Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Add Automated Code Review Rules#832

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Open
enzo-inc wants to merge1 commit intostack-auth:dev
base:dev
Choose a base branch
Loading
fromenzo-inc:add-recurseml-rules

Conversation

@enzo-inc
Copy link

@enzo-incenzo-inc commentedAug 6, 2025
edited by coderabbitaibot
Loading

This PR introduces automated code review rules generated from analysis of the last 100 PR discussions in this repository. These rules are designed to help the recurseML bot identify common issues and provide more targeted feedback on future PRs.

What's Changed

  • Added a.rules folder containing.mdc rule files
  • Adds a.recurseml.yaml file pointing to the.rules folder
  • Each rule triggers a specific review task focused on addressing related issues

Feedback I’m looking for

  • Which rules would be most/least valuable for this repo?
  • Are there specific review patterns that should be added?

Important

Adds automated code review rules in.rules folder to improve code quality by enforcing best practices in TypeScript and configuration management.

  • Behavior:
    • Adds.recurseml.yaml to point to.rules folder for automated code review.
    • Introduces.rules folder with.mdc files for specific code review rules.
    • Each rule triggers a review task for related issues.
  • Rules:
    • port_number_validation.mdc: Validates and documents port numbers to prevent conflicts.
    • type_safe_config_values.mdc: Enforces strict typing for config values, avoiding nulls.
    • validate_config_access.mdc: Uses safe property access methods to prevent vulnerabilities.
    • validate_config_updates.mdc: Validates config updates with schema validation and error types.
  • Feedback:
    • Seeks input on rule value and additional review patterns.

This description was created byEllipsis for1fc4a58. You cancustomize this summary. It will automatically update as commits are pushed.

Summary by CodeRabbit

  • New Features

    • Introduced a configuration file to specify the location of validation rules.
    • Added new validation rules to enforce best practices for port number assignments, type-safe configuration values, safe configuration property access, and validation of configuration updates.
    • Included clear examples and rationale for each rule to guide proper usage.

  • Documentation

    • Provided detailed documentation for each new rule, outlining recommended patterns and justifications.

greptile-apps[bot] reacted with thumbs up emojiellipsis-dev[bot] reacted with rocket emoji
@vercel
Copy link

vercelbot commentedAug 6, 2025

@enzo-inc is attempting to deploy a commit to theStack Team onVercel.

A member of the Team first needs toauthorize it.

@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign ourContributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let usrecheck it.

@coderabbitai
Copy link
Contributor

coderabbitaibot commentedAug 6, 2025
edited
Loading

Walkthrough

This change introduces a new configuration file,.recurseml.yaml, that points to a.rules/ directory containing several new markdown-based rule files. These rules enforce best practices and validation for port numbers, type-safe configuration values, safe configuration access, and validation of configuration updates, specifically targeting TypeScript and related configuration files.

Changes

Cohort / File(s)Change Summary
Configuration Entry Point
.recurseml.yaml		Adds a configuration file specifying.rules/ as the directory for rule definitions.
Port Number Validation Rule
.rules/port_number_validation.mdc		Introduces a rule requiring port numbers to be defined as constants in a central module and referenced throughout code and configuration files, discouraging hardcoded port assignments.
Type-Safe Config Values Rule
.rules/type_safe_config_values.mdc		Adds a rule enforcing the use ofundefined instead ofnull for optional configuration values in TypeScript, providing rationale and code examples.
Config Access Validation Rule
.rules/validate_config_access.mdc		Introduces a rule mandating the use ofhas() andget() methods for safe property access on configuration objects, avoiding direct property access or thein operator.
Config Update Validation Rule
.rules/validate_config_updates.mdc		Adds a rule requiring schema validation and error handling before applying configuration updates, with rationale and code samples.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

A bunny hops through rules so neat,
Configs and ports, now none obsolete.
Type safety’s here, with access so sound,
Validation ensures bugs can’t be found.
In files and docs, best practices bloom—
The code garden’s fresh, with plenty of room!
🐇✨

Note

⚡️ Unit Test Generation is now available in beta!

Learn morehere, or try it out under "Finishing Touches" below.

✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
🪧 Tips

Chat

There are 3 ways to chat withCodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag@coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
  • PR comments: Tag@coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on oursupport page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings togenerate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai generate unit tests to generate unit tests for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add@coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add@coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add@coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a.coderabbit.yaml file to the root of your repository.
  • Please see theconfiguration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation:# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit ourDocumentation for detailed information on how to use CodeRabbit.
  • Join ourDiscord Community to get help, request features, and share feedback.
  • Follow us onX/Twitter for updates and announcements.

@recurseml
Copy link

✨ No files to analyze in this PR.

Need help? Join our Discord for support!
https://discord.gg/qEjHQk64Z9

Copy link
Contributor

@greptile-appsgreptile-appsbot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Greptile Summary

This PR introduces an automated code review system using recurseML by adding a.recurseml.yaml configuration file and a.rules/ directory containing automated review rules. The configuration is minimal with a single line pointing to the rules directory (rules: .rules/), and includes four rule files:

  1. Port Number Validation (port_number_validation.mdc) - Enforces centralized port management using aRESERVED_PORTS constant to prevent conflicts across development environments
  2. Type-Safe Configuration Values - Promotes type safety in configuration handling
  3. Safe Configuration Access (validate_config_access.mdc) - Encourages usinghas() andget() utility functions instead of direct property access to prevent prototype pollution vulnerabilities
  4. Configuration Update Validation - Ensures proper validation when updating configuration values

These rules target TypeScript, TSX, environment, and JSON files withalwaysApply: true settings. The rules were generated from analyzing the last 100 PR discussions in the repository to identify common review patterns and issues. This system integrates into the existing development workflow alongside the current GitHub Actions setup for linting, building, and Prisma migration checks.

