot]

Pull request overview

Adds a /get/ CLI installation page to the Astro-based landing site, extracts the footer into a shared component, updates install URLs across documentation and scripts, and fixes git tool test isolation by stripping discovery env vars.

Changes:

• New get.astro page with install commands, script audit links, download options, and manual setup pointer; shared Footer.astro extracted from index.astro with a new "Get Started" link
• Install URLs updated from raw.githubusercontent.com to synthorg.io/get/ across README, user guide, and install script comments; CI workflows updated to copy install scripts into site/dist/get/
• Git tool env isolation fix: _GIT_DISCOVERY_VARS stripped in both _build_git_env() production code and test fixtures to prevent pre-push hook env leakage

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
site/src/pages/get.astro	New CLI installation page with 6 sections
site/src/components/Footer.astro	Extracted shared footer with dynamic year and "Get Started" link
site/src/pages/index.astro	CTAs point to /get/, inline footer replaced with <Footer />, improved copy button error handling
src/ai_company/tools/_git_base.py	Added _GIT_DISCOVERY_VARS frozenset and stripping in _build_git_env()
tests/unit/tools/git/conftest.py	Strip git discovery vars from test env and add autouse fixture
.github/workflows/pages.yml	Path triggers for install scripts, copy step after Astro build
.github/workflows/pages-preview.yml	Same path triggers and copy step as pages.yml
README.md	Updated install URLs to synthorg.io/get/
docs/user_guide.md	Updated install URL, expanded Docker Compose manual section
cli/scripts/install.sh	Updated usage comment URL
cli/scripts/install.ps1	Updated usage comment URL
CLAUDE.md	Updated docs for /get/ page, site layout, and CI changes

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@site/src/pages/get.astro`:
- Around line 45-51: The copy button elements (the <button> with class
"copy-btn" and attributes data-code and aria-label) lack an explicit type and
thus default to type="submit"; update each copy control found (the instance with
data-code="curl -sSfL https://synthorg.io/get/install.sh" and the other copy
buttons referenced at the other occurrences) to include type="button" to prevent
accidental form submission if nested inside a form.
- Around line 48-49: The three copy buttons currently all use the generic
aria-label "Copy to clipboard"; update each button's aria-label attribute in
site/src/pages/get.astro to be context-specific so screen readers can
differentiate them—for example set the install command button to "Copy
Linux/macOS install command", the PowerShell button to "Copy PowerShell install
command", and the post-install button to "Copy post-install commands" (apply
these changes to the three copy button elements shown in the diff).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 84cbf9b5-7bb7-4b59-b377-9e7535625c62

📥 Commits

Reviewing files that changed from the base of the PR and between 2154075 and f8c2b12.

📒 Files selected for processing (1)

• site/src/pages/get.astro

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Test (Python 3.14)
• GitHub Check: CLI Test (windows-latest)
• GitHub Check: Build Backend
• GitHub Check: Greptile Review
• GitHub Check: Analyze (python)

🔇 Additional comments (1)

site/src/pages/get.astro (1)

219-247: Clipboard UX/error handling is well implemented.

Good job covering unsupported clipboard API + promise rejection paths, and announcing status via the live region.

[Copilot]

Pull request overview

This PR adds a branded CLI installation page at synthorg.io/get/, extracts a shared footer component, updates install URLs across documentation and scripts, fixes git tool environment isolation for pre-push hook scenarios, and updates CI to copy install scripts into the Astro output.

Changes:

• New /get/ installation page (get.astro) with install commands, script audit links, direct download, and manual setup options, plus a shared Footer.astro component extracted from index.astro
• URL migration from raw.githubusercontent.com to synthorg.io/get/ across README, user guide, install script comments, and landing page CTAs
• Git tool env isolation fix: strips GIT_DIR/GIT_WORK_TREE and related discovery vars from subprocess environments in production code and test fixtures

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
site/src/pages/get.astro	New CLI installation page with install commands, audit links, download options
site/src/components/Footer.astro	Extracted shared footer component with new "Get Started" link; dynamic copyright year
site/src/pages/index.astro	Updated CTAs to /get/, replaced inline footer with <Footer />, improved copy button error handling
src/ai_company/tools/_git_base.py	Added _GIT_DISCOVERY_VARS frozenset and stripping logic in _build_git_env()
tests/unit/tools/git/conftest.py	Added _isolate_git_env autouse fixture and discovery var stripping for _GIT_ENV
.github/workflows/pages.yml	Added install script copy step and cli/scripts/ path triggers
.github/workflows/pages-preview.yml	Same CI changes as pages.yml for preview builds
README.md	Updated install URLs to synthorg.io/get/
docs/user_guide.md	Updated install URL, expanded Docker Compose manual section with containers, env vars, first-run setup
cli/scripts/install.sh	Updated usage comment URL
cli/scripts/install.ps1	Updated usage comment URL
CLAUDE.md	Updated documentation references for /get/ page, site structure, and CI triggers

