ci(lint): phase-2 scoped unicorn and sonarjs strict packs

[Mehdi-Bl]

Summary

• add eslint-plugin-unicorn and eslint-plugin-sonarjs
• enable a curated strict rule subset scoped to src/**/*.{js,jsx,ts,tsx} while excluding test files to keep noise low
• fix two source violations required by the new rules (sonarjs/no-collapsible-if)
• add tests/unit/scripts/eslint-config.test.js to lock strict-pack config behavior and scope
• update tests/catalog.md with the new test target

Why this scope

• CI-18 requires stricter lint packs with low false-positive noise.
• Rules are intentionally scoped away from tests/scripts so quality signal is focused on production code paths.
• Electron-specific custom rules remain tracked in CI-15 and are not duplicated in this PR.

Validation

• npm run lint
• npm test -- --runInBand
• npm run sonar (attempted locally, blocked by 401 Unauthorized due unavailable valid Sonar token in shell vault context; CI Sonar gate will validate in PR)

Summary by Sourcery

Introduce scoped strict ESLint packs for production source files using sonarjs and unicorn, and update code and tests to comply with the new configuration.

Enhancements:

• Configure a strict subset of sonarjs and unicorn ESLint rules scoped to src application code while excluding tests.
• Refine existing source logic to satisfy new sonarjs collapsing-conditional checks.

Build:

• Add eslint-plugin-sonarjs and eslint-plugin-unicorn dependencies and wire them into the shared ESLint configuration.

Tests:

• Add a unit test to lock the ESLint strict-pack configuration, scope, and enforced rules, and register it in the test catalog.

Summary by CodeRabbit

• Refactor

  • Simplified conditional logic in folder traversal and file processing code for improved readability.

• Tests

  • Added new unit tests for code quality configuration validation.

• Chores

  • Added development dependencies to enhance code linting and quality checks.
  • Extended code quality configuration with additional linting rules for stricter code standards.

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, you can upgrade your account or add credits to your account and enable them for code reviews in your settings.

[sourcery-ai]

Reviewer's Guide

Adds scoped strict ESLint packs using eslint-plugin-unicorn and eslint-plugin-sonarjs for production source files, fixes the minimal code issues surfaced by the new rules, and locks the configuration behavior with unit tests and documentation updates.

File-Level Changes

Change	Details	Files
Introduce scoped strict ESLint configuration using sonarjs and unicorn plugins for production source files only.	Add sonarjs and unicorn to the top-level ESLint plugins list. Add an overrides block targeting src/**/*.{js,jsx,ts,tsx} with curated sonarjs and unicorn rules set to error. Exclude test/spec patterns under src from the strict override to avoid noisy lint failures.	.eslintrc.js
Resolve new sonarjs lint violations in existing TypeScript source code.	Flatten nested if conditions in App.tsx to satisfy sonarjs/no-collapsible-if while preserving behavior. Simplify extension-inclusion logic in FileAnalyzer to avoid redundant nested condition and satisfy sonarjs/no-collapsible-if.	src/renderer/components/App.tsx src/utils/file-analyzer.ts
Add dependencies and tests to lock in the strict lint configuration and its scope.	Declare eslint-plugin-sonarjs and eslint-plugin-unicorn as devDependencies. Add a Jest unit test that loads .eslintrc.js and asserts plugins, strict override scoping, exclusions, and enforced rules. Document the new eslint-config test target in the test catalog. Update package-lock.json to capture new dependency tree.	package.json package-lock.json tests/unit/scripts/eslint-config.test.js tests/catalog.md

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[qodo-free-for-open-source-projects]

Review Summary by Qodo

✨ Enhancement 🧪 Tests

Walkthroughs

Description

• Add eslint-plugin-unicorn and eslint-plugin-sonarjs with curated strict rules
• Scope strict packs to src/**/*.{js,jsx,ts,tsx} excluding test files
• Fix collapsible-if violations in FileAnalyzer and App components
• Add comprehensive test suite for eslint config validation

