Bump to v1.9

* Test DeepSeek R1 model

* ci skip

* ci skip

.env.example

@@ -2,13 +2,17 @@
 # Usage: Copy this file to .env and replace the values with your own
 # WARNING: Do not commit the actual .env file to version control as it may contain sensitive information.
 
-# CHAT_TOKEN: Obtain this token from your Deepseek account settings
-CHAT_TOKEN='Your Deepseek API token'
+# CHAT_TOKEN: Obtain this token from your DeepSeek account settings
+CHAT_TOKEN='Your DeepSeek API token'
+# CHAT_MODEL='deepseek-chat'                  # Official DeepSeek model
+# CHAT_MODEL='deepseek-ai/DeepSeek-V3'        # SiliconFlow DS model
 # GITHUB_TOKEN: Your GitHub API token to query GitHub PR changes
 # Generate this token from your GitHub account with the necessary permissions
 GITHUB_TOKEN='Your GitHub API token'
 # MAX_LENGTH: The maximum length of the content for review, 0 means no limit.
 MAX_LENGTH='0'
+# The maximum temperature for the model to generate the response. 1.0 by default.
+TEMPERATURE='1.0'
 # The comma separated file patterns to include in the code review.
 INCLUDE_PATTERNS=''
 # The comma separated file patterns to exclude in the code review.
@@ -17,9 +21,10 @@ EXCLUDE_PATTERNS='pnpm-lock.yaml,package-lock.json,*.lock'
 DEFAULT_GITHUB_REPO='hustcer/deepseek-review'
 # Default local repository absolute path to query commit changes
 DEFAULT_LOCAL_REPO='/Users/hustcer/deepseek-review'
-# BASE_URL: Deepseek API base URL
+# BASE_URL: DeepSeek API base URL
 # Replace with the actual API base URL if different
 BASE_URL='https://api.deepseek.ai'
+# BASE_URL='https://api.siliconflow.cn/v1'    # SiliconFlow API
 # USER_PROMPT: User prompt message, customize as needed
 # OR a yaml file path with key name specified to load the prompt message,
 # e.g., USER_PROMPT='/User/abc/prompts.yaml:usr-prompt'

.github/workflows/cr.yml

@@ -1,5 +1,5 @@
 # Description:
-#   - Deepseek code review with GitHub Actions
+#   - DeepSeek code review with GitHub Actions
 
 name: Code Review
 on:
@@ -8,7 +8,7 @@ on:
       - opened      # Triggers when a PR is opened
       - reopened    # Triggers when a PR is reopened
       - synchronize # Triggers when a commit is pushed to the PR
-      # - labeled     # Triggers when a label is added to the PR
+      # - labeled   # Triggers when a label is added to the PR
 
 # fix: GraphQL: Resource not accessible by integration (addComment) error
 permissions:
@@ -16,15 +16,21 @@ permissions:
 
 jobs:
   setup-deepseek-review:
-    runs-on: ubuntu-latest
+    runs-on: macos-latest
     name: Code Review
     # Make sure the code review happens only when the PR has the label 'ai review'
     # if: contains(github.event.pull_request.labels.*.name, 'ai review')
     steps:
-      - name: Deepseek Code Review
+      - name: DeepSeek Code Review
         uses: hustcer/deepseek-review@develop
         with:
           max-length: 15000
+          # model: 'deepseek-v3'                          # Infinigence's DeepSeek V3 model
+          model: 'deepseek-r1'                            # Infinigence's DeepSeek R1 model
+          base-url: 'https://cloud.infini-ai.com/maas/v1' # Infinigence's API base URL
+          # model: 'deepseek-ai/DeepSeek-V3'              # SiliconFlow's DeepSeek V3 model
+          # model: 'deepseek-ai/DeepSeek-R1'              # SiliconFlow's DeepSeek R1 model
+          # base-url: 'https://api.siliconflow.cn/v1'     # SiliconFlow's API base URL
           # Store the chat token in GitHub Secrets, don't expose it in the workflow file
           chat-token: ${{ secrets.CHAT_TOKEN }}
           sys-prompt: >

.gitignore

@@ -1,2 +1,5 @@
 .env
+.env.dev
+.env.local
+.last-reply.json
 prompts.yaml

CHANGELOG.md

@@ -1,6 +1,73 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## [1.9.0] - 2025-02-12
+
+### Bug Fixes
+
+- Fix no repo column error for local code review (#102)
+
+### Features
+
+- Add streaming output support for local code review (#103)
+- Add support for custom patch commands by `-c, --patch-cmd` flag in local code review (#106)
+- Add DeepSeek R1 model support (#107)
+
+## [1.8.0] - 2025-02-10
+
+### Bug Fixes
+
+- Add check for empty DeepSeek review response with error handling (#90)
+- Add `awk` binary missing check (#92)
+
+### Features
+
+- Add version validation for `awk`/`gawk` and implement robust semantic version comparison for compatibility checks (#91)
+- Add support for configurable `temperature` parameter in DeepSeek model setup (#93)
+
+### Miscellaneous Tasks
+
+- Update README add `awk` or `gawk` as required tools
+
+### Refactor
+
+- Streamline main wrapper and simplify argument handling for `nu/review.nu` integration (#88)
+
+## [1.7.0] - 2025-02-08
+
+### Features
+
+- Remove the dependency on `just` for local code review (#84)
+
+### Bug Fixes
+
+- Fix possible GitHub comment posting errors
+
+### Refactor
+
+- Improve prompts loading helper (#82)
+
+## [1.6.0] - 2025-02-07
+
+### Features
+
+- Read `CHAT_MODEL` and `BASE_URL` from `.env` for local code review (#80)
+
+### Miscellaneous Tasks
+
+- Use SiliconFlow's DeepSeek model
+- Remove the dependency on `gh` (#78)
+
+### Deps
+
+- Upgrade `Nushell` to v0.102 (#76)
+
+## [1.5.1] - 2025-02-01
+
+### Bug Fixes
+
+- Fix `awk` error on `macOS` runner (#71)
+
 ## [1.5.0] - 2025-02-01
 
 ### Documentation
@@ -84,7 +151,7 @@ All notable changes to this project will be documented in this file.
 
 - Fix gh token error
 - Fix add comment error
-- Make action fail if no response returned from deepseek (#3)
+- Make action fail if no response returned from DeepSeek (#3)
 
 ### Documentation
 

README.md

@@ -1,14 +1,18 @@
-# Deepseek Code Review
+# DeepSeek Code Review
 
 [中文说明](README.zh-CN.md)
 
+`deepseek-review` also offers seamless integration with DeepSeek models on SiliconCloud. [Sign Up Now](https://cloud.siliconflow.cn/i/rqCdIxzS) to **Claim Your Free 20 Million Tokens** and start exploring its capabilities!
+
 ## Features
 
