You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Continue to perform your standard code review, summarization, and bug detection as usual.
3
+
Do not suppress your default helpful observations or summaries.
4
+
5
+
Sensitive data review
6
+
Flag and require review and possible removal, whenever you detect PII, passwords, keys, potential client/private data, and/or related sensitive data committed to the repository.
7
+
8
+
Dependencies license review
9
+
Flag and require review and possible removal or replace with alternatives, whenever you detect directly added licensed code or dependency libraries being imported through dependency managers (maven, npm, pip, etc), that are not in line with the current repository license terms, as saved in the LICENSE file in the project root. For this particular repository, the license being used right now is Apache License Version 2.0. Flag any dependency and/or code imported or used, that is licensed with a commercial license, as particularly high risk. Flag any AGPL or similar strong copyleft licenses as very hi risk. Only open source licenses are allowed that are not strong copyleft. Flag dependencies with missing/unknown licenses.
10
+
11
+
Security Review
12
+
Perform a review of potential issues exposing vulnerabilities in code that can be easily exploited by third parties, if they have access to this repository source code - unprotected endpoints or ports, simple default passwords, unsafe authentication methods, unencrypted communication, etc.
0 commit comments