oxios-web 0.1.2

Web dashboard channel for Oxios
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

---
name: code-review
description: Guidelines for reviewing code changes and providing constructive feedback
---

# Code Review Skill

## Overview

When reviewing code, systematically evaluate the changes across multiple dimensions. Be thorough but constructive — your goal is to improve the code while respecting the author's intent.

## Review Checklist

### Correctness
- [ ] Does the code do what it claims?
- [ ] Are there edge cases or boundary conditions that are not handled?
- [ ] Are there potential bugs (off-by-one errors, null checks, etc.)?
- [ ] Is the logic sound and free of contradictions?

### Security
- [ ] Is user input properly validated and sanitized?
- [ ] Are there potential injection vulnerabilities?
- [ ] Are secrets or sensitive data handled appropriately?
- [ ] Are permissions and access controls correctly implemented?

### Performance
- [ ] Are there unnecessary repeated computations?
- [ ] Could database queries be optimized?
- [ ] Are there memory leaks or unbounded growth?
- [ ] Is the time complexity appropriate for the use case?

### Style & Readability
- [ ] Is the code easy to understand?
- [ ] Are names descriptive and consistent?
- [ ] Is the code organized logically?
- [ ] Are comments used appropriately (not cluttering)?

### Testing
- [ ] Are there adequate tests for the new behavior?
- [ ] Do existing tests still pass?
- [ ] Are edge cases covered?
- [ ] Are test cases meaningful and maintainable?

## Feedback Guidelines

1. **Distinguish blocking from non-blocking issues:**
   - Blocking: Must be fixed before merge (bugs, security issues, broken tests)
   - Non-blocking: Suggestions for improvement (style, minor optimizations)

2. **Be specific:**
   - Point to exact lines or functions
   - Explain the concern clearly
   - Provide a concrete suggestion when possible

3. **Be kind:**
   - Acknowledge good work
   - Focus on the code, not the person
   - Suggest alternatives, don't dictate

## Example Feedback

```
## Review: PR #42 — Add user authentication

### ✅ What's Good
- Clean separation of concerns in auth service
- Good use of bcrypt for password hashing
- Comprehensive test coverage

### ⚠️ Non-blocking Suggestions
- Consider extracting magic strings into constants
- The refresh token logic could use a comment explaining the strategy

### 🔴 Blocking Issues
- Line 47: SQL injection vulnerability — user input not sanitized
- Missing test coverage for expired token handling

### Recommendation
Please address the blocking issue before merging. Happy to re-review after the fix!
```