Files

T

Antigravity Agent 504fd5fb42 [G1-Sync] Manual knowledge update

2026-05-10 22:08:15 +09:00

4.8 KiB

Raw Permalink Blame History

id, title, category, status, canonical_id, aliases, duplicate_of, source_trust_level, confidence_score, verification_status, tags, raw_sources, last_reinforced, github_commit, tech_stack

title

Automated Quality & Review

매 한 줄

"매 PR 의 first reviewer 는 machine 이다.". Automated Quality & Review 는 lint, type-check, test, SAST, AI review 를 PR pipeline 에 stack 하여 human reviewer 가 매 substance 만 보게 하는 매 modern engineering practice. 2026 의 stack: Biome + tsc + Vitest + Semgrep + Claude/Copilot review bot.

매 핵심

매 Quality Gate Layer

Format: Biome / Prettier — 매 zero-arg.
Lint: Biome / ESLint / Ruff — 매 style + likely-bug rules.
Type: tsc / mypy / pyright — 매 static contract.
Test: Vitest / Jest / pytest — 매 unit + integration.
Coverage: c8 / coverage.py — 매 80%+ delta enforced.
SAST: Semgrep / CodeQL — 매 security pattern.
AI review: Claude Code, Copilot Workspace, Cursor — 매 semantic.
Mutation: Stryker — 매 test quality 검증 (optional).

매 AI Review 2026 Capability

Logic bug detection: Claude Opus 4.7 finds nil-deref, race, off-by-one.
Convention enforcement: 매 codebase context 학습 후 style 위반 flag.
Security: SQLi, XSS, IDOR, deserialization 의 dataflow 추적.
Performance: N+1 query, O(n²) loop, unbounded recursion.
Test gap: 매 코드 변경 vs test coverage delta 분석.

매 응용

PR comment bot — 매 inline suggestions.
Pre-merge gate — 매 critical issue block.
Refactor suggester — 매 nightly batch.
Onboarding — 매 junior dev 의 mentor.

💻 패턴

GitHub Actions quality pipeline

name: pr-quality
on: pull_request
jobs:
  quality:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: oven-sh/setup-bun@v2
      - run: bun install --frozen-lockfile
      - run: bun run biome check .
      - run: bun run tsc --noEmit
      - run: bun run vitest run --coverage
      - uses: returntocorp/semgrep-action@v1
        with: { config: 'p/owasp-top-ten' }
      - uses: anthropics/claude-code-action@v1
        with:
          mode: review
          model: claude-opus-4-7

Claude Code review prompt

You are reviewing PR #{number}. Focus on:
1. Logic bugs (off-by-one, null deref, race conditions)
2. Security (OWASP Top 10)
3. Performance (N+1, unbounded loops)
4. Test coverage for changed lines

Output format: file:line — severity — description.
Skip: style nits (handled by Biome).

Reviewdog inline comment

- run: bun run biome check --reporter=github . | reviewdog -f=github-check -reporter=github-pr-review

Coverage delta gate

- uses: ArtiomTr/jest-coverage-report-action@v2
  with:
    threshold: '{"lines":80,"branches":75}'
    annotations: failed-tests

Semgrep custom rule

rules:
  - id: hardcoded-secret
    pattern-either:
      - pattern: const $K = "$VAL"
    metavariable-regex:
      $K: '(?i)(api[_-]?key|secret|token|password)'
    message: Hardcoded secret detected
    severity: ERROR

매 결정 기준

상황	Tool
TS/JS format+lint	Biome (single tool)
Python format+lint	Ruff
Type check	tsc strict / pyright strict
Security SAST	Semgrep + CodeQL
AI review	Claude Code Action
PR comment UX	reviewdog

기본값: 매 Biome + tsc + Vitest + Semgrep + Claude review.

🔗 Graph

부모: CI_CD_Pipeline
변형: 수동 코드 리뷰 · 자동화된 코드 리뷰
응용: SAST · Husky · lint-staged
Adjacent: Engineering Metrics (DORA) · Test_Automation

🤖 LLM 활용

언제: PR review, refactor suggestion, test gap detection, commit message generation. 언제 X: 매 deterministic check (lint, type) — specialized tool 이 빠르고 정확.

❌ 안티패턴

AI-only review: 매 human approval 없이 merge 허용 — accountability 사라짐.
Slow pipeline: 매 30분 PR check 면 dev 가 우회. 5분 budget.
Style nit storm: 매 AI 가 nit 만 쏟으면 중요한 logic bug 가 묻힘.
No fail-fast: 매 lint fail 후에도 test 실행 — 매 sequential gate.

🧪 검증 / 중복

Verified: GitHub Actions docs; Anthropic Claude Code docs; Semgrep playbook 2024.
신뢰도 A.

🕓 Changelog

날짜	변경
2026-05-08	Phase 1
2026-05-10	Manual cleanup — quality gate layers + Claude Code action

4.8 KiB Raw Permalink Blame History