-- Automate PR Reviews with Deepseek via GitHub Action
+- Automate PR Reviews with DeepSeek via GitHub Action
 - Review Remote GitHub PRs Directly from Your Local CLI
-- Analyze Commit Changes with Deepseek for Any Local Repository with CLI
+- Analyze Commit Changes with DeepSeek for Any Local Repository with CLI
+- Streaming Output Support for Local Code Review
 - Fully Customizable: Choose Models, Base URLs, and Prompts
-- Supports Self-Hosted Deepseek Models for Enhanced Flexibility
+- Support Both DeepSeek's V3 & R1 Models
+- Supports Self-Hosted DeepSeek Models for Enhanced Flexibility
 - Perform Code Reviews for Changes That either Include or Exclude Specific Files
 - Add `skip cr` or `skip review` to PR title or body to disable code review in GitHub Actions
 - Cross-platform Support: Compatible with GitHub Runners across `macOS`, `Ubuntu`, and `Windows`.
@@ -41,7 +45,7 @@ jobs:
     runs-on: ubuntu-latest
     name: Code Review
     steps:
-      - name: Deepseek Code Review
+      - name: DeepSeek Code Review
         uses: hustcer/deepseek-review@v1
         with:
           chat-token: ${{ secrets.CHAT_TOKEN }}
@@ -61,8 +65,8 @@ jobs:
 
 </details>
 
-When a PR is created, Deepseek code review will be automatically triggered, and the review results(depend on your prompt) will be posted as comments on the corresponding PR. For example:
-- [Example 1](https://github.com/hustcer/deepseek-review/pull/30) with default prompt & [Run Log](https://github.com/hustcer/deepseek-review/actions/runs/13043609677/job/36390331791#step:2:53).
+When a PR is created, DeepSeek code review will be automatically triggered, and the review results(depend on your prompt) will be posted as comments on the corresponding PR. For example:
+- [Example 1](https://github.com/hustcer/deepseek-review/pull/30) with [default prompts](https://github.com/hustcer/deepseek-review/blob/main/action.yaml#L35) & [Run Log](https://github.com/hustcer/deepseek-review/actions/runs/13043609677/job/36390331791#step:2:53).
 - [Example 2](https://github.com/hustcer/deepseek-review/pull/68) with [this prompt](https://github.com/hustcer/deepseek-review/blob/eba892d969049caff00b51a31e5c093aeeb536e3/.github/workflows/cr.yml#L32)
 
 ### Trigger CR When a Specific Label was Added
@@ -87,35 +91,37 @@ jobs:
     # Make sure the code review happens only when the PR has the label 'ai review'
     if: contains(github.event.pull_request.labels.*.name, 'ai review')
     steps:
-      - name: Deepseek Code Review
+      - name: DeepSeek Code Review
         uses: hustcer/deepseek-review@v1
         with:
           chat-token: ${{ secrets.CHAT_TOKEN }}
 ```
 
-With this setup, Deepseek code review will not run automatically upon PR creation. Instead, it will only be triggered when you manually add the `ai review` label.
+With this setup, DeepSeek code review will not run automatically upon PR creation. Instead, it will only be triggered when you manually add the `ai review` label.
 
 ## Input Parameters
 
 | Name           | Type   | Description                                                             |
 | -------------- | ------ | ----------------------------------------------------------------------- |
-| chat-token     | String | Required, Deepseek API Token                                            |
-| model          | String | Optional, the model used for code review, defaults to `deepseek-chat`   |
-| base-url       | String | Optional, Deepseek API Base URL, defaults to `https://api.deepseek.com` |
+| chat-token     | String | Required, DeepSeek API Token                                            |
+| model          | String | Optional, The model used for code review, defaults to `deepseek-chat`   |
+| base-url       | String | Optional, DeepSeek API Base URL, defaults to `https://api.deepseek.com` |
 | max-length     | Int    | Optional, Maximum length(Unicode width) of the content for review, if the content length exceeds this value, the review will be skipped. Default `0` means no limit. |
-| sys-prompt     | String | Optional, system prompt corresponding to `$sys_prompt` in the payload, default value see note below |
-| user-prompt    | String | Optional, user prompt corresponding to `$user_prompt` in the payload, default value see note below |
+| sys-prompt     | String | Optional, System prompt corresponding to `$sys_prompt` in the payload, default value see note below |
+| user-prompt    | String | Optional, User prompt corresponding to `$user_prompt` in the payload, default value see note below |
+| temperature    | Number | Optional, The temperature for the model to generate the response, between `0` and `2`, default value `1.0` |
 | include-patterns | String | Optional, The comma separated file patterns to include in the code review. No default |
 | exclude-patterns | String | Optional, The comma separated file patterns to exclude in the code review. Default to `pnpm-lock.yaml,package-lock.json,*.lock` |
 | github-token   | String | Optional, The `GITHUB_TOKEN` secret or personal access token to authenticate. Defaults to `github.token`. |
 
-**Deepseek API Call Payload**:
+**DeepSeek API Call Payload**:
 
 ```js
 {
   // `$model` default value: deepseek-chat
   model: $model,
   stream: false,
+  temperature: $temperature,
   messages: [
     // `$sys_prompt` default value: You are a professional code review assistant responsible for
     // analyzing code changes in GitHub Pull Requests. Identify potential issues such as code
@@ -141,15 +147,15 @@ With this setup, Deepseek code review will not run automatically upon PR creatio
 
 To perform code reviews locally(should works for `macOS`, `Ubuntu`, and `Windows`), you need to install the following tools:
 
-- [`Nushell`](https://www.nushell.sh/book/installation.html) & [`Just`](https://just.systems/man/en/packages.html). It is recommended to install the latest versions.
-- If you need to review GitHub PRs locally, you also need to install [`gh`](https://cli.github.com/).
-- Once the tools are installed, simply clone this repository to your local machine, navigate to the repository directory, and run `just code-review -h` or `just cr -h`. You should see an output similar to the following:
+- [`Nushell`](https://www.nushell.sh/book/installation.html). It is recommended to install the latest versions.
+- The latest version of [`awk`](https://github.com/onetrueawk/awk) or [`gawk`](https://www.gnu.org/software/gawk/) is required, with `gawk` being the preferred choice.
+- Clone this repository to your local machine, navigate to the repository directory, and run `nu cr -h`. You should see an output similar to the following:
 
 ```console
-Use Deepseek AI to review code changes locally or in GitHub Actions
+Use DeepSeek AI to review code changes locally or in GitHub Actions
 
 Usage:
-  > deepseek-review {flags} (token)
+  > nu cr {flags} (token)
 
 Flags:
   -d, --debug: Debug mode
@@ -158,17 +164,19 @@ Flags:
   -k, --gh-token <string>: Your GitHub token, fallback to GITHUB_TOKEN env var
   -t, --diff-to <string>: Diff to git REF
   -f, --diff-from <string>: Diff from git REF
+  -c, --patch-cmd <string>: The `git show` or `git diff` command to get the diff content, for local CR only
   -l, --max-length <int>: Maximum length of the content for review, 0 means no limit.
-  -m, --model <string>: Model name, deepseek-chat by default (default: 'deepseek-chat')
-  -b, --base-url <string> (default: 'https://api.deepseek.com')
+  -m, --model <string>: Model name, or read from CHAT_MODEL env var, `deepseek-chat` by default
+  -b, --base-url <string>: DeepSeek API base URL, fallback to BASE_URL env var
   -s, --sys-prompt <string>: Default to $DEFAULT_OPTIONS.SYS_PROMPT,
   -u, --user-prompt <string>: Default to $DEFAULT_OPTIONS.USER_PROMPT,
   -i, --include <string>: Comma separated file patterns to include in the code review
   -x, --exclude <string>: Comma separated file patterns to exclude in the code review
+  -T, --temperature <float>: Temperature for the model, between `0` and `2`, default value `1.0`
   -h, --help: Display the help message for this command
 
 Parameters:
-  token <string>: Your Deepseek API token, fallback to CHAT_TOKEN env var (optional)
+  token <string>: Your DeepSeek API token, fallback to CHAT_TOKEN env var (optional)
 
