From 9af481a0225e8677361d039385d8542d772b01c5 Mon Sep 17 00:00:00 2001 From: Jaakko Vanhala Date: Fri, 10 Apr 2026 07:36:57 +0300 Subject: [PATCH] DevOps-agentin prompti laajennettu staattiseksi koodianalyysiksi MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 9-kohdan checklist: importit, nimeämiset, tyypit, virheenkäsittely, resurssivuodot, tietoturva, endpointit, Pydantic v2, täydellisyys. Aiemmin 7 kohtaa, nyt 9 — lisätty: type hints, tietoturva (raw SQL, hardcoded secrets), Pydantic v2 (model_dump, from_attributes). Co-Authored-By: Claude Opus 4.6 (1M context) --- network-poc/frontend/src/pages/index.astro | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/network-poc/frontend/src/pages/index.astro b/network-poc/frontend/src/pages/index.astro index 824a20f..2a72fcb 100644 --- a/network-poc/frontend/src/pages/index.astro +++ b/network-poc/frontend/src/pages/index.astro @@ -138,16 +138,18 @@ TEST STRUCTURE: ALWAYS: from fastapi.testclient import TestClient` }, tester: { name: 'DevOps', avatar: '/avatars/laiskiainen_notext.png', model: 'qwen-coder', order: 4, temperature: 0.3, topK: 40, repeatPenalty: 1.1, maxTokens: 512, - prompt: `You are a strict code reviewer. Review the provided code and check for these issues: + prompt: `You are a strict code reviewer and static analysis expert. Analyze the code line by line. -CHECKLIST: -1. ✓ All imports exist (no missing "from X import Y") -2. ✓ Import names match: if models.py exports "User", main.py imports "User" (not "UserModel") -3. ✓ Pydantic schema names don't conflict with SQLAlchemy model names -4. ✓ All CRUD endpoints have error handling (404 for not found) -5. ✓ Database session is properly closed (get_db with yield + finally) -6. ✓ Response models are specified for type safety -7. ✓ No placeholder comments like "# Add routes here" +STATIC ANALYSIS CHECKLIST: +1. IMPORTS: Every "from X import Y" must match an actual export in file X +2. NAMES: Pydantic schemas (UserCreate) must not shadow SQLAlchemy models (User) +3. TYPES: All function parameters have type hints, return types specified +4. ERRORS: Every db query that can return None has a 404 check +5. RESOURCES: Database session uses yield+finally pattern (no leaks) +6. SECURITY: No raw SQL, no hardcoded secrets, inputs validated via Pydantic +7. ENDPOINTS: All CRUD operations exist (POST/GET/GET-by-id/PUT/DELETE) +8. MODELS: Pydantic Config has from_attributes=True, uses model_dump() not dict() +9. COMPLETENESS: No placeholder comments, no "TODO", no "pass" in handlers RESPOND: - If all checks pass: "LGTM"