Diagram

flowchart LR
  A["ESLint Config"] -->|"Add plugins"| B["sonarjs + unicorn"]
  B -->|"Define overrides"| C["Scoped to src/ production code"]
  C -->|"Exclude tests"| D["Test files filtered out"]
  E["Source violations"] -->|"Fix collapsible-if"| F["FileAnalyzer.ts + App.tsx"]
  G["Test coverage"] -->|"Validate config"| H["eslint-config.test.js"]

Loading

File Changes

1. .eslintrc.js ⚙️ Configuration changes +21/-1

Add phase-2 strict ESLint rules with source scoping

• Add sonarjs and unicorn plugins to configuration
• Create new override block targeting src/**/*.{js,jsx,ts,tsx} files
• Exclude test files (__tests__/**, *.test.*, *.spec.*) from strict rules
• Enable 10 curated rules from sonarjs and unicorn plugins as errors

.eslintrc.js

---

2. package.json Dependencies +2/-0

Add sonarjs and unicorn ESLint plugins

• Add eslint-plugin-sonarjs@^3.0.7 as dev dependency
• Add eslint-plugin-unicorn@^63.0.0 as dev dependency

package.json

---

3. src/utils/file-analyzer.ts 🐞 Bug fix +3/-4

Flatten nested if condition in extension filtering

• Collapse nested if condition checking extension filtering into single condition
• Combine ext existence check with includes() validation on same line
• Reduce nesting depth and improve code readability

src/utils/file-analyzer.ts

---

View more (3)

4. src/renderer/components/App.tsx 🐞 Bug fix +3/-6

Flatten nested if condition in folder recursion

• Collapse nested if conditions for directory type and boundary validation
• Combine item.type === 'directory' check with isPathWithinRootBoundary() call
• Reduce conditional nesting in getAllSubFolders function

src/renderer/components/App.tsx

---

5. tests/unit/scripts/eslint-config.test.js 🧪 Tests +53/-0

Add eslint config validation test suite

• Create new test file to validate eslint configuration behavior
• Test that sonarjs and unicorn plugins are loaded correctly
• Verify strict-pack override scopes to source files and excludes test files
• Assert all 10 curated rules are enforced as errors

tests/unit/scripts/eslint-config.test.js

---

6. tests/catalog.md 📝 Documentation +1/-0

Document new eslint config test in catalog

• Add entry for new eslint-config.test.js test file
• Document test purpose as guarding scoped unicorn/sonarjs strict-pack configuration
• Map test to .eslintrc.js configuration file

tests/catalog.md

---

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces two new ESLint plugins (sonarjs and unicorn) to the project by adding development dependencies, integrating them into the ESLint configuration with specific rules, and establishing unit tests to validate the configuration. It also includes minor conditional logic refactoring in two source files.

Changes

Cohort / File(s)	Summary
ESLint Plugin Integration package.json, eslint.config.js	Added eslint-plugin-sonarjs and eslint-plugin-unicorn as devDependencies and integrated them into the ESLint config with source file targeting (src/**/*.{js,jsx,ts,tsx}), test file exclusions, and 10 specific rules enabled from both plugins.
ESLint Configuration Tests tests/unit/scripts/eslint-config.test.js, tests/catalog.md	Added new test suite verifying ESLint config scope, test file exclusions, and presence of sonarjs/unicorn rules with error severity; updated test catalog entry.
Code Refactoring src/renderer/components/App.tsx, src/utils/file-analyzer.ts	Simplified conditional logic by inlining checks into single conditions: consolidated boundary check in getAllSubFolders traversal and combined extension filter condition in shouldProcessFile.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• ci: phase-1 eslint hardening with flat config #92: Modifies ESLint configuration and plugin integration with similar focus on eslint.config.js updates and devDependencies management.

