Back to Details

code-review

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Code Review Guide

代码审查指南

Before You Start

开始之前

  1. Read 
    /typescript
    and 
    /testing
    skills for code style and test conventions
  2. Get the diff (skip if already in context, e.g., injected by GitHub review app): 
    git diff
    or 
    git diff origin/canary..HEAD
  1. 阅读 
    /typescript
    /testing
    技能文档了解代码风格和测试规范
  2. 获取代码 diff(如果已在上下文内可跳过,例如由 GitHub 审查应用自动注入):
    git diff
    git diff origin/canary..HEAD

Checklist

检查清单

Correctness

正确性

  • Leftover 
    console.log
    / 
    console.debug
    — should use 
    debug
    package or remove
  • Missing 
    return await
    in try/catch — see https://typescript-eslint.io/rules/return-await/ (not in our ESLint config yet, requires type info)
  • Can the fix/implementation be more concise, efficient, or have better compatibility?
  • 遗留的 
    console.log
    / 
    console.debug
    —— 应当使用 
    debug
    包或直接移除
  • try/catch 中缺少 
    return await
    —— 参考 https://typescript-eslint.io/rules/return-await/(目前尚未加入我们的 ESLint 配置,需要类型信息)
  • 本次修复/实现是否可以更简洁、高效,或者拥有更好的兼容性?

Security

安全性

  • No sensitive data (API keys, tokens, credentials) in 
    console.*
    or 
    debug()
    output
  • No base64 output to terminal — extremely long, freezes output
  • No hardcoded secrets — use environment variables
  • console.*
    debug()
    输出中没有敏感数据(API 密钥、令牌、凭证)
  • 不向终端输出 base64 内容——长度极长,会导致输出卡住
  • 没有硬编码的密钥——使用环境变量

Testing

测试

  • Bug fixes must include tests covering the fixed scenario
  • New logic (services, store actions, utilities) should have test coverage
  • Existing tests still cover the changed behavior?
  • Prefer 
    vi.spyOn
    over 
    vi.mock
    (see 
    /testing
    skill)
  • Bug 修复必须包含覆盖修复场景的测试
  • 新逻辑(服务、store 动作、工具函数)应当有测试覆盖
  • 现有测试是否仍然覆盖变更后的行为?
  • 优先使用 
    vi.spyOn
    而非 
    vi.mock
    (参考 
    /testing
    技能文档)

i18n

i18n

  • New user-facing strings use i18n keys, not hardcoded text
  • Keys added to 
    src/locales/default/{namespace}.ts
    with 
    {feature}.{context}.{action|status}
    naming
  • For PRs: 
    locales/
    translations for all languages updated (
    pnpm i18n
    )
  • 新的用户可见文案使用 i18n 键,而非硬编码文本
  • 键按照 
    {feature}.{context}.{action|status}
    命名规则添加到 
    src/locales/default/{namespace}.ts
  • 针对 PR:更新所有语言的 
    locales/
    翻译(执行 
    pnpm i18n

SPA / routing

SPA / 路由

  • desktopRouter
    pair:     If the diff touches 
    src/spa/router/desktopRouter.config.tsx
    , does it also update 
    src/spa/router/desktopRouter.config.desktop.tsx
    with the same route paths and nesting? Single-file edits often cause drift and blank screens.
  • desktopRouter
    配对规则:     如果 diff 修改了 
    src/spa/router/desktopRouter.config.tsx
    ,是否也同步更新了 
    src/spa/router/desktopRouter.config.desktop.tsx
    中对应的路由路径和嵌套结构?单文件修改经常会导致偏差和空白屏问题。

Reuse

复用性

  • Newly written code duplicates existing utilities in 
    packages/utils
    or shared modules?
  • Copy-pasted blocks with slight variation — extract into shared function
  • antd
    imports replaceable with 
    @lobehub/ui
    wrapped components (
    Input
    , 
    Button
    , 
    Modal
    , 
    Avatar
    , etc.)
  • Use 
    antd-style
    token system, not hardcoded colors
  • 新编写的代码是否与 
    packages/utils
    或共享模块中已有的工具函数重复?
  • 仅有微小差异的复制粘贴代码块——抽离为公共函数
  • antd
    导入是否可以替换为 
    @lobehub/ui
    封装的组件(
    Input
    Button
    Modal
    Avatar
    等)
  • 使用 
    antd-style
    令牌系统,而非硬编码颜色

Database

数据库

  • Migration scripts must be idempotent (
    IF NOT EXISTS
    , 
    IF EXISTS
    guards)
  • 迁移脚本必须是幂等的(添加 
    IF NOT EXISTS
    IF EXISTS
    防护)

Cloud Impact

云服务影响

A downstream cloud deployment depends on this repo. Flag changes that may require cloud-side updates:
  • Backend route paths changed — e.g., renaming 
    src/app/(backend)/webapi/chat/route.ts
    or changing its exports
  • SSR page paths changed — e.g., moving/renaming files under 
    src/app/[variants]/(auth)/
  • Dependency versions bumped — e.g., upgrading 
    next
    or 
    drizzle-orm
    in 
    package.json
  • @lobechat/business-*
    exports changed     — e.g., renaming a function in 
    src/business/
    or changing type signatures in 
    packages/business/
  • src/business/
    and 
    packages/business/
    must not expose cloud commercial logic in comments or code
下游云部署依赖此仓库,标记可能需要云侧更新的变更:
  • 后端路由路径变更——例如重命名 
    src/app/(backend)/webapi/chat/route.ts
    或修改其导出内容
  • SSR 页面路径变更——例如移动/重命名 
    src/app/[variants]/(auth)/
    下的文件
  • 依赖版本升级——例如升级 
    package.json
    中的 
    next
    drizzle-orm
  • @lobechat/business-*
    导出变更    ——例如重命名 
    src/business/
    中的函数或修改 
    packages/business/
    中的类型签名
  • src/business/
    packages/business/
    不得在注释或代码中暴露云商业逻辑

Output Format

输出格式

For local CLI review only (GitHub review app posts inline PR comments instead):
  • Number all findings sequentially
  • Indicate priority: 
    [high]
    / 
    [medium]
    / 
    [low]
  • Include file path and line number for each finding
  • Only list problems — no summary, no praise
  • Re-read full source for each finding to verify it's real, then output "All findings verified."
仅适用于本地 CLI 审查(GitHub 审查应用会直接在 PR 中发布行内评论):
  • 所有发现的问题按顺序编号
  • 标注优先级:
    [high]
    / 
    [medium]
    / 
    [low]
  • 每个问题包含文件路径和行号
  • 仅列出问题——不需要总结,不需要赞美
  • 重新阅读每个问题对应的完整源代码验证真实性,然后输出 "All findings verified."