zhongwei/gh-claudeforge-marketplace-plugins-commands-code-review-assistant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Zhongwei Li
2025-11-29 18:12:51 +08:00
commit 3bb13d107a
4 changed files with 476 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

416
commands/code-review-assistant.md Normal file
View File

@@ -0,0 +1,416 @@
---
allowed-tools: Bash, Read, Write, Edit, Grep, Glob
description: Analyze code changes with detailed feedback on quality, patterns, and improvement opportunities
---
# Code Review Assistant Command
Provide intelligent code analysis and actionable improvement recommendations for code changes.
## Usage
```bash
/code-review-assistant <target>
```
**Examples:**
```bash
/code-review-assistant @$ARGUMENTS # Review with context
/code-review-assistant src/api/auth.js # Review specific file
/code-review-assistant . # Review all changes
```
## What This Command Does
Analyzes code to provide:
1. **Pattern Recognition**: Identify design patterns and architectural approaches
2. **Quality Assessment**: Evaluate code structure and maintainability
3. **Improvement Suggestions**: Specific, actionable recommendations
4. **Best Practice Guidance**: Industry standards and proven patterns
5. **Learning Opportunities**: Educational insights for team growth
## Analysis Framework
### Step 1: Context Gathering
Collect information about the code:
```bash
# File information
git log --oneline <file> -10
git blame <file>
# Related files
git diff --name-only HEAD~5..HEAD
# Code metrics
cloc <file>
```
### Step 2: Pattern Analysis
Identify patterns in the code:
**Design Patterns**:
- Singleton, Factory, Strategy, Observer, etc.
- Proper implementation and usage
- Opportunities for pattern application
**Architectural Patterns**:
- MVC, MVVM, Clean Architecture
- Layered architecture adherence
- Separation of concerns
**Anti-Patterns**:
- God objects
- Spaghetti code
- Tight coupling
- Magic numbers
- Hardcoded values
### Step 3: Quality Evaluation
**Code Structure**:
```javascript
// Example: Function complexity analysis
function analyzeComplexity(code) {
return {
cyclomaticComplexity: calculateCC(code),
cognitiveComplexity: calculateCognitive(code),
nestingDepth: calculateNesting(code),
recommendation: getRecommendation()
};
}
```
**Maintainability Factors**:
- Clear naming conventions
- Function/method length
- Parameter count
- Return complexity
- Side effects
### Step 4: Generate Recommendations
Provide structured feedback:
```markdown
## Analysis Results
### Architecture & Design
**Current Approach**: MVC with service layer
**Strengths**: Clear separation of concerns
**Improvements**:
- Consider dependency injection for better testability
- Extract business logic from controllers to services
### Code Quality
**Complexity**: 3 functions exceed complexity threshold
- `processUserData()` CC: 12 (target: <10)
- `validateInput()` CC: 11 (target: <10)
**Recommendations**:
1. Extract validation logic into separate validators
2. Use early returns to reduce nesting
3. Apply strategy pattern for different data types
### Performance
**Potential Issues**:
- Database queries in loop (lines 45-52)
- Unnecessary object cloning (line 78)
**Optimizations**:
- Batch database queries
- Use shallow copy where deep copy not needed
### Testing
**Coverage**: 75% (target: >80%)
**Missing Tests**:
- Edge cases for empty input
- Error handling scenarios
- Concurrent access patterns
```
## Review Categories
### 1. Code Structure
**What to Check**:
- Function size (< 50 lines ideal)
- Class size (< 300 lines ideal)
- Parameter count (< 5 ideal)
- Nesting depth (< 4 levels)
- Cyclomatic complexity (< 10)
**Example Feedback**:
```python
# Current: High complexity
def process_order(order, user, payment, shipping, promo):
if user.is_verified:
if payment.is_valid:
if shipping.is_available:
# ... deep nesting
# Suggested: Simplified
def process_order(order_request: OrderRequest) -> OrderResult:
validate_order_request(order_request)
payment = process_payment(order_request.payment)
shipping = arrange_shipping(order_request.shipping)
return create_order(order_request, payment, shipping)
```
### 2. Security Analysis
**Check For**:
- Input validation
- SQL injection risks
- XSS vulnerabilities
- Authentication/authorization
- Sensitive data exposure
- Secure password handling
**Example Feedback**:
```javascript
// Issue: SQL injection vulnerability
const query = `SELECT * FROM users WHERE email = '${email}'`;
// Fix: Use parameterized queries
const query = 'SELECT * FROM users WHERE email = ?';
db.query(query, [email]);
// Or use ORM
const user = await User.findOne({ where: { email } });
```
### 3. Performance Review
**Analyze**:
- Algorithm efficiency
- Database query patterns
- Memory usage
- Caching opportunities
- Async/await usage
**Example Feedback**:
```python
# Issue: N+1 query problem
def get_user_orders(user_ids):
users = User.query.filter(User.id.in_(user_ids)).all()
for user in users:
orders = user.orders # Separate query for each user!