 ```
 
@@ -186,15 +194,22 @@ To perform code reviews locally, you need to modify the configuration file. A sa
 
 ```sh
 # Perform code review on the `git diff` changes in the local DEFAULT_LOCAL_REPO repo
-just cr
+nu cr
 # Perform code review on the `git diff f536acc` changes in the local DEFAULT_LOCAL_REPO repo
-just cr --diff-from f536acc
+nu cr --diff-from f536acc
 # Perform code review on the `git diff f536acc 0dd0eb5` changes in the local DEFAULT_LOCAL_REPO repo
-just cr --diff-from f536acc --diff-to 0dd0eb5
+nu cr --diff-from f536acc --diff-to 0dd0eb5
+# Review the changes in the local `DEFAULT_LOCAL_REPO` repo using the `--patch-cmd` flag
+nu cr --patch-cmd 'git diff head~3'
+nu cr -c 'git show head~3'
+nu cr -c 'git diff 2393375 71f5a31'
+nu cr -c 'git diff 2393375 71f5a31 nu/*'
+nu cr -c 'git diff 2393375 71f5a31 :!nu/*'
+# Dangerous commands like `nu cr -c 'git show head~3; rm ./*'` will not be allowed
 # Perform code review on PR #31 in the remote DEFAULT_GITHUB_REPO repo
-just cr --pr-number 31
+nu cr --pr-number 31
 # Perform code review on PR #31 in the remote hustcer/deepseek-review repo
-just cr --pr-number 31 --repo hustcer/deepseek-review
+nu cr --pr-number 31 --repo hustcer/deepseek-review
 ```
 
 ## License

README.zh-CN.md

@@ -1,12 +1,16 @@
-# Deepseek 代码审查
+# DeepSeek 代码审查
+
+本工具也支持使用 SiliconCloud 上的 DeepSeek 模型，[注册](https://cloud.siliconflow.cn/i/rqCdIxzS) 就**免费赠送 2000 万 Token**，赶紧试试吧！
 
 ## 特性
 
-- 通过 GitHub Action 使用 Deepseek 进行自动化 PR 审查
+- 通过 GitHub Action 使用 DeepSeek 进行自动化 PR 审查
 - 通过本地 CLI 直接审查远程 GitHub PR
-- 通过本地 CLI 使用 Deepseek 分析任何本地仓库的提交变更
+- 通过本地 CLI 使用 DeepSeek 分析任何本地仓库的提交变更
+- 本地代码审查的时候支持流式输出
 - 完全可定制：选择模型、基础 URL 和提示词
-- 支持自托管 Deepseek 模型，提供更强的灵活性
+- 支持 DeepSeek V3 和 R1 模型
+- 支持自托管 DeepSeek 模型，提供更强的灵活性
 - 在 PR 的标题或描述中添加 `skip cr` or `skip review` 可跳过 GitHub Actions 里的代码审查
 - 对指定文件变更进行包含/排除式代码审查
 - 跨平台：支持 GitHub `macOS`, `Ubuntu` & `Windows` Runners
@@ -39,7 +43,7 @@ jobs:
     runs-on: ubuntu-latest
     name: Code Review
     steps:
-      - name: Deepseek Code Review
+      - name: DeepSeek Code Review
         uses: hustcer/deepseek-review@v1
         with:
           chat-token: ${{ secrets.CHAT_TOKEN }}
@@ -59,9 +63,9 @@ jobs:
 
 </details>
 
-当 PR 创建的时候会自动触发 Deepseek 代码审查，并将审查结果（依赖于提示词）以评论的方式发布到对应的 PR 上。比如：
-- [示例 1](https://github.com/hustcer/deepseek-review/pull/30) 基于默认提示词 & [运行日志](https://github.com/hustcer/deepseek-review/actions/runs/13043609677/job/36390331791#step:2:53).
-- [示例 2](https://github.com/hustcer/deepseek-review/pull/68) 基于 [这个提示词](https://github.com/hustcer/deepseek-review/blob/eba892d969049caff00b51a31e5c093aeeb536e3/.github/workflows/cr.yml#L32)
+当 PR 创建的时候会自动触发 DeepSeek 代码审查，并将审查结果（依赖于提示词）以评论的方式发布到对应的 PR 上。比如：
+- [示例 1](https://github.com/hustcer/deepseek-review/pull/30) 基于[默认提示词](https://github.com/hustcer/deepseek-review/blob/main/action.yaml#L35) & [运行日志](https://github.com/hustcer/deepseek-review/actions/runs/13043609677/job/36390331791#step:2:53).
+- [示例 2](https://github.com/hustcer/deepseek-review/pull/68) 基于[这个提示词](https://github.com/hustcer/deepseek-review/blob/eba892d969049caff00b51a31e5c093aeeb536e3/.github/workflows/cr.yml#L32)
 
 ### 当 PR 添加指定 Label 时触发审查
 
@@ -85,35 +89,37 @@ jobs:
     # Make sure the code review happens only when the PR has the label 'ai review'
     if: contains(github.event.pull_request.labels.*.name, 'ai review')
     steps:
-      - name: Deepseek Code Review
+      - name: DeepSeek Code Review
         uses: hustcer/deepseek-review@v1
         with:
           chat-token: ${{ secrets.CHAT_TOKEN }}
 ```
 
-如此以来当 PR 创建的时候不会自动触发 Deepseek 代码审查，只有你手工添加 `ai review` 标签的时候才会触发审查。
+如此以来当 PR 创建的时候不会自动触发 DeepSeek 代码审查，只有你手工添加 `ai review` 标签的时候才会触发审查。
 
 ## 输入参数
 
 | 名称           | 类型   | 描述                                                           |
 | -------------- | ------ | -------------------------------------------------------------- |
-| chat-token     | String | 必填，Deepseek API Token                                       |
+| chat-token     | String | 必填，DeepSeek API Token                                       |
 | model          | String | 可选，配置代码审查选用的模型，默认为 `deepseek-chat`           |
-| base-url       | String | 可选，Deepseek API Base URL, 默认为 `https://api.deepseek.com` |
+| base-url       | String | 可选，DeepSeek API Base URL, 默认为 `https://api.deepseek.com` |
 | max-length     | Int    | 可选，待审查内容的最大 Unicode 长度, 默认 `0` 表示没有限制，超过非零值则跳过审查 |
 | sys-prompt     | String | 可选，系统提示词对应入参中的 `$sys_prompt`, 默认值见后文注释      |
 | user-prompt    | String | 可选，用户提示词对应入参中的 `$user_prompt`, 默认值见后文注释     |
+| temperature    | Number | 可选，采样温度，介于 `0` 和 `2` 之间, 默认值 `1.0`        |
 | include-patterns | String | 可选，代码审查中要包含的以逗号分隔的文件模式，无默认值 |
 | exclude-patterns | String | 可选，代码审查中要排除的以逗号分隔的文件模式，默认值为 `pnpm-lock.yaml,package-lock.json,*.lock` |
 | github-token   | String | 可选，用于访问 API 进行 PR 管理的 GitHub Token，默认为 `${{ github.token }}` |
 
-Deepseek 接口调用入参:
+DeepSeek 接口调用入参:
 
