What's New

Performance

• Parallel file reads in codebase mode — Codebase() now uses a producer-consumer pipeline with per-file buffered channels and a 16-worker semaphore, reading files concurrently and delivering results in stable index order. Large codebases complete significantly faster.
• Prompt builder buffer pooling — BuildUserPrompt and BuildCodebaseUserPrompt now pool bytes.Buffer backing arrays via sync.Pool. Chunked reviews build 10–100 KB prompt strings per chunk; pooling eliminates those repeated large allocations. Buffers over 1 MB are discarded to bound pool memory.
• Context propagation throughout — All git operations (Unstaged, Staged, Commit, Range, Codebase) now accept and respect context.Context, enabling clean cancellation across the entire review pipeline.

Configurable Concurrency & Rate Limiting

• Dynamic maxConcurrency — Chunked reviews now use a per-provider default concurrency (8 for cloud providers, 16 for Ollama) rather than a hardcoded constant. Override via config or PRISM_MAX_CONCURRENCY.
• Token-bucket rate limiter — A new ratelimit package provides a lazy-refill token-bucket limiter (no background goroutines). Per-provider defaults: Anthropic 50 RPM, OpenAI/Gemini 60 RPM, Ollama unlimited. Override via config or PRISM_RATE_LIMIT_RPM.

New config fields:
```json
{
"maxConcurrency": 0,
"rateLimitRpm": 0
}
```
New environment variables: PRISM_MAX_CONCURRENCY, PRISM_RATE_LIMIT_RPM

Code Quality

• strings.SplitSeq / strings.CutPrefix in diffutil — iterator-based line splitting avoids allocating the full []string slice for large diffs; CutPrefix replaces HasPrefix + TrimPrefix pairs.
• cloneReport deep copy — FilterReportBySeverity now returns a fully independent clone; Finding.Locations, Tags, and References slices are no longer shared between the original and filtered report.

Public API (pkg/prism)

• Exposed pkg/prism facade package with Review, RenderReport, FilterReportBySeverity, FailOnMet, IsSupportedProvider, ProviderForModel, KnownModels, and DefaultReviewOptions.

Test Coverage

• Comprehensive unit tests for pkg/prism public API (55+ cases): all pure functions, format-specific output assertions, deep-clone isolation.
• New internal/review tests: SortFindings (7 cases), BuildReport (10 cases).

Documentation

• README updated with new config fields, environment variables, and missing model names (gpt-5.3-codex-spark, deepseek-coder-v2).

Upgrade

```bash
go install github.com/dshills/prism/cmd/prism@v0.6.0
```

No breaking changes. Existing config files, environment variables, and exit codes are unchanged.

What's New

v0.5 — Per-Commit Review

• --per-commit flag for review range: review each commit in a range individually, with findings stamped with the short commit SHA

v0.4 — Local Models & Git Integration

• Ollama / LMStudio support: run reviews with local models (--provider ollama)
• Pre-commit hook: prism hook install / prism hook uninstall
• GitHub PR integration: post findings as pull-request review comments

v0.3 — Compare Mode & Markdown Output

• Multi-model compare mode: run the same diff across multiple provider/model pairs and identify consensus vs. unique findings
• Markdown output format: PR-comment-friendly with collapsible sections per finding
• Rules packs: customize severity overrides, focus areas, and required checks

v0.2 — SARIF, Caching & Large Diffs

• SARIF v2.1.0 output: upload findings to GitHub Advanced Security and other CI tools
• File-based cache: SHA-256 keyed entries with configurable TTL
• Automatic diff chunking: diffs >100 KB are split per file and reviewed in parallel (bounded concurrency of 4)

v0.1 — Initial Release

• 5 review modes: unstaged, staged, commit, range, snippet
• 3 providers: Anthropic, OpenAI, Google Gemini
• Text and JSON output formats
• Secret redaction (on by default)
• Deterministic exit codes for CI gating
• Config file with CLI flag / env var / file precedence

Installation

go install github.com/dshills/prism/cmd/prism@latest

Documentation

• pkg.go.dev
• README