ci(lint): expand scripts and config lint coverage

[Mehdi-Bl]

Summary\n- expand ESLint coverage to include plus root config files used by CI/tooling\n- extend formatter checks to include JS/TS for scripts and config files\n- add guard tests for lint/format gate wiring and script-scope config\n- apply Prettier normalization on affected scripts now covered by the gate\n\n## Validation\n-

ai-code-fusion@0.2.0 lint
npm run format:check && eslint src tests scripts eslint.config.js .eslintrc.js .babelrc.js babel.config.js jest.config.js playwright.config.ts postcss.config.js prettier.config.js tailwind.config.js webpack.config.js --cache --max-warnings 0 && npm run lint:md && npm run test:catalog && npm run changelog:validate

ai-code-fusion@0.2.0 format:check
prettier --check --end-of-line auto "/*.{json,md,html,css}" && prettier --check --end-of-line auto "scripts//.js" ".config.js" "eslint.config.js" ".eslintrc.js" ".babelrc.js" "jest.config.js" "postcss.config.js" "prettier.config.js" "tailwind.config.js" "webpack.config.js" "playwright.config.ts"

Checking formatting...
All matched files use Prettier code style!
Checking formatting...
All matched files use Prettier code style!

ai-code-fusion@0.2.0 lint:md
npm run lint:md:links && npm run lint:md:style

ai-code-fusion@0.2.0 lint:md:links
node scripts/lint-markdown-links.js

Markdown docs lint passed: 18 markdown files checked, 11 links/images scanned, no decorative icons found.

ai-code-fusion@0.2.0 lint:md:style
markdownlint "**/*.{md,mdx}" --config .markdownlint.json --ignore node_modules --ignore dist

ai-code-fusion@0.2.0 test:catalog
node scripts/validate-test-catalog.js

Test catalog validation passed (33 references, 31 discovered tests).

ai-code-fusion@0.2.0 changelog:validate
node scripts/validate-changelog.js

Changelog validation passed: CHANGELOG.md\n-

ai-code-fusion@0.2.0 test
jest --config jest.config.js --passWithNoTests --runInBand\n-
ai-code-fusion@0.2.0 sonar
node scripts/sonar-scan.js

Loaded environment variables: SONAR_SCANNER_HOME, DTRACK_BASE_URL, VAULT_AGENT_TOKEN_SINK_FILE, VAULT_TOKEN, SONAR_SCANNER_VERSION, SONAR_URL, VAULT_AGENT_BOOTSTRAP_TOKEN_FILE, VAULT_ADDR, VAULT_TOKEN_FILE, VAULT_AGENT_TIMEOUT_SECONDS, VAULT_AGENT_ENV_FILE, VAULT_AGENT_RUNTIME_DIR
Starting SonarQube scan...
SonarQube Server: https://
SONAR_TOKEN not set; attempting unauthenticated scan
Generating fresh Jest coverage report for SonarQube...

ai-code-fusion@0.2.0 test
jest --config jest.config.js --passWithNoTests --coverage --runInBand

-----------------------|---------|----------|---------|---------|--------------------------------------------------------------------------------------------------------------------------------------------