 ```js
 {
   // `$model` default value: deepseek-chat
   model: $model,
   stream: false,
+  temperature: $temperature,
   messages: [
     // `$sys_prompt` default value: You are a professional code review assistant responsible for
     // analyzing code changes in GitHub Pull Requests. Identify potential issues such as code
@@ -138,15 +144,15 @@ Deepseek 接口调用入参:
 
 在本地进行代码审查，支持 `macOS`, `Ubuntu` & `Windows` 不过需要安装以下工具：
 
-- [`Nushell`](https://www.nushell.sh/book/installation.html) & [`Just`](https://just.systems/man/en/packages.html), 建议安装最新版本
-- 如果你需要在本地审查 GitHub PRs 还需要安装 [`gh`](https://cli.github.com/)
-- 接下来只需要把本仓库代码克隆到本地，然后进入仓库目录执行 `just code-review -h` 或者 `just cr -h` 即可看到类似如下输出:
+- [`Nushell`](https://www.nushell.sh/book/installation.html), 建议安装最新版本
+- [`awk`](https://github.com/onetrueawk/awk) 或者 [`gawk`](https://www.gnu.org/software/gawk/) 的最新版版本，优先推荐 `gawk`
+- 接下来只需要把本仓库代码克隆到本地，然后进入仓库目录执行 `nu cr -h` 即可看到类似如下输出:
 
 ```console
-Use Deepseek AI to review code changes locally or in GitHub Actions
+Use DeepSeek AI to review code changes locally or in GitHub Actions
 
 Usage:
-  > deepseek-review {flags} (token)
+  > nu cr {flags} (token)
 
 Flags:
   -d, --debug: Debug mode
@@ -155,17 +161,19 @@ Flags:
   -k, --gh-token <string>: Your GitHub token, fallback to GITHUB_TOKEN env var
   -t, --diff-to <string>: Diff to git REF
   -f, --diff-from <string>: Diff from git REF
+  -c, --patch-cmd <string>: The `git show` or `git diff` command to get the diff content, for local CR only
   -l, --max-length <int>: Maximum length of the content for review, 0 means no limit.
-  -m, --model <string>: Model name, deepseek-chat by default (default: 'deepseek-chat')
-  -b, --base-url <string> (default: 'https://api.deepseek.com')
+  -m, --model <string>: Model name, or read from CHAT_MODEL env var, `deepseek-chat` by default
+  -b, --base-url <string>: DeepSeek API base URL, fallback to BASE_URL env var
   -s, --sys-prompt <string>: Default to $DEFAULT_OPTIONS.SYS_PROMPT,
   -u, --user-prompt <string>: Default to $DEFAULT_OPTIONS.USER_PROMPT,
   -i, --include <string>: Comma separated file patterns to include in the code review
   -x, --exclude <string>: Comma separated file patterns to exclude in the code review
+  -T, --temperature <float>: Temperature for the model, between `0` and `2`, default value `1.0`
   -h, --help: Display the help message for this command
 
 Parameters:
-  token <string>: Your Deepseek API token, fallback to CHAT_TOKEN env var (optional)
+  token <string>: Your DeepSeek API token, fallback to CHAT_TOKEN env var (optional)
 
 ```
 
@@ -182,15 +190,22 @@ Parameters:
 
 ```sh
 # 对本地 DEFAULT_LOCAL_REPO 仓库 `git diff` 修改内容进行代码审查
-just cr
+nu cr
 # 对本地 DEFAULT_LOCAL_REPO 仓库 `git diff f536acc` 修改内容进行代码审查
-just cr --diff-from f536acc
+nu cr --diff-from f536acc
 # 对本地 DEFAULT_LOCAL_REPO 仓库 `git diff f536acc 0dd0eb5` 修改内容进行代码审查
-just cr --diff-from f536acc --diff-to 0dd0eb5
+nu cr --diff-from f536acc --diff-to 0dd0eb5
+# 通过 --patch-cmd 参数对本地 DEFAULT_LOCAL_REPO 仓库变更内容进行审查
+nu cr --patch-cmd 'git diff head~3'
+nu cr -c 'git show head~3'
+nu cr -c 'git diff 2393375 71f5a31'
+nu cr -c 'git diff 2393375 71f5a31 nu/*'
+nu cr -c 'git diff 2393375 71f5a31 :!nu/*'
+# 像 `nu cr -c 'git show head~3; rm ./*'` 这样危险的命令将会被禁止
 # 对远程 DEFAULT_GITHUB_REPO 仓库编号为 31 的 PR 进行代码审查
-just cr --pr-number 31
+nu cr --pr-number 31
 # 对远程 hustcer/deepseek-review 仓库编号为 31 的 PR 进行代码审查
-just cr --pr-number 31 --repo hustcer/deepseek-review
+nu cr --pr-number 31 --repo hustcer/deepseek-review
 ```
 
 ## 许可

action.yaml

@@ -1,4 +1,4 @@
-# Deepseek Code Review Action
+# DeepSeek Code Review Action
 #   @author: hustcer
 #   @created: 2025/01/29 13:05:20
 # REF:
@@ -6,9 +6,9 @@
 #   - https://docs.github.com/cn/actions/creating-actions/metadata-syntax-for-github-actions
 #   - https://docs.github.com/en/actions/creating-actions/creating-a-composite-action
 
-name: 'Deepseek CR'
+name: 'DeepSeek CR'
 author: 'hustcer'
-description: '🚀 Sharpen Your Code, Ship with Confidence – Elevate Your Workflow with Deepseek Code Review 🚀'
+description: '🚀 Sharpen Your Code, Ship with Confidence – Elevate Your Workflow with DeepSeek Code Review 🚀'
 
 branding:
   icon: 'eye'
@@ -17,7 +17,7 @@ branding:
 inputs:
   chat-token:
     required: true
-    description: 'Your deepseek API token.'
+    description: 'Your DeepSeek API token.'
   max-length:
     default: 0
     required: false
@@ -25,19 +25,23 @@ inputs:
   model:
     required: false
     default: 'deepseek-chat'
-    description: 'The deepseek model to choose for code review.'
+    description: 'The DeepSeek model to choose for code review.'
+  temperature:
+    required: false
+    default: 1.0
+    description: 'The temperature of the model.'
   base-url:
     required: false
     default: 'https://api.deepseek.com'
-    description: 'The base url of deepseek API.'
+    description: 'The base url of DeepSeek API.'
   sys-prompt:
     required: false
     default: 'You are a professional code review assistant responsible for analyzing code changes in GitHub Pull Requests. Identify potential issues such as code style violations, logical errors, security vulnerabilities, and provide improvement suggestions. Clearly list the problems and recommendations in a concise manner.'
-    description: 'The system prompt for deepseek API.'
+    description: 'The system prompt for DeepSeek API.'
   user-prompt:
     required: false
     default: 'Please review the following code changes'
-    description: 'The user prompt for deepseek API.'
+    description: 'The user prompt for DeepSeek API.'
   include-patterns:
     required: false
     description: 'The comma separated file patterns to include in the code review.'
@@ -56,9 +60,9 @@ runs:
     - name: Setup Nu
       uses: hustcer/setup-nu@v3
       with:
-        version: 0.101.0
+        version: 0.102.0
 