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@site/src/pages/get.astro`:
- Around line 34-105: Extract the repeated terminal UI into a reusable component
(e.g., TerminalBlock) that accepts props like title (displayed above block),
shellLabel (e.g., "bash"/"PowerShell"/"terminal"), code (the command string used
for both the <pre><code> and the copy button data-code), ariaLabel (for the copy
button), and optional footer/annotations; replace each repeated block (the
Linux/macOS block using the "bash" label, the Windows block using "PowerShell",
and the post-install block using "terminal") with TerminalBlock instances,
preserve classes like copy-btn and the copy button behavior, and ensure the
component renders the same header, pre/code content, and accessibility
attributes (aria-label) so existing copy logic continues to work.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 523d22e7-b34d-496a-9ee4-b711b98a1c29

📥 Commits

Reviewing files that changed from the base of the PR and between f8c2b12 and d30138d.

📒 Files selected for processing (1)

• site/src/pages/get.astro

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: CLI Test (windows-latest)
• GitHub Check: Test (Python 3.14)
• GitHub Check: Build Backend
• GitHub Check: Build Web
• GitHub Check: Greptile Review
• GitHub Check: Analyze (python)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: CR
Repo: Aureliolo/synthorg PR: 0
File: CLAUDE.md:0-0
Timestamp: 2026-03-14T18:26:05.851Z
Learning: Go CLI build commands: `cd cli && go build -o synthorg ./main.go`, `cd cli && go test ./...`, `cd cli && go vet ./...`, `cd cli && golangci-lint run`

🔇 Additional comments (2)

site/src/pages/get.astro (2)

45-50: Good accessibility hardening on copy controls.

Explicit type="button" plus command-specific aria-labels are a solid improvement for both form safety and screen-reader clarity.

Also applies to: 65-70, 94-99

---

226-254: Clipboard UX/error-path handling looks correct.

The live region announcement plus explicit failure handling avoids silent errors and improves assistive-tech feedback.

[coderabbitai]

🧹 Nitpick | 🔵 Trivial

Consider extracting terminal command blocks into a small component.

This section repeats very similar terminal-header/command/copy-button markup. A reusable component would reduce duplication and keep future command updates less error-prone.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@site/src/pages/get.astro` around lines 34 - 105, Extract the repeated
terminal UI into a reusable component (e.g., TerminalBlock) that accepts props
like title (displayed above block), shellLabel (e.g.,
"bash"/"PowerShell"/"terminal"), code (the command string used for both the
<pre><code> and the copy button data-code), ariaLabel (for the copy button), and
optional footer/annotations; replace each repeated block (the Linux/macOS block
using the "bash" label, the Windows block using "PowerShell", and the
post-install block using "terminal") with TerminalBlock instances, preserve
classes like copy-btn and the copy button behavior, and ensure the component
renders the same header, pre/code content, and accessibility attributes
(aria-label) so existing copy logic continues to work.

[Copilot]

Pull request overview

This PR adds a /get/ CLI installation page to the existing Astro site, updates install URLs across all docs/scripts to point to the new canonical location, extracts the footer into a shared component, and fixes git tool environment isolation to prevent pre-push hook env leakage.

Changes:

• New /get/ Astro page with install commands, script audit/view pages, direct download links, and manual setup pointers; shared Footer.astro component extracted from index.astro
• Install URLs updated from raw.githubusercontent.com to synthorg.io/get/ across README, user guide, and install script comments; CI workflows copy install scripts into Astro output
• Git tool env isolation fix: strip GIT_DIR/GIT_WORK_TREE and other discovery vars in both production _build_git_env and test fixtures

Reviewed changes

Copilot reviewed 14 out of 14 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
site/src/pages/get/index.astro	New CLI installation page with quick install, audit, download, and manual sections
site/src/pages/get/view/install-sh.astro	Script viewer page for install.sh
site/src/pages/get/view/install-ps1.astro	Script viewer page for install.ps1
site/src/components/Footer.astro	Shared footer component extracted from index, with new "Get Started" link
site/src/pages/index.astro	Updated CTAs to /get/, replaced inline footer with <Footer />, improved copy button error handling
src/ai_company/tools/_git_base.py	Added _GIT_DISCOVERY_VARS frozenset and stripping logic in _build_git_env
tests/unit/tools/git/conftest.py	Strip discovery vars from _GIT_ENV and add autouse fixture for env isolation
.github/workflows/pages.yml	Copy install scripts into site/dist/get/, add script path triggers
.github/workflows/pages-preview.yml	Same CI changes as pages.yml for preview builds
README.md	Updated install URLs to synthorg.io/get/
docs/user_guide.md	Updated install URL, expanded Docker Compose manual section
cli/scripts/install.sh	Updated usage comment URL
cli/scripts/install.ps1	Updated usage comment URL
CLAUDE.md	Updated CI and package structure documentation

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.