Files
wehub-resource-sync 76a9e7a0cc
Publish OpenClaw Skills / publish (push) Has been cancelled
Audit / Security Audit (push) Has been cancelled
Automation / Gemini Review (push) Has been cancelled
CI / Detect Changes (push) Has been cancelled
CI / Test (macos-latest) (push) Has been cancelled
CI / Test (ubuntu-latest) (push) Has been cancelled
CI / Nix (push) Has been cancelled
CI / Lint (push) Has been cancelled
CI / Cargo Deny (push) Has been cancelled
CI / Verify Skills (push) Has been cancelled
CI / Lint Skills (push) Has been cancelled
CI / Build (Linux x86_64) (push) Has been cancelled
CI / Build (macos-latest, aarch64-apple-darwin) (push) Has been cancelled
CI / Build (macos-latest, x86_64-apple-darwin) (push) Has been cancelled
CI / Build (ubuntu-latest, aarch64-unknown-linux-gnu) (push) Has been cancelled
CI / Build (windows-latest, x86_64-pc-windows-msvc) (push) Has been cancelled
CI / API Smoketest (push) Has been cancelled
Policy / Policy Check (push) Has been cancelled
Release (Changeset) / Release (push) Has been cancelled
Automation / Gemini Reviewed (push) Has been cancelled
Coverage / Coverage (push) Has been cancelled
Automation / Format (push) Has been cancelled
Automation / File Labeler (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:38:06 +08:00

3.1 KiB

Code Review Style Guide

Project Architecture

gws is a Rust CLI that dynamically generates commands from Google Discovery Documents at runtime. It does NOT use generated Rust crates (google-drive3, etc.) for API interaction. Do not suggest adding API-specific crates to Cargo.toml.

For additional context, read AGENTS.md.

Security: Trusted vs Untrusted Inputs

This CLI is frequently invoked by AI/LLM agents. CLI arguments may be adversarial.

  • CLI arguments (untrusted) — Must validate paths against traversal (../../), reject control characters, percent-encode URL path segments, and use reqwest .query() for query parameters. Validators: validate_safe_output_dir(), validate_safe_dir_path(), encode_path_segment(), validate_resource_name().
  • Environment variables (trusted) — Set by the user in their shell profile, .env file, or deployment config. Do NOT flag missing path validation on environment variable values. This is consistent with XDG_CONFIG_HOME, CARGO_HOME, etc.

Test Coverage

The codecov/patch check requires new/modified lines to be covered by tests. Prefer extracting testable helper functions over embedding logic in main/run. Tests should cover both happy paths and rejection paths (e.g., pass ../../.ssh and assert Err).

Changesets

Every PR must include a .changeset/<name>.md file. The package name must be "@googleworkspace/cli" (not "googleworkspace-cli"). Use patch for fixes/chores, minor for features, major for breaking changes.

PR Scope

Review comments must stay within the PR's stated scope. If you spot an improvement opportunity that is unrelated to the PR's purpose (e.g., refactoring constants, adding support for a different credential type, making an unrelated function atomic), mark it as a follow-up suggestion — not a blocking review comment. Do not request changes that expand the PR beyond its original intent.

Examples of scope creep to avoid:

  • A bug-fix PR should not grow into a refactoring PR.
  • Adding constants for strings used elsewhere is a separate cleanup task.
  • Making a pre-existing function atomic is an enhancement, not a fix for the current PR.

Severity Calibration

Mark issues as critical only when they cause data loss, security vulnerabilities, or incorrect behavior under normal conditions. Theoretical failures in infallible system APIs (e.g., tokio::signal::ctrl_c() registration) are low severity — do not label them critical. Contradicting a prior review suggestion (e.g., suggesting expect() then flagging expect() as wrong) erodes trust; verify consistency with earlier comments before posting.

Helper Commands (+verb)

Helpers are handwritten commands that provide value Discovery-based commands cannot: multi-step orchestration, format translation, or multi-API composition. Do not accept helpers that wrap a single API call, add flags to expose data already in the API response, or re-implement Discovery parameters as custom flags. See src/helpers/README.md for full guidelines and anti-patterns.