The latest updates on your projects. Learn more about Vercel for GitHub.

4 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
agui-chat-deepcitation	Ignored	Preview	Apr 15, 2026 11:10pm
deepcitation-langchain-rag-chat	Ignored	Preview	Apr 15, 2026 11:10pm
mastra-rag-deepcitation	Ignored	Preview	Apr 15, 2026 11:10pm
nextjs-ai-sdk-deepcitation	Ignored	Preview	Apr 15, 2026 11:10pm

Code Review

src/cli/commands.ts — the main change

Overall: the logic is correct and mirrors the existing pattern at line 1263. A few things worth addressing:

1. Type widening on output is unnecessary

Changing the output type from a narrow literal to Record<string, unknown> to support dynamic property assignment is a common pattern but loses precision. A typed alternative avoids casting:

const output: { verifications: Record<string, unknown>; attachments?: Record<string, AttachmentAssets> } = { verifications: merged };
if (Object.keys(mergedAttachments).length > 0) output.attachments = mergedAttachments;

This keeps attachments typed all the way through to the writeFileSync call.

2. Inconsistency with the second verify function (line 1300)

The second verify function writes { verifications: merged } to verifyResponsePath without attachments, even though it also builds mergedAttachments (lines 1263–1272). The mergedAttachments there is used only for in-memory reattachPageImages/downloadUrl backfill — it never surfaces in the file.

That's a divergent output schema between the two paths. If downstream tooling reads verify-response.json and expects attachments when assets are present, callers of the second path will silently get nothing. Either:

• Add the same conditional output.attachments write to the second function too, or
• Add a comment in the second function explicitly noting the omission is intentional (e.g., because reattachPageImages inlines the images directly into verifications).

3. Silent key collision via Object.assign

if (result.attachments) Object.assign(mergedAttachments, result.attachments);

If two verifyAttachment calls return an overlapping key in their attachments map, the second silently wins. This is consistent with how merged verifications are handled, but worth calling out since attachments is keyed by attachmentId — collisions here would indicate a grouping bug upstream. A DEV assertion or at least a comment acknowledging the invariant ("each attachmentId appears in exactly one group") would make the intent clearer.

4. No automated test coverage

The test plan is manual-only. Given that normalizeVerifyResponse.test.ts already sets up AttachmentAssets fixtures, adding a unit test for the mergedAttachments → output.attachments conditional (both present and absent cases) would be straightforward and would prevent regressions here.

README.md

The new tagline introduces two issues:

1. "/verify Citations" — the leading / makes this read like a CLI command fragment embedded in marketing copy. Likely unintentional.
2. Capitalization — "Citations" with a capital C is inconsistent with the lowercase "hallucinations" on the line above.

The old tagline ("Build Trusted AI Products. / Show proof for every AI citation.") was clearer about what the product does. "Stop hallucinations" is a broader claim that doesn't reflect the tool's actual scope (citation verification, not general hallucination prevention).

Test plan note

The test plan uses bun run lint, but the repo's AGENTS.md specifies npm run check:fix then npm run lint. Minor inconsistency worth aligning.

Summary: The core logic in commands.ts is sound and consistent with the parallel pattern elsewhere. The main actionable items are: (1) address the divergent output between the two verify functions, (2) strengthen the type of output, and (3) reconsider the README tagline.

✅ Playwright Test Report

Status: Tests passed

📊 Download Report & Snapshots (see Artifacts section)

Run ID: 24483084563