File	% Stmts	% Branch	% Funcs	% Lines	Uncovered Line #s
All files	71.12	58.29	70.24	71.45
renderer/components	65.16	50.88	63.94	65.61
App.tsx	55.17	39.78	53.65	56.31	28-44,57,71,78,117,133,144-146,155-157,197,276-277,286-287,294-297,301,326,340-341,369-375,386,400-463,469-470,480-482,508,514-605,622-641
ConfigTab.tsx	82.85	66.66	82.22	82.77	104,119-125,196,200,261,275-279,323,333,351-352,404-409,413-414,418-422,440,472-475,566,598,656-672,775-776,866-883
DarkModeToggle.tsx	100	50	100	100	12-15
FileTree.tsx	82.47	66.66	82.6	81.11	61-62,67-76,92-143,253
ProcessedTab.tsx	0	0	0	0	11-244
SourceTab.tsx	61.98	56.66	57.69	63.24	78-84,91-95,101-102,106-108,113-114,145,158-159,165-166,180,219,284-285,347-440
TabBar.tsx	0	0	0	0	10-31
utils	90.53	84.26	96.15	90.82
config-manager.ts	100	50	100	100	31
content-processor.ts	91.66	82.35	100	91.3	120,125,139-140
export-format.ts	100	100	100	100
file-analyzer.ts	89.47	95.12	66.66	89.28	129-130,150-165
filter-utils.ts	97.91	95.55	100	97.82	39
fnmatch.ts	77.77	100	100	77.77	19-20
gitignore-parser.ts	95	85.71	100	98.24	93
secret-scanner.ts	93.84	77.41	100	93.54	32,39,44-45
token-counter.ts	50	42.85	100	50	14-15,35-38,47-64
utils/formatters	0	0	0	0
list-formatter.ts	0	0	0	0	13-95
-----------------------	---------	----------	---------	---------	--------------------------------------------------------------------------------------------------------------------------------------------
Running SonarQube scan...
Project Key: ai-code-fusion
Using native sonar-scanner: /workspaces/config/.codex/codex2/.sonar/sonar-scanner-8.0.1.6346-linux-x64/bin/sonar-scanner
07:31:42.424 INFO Scanner configuration file: /workspaces/config/.sonar/sonar-scanner-8.0.1.6346-linux-x64/conf/sonar-scanner.properties
07:31:42.429 INFO Project root configuration file: /workspaces/poc/ai-code-fusion/sonar-project.properties
07:31:42.453 INFO SonarScanner CLI 8.0.1.6346
07:31:42.465 INFO Linux 6.6.87.2-microsoft-standard-WSL2 amd64
07:31:45.690 INFO EXECUTION FAILURE
07:31:45.691 INFO Total time: 3.274s (fails locally in this environment: missing Vault token/SONAR_TOKEN, HTTP 401)

Summary by Sourcery

Expand linting and formatting coverage to include scripts and configuration files and add guards to keep CI lint gates aligned.

Enhancements:

• Extend ESLint configuration to cover Node-based scripts and shared config files with appropriate language settings and rule overrides.
• Broaden npm lint and format:check scripts plus lint-staged patterns to enforce ESLint/Prettier on scripts and configuration files.
• Add unit tests to assert lint/format gate coverage and ESLint script scope, and document these checks in the test catalog.

Build:

• Adjust lint and format:check npm scripts to include scripts and root configuration files in CI lint coverage.

Documentation:

• Update the test catalog to describe the new lint-gates coverage tests.

Tests:

• Introduce lint-gates unit tests to validate lint/format script wiring and staged-lint scope, and extend ESLint config tests for the new scripts/config lint scope.

Summary by CodeRabbit

Release Notes

• New Features

  • ESLint now enforces code standards on scripts and configuration files using CommonJS language settings and tailored rule overrides.
  • Expanded code formatting validation to include scripts and multiple configuration file types.

• Tests

  • Added test coverage for ESLint configuration scope and lint/format gate validations.

• Chores

  • Updated lint-staged to enforce formatting standards across scripts directory alongside source and test files.

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, you can upgrade your account or add credits to your account and enable them for code reviews in your settings.

[sourcery-ai]

Reviewer's Guide

Expands linting and formatting coverage to include CI/tooling scripts and root config files, updates ESLint configuration for script/config scope, and adds unit tests to guard lint/format gates and ESLint config behavior while applying Prettier normalization to affected scripts.

Sequence diagram for updated lint npm script pipeline

sequenceDiagram
  actor Developer
  participant NPM as npm_cli
  participant PKG as package_json_scripts
  participant Prettier as prettier_cli
  participant ESLint as eslint_cli
  participant MDLinks as markdown_links_linter
  participant MDStyle as markdown_style_linter
  participant Catalog as test_catalog_validator
  participant Changelog as changelog_validator

  Developer->>NPM: run lint
  NPM->>PKG: resolve script lint
  PKG-->>NPM: npm run format:check && eslint ... && npm run lint:md && npm run test:catalog && npm run changelog:validate

  rect rgb(230,230,255)
    NPM->>PKG: run format:check
    PKG-->>Prettier: prettier --check **/*.{json,md,html,css}
    Prettier-->>NPM: formatting ok or error
    NPM->>Prettier: prettier --check scripts/**/*.js *.config.js eslint.config.js .eslintrc.js .babelrc.js jest.config.js postcss.config.js prettier.config.js tailwind.config.js webpack.config.js playwright.config.ts
    Prettier-->>NPM: formatting ok or error
  end

  NPM->>ESLint: eslint src tests scripts eslint.config.js .eslintrc.js .babelrc.js babel.config.js jest.config.js playwright.config.ts postcss.config.js prettier.config.js tailwind.config.js webpack.config.js --cache --max-warnings 0
  ESLint-->>NPM: lint success or failure

  NPM->>PKG: run lint:md
  PKG-->>MDLinks: node scripts/lint-markdown-links.js
  MDLinks-->>NPM: links validation result
  PKG-->>MDStyle: markdownlint **/*.{md,mdx}
  MDStyle-->>NPM: markdown style result

  NPM->>Catalog: node scripts/validate-test-catalog.js
  Catalog-->>NPM: catalog validation result

  NPM->>Changelog: node scripts/validate-changelog.js
  Changelog-->>NPM: changelog validation result

  NPM-->>Developer: lint pipeline pass or fail

Loading

Class diagram for updated ESLint configuration and lint gates

classDiagram
  class ESLintConfig {
    +Array overrides
  }

  class IgnoreGlobsOverride {
    +Array files
    +Array ignores
  }

  class JSRecommendedOverride {
    +String source js.configs.recommended
  }

  class ScriptsAndConfigsOverride {
    +Array files
    +Object languageOptions
    +Object globals
    +Object rules
  }

  class SourceAndTestsOverride {
    +Array files
    +Object languageOptions
    +Object parserOptions
    +Object globals
    +Object settings
    +Object rules
  }

  class PackageJsonScripts {
    +String lint
    +String format_check
    +String lint_md
    +String lint_md_links
    +String lint_md_style
    +String test_catalog
    +String changelog_validate
  }

  class LintGatesTests {
    +test_lint_includes_scripts_and_configs()
    +test_format_check_covers_scripts_and_configs()
    +test_eslint_config_applies_script_scope_overrides()
  }

  ESLintConfig o-- IgnoreGlobsOverride
  ESLintConfig o-- JSRecommendedOverride
  ESLintConfig o-- ScriptsAndConfigsOverride
  ESLintConfig o-- SourceAndTestsOverride

  PackageJsonScripts --> ESLintConfig : uses
  LintGatesTests --> PackageJsonScripts : asserts_scripts
  LintGatesTests --> ESLintConfig : asserts_overrides

  ScriptsAndConfigsOverride : files = ["scripts/**/*.js", "*.config.js", "eslint.config.js", ".eslintrc.js", ".babelrc.js", "tests/.eslintrc.js"]
  ScriptsAndConfigsOverride : languageOptions.ecmaVersion = 2022
  ScriptsAndConfigsOverride : languageOptions.sourceType = commonjs
  ScriptsAndConfigsOverride : rules.no_unused_vars = off
  ScriptsAndConfigsOverride : rules.no_case_declarations = off
  ScriptsAndConfigsOverride : rules.no_useless_escape = off

  IgnoreGlobsOverride : ignores includes scripts/** (removed)
  PackageJsonScripts : lint runs eslint on src tests scripts and config files
  PackageJsonScripts : format_check runs prettier on scripts and config files

Loading

Flow diagram for expanded format:check Prettier coverage

flowchart TD
  A[start format_check_script] --> B[run_prettier_check_json_md_html_css]
  B -->|success| C[run_prettier_check_scripts_js]
  B -->|failure| Z[exit_with_error]

  C --> D[run_prettier_check_root_config_js]
  D --> E[run_prettier_check_eslint_and_rc_configs]
  E --> F[run_prettier_check_jest_and_postcss]
  F --> G[run_prettier_check_prettier_tailwind_webpack]
  G --> H[run_prettier_check_playwright_ts]

