pr-review

Original🇨🇳 Chinese
Translated

Conduct Pull Request code reviews, including comprehensive evaluations of code quality, security, performance, architectural rationality, etc. Activated when users request PR reviews or mention keywords like "review pr", "check PR", etc.

1installs
Sourcelabring/fastgpt
Added on

NPX Install

npx skill4agent add labring/fastgpt pr-review

Tags

Translated version includes tags in frontmatter
pr-code-reviewgh-clicode-quality-assessmentsecurity-reviewfastgpt-style-guide

SKILL.md Content (Chinese)

View Translation Comparison →

PR Code Review Skill

Conduct comprehensive reviews of Pull Request code quality, security, performance, and architectural design, and provide professional improvement suggestions

Quick Start

bash
# Review the PR of the current branch
gh pr view

# Review a specified PR
gh pr view 6324

# View changes
gh pr diff 6324

Tool Integration

Accelerate Reviews with gh CLI

bash
# View and review PR
gh pr view <number> && gh pr diff <number>

# Add review comments
gh pr review <number> --comment -b "My review comments"

# Approve PR
gh pr review <number> --approve

# Request changes
gh pr review <number> --request-changes

Local PR Testing

bash
# Check out PR branch locally
gh pr checkout <number>

# Run tests
pnpm test

# Run lint
pnpm lint

# Type check
pnpm tsc --noEmit

# Start dev server to verify
pnpm dev

Common Command Reference

bash
# View PR information
gh pr view --json title,body,author,state,files,additions,deletions

# View PR diff
gh pr diff
gh pr diff <number> > /tmp/pr.diff  # Save to file

# View PR commits
gh pr view --json commits --jq '.commits[].messageHeadline'

# Check PR checks status
gh pr checks

# Comment on PR
gh pr comment <number> --body "Comment content"

# Submit PR review
gh pr review <number> --approve
gh pr review <number> --request-changes
gh pr review <number> --comment -b "Comment content"

# PR operations
gh pr merge <number> --squash  # Squash merge
gh pr close <number>           # Close PR

Review Process

1. Information Collection Phase

Automatically execute the following steps:
bash
# 1. Get basic PR information
gh pr view --json title,body,author,state,headRefName,baseRefName,additions,deletions,files

# 2. Get PR change diff
gh pr diff

# 3. Get PR commit history
gh pr view --json commits

# 4. Check CI/CD status
gh pr checks

2. Multi-Dimensional Code Review

Conduct systematic reviews according to the following three dimensions:

Dimension 1: Code Quality Standards 📐

Universal code quality standards applicable to all projects:
  • Security: Input validation, permission checks, injection protection, sensitive information protection
  • Correctness: Error handling, boundary conditions, type safety
  • Performance: Algorithm complexity, database optimization, memory management
  • Testability: Test coverage, test quality, Mock usage
📖 Detailed Guide: code-quality-standards.md

Dimension 2: FastGPT Style Guide 🎨

Project-specific code specifications and conventions for FastGPT:
  • Workflow Node Development: Type definitions, node enumerations, execution logic, isEntry management
  • API Route Development: Route definitions, permission verification, error handling
  • Frontend Component Development: TypeScript + React, Chakra UI, state management
  • Database Operations: Model definitions, query optimization, index design
  • Package Structure & Dependencies: Dependency direction, import specifications, type exports
📖 Detailed Guide: fastgpt-style-guide.md

Dimension 3: Common Issues Checklist 🔍

Quickly identify and fix common problem patterns:
  • TypeScript Issues: Overuse of any type, incomplete type definitions, unsafe assertions
  • Asynchronous Error Handling: Unhandled Promises, lost error messages, silent failures
  • React Performance: Unnecessary re-renders, object creation during rendering, missing memoization
  • Workflow Nodes: Unreset isEntry, uncleared interaction history, missing whitelist entries
  • Security Vulnerabilities: Injection attacks, XSS, file upload vulnerabilities
📖 Detailed Checklist: common-issues-checklist.md

