UNPKG

@solidgate/client-sdk-loader

Version:
121 lines (120 loc) 6.87 kB
language: en-US tone_instructions: Do not nitpick. Focus only on bugs, security issues, and significant design problems. early_access: false reviews: profile: chill request_changes_workflow: false high_level_summary: true review_status: true commit_status: true fail_commit_status: false collapse_walkthrough: true changed_files_summary: true sequence_diagrams: true assess_linked_issues: true related_prs: true suggested_reviewers: true auto_assign_reviewers: true poem: false in_progress_fortune: false abort_on_close: true high_level_summary_in_walkthrough: false tools: sqlfluff: enabled: true checkov: enabled: true auto_review: enabled: true auto_incremental_review: true ignore_title_keywords: - WIP - DO NOT MERGE - DRAFT drafts: false base_branches: - .* finishing_touches: docstrings: enabled: true unit_tests: enabled: true pre_merge_checks: title: mode: warning requirements: Must start with a type prefix (feat/fix/chore/refactor/docs/test) followed by colon and space description: mode: warning path_filters: - '!**/node_modules/**' - '!**/dist/**' - '!**/build/**' - '!**/*.min.js' - '!**/*.min.css' - '!**/package-lock.json' - '!**/yarn.lock' - '!**/pnpm-lock.yaml' - '!**/.git/**' - '!**/.ops/**' - '!**/.opsctl/**' path_instructions: - path: '**/*' instructions: "- Ensure payment data encryption at rest and proper access controls\n- Use soft deletes for payment records to maintain audit trail\n- Implement proper partitioning for high-volume payment tables\n- Ensure compliance with PCI DSS data retention requirements\n- Use separate schemas for sensitive payment data vs. non-sensitive data\n- Implement proper backup and recovery procedures for payment data\n- Ensure proper logging of all payment-related database operations;\n\ - Ensure PCI DSS Level 1 compliance for all payment data handling\n- Validate payment amounts with proper decimal precision for 150+ currencies\n- Use tokenization for sensitive payment data to reduce PCI scope\n- Ensure comprehensive audit logging for all payment operations\n- Implement rate limiting to prevent abuse and DDoS attacks\n- Validate currency codes and ensure supported currency handling\n- Check for proper error handling in payment orchestration flows" - path: '**/*.{ts,js,tsx,jsx}' instructions: 'Review the following TypeScript/JavaScript code for best practices, readability, simplicity, and performance. Check for potential issues with async/await (unhandled promise rejections, missing awaits, concurrent operations that should be sequential or vice versa). Verify proper error handling in async flows. Identify potential memory leaks (event listener accumulation, closure references, uncleared timers/intervals, growing caches without eviction). Ensure proper resource cleanup (database connections, file handles, streams). Check for type safety issues (any casts, type assertions that could fail at runtime). When you face SQL queries in code ensure: Check that only the necessary fields and rows are being updated, avoiding wildcard usage or unnecessary or global modifications; Prevent SQL injection by using parameterized queries and input validation; Ensure concurrency safety; Ensure queries are optimized to reduce unnecessary database load;' - path: '**/sql/**' instructions: 'Address data modeling, schema design, and management principles, focusing on DMS compatibility and ELT/data quality processes. Key considerations: Tables during creation should not use IF NOT EXISTS semantics. Primary Keys: Mandatory, not JSON/JSONB, not TEXT. Identity Columns: Prefer ULID, support BIGINT SEQUENCE and UUID4 (legacy only). Data Types: Use TIMESTAMP WITHOUT TIME ZONE, prefer JSONB, specify NUMERIC precision/scale. Service Columns: Include id, created_at, updated_at, deleted_at (soft deletes recommended). Indexes: Index updated_at, use CREATE INDEX CONCURRENTLY, restrict usage of IF NOT EXISTS. Constraints: No foreign keys, avoid COALESCE in unique constraints. Objects: No triggers, views, materialized views, or procedures; limit functions to non-business logic. Other: Avoid hard deletes, unnecessary DEFAULT values, and excessive transactions. Ensure adherence to architectural simplicity and DB isolation.' - path: '**/proto/**' instructions: 'Review the provided .proto files for adherence to API design best practices. Ensure compliance with pagination, tracing, validation errors, business rule validation, filtering, versioning, and modeling guidelines. Check that: Pagination follows keyset principles, returns valid page_token, and enforces page_size limits. traceID is properly handled in logs and inter-service communication. Validation errors use BadRequest details and ErrorInfo for business rule violations. Filters are defined inside request messages, grouped in oneof, and only one is active at a time. UI filters are correctly implemented for specialized back-office cases. Stable versioning (v1, v2) is used for production APIs. Package and directory structures follow naming conventions and maintain project uniqueness. Style aligns with Buf Docs standards. Avoid reserved words `descriptor` and `private` as field name (reserved in Java, causes issues for AQA).' - path: '**/tests/**' instructions: 'Evaluate the thoroughness of mutation case testing, focusing on create, update, and delete operations. Key aspects to check: unintended data changes – ensure no unexpected modifications occur beyond the intended target. Concurrency Issues – identify risks of deadlocks, data races, and dirty reads in multi-threaded environments. Performance Considerations – look for slow queries, resource contention, and frequent rollbacks that may impact system efficiency. update: validate that only the intended entity and fields are modified. Ensure that related data and mock values remain unchanged. Confirm cascading effects like cascade delete or update are handled correctly. Verify that hard deletes are not used — ensure a `deleted` flag or `deleted_at` with timestamp is implemented instead. Confirm that API modifications correctly filter out soft-deleted records. Ensure tests cover a wide range of scenarios to validate the integrity of unaffected data. Provide feedback if some tests from key aspects are missing.' chat: auto_reply: true art: false knowledge_base: learnings: scope: global code_guidelines: enabled: true filePatterns: - CLAUDE.md - .cursorrules - CONVENTIONS.md - CONTRIBUTING.md