  H -->|all_pass| Y[return_success]
  H -->|any_fail| Z[exit_with_error]

  subgraph script_and_config_targets
    C
    D
    E
    F
    G
    H
  end

Loading

File-Level Changes

Change	Details	Files
Broaden ESLint configuration to cover scripts and config files used by CI/tooling.	Stop globally ignoring scripts from ESLint while keeping build/dist artifacts ignored. Add a dedicated ESLint config block targeting scripts/**/*.js and root config JS files with Node+browser globals and CommonJS source type. Relax specific rules (no-unused-vars, no-case-declarations, no-useless-escape) for these script/config targets to avoid noisy violations. Tidy long rule configuration (e.g., import/order groups) to satisfy formatter rules.	eslint.config.js
Extend npm lint and format gates plus lint-staged to enforce coverage on scripts and configuration files.	Update lint script so eslint runs on src, tests, scripts, and all major root config files including playwright.config.ts. Extend format:check script so Prettier checks JS scripts and key config files alongside existing JSON/Markdown/HTML/CSS coverage. Include scripts in lint-staged ESLint scope so staged JS/TS in scripts is auto-fixed on commit.	package.json
Add guard unit tests to ensure lint/format gates and ESLint config keep the expanded script/config coverage.	Add a new lint-gates.test.js that asserts lint, format:check, and lint-staged all include scripts and config coverage with max-warnings=0. Extend eslint-config.test.js to verify the scripts/config ESLint scope and that scripts are not globally ignored and use CommonJS sourceType. Update the test catalog documentation to describe the new lint gate test coverage.	tests/unit/scripts/lint-gates.test.js tests/unit/scripts/eslint-config.test.js tests/catalog.md
Apply Prettier-style formatting and minor readability tweaks to existing scripts now under lint/format enforcement.	Inline or reflow callback and function arguments for better readability and to comply with Prettier (e.g., HTTP request handlers, Prometheus query builders). Break long conditional expressions, template strings, and path joins across lines for clarity. Normalize helper functions and log output formatting in various scripts libraries and utilities without changing behavior.	scripts/verify-prometheus-metrics.js scripts/capture-ui-screenshot.js scripts/lint-markdown-links.js scripts/lib/actions-freshness.js scripts/sonar-scan.js scripts/lib/security.js scripts/audit-actions-freshness.js scripts/run-perf-metrics-job.js scripts/validate-test-catalog.js scripts/lib/utils.js scripts/publish-stress-metrics.js

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[qodo-free-for-open-source-projects]

Review Summary by Qodo

Expand lint and format coverage to scripts and config files

✨ Enhancement

Walkthroughs

Description

• Expand ESLint coverage to include scripts and root config files
• Extend Prettier formatting checks to JS/TS scripts and config files
• Add guard tests for lint/format gate wiring and script-scope config
• Apply Prettier normalization to affected scripts now covered by gates

Diagram

flowchart LR
  A["ESLint Config"] -->|"Remove scripts/** ignore"| B["Include scripts & configs"]
  C["package.json lint script"] -->|"Add scripts and config files"| D["Expanded ESLint scope"]
  E["package.json format:check"] -->|"Add scripts and config files"| F["Expanded Prettier scope"]
  G["Script files"] -->|"Apply Prettier formatting"| H["Normalized code style"]
  I["New test file"] -->|"Guard lint/format gates"| J["lint-gates.test.js"]

Loading

File Changes

1. eslint.config.js ✨ Enhancement +33/-2

Add scripts and config files to ESLint scope

eslint.config.js

---

2. package.json ✨ Enhancement +3/-3

Expand lint and format:check to cover scripts

package.json

---

3. scripts/audit-actions-freshness.js Formatting +6/-4

Apply Prettier formatting normalization

scripts/audit-actions-freshness.js

---

View more (13)

