Files
wehub-resource-sync d48cda4081
CI / Test (ubuntu-latest, Node 18.x, bun) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 18.x, npm) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 18.x, pnpm) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 18.x, yarn) (push) Failing after 15m1s
CI / Test (ubuntu-latest, Node 20.x, bun) (push) Failing after 17m13s
CI / Test (ubuntu-latest, Node 20.x, npm) (push) Failing after 18m42s
CI / Test (ubuntu-latest, Node 20.x, pnpm) (push) Failing after 15m0s
CI / Test (ubuntu-latest, Node 20.x, yarn) (push) Failing after 49m44s
CI / Test (ubuntu-latest, Node 22.x, bun) (push) Failing after 51m55s
CI / Test (ubuntu-latest, Node 22.x, pnpm) (push) Failing after 21m57s
CI / Test (ubuntu-latest, Node 22.x, npm) (push) Failing after 37m39s
CI / Test (ubuntu-latest, Node 22.x, yarn) (push) Failing after 34m7s
CI / Validate Components (push) Failing after 37m15s
CI / Python Tests (push) Failing after 10m1s
CI / Security Scan (push) Failing after 10m1s
CI / Lint (push) Failing after 17m12s
CI / Coverage (push) Failing after 20m19s
CI / Test (macos-latest, Node 18.x, bun) (push) Has been cancelled
CI / Test (macos-latest, Node 18.x, npm) (push) Has been cancelled
CI / Test (macos-latest, Node 18.x, pnpm) (push) Has been cancelled
CI / Test (macos-latest, Node 18.x, yarn) (push) Has been cancelled
CI / Test (windows-latest, Node 18.x, npm) (push) Has been cancelled
CI / Test (windows-latest, Node 18.x, pnpm) (push) Has been cancelled
CI / Test (windows-latest, Node 18.x, yarn) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, bun) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, npm) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, pnpm) (push) Has been cancelled
CI / Test (macos-latest, Node 20.x, yarn) (push) Has been cancelled
CI / Test (windows-latest, Node 20.x, npm) (push) Has been cancelled
CI / Test (windows-latest, Node 20.x, pnpm) (push) Has been cancelled
CI / Test (windows-latest, Node 20.x, yarn) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, bun) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, npm) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, pnpm) (push) Has been cancelled
CI / Test (macos-latest, Node 22.x, yarn) (push) Has been cancelled
CI / Test (windows-latest, Node 22.x, npm) (push) Has been cancelled
CI / Test (windows-latest, Node 22.x, pnpm) (push) Has been cancelled
CI / Test (windows-latest, Node 22.x, yarn) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 11:55:55 +08:00

3.4 KiB

Code Review Standards

Purpose

Code review ensures quality, security, and maintainability before code is merged. This rule defines when and how to conduct code reviews.

When to Review

MANDATORY review triggers:

  • After writing or modifying code
  • Before any commit to shared branches
  • When security-sensitive code is changed (auth, payments, user data)
  • When architectural changes are made
  • Before merging pull requests

Pre-Review Requirements:

Before requesting review, ensure:

  • All automated checks (CI/CD) are passing
  • Merge conflicts are resolved
  • Branch is up to date with target branch

Review Checklist

Before marking code complete:

  • Code is readable and well-named
  • Functions are focused (<50 lines)
  • Files are cohesive (<800 lines)
  • No deep nesting (>4 levels)
  • Errors are handled explicitly
  • No hardcoded secrets or credentials
  • No console.log or debug statements
  • Tests exist for new functionality
  • Test coverage meets 80% minimum

Security Review Triggers

STOP and use security-reviewer agent when:

  • Authentication or authorization code
  • User input handling
  • Database queries
  • File system operations
  • External API calls
  • Cryptographic operations
  • Payment or financial code

Review Severity Levels

Level Meaning Action
CRITICAL Security vulnerability or data loss risk BLOCK - Must fix before merge
HIGH Bug or significant quality issue WARN - Should fix before merge
MEDIUM Maintainability concern INFO - Consider fixing
LOW Style or minor suggestion NOTE - Optional

Agent Usage

Use these agents for code review:

Agent Purpose
code-reviewer General code quality, patterns, best practices
security-reviewer Security vulnerabilities, OWASP Top 10
typescript-reviewer TypeScript/JavaScript specific issues
python-reviewer Python specific issues
go-reviewer Go specific issues
rust-reviewer Rust specific issues

Review Workflow

1. Run git diff to understand changes
2. Check security checklist first
3. Review code quality checklist
4. Run relevant tests
5. Verify coverage >= 80%
6. Use appropriate agent for detailed review

Common Issues to Catch

Security

  • Hardcoded credentials (API keys, passwords, tokens)
  • SQL injection (string concatenation in queries)
  • XSS vulnerabilities (unescaped user input)
  • Path traversal (unsanitized file paths)
  • CSRF protection missing
  • Authentication bypasses

Code Quality

  • Large functions (>50 lines) - split into smaller
  • Large files (>800 lines) - extract modules
  • Deep nesting (>4 levels) - use early returns
  • Missing error handling - handle explicitly
  • Mutation patterns - prefer immutable operations
  • Missing tests - add test coverage

Performance

  • N+1 queries - use JOINs or batching
  • Missing pagination - add LIMIT to queries
  • Unbounded queries - add constraints
  • Missing caching - cache expensive operations

Approval Criteria

  • Approve: No CRITICAL or HIGH issues
  • Warning: Only HIGH issues (merge with caution)
  • Block: CRITICAL issues found

Integration with Other Rules

This rule works with: