smart-review 1.0.2 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/bin/install.js +418 -416
  2. package/lib/default-config.js +16 -15
  3. package/lib/reviewer.js +22 -0
  4. package/lib/utils/i18n.js +2 -8
  5. package/package.json +1 -1
  6. package/templates/rules/en-US/best-practices.js +24 -12
  7. package/templates/rules/en-US/performance.js +24 -11
  8. package/templates/rules/en-US/security.js +67 -33
  9. package/templates/rules/zh-CN/best-practices.js +24 -12
  10. package/templates/rules/zh-CN/performance.js +24 -11
  11. package/templates/rules/zh-CN/security.js +67 -33
  12. package/templates/smart-review.json +3 -1
package/lib/default-config.js CHANGED
@@ -28,13 +28,6 @@ export const defaultConfig = {
28
28
  contextMergeLines: 10 // 上下文合并行长度(大概值),用于在diff审查时提供足够的上下文
29
29
  },
30
30
 
31
- // Git 行为配置
32
- git: {
33
- // 在 merge/rebase 过程中,默认仅审查“冲突并由开发者手动处理过”的文件;
34
- // 对于无冲突的自动合并文件,默认跳过审查。
35
- skipNonConflictOnMergeRebase: true
36
- },
37
-
38
31
  // 风险等级配置
39
32
  riskLevels: {
40
33
  critical: { block: true },
@@ -137,7 +130,8 @@ export const defaultRules = {
137
130
  risk: 'high',
138
131
  message: t(undefined, 'rule_SEC001_message'),
139
132
  suggestion: t(undefined, 'rule_SEC001_suggestion'),
140
- flags: 'gi'
133
+ flags: 'gi',
134
+ extensions: ['.js', '.ts', '.py', '.java', '.rb', '.php', '.cs', '.go']
141
135
  },
142
136
  {
143
137
  id: 'SEC002',
@@ -146,7 +140,8 @@ export const defaultRules = {
146
140
  risk: 'critical',
147
141
  message: t(undefined, 'rule_SEC002_message'),
148
142
  suggestion: t(undefined, 'rule_SEC002_suggestion'),
149
- flags: 'gi'
143
+ flags: 'gi',
144
+ extensions: ['.js', '.ts', '.java', '.cs', '.php', '.py', '.rb', '.go']
150
145
  },
151
146
  {
152
147
  id: 'SEC003',
@@ -155,7 +150,8 @@ export const defaultRules = {
155
150
  risk: 'high',
156
151
  message: t(undefined, 'rule_SEC003_message'),
157
152
  suggestion: t(undefined, 'rule_SEC003_suggestion'),
158
- flags: 'gi'
153
+ flags: 'gi',
154
+ extensions: ['.js', '.jsx', '.ts', '.tsx', '.vue', '.svelte']
159
155
  }
160
156
  ],
161
157
 
@@ -167,7 +163,8 @@ export const defaultRules = {
167
163
  risk: 'medium',
168
164
  message: t(undefined, 'rule_PERF001_message'),
169
165
  suggestion: t(undefined, 'rule_PERF001_suggestion'),
170
- flags: 'gi'
166
+ flags: 'gi',
167
+ extensions: ['.js', '.ts', '.java', '.py', '.rb', '.php', '.cs', '.go']
171
168
  },
172
169
  {
173
170
  id: 'PERF002',
@@ -176,7 +173,8 @@ export const defaultRules = {
176
173
  risk: 'medium',
177
174
  message: t(undefined, 'rule_PERF002_message'),
178
175
  suggestion: t(undefined, 'rule_PERF002_suggestion'),
179
- flags: 'gi'
176
+ flags: 'gi',
177
+ extensions: ['.js', '.jsx', '.ts', '.tsx', '.vue', '.svelte']
180
178
  }
181
179
  ],
182
180
 
@@ -188,7 +186,8 @@ export const defaultRules = {
188
186
  risk: 'low',
189
187
  message: t(undefined, 'rule_BP001_message'),
190
188
  suggestion: t(undefined, 'rule_BP001_suggestion'),
191
- flags: 'gi'
189
+ flags: 'gi',
190
+ extensions: ['.js', '.jsx', '.ts', '.tsx', '.vue', '.svelte', '.py', '.php', '.rb']
192
191
  },
193
192
  {
194
193
  id: 'BP002',
@@ -197,7 +196,8 @@ export const defaultRules = {
197
196
  risk: 'low',
198
197
  message: t(undefined, 'rule_BP002_message'),
199
198
  suggestion: t(undefined, 'rule_BP002_suggestion'),