Confidence score: 2/5

  • This PR has significant implementation issues that could cause confusion and incorrect guidance
  • Score lowered due to references to non-existent utility functions (has(),get()) and inconsistent examples that may not align with current codebase patterns
  • Pay close attention to.rules/validate_config_access.mdc and.rules/port_number_validation.mdc for technical accuracy issues

Context used:

Rule - Use Map<A, B> instead of plain objects when using dynamic keys to avoid prototype pollution vulnerabilities. (link)

3 files reviewed, 2 comments

Edit Code Review Bot Settings |Greptile

Comment on lines +36 to +37
// .env
PORT=${RESERVED_PORTS.JS_EXAMPLE}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

syntax: Environment variable syntax is incorrect. Environment files cannot use JavaScript template literals like${RESERVED_PORTS.JS_EXAMPLE}. Should be a plain number likePORT=8121

Suggested change
// .env
PORT=${RESERVED_PORTS.JS_EXAMPLE}
// .env
PORT=8121

Comment on lines +12 to +16
if (!(currentActiveTheme in themeList)) {
throw new Error('Theme not found');
}

return themeList[templateThemeId].tsxSource;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

syntax: Variable names are inconsistent between BAD and GOOD examples (currentActiveTheme vstemplateThemeId). This makes the examples confusing.

Suggested change
if (!(currentActiveTheme in themeList)) {
throw new Error('Theme not found');
}
return themeList[templateThemeId].tsxSource;
if (!(currentActiveTheme in themeList)) {
throw new Error('Theme not found');
}
return themeList[currentActiveTheme].tsxSource;

Copy link
Contributor

@coderabbitaicoderabbitaibot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (3)
.rules/port_number_validation.mdc (1)

4-5:Consider including common config formats inglobs.

*.yaml,*.yml and*.toml often carry port definitions.
Adding them makes the rule more comprehensive.

.rules/validate_config_access.mdc (1)

21-26:Specify the source ofhas() /get() for clarity.

Readers may not know whether these come fromlodash, a custom
utility, orts-safe-access. Adding a one-liner such as

import{has,get}from'lodash-es';

in the GOOD snippet removes ambiguity.

.rules/validate_config_updates.mdc (1)

25-27:Use concrete error types in the BAD example as well.

Showing the contrast between an untypedError and a specific
ConfigValidationError makes the rule’s benefit more tangible.
A tiny tweak:

-  throw new Error('Validation failed');+  throw new Error('Validation failed'); // lacks typed error handling
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between563d46d and1fc4a58.

📒 Files selected for processing (5)
  • .recurseml.yaml (1 hunks)
  • .rules/port_number_validation.mdc (1 hunks)
  • .rules/type_safe_config_values.mdc (1 hunks)
  • .rules/validate_config_access.mdc (1 hunks)
  • .rules/validate_config_updates.mdc (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Security Check
🔇 Additional comments (2)
.recurseml.yaml (1)

1-1:Confirm.rules/ path is resolved correctly by RecurseML.

Some linters expectrules to be anarray of paths, e.g.

rules:  -./.rules

If the runner treats the value as a scalar string, the current YAML is fine; if it expects a sequence the config will be ignored silently. Please double-check the tool’s docs.

.rules/type_safe_config_values.mdc (1)

8-8:Good rule – clear rationale and examples.

No issues spotted.

Comment on lines +36 to +38
// .env
PORT=${RESERVED_PORTS.JS_EXAMPLE}
```
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

🛠️ Refactor suggestion

.env example cannot reference a TS constant at runtime.

Environment files are plain key-value text; the interpolation
${RESERVED_PORTS.JS_EXAMPLE} will be written literally and never
resolved. This may confuse readers and set a misleading precedent.

-// .env-PORT=${RESERVED_PORTS.JS_EXAMPLE}+# .env+# Keep the value in sync with RESERVED_PORTS.JS_EXAMPLE+PORT=8121
📝 Committable suggestion

‼️IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
// .env
PORT=${RESERVED_PORTS.JS_EXAMPLE}
```
# .env
# Keep the value in sync withRESERVED_PORTS.JS_EXAMPLE
PORT=8121
🤖 Prompt for AI Agents
In .rules/port_number_validation.mdc around lines 36 to 38, the .env exampleincorrectly references a TypeScript constant using ${RESERVED_PORTS.JS_EXAMPLE},which will not be resolved at runtime since .env files only support plainkey-value pairs. Replace this reference with a literal port number value or aplaceholder string that clearly indicates it should be replaced manually,avoiding any runtime interpolation syntax.

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@coderabbitaicoderabbitai[bot]coderabbitai[bot] left review comments

+1 more reviewer

@greptile-appsgreptile-apps[bot]greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@enzo-inc@CLAassistant
[8]ページ先頭
©2009-2025 Movatter.jp