-    - name: Deepseek Code Review
+    - name: DeepSeek Code Review
       shell: nu {0}
       run: |
         const NU_LIB_DIRS = [ ${{ github.action_path }}/nu ]
@@ -74,6 +78,7 @@ runs:
         let includePatterns = '${{ inputs.include-patterns }}'
         let excludePatterns = '${{ inputs.exclude-patterns }}'
         let maxLength = try { '${{ inputs.max-length }}' | into int } catch { 0 }
+        let temperature = try { '${{ inputs.temperature }}' | into float } catch { 1.0 }
         (deepseek-review $token
           --model $model
           --repo $repo
@@ -83,6 +88,7 @@ runs:
           --max-length $maxLength
           --sys-prompt $sysPrompt
           --user-prompt $userPrompt
+          --temperature $temperature
           --include $includePatterns
           --exclude $excludePatterns
         )

cr

@@ -0,0 +1,16 @@
+#!/usr/bin/env nu
+# Author: hustcer
+# Created: 2025/02/08 19:02:15
+# Description: A wrapper for nu/review.nu as the main entry point of the project.
+
+use nu/review.nu ['from env', ECODE]
+
+# Use DeepSeek AI to review code changes locally or in GitHub Actions
+def --wrapped main [...rest] {
+  if not ('.env' | path exists) {
+    print $'Please refer to (ansi g)`.env.example`(ansi reset) to create a (ansi r)`.env`(ansi reset) file in the root directory of the project.'
+    exit $ECODE.MISSING_DEPENDENCY
+  }
+  open .env | load-env
+  nu $'($env.FILE_PWD)/nu/review.nu' ...$rest
+}

cspell.yml

@@ -16,4 +16,5 @@ words:
 - linewise
 - Subshell
 - subshells
+- Infinigence
 ignorePaths:

meta.json

@@ -1,10 +1,10 @@
 {
     "name": "deepseek-review",
-    "version": "1.5.0",
-    "actionVer": "v1.5",
+    "version": "1.9.0",
+    "actionVer": "v1.9",
     "author": "hustcer",
     "license": "MIT",
     "github": "https://github.com/hustcer/deepseek-review",
     "home": "https://github.com/marketplace/actions/deepseek-cr",
-    "description": "🚀 Sharpen Your Code, Ship with Confidence – Elevate Your Workflow with Deepseek Code Review 🚀"
+    "description": "🚀 Sharpen Your Code, Ship with Confidence – Elevate Your Workflow with DeepSeek Code Review 🚀"
 }

nu/review.nu

@@ -2,17 +2,22 @@
 # Author: hustcer
 # Created: 2025/01/29 13:02:15
 # TODO:
-#  [√] Deepseek code review for GitHub PRs
-#  [√] Deepseek code review for local commit changes
+#  [√] DeepSeek code review for GitHub PRs
+#  [√] DeepSeek code review for local commit changes
 #  [√] Debug mode
 #  [√] Output token usage info
 #  [√] Perform CR for changes that either include or exclude specific files
+#  [√] Support streaming output for local code review
+#  [√] Support using custom patch command to get diff content
 #  [ ] Add more action outputs
-# Description: A script to do code review by deepseek
+# Description: A script to do code review by DeepSeek
+# REF:
+#   - https://docs.github.com/en/rest/issues/comments
+#   - https://docs.github.com/en/rest/pulls/pulls
 # Env vars:
 #  GITHUB_TOKEN: Your GitHub API token
-#  CHAT_TOKEN: Your Deepseek API token
-#  BASE_URL: Deepseek API base URL
+#  CHAT_TOKEN: Your DeepSeek API token
+#  BASE_URL: DeepSeek API base URL
 #  SYSTEM_PROMPT: System prompt message
 #  USER_PROMPT: User prompt message
 # Usage:
@@ -21,19 +26,29 @@
 #  - Local PR Review: just cr -r hustcer/deepseek-review -n 32
 
 # Commonly used exit codes
-const ECODE = {
+export const ECODE = {
   SUCCESS: 0,
   OUTDATED: 1,
-  MISSING_BINARY: 2,
-  MISSING_DEPENDENCY: 3,
-  CONDITION_NOT_SATISFIED: 5,
-  SERVER_ERROR: 6,
-  INVALID_PARAMETER: 7,
-  AUTH_FAILED: 8,
+  AUTH_FAILED: 2,
+  SERVER_ERROR: 3,
+  MISSING_BINARY: 5,
+  INVALID_PARAMETER: 6,
+  MISSING_DEPENDENCY: 7,
+  CONDITION_NOT_SATISFIED: 8,
 }
 
+const RESPONSE_END = 'data: [DONE]'
+const LAST_REPLY_TMP = '.last-reply.json'
+
+const GITHUB_API_BASE = 'https://api.github.com'
+
+# It takes longer to respond to requests made with unknown/rare user agents.
+# When make http post pretend to be curl, it gets a response just as quickly as curl.
+const HTTP_HEADERS = [User-Agent curl/8.9]
+
 const DEFAULT_OPTIONS = {
   MODEL: 'deepseek-chat',
+  TEMPERATURE: 1.0,
   BASE_URL: 'https://api.deepseek.com',
   USER_PROMPT: 'Please review the following code changes:',
   SYS_PROMPT: 'You are a professional code review assistant responsible for analyzing code changes in GitHub Pull Requests. Identify potential issues such as code style violations, logical errors, security vulnerabilities, and provide improvement suggestions. Clearly list the problems and recommendations in a concise manner.',
@@ -42,61 +57,73 @@ const DEFAULT_OPTIONS = {
 # If the PR title or body contains any of these keywords, skip the review
 const IGNORE_REVIEW_KEYWORDS = ['skip review' 'skip cr']
 