3. Generate and Submit Review Report

PR review outputs are divided into two parts:
  1. Overall Review Report: Submitted as a general comment at the top of the PR
  2. Line-Level Code Comments: Added directly at the corresponding code lines

Step 1: Analyze Code and Prepare Comments

During the review process, record the following for each issue:
  • File Path: e.g., 
    packages/service/core/workflow/dispatch.ts
  • Line Numbers: e.g., 
    L142-L150
  • Issue Type: 🔴Critical / 🟡Improvement / 🟢Optimization
  • Comment Content: Specific issue description and suggestions

Step 2: Add Line-Level Code Comments

GitHub CLI supports adding comments to specific lines. The comment data format is JSON:
bash
# 1. Prepare line-level comment JSON file
cat > /tmp/line-comments.json << 'EOF'
{
  "body": "Line-level code review comment",
  "event": "COMMENT",
  "comments": [
    {
      "path": "packages/service/core/workflow/dispatch.ts",
      "line": 142,
      "body": "🔴 **Critical Issue**: Missing error handling here, which will cause runtime errors if runtimeNode is null.\n\n**Suggestion**:\n```typescript\nif (!runtimeNode) {\n  throw new Error(`Runtime node not found: ${nodeId}`);\n}\n```"
    },
    {
      "path": "packages/service/core/workflow/dispatch.ts",
      "line": 150,
      "body": "🟡 **Performance Optimization**: It is recommended to compile and extract this regular expression outside the function to avoid re-compiling on each call.\n\n**Suggestion**:\n```typescript\nconst NODE_ID_PATTERN = /^node_([a-f0-9]+)$/; // Define at the top of the module\n```"
    }
  ]
}
EOF

# 2. Submit overall review report and line-level comments
gh pr review <number> --body-file /tmp/pr-review.md --json > /tmp/review-result.json

Step 3: Generate Overall Review Report

markdown
# PR Review: {PR Title}

## 📊 Change Overview
- **PR Number**: #{number}
- **Author**: @author
- **Branches**: {baseRefName} ← {headRefName}
- **Change Statistics**: +{additions} -{deletions} lines
- **Files Involved**: {files.length} files

## ✅ Advantages
{List the well-done aspects}

## ⚠️ Issue Summary

### 🔴 Critical Issues ({count} items, must fix)
{Briefly list each critical issue, and add line-level comments below}

### 🟡 Suggested Improvements ({count} items)
{Briefly list each suggestion}

### 🟢 Optional Optimizations ({count} items)
{Briefly list optimization suggestions}

## 🧪 Testing Suggestions
{Recommended testing methods}

## 💬 Overall Evaluation
- **Code Quality**: ⭐⭐⭐⭐☆ (4/5)
- **Security**: ⭐⭐⭐⭐⭐ (5/5)
- **Performance**: ⭐⭐⭐⭐☆ (4/5)
- **Maintainability**: ⭐⭐⭐⭐☆ (4/5)

## 🚀 Review Conclusion
{Recommendation: Approve/Needs Changes/Reject}

---

## 📍 Detailed Code Comments
Specific line-level comments have been added at the following locations:
{List all locations where line-level comments were added}

Step 4: Submit Overall Review Report

Submit the overall review report to the comment section via GitHub CLI.

Quick Reference for Review Commands:

ScenarioCommand
Approve PR
gh pr review <number> --approve
Request changes
gh pr review <number> --request-changes
General comment
gh pr review <number> --comment
Submit from file
gh pr review <number> --body-file /tmp/review.md
Add regular comment
gh pr comment <number> --body "Content"
Dismiss review
gh pr review <number> --dismiss

Reference Documents

Core Review Documents

  • Dimension 1: code-quality-standards.md - Universal Code Quality Standards
  • Dimension 2: fastgpt-style-guide.md - FastGPT Project Specifications
  • Dimension 3: common-issues-checklist.md - Common Issues Checklist