# AI Remedy Autopilot with Multi-SCM Pull Request Generation

## Module
AdvisoryAI

## Status
IMPLEMENTED

## Description
AI-powered remediation service that generates fix plans (dependency bumps, base image upgrades, config changes, backport guidance), then creates PRs automatically across GitHub, GitLab, Azure DevOps, and Gitea via a unified SCM connector plugin architecture. Includes build verification, SBOM delta computation, signed delta verdicts, and fallback to "suggestion-only" when build/tests fail.

## Implementation Details
- **Modules**: `src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/`, `src/AdvisoryAi/StellaOps.AdvisoryAI.Scm.Plugin.Unified/`
- **Key Classes**:
  - `AiRemediationPlanner` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/AiRemediationPlanner.cs`) - AI-driven remediation plan generation
  - `RemediationDeltaService` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/RemediationDeltaService.cs`) - computes SBOM delta for remediation impact
  - `PrTemplateBuilder` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/PrTemplateBuilder.cs`) - builds PR descriptions with evidence and delta info
  - `GitHubPullRequestGenerator` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/GitHubPullRequestGenerator.cs`) - generates PRs on GitHub
  - `GitLabMergeRequestGenerator` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/GitLabMergeRequestGenerator.cs`) - generates MRs on GitLab
  - `AzureDevOpsPullRequestGenerator` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/AzureDevOpsPullRequestGenerator.cs`) - generates PRs on Azure DevOps
  - `GiteaScmConnector` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/ScmConnector/GiteaScmConnector.cs`) - Gitea SCM integration
  - `GitHubScmConnector` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/ScmConnector/GitHubScmConnector.cs`) - GitHub SCM integration
  - `GitLabScmConnector` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/ScmConnector/GitLabScmConnector.cs`) - GitLab SCM integration
  - `AzureDevOpsScmConnector` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/ScmConnector/AzureDevOpsScmConnector.cs`) - Azure DevOps SCM integration
  - `ScmConnectorCatalog` (`src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/ScmConnector/ScmConnectorCatalog.cs`) - catalog of available SCM connectors
  - `ScmPluginAdapter` (`src/AdvisoryAi/StellaOps.AdvisoryAI.Scm.Plugin.Unified/ScmPluginAdapter.cs`) - unified plugin adapter for SCM operations
  - `ScmPluginAdapterFactory` (`src/AdvisoryAi/StellaOps.AdvisoryAI.Scm.Plugin.Unified/ScmPluginAdapterFactory.cs`) - factory for creating SCM plugin adapters
- **Interfaces**: `IRemediationPlanner`, `IPullRequestGenerator`, `IScmConnector`, `IPackageVersionResolver`
- **Source**: SPRINT_20251226_016_AI_remedy_autopilot.md

## E2E Test Plan
- [ ] Generate a remediation plan via `AiRemediationPlanner` for a known CVE and verify it includes dependency bump steps
- [ ] Create a PR via `GitHubPullRequestGenerator` and verify `PrTemplateBuilder` populates the description with evidence
- [ ] Verify `RemediationDeltaService` computes SBOM delta showing before/after dependency changes
- [ ] Verify `ScmConnectorCatalog` resolves the correct connector (GitHub, GitLab, AzureDevOps, Gitea) based on repository URL
- [ ] Verify `ScmPluginAdapter` creates branches, commits changes, and opens PRs through the unified plugin interface
- [ ] Verify fallback to "suggestion-only" mode when build verification fails after applying the fix