200
- flags: 'g'
199
+ flags: 'g',
200
+ extensions: ['.js', '.ts', '.java', '.cs', '.php', '.py', '.rb', '.go']
201
201
  },
202
202
  {
203
203
  id: 'BP013',
@@ -206,7 +206,8 @@ export const defaultRules = {
206
206
  risk: 'medium',
207
207
  message: t(undefined, 'rule_BP013_message'),
208
208
  suggestion: t(undefined, 'rule_BP013_suggestion'),
209
- flags: 'gi'
209
+ flags: 'gi',
210
+ extensions: ['.js', '.jsx', '.ts', '.tsx']
210
211
  }
211
212
  ]
212
213
  };
package/lib/reviewer.js CHANGED
@@ -326,6 +326,17 @@ export class CodeReviewer {
326
326
  const commentRanges = this.getCachedCommentRanges(addedLinesContent, ext);
327
327
 
328
328
  for (const rule of this.rules) {
329
+ // 扩展名过滤:若规则声明了 extensions,则仅在匹配的扩展上生效
330
+ const ruleExts = Array.isArray(rule.extensions) ? rule.extensions : null;
331
+ if (ruleExts && ruleExts.length > 0) {
332
+ const normalized = ruleExts.map((e) => {
333
+ const s = String(e).trim().toLowerCase();
334
+ return s.startsWith('.') ? s : `.${s}`;
335
+ });
336
+ if (!normalized.includes(ext)) {
337
+ continue;
338
+ }
339
+ }
329
340
  try {
330
341
  // 函数类型规则处理
331
342
  if (typeof rule.pattern === 'function') {
@@ -823,6 +834,17 @@ export class CodeReviewer {
823
834
  let skippedByComments = 0;
824
835
  let skippedByDirectives = 0;
825
836
  for (const rule of this.rules) {
837
+ // 扩展名过滤:若规则声明了 extensions,则仅在匹配的扩展上生效
838
+ const ruleExts = Array.isArray(rule.extensions) ? rule.extensions : null;
839
+ if (ruleExts && ruleExts.length > 0) {
840
+ const normalized = ruleExts.map((e) => {
841
+ const s = String(e).trim().toLowerCase();
842
+ return s.startsWith('.') ? s : `.${s}`;
843
+ });
844
+ if (!normalized.includes(ext)) {
845
+ continue;
846
+ }
847
+ }
826
848
  try {
827
849
  // 保留通用 requiresAbsent 跳过,但当 requiresAbsent 明显是“函数调用样式”时,改为逐匹配的配对校验
828
850
  const requiresAbsent = Array.isArray(rule.requiresAbsent) ? rule.requiresAbsent : null;
package/lib/utils/i18n.js CHANGED
@@ -69,6 +69,7 @@ const MESSAGES = {
69
69
  hook_cd_repo_fail: '❌ 无法进入仓库根目录',
70
70
  hook_cmd_not_found1: '❌ 未找到 smart-review。请在对应子项目安装:npm i -D smart-review',
71
71
  hook_cmd_not_found2: ' 或在仓库根安装供统一使用:npm i -D smart-review',
72
+ hook_cmd_missing_continue: '⚠️ 未安装 smart-review,自动审查失败。如需自动审查,请执行:npm i -D smart-review。本次继续为你完成 commit 操作。',
72
73
  hook_use_command_prefix: '⚙️ 使用命令:',
73
74
  hook_review_fail: '❌ 代码审查未通过,请修复问题后重新提交',
74
75
  hook_review_pass: '✅ 代码审查通过,继续提交',
@@ -142,10 +143,6 @@ const MESSAGES = {
142
143
  start_git_diff_mode: '🔍 启动Git Diff增量审查模式...',
143
144
  no_changes_skip: '📝 暂存区无变更内容,跳过审查',
144
145
  found_changed_files_n: '📊 发现 {count} 个变更文件,开始增量审查...',
145
- // Merge/Rebase filters
146
- merge_rebase_detected_info: '🔀 检测到 Git 合并/变基过程,按策略过滤审查文件',
147
- merge_conflict_paths_found_n: '⚔️ 冲突文件 {count} 个,仅审查这些文件',
148
- merge_rebase_no_conflict_skip: '✅ 合并/变基期间未检测到冲突文件,跳过审查',
149
146
  apply_static_rules_dbg: '应用静态规则检查...',
150
147
  static_rules_found_n_dbg: '静态规则发现 {count} 个问题',
151
148
  file_skipped_by_type: '文件已跳过审查: {path} (文件类型被忽略)',
@@ -496,6 +493,7 @@ const MESSAGES = {
496
493
  hook_cd_repo_fail: '❌ Failed to cd to repo root',
497
494
  hook_cmd_not_found1: '❌ smart-review not found. Please install in the subproject: npm i -D smart-review',
498
495
  hook_cmd_not_found2: ' Or install at repo root for unified use: npm i -D smart-review',