-# Use Deepseek AI to review code changes locally or in GitHub Actions
+# Use DeepSeek AI to review code changes locally or in GitHub Actions
 export def --env deepseek-review [
-  token?: string,           # Your Deepseek API token, fallback to CHAT_TOKEN env var
+  token?: string,           # Your DeepSeek API token, fallback to CHAT_TOKEN env var
   --debug(-d),              # Debug mode
   --repo(-r): string,       # GitHub repository name, e.g. hustcer/deepseek-review
   --pr-number(-n): string,  # GitHub PR number
   --gh-token(-k): string,   # Your GitHub token, fallback to GITHUB_TOKEN env var
   --diff-to(-t): string,    # Diff to git REF
   --diff-from(-f): string,  # Diff from git REF
+  --patch-cmd(-c): string,  # The `git show` or `git diff` command to get the diff content, for local CR only
   --max-length(-l): int,    # Maximum length of the content for review, 0 means no limit.
-  --model(-m): string = $DEFAULT_OPTIONS.MODEL,   # Model name, deepseek-chat by default
-  --base-url(-b): string = $DEFAULT_OPTIONS.BASE_URL,
+  --model(-m): string,      # Model name, or read from CHAT_MODEL env var, `deepseek-chat` by default
+  --base-url(-b): string,   # DeepSeek API base URL, fallback to BASE_URL env var
   --sys-prompt(-s): string  # Default to $DEFAULT_OPTIONS.SYS_PROMPT,
   --user-prompt(-u): string # Default to $DEFAULT_OPTIONS.USER_PROMPT,
   --include(-i): string,    # Comma separated file patterns to include in the code review
   --exclude(-x): string,    # Comma separated file patterns to exclude in the code review
+  --temperature(-T): float, # Temperature for the model, between `0` and `2`, default value `1.0`
 ]: nothing -> nothing {
+
   $env.config.table.mode = 'psql'
   let is_action = ($env.GITHUB_ACTIONS? == 'true')
+  let stream = if $is_action { false } else { true }
   let token = $token | default $env.CHAT_TOKEN?
   let repo = $repo | default $env.DEFAULT_GITHUB_REPO?
-  let header = [Authorization $'Bearer ($token)']
-  let url = $'($base_url)/chat/completions'
+  let CHAT_HEADER = [Authorization $'Bearer ($token)']
   let local_repo = $env.DEFAULT_LOCAL_REPO? | default (pwd)
-  let max_length = $max_length | default ($env.MAX_LENGTH? | default 0 | into int)
+  let model = $model | default $env.CHAT_MODEL? | default $DEFAULT_OPTIONS.MODEL
+  let base_url = $base_url | default $env.BASE_URL? | default $DEFAULT_OPTIONS.BASE_URL
+  let max_length = try { $max_length | default ($env.MAX_LENGTH? | default 0 | into int) } catch { 0 }
+  let temperature = try { $temperature | default $env.TEMPERATURE? | default $DEFAULT_OPTIONS.TEMPERATURE | into float } catch { $DEFAULT_OPTIONS.TEMPERATURE }
+  if ($temperature < 0) or ($temperature > 2) {
+    print $'(ansi r)Invalid temperature value, should be in the range of 0 to 2.(ansi reset)'
+    exit $ECODE.INVALID_PARAMETER
+  }
+  let url = $'($base_url)/chat/completions'
   let setting = {
     repo: $repo,
+    model: $model,
+    chat_url: $url,
     include: $include,
     exclude: $exclude,
     diff_to: $diff_to,
     diff_from: $diff_from,
+    patch_cmd: $patch_cmd,
     pr_number: $pr_number,
     max_length: $max_length,
     local_repo: $local_repo,
+    temperature: $temperature,
   }
   $env.GH_TOKEN = $gh_token | default $env.GITHUB_TOKEN?
+
   if ($token | is-empty) {
-    print $'(ansi r)Please provide your Deepseek API token by setting `CHAT_TOKEN` or passing it as an argument.(ansi reset)'
+    print $'(ansi r)Please provide your DeepSeek API token by setting `CHAT_TOKEN` or passing it as an argument.(ansi reset)'
     exit $ECODE.INVALID_PARAMETER
   }
-  if $is_action and not (is-installed gh) {
-    print $'(ansi r)Please install GitHub CLI from https://cli.github.com (ansi reset)'
-    exit $ECODE.MISSING_BINARY
-  }
   let hint = if not $is_action and ($pr_number | is-empty) {
-    $'🚀 Initiate the code review by Deepseek AI for local changes ...'
+    $'🚀 Initiate the code review by DeepSeek AI for local changes ...'
   } else {
-    $'🚀 Initiate the code review by Deepseek AI for PR (ansi g)#($pr_number)(ansi reset) in (ansi g)($repo)(ansi reset) ...'
+    $'🚀 Initiate the code review by DeepSeek AI for PR (ansi g)#($pr_number)(ansi reset) in (ansi g)($repo)(ansi reset) ...'
   }
   print $hint; print -n (char nl)
-  if ($pr_number | is-empty) { $setting | compact-record | reject repo | print }
+  if ($pr_number | is-empty) { $setting | compact-record | reject -i repo | print }
 
   let content = (
     get-diff --pr-number $pr_number --repo $repo --diff-to $diff_to
-             --diff-from $diff_from --include $include --exclude $exclude)
+             --diff-from $diff_from --include $include --exclude $exclude --patch-cmd $patch_cmd)
   let length = $content | str stats | get unicode-width
   if ($max_length != 0) and ($length > $max_length) {
     print $'(char nl)(ansi r)The content length ($length) exceeds the maximum limit ($max_length), review skipped.(ansi reset)'
@@ -107,48 +134,92 @@ export def --env deepseek-review [
   let user_prompt = $user_prompt | default (load-prompt-from-env USER_PROMPT) | default $DEFAULT_OPTIONS.USER_PROMPT
   let payload = {
     model: $model,
-    stream: false,
+    stream: $stream,
+    temperature: $temperature,
     messages: [
       { role: 'system', content: $sys_prompt },
       { role: 'user', content: $"($user_prompt):\n($content)" }
     ]
   }
   if $debug { print $'Code Changes:'; hr-line; print $content }
-  print $'(char nl)(ansi g)Waiting for response from Deepseek ...(ansi reset)'
-  let response = http post -e -H $header -t application/json $url $payload
+  print $'(char nl)Waiting for response from (ansi g)($url)(ansi reset) ...'
+  if $stream { streaming-output $url $payload --headers $CHAT_HEADER --debug=$debug; return }
+
+  let response = http post -e -H $CHAT_HEADER -t application/json $url $payload
   if ($response | is-empty) {
-    print $'(ansi r)Oops, No response returned from Deepseek API.(ansi reset)'
+    print $'(ansi r)Oops, No response returned from DeepSeek API.(ansi reset)'
     exit $ECODE.SERVER_ERROR
   }
-  if $debug { print $'Deepseek Response:'; hr-line; $response | table -e | print }
+  if $debug { print $'DeepSeek Response:'; hr-line; $response | table -e | print }
   if ($response | describe) == 'string' {
     print $'❌ Code review failed！Error: '; hr-line; print $response
     exit $ECODE.SERVER_ERROR
   }
+  let reason = $response | get -i choices.0.message.reasoning_content
   let review = $response | get -i choices.0.message.content
+  let result = [$reason $review] | str join "\n"
+  if ($review | is-empty) {
+    print $'❌ Code review failed！No review result returned from DeepSeek API.'
+    exit $ECODE.SERVER_ERROR
+  }
   if not $is_action {
-    print $'Code Review Result:'; hr-line; print $review
+    print $'Code Review Result:'; hr-line; print $result
   } else {
-    gh pr comment $pr_number --body $review --repo $repo
+    let BASE_HEADER = [Authorization $'Bearer ($env.GH_TOKEN)' Accept application/vnd.github.v3+json ...$HTTP_HEADERS]
+    http post -t application/json -H $BASE_HEADER $'($GITHUB_API_BASE)/repos/($repo)/issues/($pr_number)/comments' { body: $result }
     print $'✅ Code review finished！PR (ansi g)#($pr_number)(ansi reset) review result was posted as a comment.'
   }
   print $'(char nl)Token Usage Info:'; hr-line
   $response.usage | table -e | print
 }
 