Poem

🐰 With sonarjs and unicorn's might,
Our linting rules now shine so bright!
No collapsible ifs shall pass,
No quirky code will get past class—
Stricter checks, our code's delight! ✨

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding phase-2 scoped unicorn and sonarjs strict ESLint packs for CI/linting purposes.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into main

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch ci/eslint-phase2-strict-packs

---

No actionable comments were generated in the recent review. 🎉

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 OpenGrep (1.16.0)

eslint.config.js

┌──────────────┐
│ Opengrep CLI │
└──────────────┘

�[32m✔�[39m �[1mOpengrep OSS�[0m
�[32m✔�[39m Basic security coverage for first-party code vulnerabilities.

�[1m Loading rules from local config...�[0m

src/renderer/components/App.tsx

┌──────────────┐
│ Opengrep CLI │
└──────────────┘

�[32m✔�[39m �[1mOpengrep OSS�[0m
�[32m✔�[39m Basic security coverage for first-party code vulnerabilities.

�[1m Loading rules from local config...�[0m

tests/unit/scripts/eslint-config.test.js

┌──────────────┐
│ Opengrep CLI │
└──────────────┘

�[32m✔�[39m �[1mOpengrep OSS�[0m
�[32m✔�[39m Basic security coverage for first-party code vulnerabilities.

�[1m Loading rules from local config...�[0m

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @Mehdi-Bl, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly upgrades the project's linting capabilities by incorporating eslint-plugin-unicorn and eslint-plugin-sonarjs. These additions introduce a stricter set of code quality rules, applied strategically to the core source files to improve maintainability and catch potential issues early in the development cycle. The changes also include necessary code adjustments to meet these new standards and a dedicated test to validate the integrity of the ESLint configuration.

Highlights

• New ESLint Plugins: Integrated eslint-plugin-unicorn and eslint-plugin-sonarjs to enhance code quality checks.
• Scoped Strict Rules: Enabled a curated set of strict rules from the new plugins, specifically targeting src/**/*.{js,jsx,ts,tsx} files while excluding test files to minimize noise.
• Codebase Fixes: Addressed two existing sonarjs/no-collapsible-if violations in the source code to comply with the newly introduced rules.
• Configuration Validation: Introduced a new test file (tests/unit/scripts/eslint-config.test.js) to ensure the correct behavior and scope of the strict-pack ESLint configuration.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• .eslintrc.js
  • Added sonarjs and unicorn to the list of ESLint plugins.
  • Introduced an overrides configuration to apply specific sonarjs and unicorn rules to source files (src/**/*.{js,jsx,ts,tsx}), explicitly excluding test files.
• package-lock.json
  • Updated dependencies to include eslint-plugin-sonarjs and eslint-plugin-unicorn, along with their transitive dependencies.
• package.json
  • Added eslint-plugin-sonarjs and eslint-plugin-unicorn as development dependencies.
• src/renderer/components/App.tsx
  • Refactored a conditional statement to combine multiple checks, resolving a sonarjs/no-collapsible-if violation.
• src/utils/file-analyzer.ts
  • Simplified a conditional check by merging conditions, addressing a sonarjs/no-collapsible-if violation.
• tests/catalog.md
  • Added an entry for the newly created eslint-config.test.js file.
• tests/unit/scripts/eslint-config.test.js
  • Added a new test file to verify the correct loading, scoping, and enforcement of unicorn and sonarjs ESLint rules within the configuration.

Activity

• The author, Mehdi-Bl, has introduced new ESLint plugins and rules as part of a broader initiative (CI-18) to enforce stricter linting.
• Local validation steps, including npm run lint and npm test, were performed by the author.
• The author noted a 401 Unauthorized error when attempting npm run sonar locally, indicating reliance on CI for full Sonar validation.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[sourcery-ai]

Hey - I've reviewed your changes and they look great!

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.

See the Details below.

