You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+184-1Lines changed: 184 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -37,7 +37,7 @@ GenAI today is a **race car without brakes**. It accelerates fast -- you describ
37
37
38
38
**`git-lrc` is your braking system.** It hooks into `git commit` and runs an AI review on every diff _before_ it lands. 60-second setup. Completely free.
39
39
40
-
**At a glance:** 10 risk categories · 100+ failure patterns tracked · every commit scanned automatically.
40
+
**At a glance:**[10 risk categories](#what-git-lrc-checks-for)·[100+ failure patterns tracked](#what-git-lrc-checks-for)· every commit scanned automatically.
41
41
42
42
```bash
43
43
# Try it now (Linux/macOS)
@@ -365,6 +365,189 @@ If it's sent to the model, you can see it first.
365
365
- Automated security checks and SBOM workflows support transparent verification.
366
366
- For complete details, see [SECURITY.md](SECURITY.md).
367
367
368
+
## What git-lrc Checks For
369
+
370
+
Every review is checked against **10 risk categories** and **100+ specific failure patterns**, grouped into three pillars: what takes down production, what ends up in a disclosure letter, and what slows every future release. Expand any pillar, then any category, to see the exact patterns and why each one matters.
371
+
372
+
<details>
373
+
<summary><strong>Outages</strong> — what takes down production, and your on-call rotation (4 categories, 40 patterns)</summary>
374
+
375
+
<details>
376
+
<summary><strong>Reliability</strong></summary>
377
+
378
+
-**Error Handling** — Unhandled errors crash services mid-request, leaving customers staring at broken pages during peak traffic.
379
+
-**Fault Tolerance** — One dependency hiccup cascades into a full outage instead of degrading gracefully.
380
+
-**Retry Logic** — Missing retries turn brief network blips into failed payments, lost orders, and support tickets.
381
+
-**Timeout Management** — Requests hang forever, exhausting connections until the whole service grinds to a halt.
382
+
-**Resilience Patterns** — No circuit breakers means one slow service drags down everything connected to it.
383
+
-**Availability Risks** — Single points of failure turn a routine deploy into a multi-hour outage.
384
+
-**Data Integrity** — Corrupted or inconsistent records silently poison reports, billing, and downstream decisions.
385
+
-**Race Conditions** — Two requests collide and overwrite each other's work — intermittently, unreproducibly, in production.
386
+
-**Resource Cleanup** — Leaked connections and file handles pile up until the server falls over at 2am.
387
+
-**Failure Recovery** — No rollback path means a bad deploy stays live until someone manually fixes it.
388
+
389
+
</details>
390
+
391
+
<details>
392
+
<summary><strong>Correctness</strong></summary>
393
+
394
+
-**Logic Errors** — Wrong calculations ship to production and quietly produce incorrect invoices, prices, or reports.
395
+
-**Edge Cases** — The 1% scenario nobody tested is the one your biggest customer hits first.
396
+
-**Data Validation** — Bad input slips through and corrupts records that are expensive to clean up later.
397
+
-**State Management** — Stale or out-of-sync state shows users the wrong balance, status, or inventory count.
398
+
-**Concurrency Bugs** — Parallel operations step on each other, causing duplicate charges or lost updates.
399
+
-**Business Rule Violations** — A discount, limit, or policy nobody approved gets applied automatically, at scale.
400
+
-**Numerical Accuracy** — Rounding and precision errors compound into real financial discrepancies over time.
401
+
-**Null Handling** — An unexpected null crashes the checkout flow at the worst possible moment.
402
+
-**Type Safety** — A type mismatch silently mangles data instead of failing loudly where it's cheap to fix.
403
+
-**API Contract Violations** — A backend change breaks every client that depends on the old response shape.
404
+
405
+
</details>
406
+
407
+
<details>
408
+
<summary><strong>Performance</strong></summary>
409
+
410
+
-**Database Efficiency** — An unindexed query that's fine today locks up the database the moment you scale.
411
+
-**Algorithmic Complexity** — Code that's fast with 100 records grinds to a crawl with 100,000.
412
+
-**Memory Usage** — Memory leaks force daily restarts — and eventually an outage when nobody's watching.
413
+
-**CPU Utilization** — A hot loop quietly burns CPU until autoscaling bills spike or pods get killed.
414
+
-**Network Efficiency** — Chatty calls multiply latency until a simple page takes seconds to load.
415
+
-**Caching** — Every request hits the database directly, so traffic spikes become outages.
416
+
-**Concurrency** — Without proper concurrency, your service serves one user at a time under load.
417
+
-**Resource Contention** — Threads fight over the same lock, and the whole app slows to match the slowest one.
418
+
-**Rendering Performance** — A janky UI makes users think the product is broken, even when it isn't.
419
+
-**Startup Performance** — Slow boot times mean slow deploys, slow rollbacks, and slow recovery from incidents.
420
+
421
+
</details>
422
+
423
+
<details>
424
+
<summary><strong>Scalability</strong></summary>
425
+
426
+
-**Horizontal Scaling** — The app can't run on more than one instance, so growth means a rewrite.
427
+
-**Vertical Scaling** — You're one viral spike away from maxing out the biggest server money can buy.
428
+
-**Distributed Systems** — Two services disagree about reality, and nobody notices until the numbers don't add up.
429
+
-**Load Balancing** — Traffic piles onto one node while others sit idle, until that one node falls over.
430
+
-**Capacity Planning** — Nobody knows the breaking point until customers find it for you, live.
431
+
-**Bottleneck Risks** — One slow component caps the throughput of the entire system, no matter what else you scale.
432
+
-**Concurrency Limits** — A hardcoded limit silently throttles your busiest customers during your biggest moments.
433
+
-**Service Growth Constraints** — What works for 10 teams collapses under coordination overhead at 50.
434
+
-**Database Scaling** — The database that powered your launch becomes the thing that takes you down at scale.
435
+
-**Queue Backpressure** — Unbounded queues hide a growing backlog until it surfaces as hours-long delays.
436
+
437
+
</details>
438
+
439
+
</details>
440
+
441
+
<details>
442
+
<summary><strong>Breaches</strong> — what ends up in a disclosure letter, and a board meeting (2 categories, 20 patterns)</summary>
443
+
444
+
<details>
445
+
<summary><strong>Security</strong></summary>
446
+
447
+
-**Authentication** — A weak login flow is an open door — and attackers check every door.
448
+
-**Authorization** — A missing permission check lets any logged-in user act as an admin.
449
+
-**Secrets Management** — A hardcoded API key in source control is a breach waiting for someone to find it.
450
+
-**Input Validation** — Unvalidated input is the first line in almost every successful attack.
451
+
-**Injection Vulnerabilities** — One unsanitized query away from an attacker reading your entire database.
452
+
-**Cryptography** — Weak or homemade encryption gives a false sense of security — and a real breach.
453
+
-**Dependency Vulnerabilities** — A known CVE in a dependency is a published instruction manual for attackers.
454
+
-**Data Exposure** — Sensitive fields leak into logs, responses, or error messages where they don't belong.
455
+
-**Session Management** — A session that never expires is a credential an attacker can use forever.
456
+
-**Security Logging & Auditing** — Without audit trails, you can't tell what happened, when, or who's responsible — during an incident or after.
0 commit comments