+# Output the streaming response of review result from DeepSeek API
+def streaming-output [
+  url: string,        # The Full DeepSeek API URL
+  payload: record,    # The payload to send to DeepSeek API
+  --debug,            # Debug mode
+  --headers: list,    # The headers to send to DeepSeek API
+] {
+  print -n (char nl)
+  http post -e -H $headers -t application/json $url $payload
+    | tee { let res = $in; if ($res | describe) =~ 'record' { $res | table -e | print; exit $ECODE.SERVER_ERROR } }
+    | lines
+    | each {|line|
+        if $line == $RESPONSE_END { return }
+        if ($line | is-empty) { return }
+        let $last = $line | str substring 6.. | from json
+        if $last == '-alive' { print $last; return }
+        if $debug { $last | to json | save -rf $LAST_REPLY_TMP }
+        $last | get -i choices.0.delta | if ($in | is-not-empty) {
+          let delta = $in
+          print -n ($delta.reasoning_content | default $delta.content)
+        }
+      }
+
+  if $debug and ($LAST_REPLY_TMP | path exists) {
+    print $'(char nl)(char nl)DeepSeek Token Usage:'; hr-line
+    open $LAST_REPLY_TMP | select -i model usage | table -e | print
+    rm -f $LAST_REPLY_TMP
+  }
+}
+
 # Load the prompt content from the specified env var
 export def load-prompt-from-env [
   prompt_key: string,
 ] {
   let prompt = $env | get -i $prompt_key | default ''
-  if $prompt =~ '.yaml' {
-    let key = $prompt | split row : | last
-    let path = $prompt | split row : | first
-    try { open $path | get -i $key } catch {
-      print $'(ansi r)Failed to load the prompt content from ($path), please check it again.(ansi reset)'
-      exit $ECODE.INVALID_PARAMETER
-    }
-  } else { $prompt }
+  if ($prompt !~ '.ya?ml') { return $prompt }
+  let parts = $prompt | split row :
+  if ($parts | length) != 2 {
+    print $'(ansi r)Invalid prompt format: expected path:key for YAML files.(ansi reset)'
+    exit $ECODE.INVALID_PARAMETER
+  }
+  let key = $parts | last
+  let path = $parts | first
+  try { open $path | get -i $key } catch {
+    print $'(ansi r)Failed to load the prompt content from ($path), please check it again.(ansi reset)'
+    exit $ECODE.INVALID_PARAMETER
+  }
 }
 
 # Get the diff content from GitHub PR or local git changes
@@ -159,7 +230,10 @@ export def get-diff [
   --diff-from: string,  # Diff from git ref
   --include: string,    # Comma separated file patterns to include in the code review
   --exclude: string,    # Comma separated file patterns to exclude in the code review
+  --patch-cmd: string,  # The `git show` or `git diff` command to get the diff content
 ] {
+  let BASE_HEADER = [Authorization $'Bearer ($env.GH_TOKEN)' Accept application/vnd.github.v3+json]
+  let DIFF_HEADER = [Authorization $'Bearer ($env.GH_TOKEN)' Accept application/vnd.github.v3.diff]
   let local_repo = $env.DEFAULT_LOCAL_REPO? | default (pwd)
   if not ($local_repo | path exists) {
     print $'(ansi r)The directory ($local_repo) does not exist.(ansi reset)'
@@ -167,46 +241,82 @@ export def get-diff [
   }
   cd $local_repo
   mut content = if ($pr_number | is-not-empty) {
-      if ($repo | is-empty) {
-        print $'(ansi r)Please provide the GitHub repository name by `--repo` option.(ansi reset)'
-        exit $ECODE.INVALID_PARAMETER
-      }
-      # TODO: Ignore keywords checking when triggering by mentioning the bot
-      let description = gh pr view $pr_number --repo $repo --json title,body
-      if ($IGNORE_REVIEW_KEYWORDS | any {|it| $description =~ $it }) {
-        print $'(ansi r)The PR title or body contains keywords to skip the review, bye...(ansi reset)'
-        exit $ECODE.SUCCESS
-      }
-      gh pr diff $pr_number --repo $repo | str trim
-    } else if ($diff_from | is-not-empty) {
-      if not (has-ref $diff_from) {
-        print $'(ansi r)The specified git ref ($diff_from) does not exist, please check it again.(ansi reset)'
-        exit $ECODE.INVALID_PARAMETER
-      }
-      if ($diff_to | is-not-empty) and not (has-ref $diff_to) {
-        print $'(ansi r)The specified git ref ($diff_to) does not exist, please check it again.(ansi reset)'
-        exit $ECODE.INVALID_PARAMETER
-      }
-      git diff $diff_from ($diff_to | default HEAD)
-    } else if not (git-check $local_repo --check-repo=1) {
-      print $'Current directory ($local_repo) is (ansi r)NOT(ansi reset) a git repo, bye...(char nl)'
-      exit $ECODE.CONDITION_NOT_SATISFIED
-    } else { git diff }
+    if ($repo | is-empty) {
+      print $'(ansi r)Please provide the GitHub repository name by `--repo` option.(ansi reset)'
+      exit $ECODE.INVALID_PARAMETER
+    }
+    # TODO: Ignore keywords checking when triggering by mentioning the bot
+    let description = http get -H $BASE_HEADER $'($GITHUB_API_BASE)/repos/($repo)/pulls/($pr_number)'
+                                        | select title body | values | str join "\n"
+    if ($IGNORE_REVIEW_KEYWORDS | any {|it| $description =~ $it }) {
+      print $'(ansi r)The PR title or body contains keywords to skip the review, bye...(ansi reset)'
+      exit $ECODE.SUCCESS
+    }
+    http get -H $DIFF_HEADER $'($GITHUB_API_BASE)/repos/($repo)/pulls/($pr_number)' | str trim
+  } else if ($diff_from | is-not-empty) {
+    if not (has-ref $diff_from) {
+      print $'(ansi r)The specified git ref ($diff_from) does not exist, please check it again.(ansi reset)'
+      exit $ECODE.INVALID_PARAMETER
+    }
+    if ($diff_to | is-not-empty) and not (has-ref $diff_to) {
+      print $'(ansi r)The specified git ref ($diff_to) does not exist, please check it again.(ansi reset)'
+      exit $ECODE.INVALID_PARAMETER
+    }
+    git diff $diff_from ($diff_to | default HEAD)
+  } else if not (git-check $local_repo --check-repo=1) {
+    print $'Current directory ($local_repo) is (ansi r)NOT(ansi reset) a git repo, bye...(char nl)'
+    exit $ECODE.CONDITION_NOT_SATISFIED
+  } else if ($patch_cmd | is-not-empty) {
+    let valid = is-safe-git $patch_cmd
+    if not $valid { exit $ECODE.INVALID_PARAMETER }
+    nu -c $patch_cmd
+  } else { git diff }
 
