mirror of
https://github.com/Comfy-Org/ComfyUI_frontend.git
synced 2026-04-26 01:09:46 +00:00
df69d6b5d4
## Summary Add 22 automated code review check definitions and 1 strict ESLint config to `.agents/checks/` for Amp-powered code review. ## Changes - **What**: 23 files in `.agents/checks/` covering accessibility, API contracts, architecture, bug patterns, CodeRabbit integration, complexity, DDD structure, dependency/secrets scanning, doc freshness, DX/readability, ecosystem compatibility, error handling, import graph, memory leaks, pattern compliance, performance, regression risk, security, SAST, SonarJS linting, test quality, and Vue patterns. Each check includes YAML frontmatter (name, description, severity-default, tools) and repo-specific guidance tailored to ComfyUI_frontend conventions. ## Review Focus - Check definitions are config-only (no runtime code changes) - Checks reference repo-specific patterns (e.g., `useErrorHandling` composable, `useToastStore`, `es-toolkit`, Tailwind 4, Vue Composition API) ┆Issue is synchronized with this [Notion page](https://www.notion.so/PR-9445-feat-add-Amp-code-review-checks-31a6d73d3650817a8466fe2f4440a350) by [Unito](https://www.unito.io) --------- Co-authored-by: GitHub Action <action@github.com>
2.4 KiB
2.4 KiB
name, description, severity-default, tools
| name | description | severity-default | tools | ||
|---|---|---|---|---|---|
| sonarjs-lint | Runs SonarQube-grade static analysis using eslint-plugin-sonarjs | high |
|
Run eslint-plugin-sonarjs analysis on changed files to detect bugs, code smells, and security patterns without needing a SonarQube server.
Steps
-
Check if eslint is available:
pnpm dlx eslint --versionIf pnpm dlx or eslint is unavailable, skip this check and report: "Skipped: eslint not available. Ensure Node.js and pnpm dlx are installed."
-
Identify changed files (
.ts,.js,.vue) from the diff. -
Determine eslint config to use. This check uses a strict sonarjs-specific config (not the project's own eslint config, which is less strict):
- Look for the colocated strict config at
.agents/checks/eslint.strict.config.js - If found, run with
--config .agents/checks/eslint.strict.config.js - Fallback: if the strict config cannot be found or fails to load, skip this check and report: "Skipped: .agents/checks/eslint.strict.config.js missing; SonarJS rules require explicit config."
- Look for the colocated strict config at
-
Run eslint against changed files:
# Use the strict config pnpm dlx --yes --package eslint-plugin-sonarjs eslint --no-config-lookup --config .agents/checks/eslint.strict.config.js --format json <changed_files> 2>/dev/null || true -
Parse the JSON array of file results. For each eslint message, map severity:
severity 2(error) →majorseverity 1(warning) →minor
-
Categorize findings by rule ID:
- Rule IDs starting with
sonarjs/no-→ category:logic - Rule IDs containing
cognitive-complexity→ category:dx - Other sonarjs rules → category:
style
- Rule IDs starting with
-
Report each finding with:
- The rule ID
- File path and line number
- The message from eslint
- A fix suggestion based on the rule
What This Catches
- Bug detection: duplicated branches, element overwrite, identical conditions/expressions, one-iteration loops, empty return values
- Code smells: cognitive complexity (threshold: 15), duplicate strings, redundant booleans, small switches
- Security patterns: via sonarjs recommended ruleset
Error Handling
- If eslint fails to parse a Vue file, skip that file and continue with others.
- If the plugin fails to install, skip and report the error.
- If eslint produces no output or errors, report "No issues found."