Scanned Files

• package-lock.json

[gemini-code-assist]

Code Review

This pull request successfully introduces eslint-plugin-unicorn and eslint-plugin-sonarjs to enhance code quality, along with a new test to lock down the configuration. The code changes to comply with the new linting rules are well-executed. I have provided a couple of suggestions for improvement: one to make the new test more robust and another for a minor performance optimization in App.tsx. Overall, this is a valuable addition to the project.

[gemini-code-assist]

This is a good refactoring to collapse the if statements. For a further improvement, you can combine the two push operations and avoid creating a new array in each loop iteration. Using folders.push(item.path, ...getAllSubFolders(item)) is more performant as it avoids the overhead of creating a new array with [...folders, ...].

Suggested change

	folders.push(item.path);
	folders = [...folders, ...getAllSubFolders(item)];
	folders.push(item.path, ...getAllSubFolders(item));

[gemini-code-assist]

The test 'scopes strict packs to source files and excludes test files' correctly verifies the excludedFiles property, but it doesn't assert that the files glob is what's expected. To make this test more robust and fully align with its description, you should also assert the value of the files property. This will ensure that the strict rules are applied to the correct set of source files and prevent accidental changes to this glob.

    expect(strictnessOverride).toBeDefined();
    expect(strictnessOverride.files).toEqual(['src/**/*.{js,jsx,ts,tsx}']);
    expect(strictnessOverride.excludedFiles).toEqual(
      expect.arrayContaining([
        'src/**/__tests__/**',
        'src/**/*.test.{js,jsx,ts,tsx}',
        'src/**/*.spec.{js,jsx,ts,tsx}',
      ])
    );

[qodo-free-for-open-source-projects]

Code Review by Qodo

🐞 Bugs (1) 📘 Rule violations (0) 📎 Requirement gaps (0)

✅ 1. Strict packs not enforced 🐞 Bug ✓ Correctness

Description

The PR adds sonarjs/unicorn strict-pack rules to .eslintrc.js, but the project uses ESLint v9 with
a flat config (eslint.config.js) and CI runs eslint src tests without pointing at
.eslintrc.js. This likely means the new strict rules are not actually applied in the lint gate,
undermining the PR’s intent.

Code

.eslintrc.js[R43-62]

+    {
+      files: ['src/**/*.{js,jsx,ts,tsx}'],
+      excludedFiles: [
+        'src/**/__tests__/**',
+        'src/**/*.test.{js,jsx,ts,tsx}',
+        'src/**/*.spec.{js,jsx,ts,tsx}',
+      ],
+      rules: {
+        'sonarjs/no-collapsible-if': 'error',
+        'sonarjs/no-identical-conditions': 'error',
+        'sonarjs/no-identical-expressions': 'error',
+        'sonarjs/no-ignored-return': 'error',
+        'sonarjs/no-inverted-boolean-check': 'error',
+        'unicorn/no-array-callback-reference': 'error',
+        'unicorn/no-invalid-fetch-options': 'error',
+        'unicorn/prefer-array-some': 'error',
+        'unicorn/prefer-optional-catch-binding': 'error',
+        'unicorn/prefer-string-starts-ends-with': 'error',
+      },
+    },

Evidence

.eslintrc.js is updated to include sonarjs/unicorn plugins and strict rules, but the repository’s
lint entrypoint runs ESLint without selecting that config, while ESLint v9 + a committed
eslint.config.js indicates the flat-config path is in use. The flat config shown does not define
sonarjs/unicorn plugins/rules, so the strict-pack rules from .eslintrc.js are unlikely to be
enforced by npm run lint.