   if ($content | is-empty) {
     print $'(ansi g)Nothing to review.(ansi reset)'; exit $ECODE.SUCCESS
   }
+  let awk_bin = (prepare-awk)
+  let outdated_awk = $'You may using an (ansi r)outdated awk version(ansi reset), please upgrade to the latest version or use gawk latest instead.'
   if ($include | is-not-empty) {
     let patterns = $include | split row ','
-    $content = $content | awk (generate-include-regex $patterns)
+    $content = $content | try { ^$awk_bin (generate-include-regex $patterns) } catch { print $outdated_awk; exit $ECODE.OUTDATED }
   }
   if ($exclude | is-not-empty) {
     let patterns = $exclude | split row ','
-    $content = $content | awk (generate-exclude-regex $patterns)
+    $content = $content | try { ^$awk_bin (generate-exclude-regex $patterns) } catch { print $outdated_awk; exit $ECODE.OUTDATED }
   }
   $content
 }
 
+# Prepare gawk for macOS
+export def prepare-awk [] {
+  const MIN_GAWK_VERSION = '5.3.1'
+  const MIN_AWK_VERSION = '20250116'
+  let awk_installed = is-installed awk
+  let gawk_installed = is-installed gawk
+
+  if $awk_installed {
+    let awk_version = awk --version | lines | first | split row ' ' | last
+    print $'Current awk version: ($awk_version)'
+    if (compare-ver $awk_version $MIN_AWK_VERSION) >= 0 { return 'awk' }
+  }
+  if $gawk_installed {
+    let gawk_version = gawk --version | lines | first | split row , | first | split row ' ' | last
+    print $'Current gawk version: ($gawk_version)'
+    if (compare-ver $gawk_version $MIN_GAWK_VERSION) >= 0 { return 'gawk' }
+  }
+  if (sys host | get name) == 'Darwin' and (is-installed brew) {
+    brew install gawk
+    print $'Current gawk version: (gawk --version | lines | first)'
+    return 'gawk'
+  }
+  if (not $awk_installed) and (not $gawk_installed) {
+    print $'(ansi r)Neither `awk` nor `gawk` is installed, please install the latest version of `gawk`.(ansi reset)'
+    exit $ECODE.MISSING_BINARY
+  }
+  'awk'
+}
+
 # Compact the record by removing empty columns
 export def compact-record []: record -> record {
   let record = $in
@@ -289,4 +399,112 @@ def generate-exclude-regex [patterns: list<string>] {
   $"/^diff --git/{p=/^diff --git a\\/($pattern)/}!p"
 }
 
+# Converts a .env file into a record
+# may be used like this: open .env | load-env
+# works with quoted and unquoted .env files
+export def 'from env' []: string -> record {
+  lines
+    | split column '#' # remove comments
+    | get column1
+    | parse '{key}={value}'
+    | update value {
+        str trim                        # Trim whitespace between value and inline comments
+          | str trim -c '"'             # unquote double-quoted values
+          | str trim -c "'"             # unquote single-quoted values
+          | str replace -a "\\n" "\n"   # replace `\n` with newline char
+          | str replace -a "\\r" "\r"   # replace `\r` with carriage return
+          | str replace -a "\\t" "\t"   # replace `\t` with tab
+      }
+    | transpose -r -d
+}
+
+# Compare two version number, return `1` if first one is higher than second one,
+# Return `0` if they are equal, otherwise return `-1`
+# Format: Expects semantic version strings (major.minor.patch)
+#   - Optional 'v' prefix
+#   - Pre-release suffixes (-beta, -rc, etc.) are ignored
+#   - Missing segments default to 0
+export def compare-ver [v1: string, v2: string] {
+  # Parse the version number: remove pre-release and build information,
+  # only take the main version part, and convert it to a list of numbers
+  def parse-ver [v: string] {
+    $v | str downcase | str trim -c v | str trim
+       | split row - | first | split row . | each { into int }
+  }
+  let a = parse-ver $v1
+  let b = parse-ver $v2
+  # Compare the major, minor, and patch parts; fill in the missing parts with 0
+  # If you want to compare more parts use the following code:
+  # for i in 0..([2 ($a | length) ($b | length)] | math max)
+  for i in 0..2 {
+    let x = $a | get -i $i | default 0
+    let y = $b | get -i $i | default 0
+    if $x > $y { return 1    }
+    if $x < $y { return (-1) }
+  }
+  0
+}
+
+# Check if the git command is safe to run in the shell
+# Validate command examples:
+#  - git show
+#  - git diff
+#  - git show head~1
+#  - git diff --since=2025-02-09 HEAD
+#  - git diff 2393375 71f5a31
+#  - git diff 2393375 71f5a31 nu/*
+#  - git diff 2393375 71f5a31 :!nu/*
+export def is-safe-git [cmd: string] {
+  # Normalize the command string by trimming and converting to lowercase
+  let normalized_cmd = ($cmd | str trim | str downcase)
+
+  # More strict regex for git commands, allow:
+  # 1. --since parameter with ISO date format
+  # 2. File path patterns with or without colon (e.g. :!nu/*, nu/*)
+  let allowed_regex = '^git\s+(show|diff)(?:\s+(?:--since=\d{4}-\d{2}-\d{2}|[a-zA-Z0-9_\-\.~/]+))*(?:\s+(?::[!]?)?[a-zA-Z0-9_\-\.\*\/]+)?$'
+
+  # Dangerous patterns to check (expanded list)
+  let dangerous_patterns = [
+    # Command chaining/injection
+    ';', '&&', '||', '|',
+    # Shell expansion
+    '?', '[', ']', '{', '}',
+    # Command substitution
+    '`', '$(',
+    # IO redirection
+    '>', '>>', '<', '<<',
+    # Special characters
+    '\n', '\r', '\t',
+    # Path traversal
+    '..',
+    # Environment variables
+    '$', '%',
+    # Quotes that might be used for injection
+    '"', "'"
+  ]
+
+  # First check: Command must match the allowed pattern
+  if ($normalized_cmd | find -r $allowed_regex | is-empty) {
+    print $'ERROR: Invalid git command format. (ansi r)Only simple `git show` or `git diff` commands are allowed(ansi reset).'
+    return false
+  }
+
+  # Second check: No dangerous patterns allowed
+  for pattern in $dangerous_patterns {
+    if ($cmd | str contains $pattern) {
+      print $'(ansi r)ERROR: Dangerous pattern detected: `($pattern)`(ansi reset)'
+      return false
+    }
+  }
+
+  # Third check: Command parts validation (increased limit to accommodate path patterns)
+  let cmd_parts = $normalized_cmd | split row ' '
+  if ($cmd_parts | length) > 6 {
+    print $'ERROR: Command too complex. (ansi r)Only simple `git show` or `git diff` commands are allowed(ansi reset).'
+    return false
+  }
+
+  true
+}
+
 alias main = deepseek-review