496
+ hook_cmd_missing_continue: '⚠️ smart-review not installed; auto review skipped. To enable auto review, run: npm i -D smart-review. Proceeding with commit.',
499
497
  hook_use_command_prefix: '⚙️ Using command:',
500
498
  hook_review_fail: '❌ Code review failed; please fix issues and retry commit',
501
499
  hook_review_pass: '✅ Code review passed; continuing commit',
@@ -569,10 +567,6 @@ const MESSAGES = {
569
567
  start_git_diff_mode: '🔍 Starting Git Diff incremental review...',
570
568
  no_changes_skip: '📝 No changes in staged area, skipping review',
571
569
  found_changed_files_n: '📊 Found {count} changed files, starting incremental review...',
572
- // Merge/Rebase filters
573
- merge_rebase_detected_info: '🔀 Git merge/rebase detected; filtering to conflict files',
574
- merge_conflict_paths_found_n: '⚔️ Found {count} conflict file(s); reviewing only these',
575
- merge_rebase_no_conflict_skip: '✅ No conflict files during merge/rebase; skipping review',
576
570
  apply_static_rules_dbg: 'Applying static rule checks...',
577
571
  static_rules_found_n_dbg: 'Static rules found {count} issues',
578
572
  file_skipped_by_type: 'File skipped: {path} (ignored file type)',
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "smart-review",
3
- "version": "1.0.2",
3
+ "version": "1.0.3",
4
4
  "description": "AI智能代码审查工具,支持静态规则和AI分析",
5
5
  "type": "module",
6
6
  "main": "index.js",
package/templates/rules/en-US/best-practices.js CHANGED
@@ -7,7 +7,8 @@ export default [
7
7
  risk: 'low',
8
8
  message: 'Debug code found; remove before committing',
9
9
  suggestion: 'Use a logging system instead of console.log',
10
- flags: 'gi'
10
+ flags: 'gi',
11
+ extensions: ['.js', '.ts', '.py', '.php', '.rb']
11
12
  },
12
13
  {
13
14
  id: 'BP002',
@@ -16,7 +17,8 @@ export default [
16
17
  risk: 'low',
17
18
  message: 'Magic numbers detected; define them as constants',
18
19
  suggestion: 'Define numbers as meaningful constants',
19
- flags: 'g'
20
+ flags: 'g',
21
+ extensions: ['.js', '.ts', '.java', '.cs', '.php', '.py', '.rb', '.go']
20
22
  },
21
23
  {
22
24
  id: 'BP003',
@@ -25,7 +27,8 @@ export default [
25
27
  risk: 'medium',
26
28
  message: 'Empty catch may hide errors and cause unpredictable behavior',
27
29
  suggestion: 'Log or take remedial actions instead of swallowing exceptions',
28
- flags: 'gi'
30
+ flags: 'gi',
31
+ extensions: ['.js', '.ts', '.java', '.cs', '.php']
29
32
  },
30
33
  {
31
34
  id: 'BP004',
@@ -34,7 +37,8 @@ export default [
34
37
  risk: 'medium',
35
38
  message: 'Detected @ts-ignore; may conceal type errors',
36
39
  suggestion: 'Fix type issues or use precise type definitions',
37
- flags: 'gi'
40
+ flags: 'gi',
41
+ extensions: ['.ts']
38
42
  },
39
43
  {
40
44
  id: 'BP005',
@@ -43,7 +47,8 @@ export default [
43
47
  risk: 'medium',
44
48
  message: 'Using any weakens type safety guarantees',
45
49
  suggestion: 'Use concrete types or generics to improve safety',
46
- flags: 'gi'
50
+ flags: 'gi',
51
+ extensions: ['.ts']
47
52
  },
48
53
  {
49
54
  id: 'BP006',
@@ -52,7 +57,8 @@ export default [
52
57
  risk: 'medium',
53
58
  message: 'Disabling ESLint may hide code quality issues',
54
59
  suggestion: 'Disable locally only when necessary, and explain the reason',
55
- flags: 'gi'
60
+ flags: 'gi',
61
+ extensions: ['.js', '.ts']
56