# Fix: Eager loading
def get_user_orders(user_ids):
users = User.query\
.options(joinedload(User.orders))\
.filter(User.id.in_(user_ids))\
.all()
```
### 4. Testing Assessment
**Evaluate**:
- Test coverage
- Test quality
- Edge case handling
- Integration tests
- Mock usage
**Example Feedback**:
```typescript
// Current: Incomplete testing
describe('calculateDiscount', () => {
it('applies discount', () => {
expect(calculateDiscount(100, 0.1)).toBe(90);
});
});
// Suggested: Comprehensive tests
describe('calculateDiscount', () => {
it('applies valid discount percentage', () => {
expect(calculateDiscount(100, 0.1)).toBe(90);
});
it('handles zero discount', () => {
expect(calculateDiscount(100, 0)).toBe(100);
});
it('throws error for negative discount', () => {
expect(() => calculateDiscount(100, -0.1)).toThrow();
});
it('handles invalid input gracefully', () => {
expect(() => calculateDiscount(null, 0.1)).toThrow(TypeError);
});
});
```
## Improvement Patterns
### Extract Method
When: Function does multiple things
```java
// Before
public void processUser(User user) {
// Validate
if (user.name == null) throw new Exception();
// Save
database.save(user);
// Send email
email.send(user.email);
}
// After
public void processUser(User user) {
validateUser(user);
saveUser(user);
notifyUser(user);
}
```
### Replace Conditional with Polymorphism
When: Complex if/else or switch statements
```typescript
// Before
function getPrice(product: Product): number {
if (product.type === 'book') {
return product.basePrice * 0.9;
} else if (product.type === 'electronics') {
return product.basePrice * 1.1;
}
return product.basePrice;
}
// After
interface Product {
getPrice(): number;
}
class Book implements Product {
getPrice(): number {
return this.basePrice * 0.9;
}
}
class Electronics implements Product {
getPrice(): number {
return this.basePrice * 1.1;
}
}
```
### Introduce Parameter Object
When: Functions have many parameters
```go
// Before
func CreateUser(name string, email string, phone string, addr string, city string) {}
// After
type UserInfo struct {
Name string
Email string
Phone string
Address string
City string
}
func CreateUser(info UserInfo) {}
```
## Best Practices Guidance
### Naming Conventions
- **Variables**: descriptive, camelCase/snake_case
- **Functions**: verb + noun (getUserById, calculateTotal)
- **Classes**: noun, PascalCase (UserManager, OrderService)
- **Constants**: UPPER_SNAKE_CASE (MAX_RETRY_COUNT)
- **Booleans**: is/has/can prefix (isValid, hasPermission)
### Error Handling
```javascript
// Good: Specific error handling
try {
await processPayment(order);
} catch (error) {
if (error instanceof PaymentError) {
logger.error('Payment failed', { orderId: order.id, error });
await notifyPaymentFailure(order);
} else if (error instanceof NetworkError) {
await queueForRetry(order);
} else {
throw error; // Re-throw unexpected errors
}
}
```
### Documentation
```python
def calculate_shipping_cost(
weight: float,
distance: float,
priority: str = 'standard'
) -> float:
"""
Calculate shipping cost based on package weight and distance.
Args:
weight: Package weight in kilograms
distance: Shipping distance in kilometers
priority: Shipping priority ('standard', 'express', 'overnight')
Returns:
Shipping cost in dollars
Raises:
ValueError: If weight or distance is negative
Example:
>>> calculate_shipping_cost(2.5, 100, 'express')
25.50
"""
pass
```
## Actionable Feedback Format
Structure recommendations clearly:
```markdown
## Priority: HIGH
**Issue**: SQL injection vulnerability in user authentication
**Location**: auth.js:45
**Impact**: Security breach, data exposure
**Fix**:
```javascript
// Replace
const query = `SELECT * FROM users WHERE email = '${email}'`;
// With
const query = 'SELECT * FROM users WHERE email = ?';
db.query(query, [email]);
```
**Testing**: Add security test to verify parameterization
## Priority: MEDIUM
**Observation**: High cyclomatic complexity in validateOrder()
**Location**: order.js:123
**Impact**: Difficult to test and maintain
**Suggestion**: Extract validation rules into separate validator classes
**Benefit**: Better testability, easier to extend validation rules
```
## Learning Opportunities
Highlight educational insights:
- **Pattern Recognition**: "This code could benefit from the Strategy pattern"
- **Best Practices**: "Consider using dependency injection here"
- **Performance**: "Eager loading would eliminate the N+1 query issue"
- **Testing**: "Add property-based testing for edge cases"
## Methodology
This command follows these principles:
- **Constructive**: Focus on improvements, not criticism
- **Specific**: Provide exact line numbers and code examples
- **Actionable**: Give clear steps to implement suggestions
- **Educational**: Explain why changes improve code
- **Prioritized**: Rank issues by severity and impact