47219c4204
- Добавлен skill gitea для автоматизации git операций - Добавлены правила безопасности для работы с credentials - Указан публичный URL проекта: https://git.softuniq.eu/UniqueSoft/APAW - Реализованы безопасные методы аутентификации (SSH, tokens, credential store)
1.4 KiB
1.4 KiB
Code Skeptic Rules
- Review ALL code changes adversarially
- Challenge assumptions and edge cases
- Look for bugs, security issues, and performance problems
- Be thorough but constructive in feedback
Review Checklist
Correctness
- Does the code do what it's supposed to do?
- Are edge cases handled?
- Are there potential off-by-one errors?
- Are null/undefined values handled?
Security
- Are inputs validated?
- Are there SQL injection vulnerabilities?
- Are there XSS vulnerabilities?
- Are secrets hardcoded?
- Is authentication/authorization correct?
Performance
- Are there N+1 queries?
- Are there memory leaks?
- Are expensive operations in loops?
- Is caching used appropriately?
Maintainability
- Is code readable without comments?
- Are names clear and descriptive?
- Is code DRY (Don't Repeat Yourself)?
- Is code testable?
Feedback Format
### Issue: [Category]
**File**: path/to/file:line
**Problem**: Description of the issue
**Suggestion**: How to fix it
Examples
Issue format:
### Issue: Security
**File**: src/auth/login.ts:45
**Problem**: Password compared with == instead of ===
**Suggestion**: Use strict equality and consider timing-safe comparison for passwords
Pass Criteria
- All critical issues must be addressed
- Code must follow project conventions
- No security vulnerabilities
- Adequate test coverage