62
  },
57
63
  {
58
64
  id: 'BP007',
@@ -61,7 +67,8 @@ export default [
61
67
  risk: 'medium',
62
68
  message: 'Debugger statement found; may affect production behavior',
63
69
  suggestion: 'Remove debugger before commit; use logs or assertions',
64
- flags: 'gi'
70
+ flags: 'gi',
71
+ extensions: ['.js', '.ts']
65
72
  },
66
73
  {
67
74
  id: 'BP008',
@@ -70,7 +77,8 @@ export default [
70
77
  risk: 'medium',
71
78
  message: 'Catching broad exception types without proper handling',
72
79
  suggestion: 'Catch specific types and ensure logging or rethrowing as needed',
73
- flags: 'gi'
80
+ flags: 'gi',
81
+ extensions: ['.js', '.ts', '.java', '.cs', '.php']
74
82
  },
75
83
  {
76
84
  id: 'BP009',
@@ -79,7 +87,8 @@ export default [
79
87
  risk: 'medium',
80
88
  message: 'Direct stack printing may lose context and produce uncontrolled output',
81
89
  suggestion: 'Use structured logging with context information',
82
- flags: 'gi'
90
+ flags: 'gi',
91
+ extensions: ['.java']
83
92
  },
84
93
  {
85
94
  id: 'BP010',
@@ -88,7 +97,8 @@ export default [
88
97
  risk: 'high',
89
98
  message: 'System.exit detected; may cause unexpected service termination',
90
99
  suggestion: 'Use graceful shutdown, signal handling, and resource cleanup',
91
- flags: 'gi'
100
+ flags: 'gi',
101
+ extensions: ['.java']
92
102
  },
93
103
  {
94
104
  id: 'BP011',
@@ -97,7 +107,8 @@ export default [
97
107
  risk: 'medium',
98
108
  message: 'Using root as DB user introduces security and audit risks',
99
109
  suggestion: 'Use a least-privileged application account and separate duties',
100
- flags: 'gi'
110
+ flags: 'gi',
111
+ extensions: ['.js', '.ts', '.java', '.cs', '.php', '.py', '.rb', '.go']
101
112
  },
102
113
  {
103
114
  id: 'BP012',
@@ -106,6 +117,7 @@ export default [
106
117
  risk: 'high',
107
118
  message: 'Globally disabling CSRF may cause CSRF vulnerabilities',
108
119
  suggestion: 'Use token/same-origin policies where needed; avoid global disable',
109
- flags: 'gi'
120
+ flags: 'gi',
121
+ extensions: ['.java']
110
122
  }
111
123
  ];
package/templates/rules/en-US/performance.js CHANGED
@@ -7,7 +7,8 @@ export default [
7
7
  risk: 'medium',
8
8
  message: 'Executing DB queries in loops may cause N+1 problems',
9
9
  suggestion: 'Use batch queries or preload data',
10
- flags: 'gi'
10
+ flags: 'gi',
11
+ extensions: ['.js', '.ts', '.java', '.py', '.php', '.rb', '.cs', '.go']
11
12
  },
12
13
  {
13
14
  id: 'PERF002',
@@ -17,6 +18,7 @@ export default [
17
18
  message: 'Timers without cleanup may cause leaks or lingering tasks',
18
19
  suggestion: 'Call clearInterval/clearTimeout at the proper lifecycle point',
19
20
  flags: 'gi',
21
+ extensions: ['.js', '.ts'],
20
22
  // To override built-in PERF002, external rule adds cleanup detection; skip if any cleanup exists in file
21
23
  requiresAbsent: ['clearInterval\\s*\\(', 'clearTimeout\\s*\\(']
22
24
  },
@@ -27,7 +29,8 @@ export default [
27
29
  risk: 'high',
28
30
  message: 'Sync file I/O may block the event loop and hurt throughput',
29
31
  suggestion: 'Prefer async I/O or queued processing; avoid blocking the main thread',
30
- flags: 'gi'
32
+ flags: 'gi',
33
+ extensions: ['.js', '.ts']
31
34
  },
32
35
  {
33
36
  id: 'PERF004',
@@ -36,7 +39,8 @@ export default [
36
39
  risk: 'high',
37
40
