code-review-assistant
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseCode Review Assistant
代码审查助手
Perform structured code reviews using checklists and automated analysis tools.
使用检查清单和自动化分析工具执行结构化代码审查。
Review Workflow
审查工作流
- Gather context - Understand the scope of changes
- Run automated analysis - Execute scripts for metrics and security scans
- Apply checklists - Review using category-specific checklists
- Synthesize findings - Compile issues with severity and recommendations
- 收集上下文 - 理解变更范围
- 运行自动化分析 - 执行脚本以获取指标并进行安全扫描
- 应用检查清单 - 使用特定分类的检查清单进行审查
- 整合发现结果 - 汇总问题并标注严重程度与改进建议
Quick Start
快速开始
For a standard code review:
bash
undefined对于标准代码审查:
bash
undefined1. View changes
1. 查看变更
git diff HEAD~1
git diff HEAD~1
2. Analyze code complexity and metrics
2. 分析代码复杂度与指标
python scripts/analyze.py <file_or_directory>
python scripts/analyze.py <file_or_directory>
3. Scan for security patterns (optional)
3. 扫描安全模式(可选)
python scripts/security_scan.py <file_or_directory>
Then apply the appropriate checklists based on the code type.python scripts/security_scan.py <file_or_directory>
随后根据代码类型应用相应的检查清单。Automated Analysis
自动化分析
Code Metrics Analysis
代码指标分析
Run to get code metrics:
scripts/analyze.pybash
python scripts/analyze.py path/to/code --output json
python scripts/analyze.py src/ --recursiveOutputs:
- Lines of code (total, code, comments, blank)
- Function/method count and average length
- Cyclomatic complexity estimates
- File-level metrics summary
运行获取代码指标:
scripts/analyze.pybash
python scripts/analyze.py path/to/code --output json
python scripts/analyze.py src/ --recursive输出内容:
- 代码行数(总行数、有效代码、注释、空行)
- 函数/方法数量及平均长度
- 圈复杂度估算
- 文件级指标汇总
Security Pattern Scan
安全模式扫描
Run for quick security checks:
scripts/security_scan.pybash
python scripts/security_scan.py path/to/code
python scripts/security_scan.py src/ --severity highDetects:
- Dangerous function calls (eval, exec, shell injection)
- Hardcoded credentials patterns
- SQL injection indicators
- XSS vulnerability patterns
运行进行快速安全检查:
scripts/security_scan.pybash
python scripts/security_scan.py path/to/code
python scripts/security_scan.py src/ --severity high检测内容:
- 危险函数调用(eval、exec、Shell注入)
- 硬编码凭证模式
- SQL注入迹象
- XSS漏洞模式
Review Checklists
审查检查清单
Select checklists based on the type of changes being reviewed:
根据待审查的变更类型选择对应的检查清单:
Security Review
安全审查
When to use: Authentication changes, user input handling, API endpoints, database queries
See SECURITY.md for complete security checklist covering:
- Injection vulnerabilities (SQL, XSS, command injection)
- Authentication and authorization
- Data exposure and encryption
- Input validation
适用场景:认证变更、用户输入处理、API端点、数据库查询
完整的安全检查清单请参阅SECURITY.md,涵盖:
- 注入漏洞(SQL、XSS、命令注入)
- 认证与授权
- 数据暴露与加密
- 输入验证
Performance Review
性能审查
When to use: Database operations, loops, API calls, data processing
See PERFORMANCE.md for performance checklist covering:
- N+1 query detection
- Memory management
- Algorithmic complexity
- Caching opportunities
适用场景:数据库操作、循环、API调用、数据处理
完整的性能检查清单请参阅PERFORMANCE.md,涵盖:
- N+1查询检测
- 内存管理
- 算法复杂度
- 缓存优化机会
Code Quality Review
代码质量审查
When to use: All code changes, especially new features and refactoring
See QUALITY.md for quality checklist covering:
- Naming conventions
- Function complexity
- DRY principle adherence
- Error handling patterns
适用场景:所有代码变更,尤其是新功能开发与重构
完整的质量检查清单请参阅QUALITY.md,涵盖:
- 命名规范
- 函数复杂度
- DRY原则遵循情况
- 错误处理模式
Review Output Format
审查输出格式
Structure findings using this format:
markdown
undefined使用以下格式整理发现结果:
markdown
undefinedCode Review Summary
代码审查摘要
Files reviewed: [count]
Issues found: Critical: X | High: Y | Medium: Z | Low: W
已审查文件:[数量]
发现问题:严重:X | 高:Y | 中:Z | 低:W
Critical Issues
严重问题
- [File:Line] Description
- Code:
snippet - Fix: Recommendation
- Code:
- [文件:行号] 描述
- 代码:
代码片段 - 修复建议:推荐方案
- 代码:
High Priority Issues
高优先级问题
[Same format]
[相同格式]
Positive Observations
优秀实践亮点
- [Note well-implemented patterns]
- [记录实现良好的模式]
Recommendations
改进建议
- [Prioritized action items]
undefined- [按优先级排序的行动项]
undefined