.eslintrc.js[9-62]
package.json[20-23]
package.json[146-176]
eslint.config.js[1-10]
eslint.config.js[47-62]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
Strict-pack lint rules were added to `.eslintrc.js`, but the repo appears to use ESLint v9 flat config (`eslint.config.js`) for `npm run lint`. This likely means the new sonarjs/unicorn rules are not enforced in CI.
### Issue Context
- `npm run lint` runs `eslint src tests ...` without selecting `.eslintrc.js`.
- ESLint v9 + committed `eslint.config.js` implies flat config is active.
- `eslint.config.js` currently does not load `eslint-plugin-sonarjs` or `eslint-plugin-unicorn`, and does not apply the strict-pack rule set.
### Fix Focus Areas
- eslint.config.js[1-70]
- eslint.config.js[47-80]
- .eslintrc.js[1-82]
- tests/unit/scripts/eslint-config.test.js[1-53]
### Suggested approach (flat config)
1. In `eslint.config.js`, `require('eslint-plugin-sonarjs')` and `require('eslint-plugin-unicorn')`.
2. Add a new config block scoped to `src/**/*.{js,jsx,ts,tsx}` with `ignores` for:
 - `src/**/__tests__/**`
 - `src/**/*.test.{js,jsx,ts,tsx}`
 - `src/**/*.spec.{js,jsx,ts,tsx}`
3. In that block, set `plugins: { sonarjs: sonarjsPlugin, unicorn: unicornPlugin }` and add the selected rules.
4. Decide whether to keep `.eslintrc.js` (editor-only) or remove/stop evolving it to avoid divergence.
5. Update the unit test to validate the effective config (`eslint.config.js`) rather than `.eslintrc.js`.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

ⓘ The new review experience is currently in Beta. Learn more

[qodo-free-for-open-source-projects]

1. Strict packs not enforced 🐞 Bug ✓ Correctness

The PR adds sonarjs/unicorn strict-pack rules to .eslintrc.js, but the project uses ESLint v9 with
a flat config (eslint.config.js) and CI runs eslint src tests without pointing at
.eslintrc.js. This likely means the new strict rules are not actually applied in the lint gate,
undermining the PR’s intent.

Agent Prompt

### Issue description
Strict-pack lint rules were added to `.eslintrc.js`, but the repo appears to use ESLint v9 flat config (`eslint.config.js`) for `npm run lint`. This likely means the new sonarjs/unicorn rules are not enforced in CI.

### Issue Context
- `npm run lint` runs `eslint src tests ...` without selecting `.eslintrc.js`.
- ESLint v9 + committed `eslint.config.js` implies flat config is active.
- `eslint.config.js` currently does not load `eslint-plugin-sonarjs` or `eslint-plugin-unicorn`, and does not apply the strict-pack rule set.

### Fix Focus Areas
- eslint.config.js[1-70]
- eslint.config.js[47-80]
- .eslintrc.js[1-82]
- tests/unit/scripts/eslint-config.test.js[1-53]

### Suggested approach (flat config)
1. In `eslint.config.js`, `require('eslint-plugin-sonarjs')` and `require('eslint-plugin-unicorn')`.
2. Add a new config block scoped to `src/**/*.{js,jsx,ts,tsx}` with `ignores` for:
   - `src/**/__tests__/**`
   - `src/**/*.test.{js,jsx,ts,tsx}`
   - `src/**/*.spec.{js,jsx,ts,tsx}`
3. In that block, set `plugins: { sonarjs: sonarjsPlugin, unicorn: unicornPlugin }` and add the selected rules.
4. Decide whether to keep `.eslintrc.js` (editor-only) or remove/stop evolving it to avoid divergence.
5. Update the unit test to validate the effective config (`eslint.config.js`) rather than `.eslintrc.js`.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[Mehdi-Bl]

Addressed review feedback in commit d872f1d.

• Moved phase-2 strict packs to the active ESLint v9 flat config (eslint.config.js) so CI lint enforces them.
• Reverted .eslintrc.js strict-pack changes to avoid config drift.
• Updated tests/unit/scripts/eslint-config.test.js and tests/catalog.md to validate/document eslint.config.js.
• Applied the App optimization suggestion via folders.push(item.path, ...getAllSubFolders(item));.

Local validation rerun:

• npm run lint passed
• npm test -- --runInBand passed
• npm run sonar failed locally with 401 Unauthorized because Vault token bootstrap is unavailable in this shell; PR CI SonarCloud check is green.