From dd82cf74d13f9c22108788a3c450f4c92a43d7b1 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Mon, 18 May 2026 21:22:53 +0000
Subject: [PATCH] =?UTF-8?q?=F0=9F=A7=B9=20Refactor=20buildCampaignRiskDeci?=
 =?UTF-8?q?sion=20to=20reduce=20complexity?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: theRebelliousNerd <187437903+theRebelliousNerd@users.noreply.github.com>
---
 internal/campaign/risk_scoring.go | 113 +++++++++++++++++++-----------
 1 file changed, 71 insertions(+), 42 deletions(-)

diff --git a/internal/campaign/risk_scoring.go b/internal/campaign/risk_scoring.go
index 13c63c42..1fb8bc19 100644
--- a/internal/campaign/risk_scoring.go
+++ b/internal/campaign/risk_scoring.go
@@ -434,9 +434,48 @@ func buildCampaignRiskDecision(c *Campaign, cfg OrchestratorConfig, gates riskGa
 		paths = collectCampaignRiskPaths(c)
 	}
 	paths = dedupeSortedStrings(paths)
+	inputs := buildRiskInputSnapshot(c, paths, intel)
+	metrics := calculateRiskMetrics(c, paths, inputs)
 
-	reportInputs := deriveRiskInputSnapshotFromReport(intel)
-	inputs := reportInputs
+	score := weightedRiskScore(
+		metrics.criticality,
+		metrics.churn,
+		metrics.coverageGap,
+		metrics.centrality,
+		metrics.complexityNorm,
+		metrics.safetyNorm,
+		metrics.capabilityNorm,
+		metrics.errorNorm,
+	)
+
+	threshold := clampRiskThreshold(cfg.RiskGateThreshold)
+	gated, tieBreak := applyRiskThreshold(score, threshold, inputs, gates)
+
+	overrideGated, overrideLevel := determineRiskOverrideLevel(cfg)
+	gated = applyRiskOverride(gated, overrideGated)
+
+	return &CampaignRiskDecision{
+		Score:         score,
+		Threshold:     threshold,
+		Gated:         gated,
+		TieBreak:      tieBreak,
+		SnapshotID:    riskSnapshotID(c, paths),
+		OverrideLevel: overrideLevel,
+
+		Criticality: metrics.criticality,
+		Churn:       metrics.churn,
+		CoverageGap: metrics.coverageGap,
+		Centrality:  metrics.centrality,
+		Inputs:      inputs,
+
+		AdvisoryGateEnabled:  gates.Advisory,
+		EdgeGateEnabled:      gates.Edge,
+		NorthstarGateEnabled: gates.Northstar,
+	}
+}
+
+func buildRiskInputSnapshot(c *Campaign, paths []string, intel *IntelligenceReport) RiskInputSnapshot {
+	inputs := deriveRiskInputSnapshotFromReport(intel)
 	inputs.CapturedAt = time.Now().UTC()
 	inputs.TargetPathCount = len(paths)
 	inputs.TotalPhases = len(c.Phases)
@@ -446,7 +485,21 @@ func buildCampaignRiskDecision(c *Campaign, cfg OrchestratorConfig, gates riskGa
 	if intel == nil {
 		inputs.Source = "campaign_only"
 	}
+	return inputs
+}
 
+type riskMetrics struct {
+	criticality    int
+	churn          int
+	coverageGap    int
+	centrality     int
+	complexityNorm int
+	safetyNorm     int
+	capabilityNorm int
+	errorNorm      int
+}
+
+func calculateRiskMetrics(c *Campaign, paths []string, inputs RiskInputSnapshot) riskMetrics {
 	criticality := criticalityNorm(paths)
 	churnBase := percentileNorm(len(paths), []int{1, 3, 5, 8, 13, 21, 34, 55, 89})
 	churnIntel := clampInt(inputs.HighChurnFiles*10, 0, 100)
@@ -461,59 +514,35 @@ func buildCampaignRiskDecision(c *Campaign, cfg OrchestratorConfig, gates riskGa
 	capabilityNorm := clampInt(inputs.ToolGaps*12+inputs.MissingCapabilities*10, 0, 100)
 	errorNorm := clampInt(inputs.GatheringErrors*20, 0, 100)
 
-	score := weightedRiskScore(
-		criticality,
-		churn,
-		coverageGap,
-		centrality,
-		complexityNorm,
-		safetyNorm,
-		capabilityNorm,
-		errorNorm,
-	)
-
-	threshold := clampRiskThreshold(cfg.RiskGateThreshold)
-	gated, tieBreak := applyRiskThreshold(score, threshold, inputs, gates)
-	overrideLevel := "score_threshold"
+	return riskMetrics{criticality, churn, coverageGap, centrality, complexityNorm, safetyNorm, capabilityNorm, errorNorm}
+}
 
+func determineRiskOverrideLevel(cfg OrchestratorConfig) (*bool, string) {
 	mode := normalizeRiskGateMode(cfg.RiskGateMode)
 	switch mode {
 	case RiskGateModeForceBlock:
-		gated = true
-		overrideLevel = "mode_force_block"
+		b := true
+		return &b, "mode_force_block"
 	case RiskGateModeForceAllow:
-		gated = false
-		overrideLevel = "mode_force_allow"
+		b := false
+		return &b, "mode_force_allow"
 	default:
 		if cfg.CampaignRiskOverride != nil {
-			gated = *cfg.CampaignRiskOverride
-			overrideLevel = "campaign_override"
+			return cfg.CampaignRiskOverride, "campaign_override"
 		} else if !cfg.GlobalRiskGate {
-			gated = false
-			overrideLevel = "global_override_disabled"
+			b := false
+			return &b, "global_override_disabled"
 		}
 	}
+	return nil, "score_threshold"
+}
 
-	return &CampaignRiskDecision{
-		Score:         score,
-		Threshold:     threshold,
-		Gated:         gated,
-		TieBreak:      tieBreak,
-		SnapshotID:    riskSnapshotID(c, paths),
-		OverrideLevel: overrideLevel,
-
-		Criticality: criticality,
-		Churn:       churn,
-		CoverageGap: coverageGap,
-		Centrality:  centrality,
-		Inputs:      inputs,
-
-		AdvisoryGateEnabled:  gates.Advisory,
-		EdgeGateEnabled:      gates.Edge,
-		NorthstarGateEnabled: gates.Northstar,
+func applyRiskOverride(gated bool, overrideGated *bool) bool {
+	if overrideGated != nil {
+		return *overrideGated
 	}
+	return gated
 }
-
 func applyRiskThreshold(score, threshold int, inputs RiskInputSnapshot, gates riskGateResolved) (bool, string) {
 	if score > threshold {
 		return true, "above_threshold"