code-change-summarizer

# Code Change Summarizer

Generate clear, structured pull request descriptions from code changes.

## Workflow

### 1. Analyze Code Changes

**Gather code changes:**
- Git diff output
- Modified files list
- Commit messages
- Related issue numbers

**Understand the changes:**
- Read through all modified files
- Identify what changed (added/modified/removed/fixed)
- Understand the purpose of changes
- Note any patterns or themes

**Categorize changes:**
- **Feature additions:** New functionality
- **Bug fixes:** Issue resolutions
- **Refactoring:** Code improvements without behavior changes
- **Documentation:** Doc updates
- **Tests:** Test additions or modifications
- **Dependencies:** Package updates
- **Configuration:** Config or build changes

### 2. Create Initial Summary

**Write a clear title:**

Format: `[Type] Brief description (max 72 characters)`

**Types:**
- `feat:` New feature
- `fix:` Bug fix
- `refactor:` Code refactoring
- `docs:` Documentation
- `test:` Tests
- `chore:` Maintenance
- `perf:` Performance
- `style:` Code style
- `ci:` CI/CD
- `build:` Build system

**Examples:**
- `feat: Add user authentication with OAuth2`
- `fix: Resolve memory leak in data processor`
- `refactor: Simplify error handling logic`

**Write summary paragraph:**
- 2-3 sentences
- Explain what and why
- Use active voice
- Be concise and clear

**Example:**
```
This PR adds OAuth2 authentication to the user login system. The change
improves security by using industry-standard authentication and enables
single sign-on with external providers.
```

### 3. Document Changes

**List changes by category:**

**Added:**
- New features or functionality
- New files or components
- New API endpoints

**Modified:**
- Changed behavior or implementation
- Updated configuration
- Refactored code

**Removed:**
- Deprecated features
- Deleted files
- Removed dependencies

**Fixed:**
- Bug fixes
- Issue resolutions
- Error corrections

**Example:**
```markdown
## Changes

### Added
- OAuth2 authentication flow
- User session management
- Login/logout endpoints

### Modified
- User model to include OAuth tokens
- Authentication middleware
- Database schema

### Fixed
- Session timeout not working correctly
- Memory leak in token refresh
```

### 4. Identify Breaking Changes

**Check for breaking changes:**
- API signature changes
- Removed functionality
- Changed behavior
- Configuration changes
- Database schema changes
- Dependency updates with breaking changes

**Document each breaking change:**

**Format:**
```markdown
## Breaking Changes

⚠️ **[Breaking change description]**

**Impact:** [Who/what is affected]

**Migration Guide:**
1. [Step 1]
2. [Step 2]

**Before:**
```[language]
// Old code
```

**After:**
```[language]
// New code
```
```

**Example:**
```markdown
## Breaking Changes

⚠️ **Authentication endpoint signature changed**

**Impact:** All API clients must update their authentication calls.

**Migration Guide:**
1. Update authentication endpoint from `/auth/login` to `/auth/oauth/login`
2. Include `provider` parameter in request body
3. Handle new response format with OAuth tokens

**Before:**
```javascript
POST /auth/login
{ "username": "user", "password": "pass" }
```

**After:**
```javascript
POST /auth/oauth/login
{ "username": "user", "password": "pass", "provider": "google" }
```
```

### 5. Add Technical Details

**Explain implementation approach:**
- High-level technical approach
- Key algorithms or patterns used
- Important implementation details

**Document design decisions:**
- Why this approach was chosen
- Alternatives considered
- Trade-offs made

**Note architecture changes:**
- New components or modules
- Changed relationships
- Updated data flow

**Example:**
```markdown
## Technical Details

### Implementation Approach
Implemented OAuth2 using the Authorization Code flow with PKCE for enhanced
security. The authentication flow is handled by a new `AuthService` that
manages token exchange and refresh.

### Key Design Decisions
- **OAuth2 over SAML:** Chose OAuth2 for better mobile support and simpler
  implementation
- **PKCE extension:** Added PKCE to protect against authorization code
  interception attacks
- **Token storage:** Store refresh tokens in secure HTTP-only cookies

### Architecture Changes
- Added new `AuthService` layer between controllers and OAuth provider
- Introduced `TokenManager` for token lifecycle management
- Updated database schema to store OAuth provider information
```

### 6. Document Dependencies

**List dependency changes:**

**Added dependencies:**
- Package name and version
- Why it was added
- What it's used for

**Updated dependencies:**
- Old version → New version
- Why it was updated
- Any breaking changes

**Removed dependencies:**
- Package name
- Why it was removed
- What replaced it (if anything)

**Example:**
```markdown
## Dependencies

### Added
- `passport@0.6.0` - OAuth2 authentication library
- `passport-google-oauth20@2.0.0` - Google OAuth2 strategy

### Updated
- `express@4.17.1` → `express@4.18.2` - Security patches and bug fixes
- `jsonwebtoken@8.5.1` → `jsonwebtoken@9.0.0` - Updated for Node 18 support

### Removed
- `bcrypt@5.0.1` - Replaced by OAuth2, no longer needed for password hashing
```

### 7. Provide Testing Instructions

**Write step-by-step testing guide:**

**Format:**
```markdown
## Testing

### How to Test
1. [Setup step]
2. [Action to perform]
3. [Expected result]
4. [Edge case to verify]

### Test Coverage
- Added [X] unit tests
- Added [Y] integration tests
- Current coverage: [Z]%

### Manual Testing Checklist
- [ ] Test scenario 1
- [ ] Test scenario 2
- [ ] Test edge case 1
```

**Example:**
```markdown
## Testing

### How to Test
1. Start the application: `npm start`
2. Navigate to `/login`
3. Click "Sign in with Google"
4. Complete OAuth flow in popup
5. Verify you're redirected back and logged in
6. Check that session persists after page refresh

### Test Coverage
- Added 15 unit tests for AuthService
-