  message: 'Requests inside loops can cause cascading latency and congestion',
38
41
  suggestion: 'Merge requests, control concurrency, or batch to reduce round-trips',
39
- flags: 'gi'
42
+ flags: 'gi',
43
+ extensions: ['.js', '.ts', '.py']
40
44
  },
41
45
  {
42
46
  id: 'PERF005',
@@ -45,7 +49,8 @@ export default [
45
49
  risk: 'medium',
46
50
  message: 'Frequent serialization in loops causes excessive CPU overhead',
47
51
  suggestion: 'Move serialization out of the loop or cache/batch it',
48
- flags: 'gi'
52
+ flags: 'gi',
53
+ extensions: ['.js', '.ts']
49
54
  },
50
55
  {
51
56
  id: 'PERF006',
@@ -54,7 +59,8 @@ export default [
54
59
  risk: 'medium',
55
60
  message: 'Repeated regex compilation adds unnecessary overhead',
56
61
  suggestion: 'Precompile or constantize regexes; avoid creating them in loops',
57
- flags: 'gi'
62
+ flags: 'gi',
63
+ extensions: ['.js', '.ts']
58
64
  },
59
65
  {
60
66
  id: 'PERF007',
@@ -63,7 +69,8 @@ export default [
63
69
  risk: 'high',
64
70
  message: 'Possible busy-wait detected; can spike CPU and waste resources',
65
71
  suggestion: 'Use event-driven or blocking waits; avoid empty loops',
66
- flags: 'gi'
72
+ flags: 'gi',
73
+ extensions: ['.js', '.ts', '.java', '.cs', '.php', '.rb']
67
74
  },
68
75
  {
69
76
  id: 'PERF008',
@@ -72,7 +79,8 @@ export default [
72
79
  risk: 'high',
73
80
  message: 'Reading layout in loops triggers frequent reflow/repaint',
74
81
  suggestion: 'Batch DOM reads/writes; reduce synchronous layout queries',
75
- flags: 'gi'
82
+ flags: 'gi',
83
+ extensions: ['.js', '.ts']
76
84
  },
77
85
  {
78
86
  id: 'PERF009',
@@ -81,7 +89,8 @@ export default [
81
89
  risk: 'medium',
82
90
  message: 'Blocking waits reduce throughput and responsiveness',
83
91
  suggestion: 'Use async waits or rate-limiting/queues; avoid blocking',
84
- flags: 'gi'
92
+ flags: 'gi',
93
+ extensions: ['.java', '.py']
85
94
  },
86
95
  {
87
96
  id: 'PERF010',
@@ -90,7 +99,8 @@ export default [
90
99
  risk: 'high',
91
100
  message: 'Unbounded pools can explode thread count and exhaust resources',
92
101
  suggestion: 'Use bounded pools with sane maximums and queue lengths',
93
- flags: 'gi'
102
+ flags: 'gi',
103
+ extensions: ['.java']
94
104
  },
95
105
  {
96
106
  id: 'PERF011',
@@ -99,7 +109,8 @@ export default [
99
109
  risk: 'medium',
100
110
  message: 'Frequent concatenation in loops consumes CPU and memory',
101
111
  suggestion: 'Use StringBuilder/collect in lists then join, or batch strategies',
102
- flags: 'gi'
112
+ flags: 'gi',
113
+ extensions: ['.js', '.ts', '.java', '.cs', '.py', '.rb']
103
114
  },
104
115
  {
105
116
  id: 'PERF012',
@@ -108,7 +119,8 @@ export default [
108
119
  risk: 'high',
109
120
  message: 'Repeatedly creating DB connections causes severe performance issues',
110
121
  suggestion: 'Use connection pools and reuse; acquire connections outside loops',
111
- flags: 'gi'
122
+ flags: 'gi',
123
+ extensions: ['.js', '.ts', '.java', '.cs', '.php']
112
124
  },
113
125
  {
114
126
  id: 'PERF013',
@@ -118,6 +130,7 @@ export default [
118
130
  message: 'Requests without timeout can hang resources and reduce throughput',
119
131
  suggestion: 'Set reasonable timeout; control retries and circuit breaking',
120
132
  flags: 'gi',
133
+ extensions: ['.py'],
121
134
  requiresAbsent: ['timeout\\s*=']
122
135
  }
123
136
  ];