4. scripts/capture-ui-screenshot.js Formatting +28/-10

Apply Prettier formatting normalization

scripts/capture-ui-screenshot.js

---

5. scripts/lib/actions-freshness.js Formatting +6/-10

Apply Prettier formatting normalization

scripts/lib/actions-freshness.js

---

6. scripts/lib/security.js Formatting +8/-3

Apply Prettier formatting normalization

scripts/lib/security.js

---

7. scripts/lib/utils.js Formatting +3/-1

Apply Prettier formatting normalization

scripts/lib/utils.js

---

8. scripts/lint-markdown-links.js Formatting +16/-4

Apply Prettier formatting normalization

scripts/lint-markdown-links.js

---

9. scripts/publish-stress-metrics.js Formatting +3/-1

Apply Prettier formatting normalization

scripts/publish-stress-metrics.js

---

10. scripts/run-perf-metrics-job.js Formatting +4/-2

Apply Prettier formatting normalization

scripts/run-perf-metrics-job.js

---

11. scripts/sonar-scan.js Formatting +8/-5

Apply Prettier formatting normalization

scripts/sonar-scan.js

---

12. scripts/validate-test-catalog.js Formatting +5/-1

Apply Prettier formatting normalization

scripts/validate-test-catalog.js

---

13. scripts/verify-prometheus-metrics.js Formatting +26/-24

Apply Prettier formatting normalization

scripts/verify-prometheus-metrics.js

---

14. tests/unit/scripts/eslint-config.test.js 🧪 Tests +7/-0

Add test for scripts and config lint scope

tests/unit/scripts/eslint-config.test.js

---

15. tests/unit/scripts/lint-gates.test.js 🧪 Tests +31/-0

Add guard tests for lint/format gate wiring

tests/unit/scripts/lint-gates.test.js

---

16. tests/catalog.md 📝 Documentation +1/-0

Document new lint-gates test coverage

tests/catalog.md

---

[coderabbitai]

Warning

Rate limit exceeded

@Mehdi-Bl has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 12 minutes and 52 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📝 Walkthrough

Walkthrough

ESLint configuration now includes scripts and configuration files by removing top-level ignores and adding file-specific overrides with CommonJS settings. Package.json lint and format commands expanded to check scripts and config files. Multiple script files reformatted for consistency. Test coverage added for lint/format gates.

Changes

Cohort / File(s)	Summary
ESLint Configuration eslint.config.js	Removed scripts/** from top-level ignores; added override block for scripts/config files with ecmaVersion 2022, CommonJS sourceType, and specific rule disables (no-unused-vars, no-case-declarations, no-useless-escape); reformatted import/order groups to multi-line layout.
Package.json Scripts package.json	Expanded lint command to include eslint.config.js and playwright.config.ts; extended format:check to cover scripts/**/*.js and additional config files; broadened lint-staged to include scripts directory.
Script File Formatting scripts/audit-actions-freshness.js, scripts/capture-ui-screenshot.js, scripts/lib/actions-freshness.js, scripts/lib/security.js, scripts/lib/utils.js, scripts/lint-markdown-links.js, scripts/publish-stress-metrics.js, scripts/run-perf-metrics-job.js, scripts/sonar-scan.js, scripts/validate-test-catalog.js, scripts/verify-prometheus-metrics.js	Formatting and whitespace adjustments only: multi-line reformatting of expressions, function calls, and string literals without behavioral changes.
Test Coverage tests/catalog.md, tests/unit/scripts/eslint-config.test.js, tests/unit/scripts/lint-gates.test.js	Added test catalog entry for lint-gates; added ESLint config test validating scripts inclusion and CommonJS settings; new test file verifying lint/format commands include scripts and config file coverage.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• ci: phase-1 eslint hardening with flat config #92: Modifies eslint.config.js to control scripts exclusion; this PR reverses that by removing scripts from ignores and adding overrides.
• CI/CD security baseline: CodeQL config, SBOM submission, markdown/changelog gates #61: Both PRs expand lint/format targets in package.json to include scripts and config files.
• fix: restore UI resizing and filtering + add cross-platform QA gate #24: Modifies capture-ui-screenshot.js and package.json scripts; this PR reformats the same script file.

Poem

🐰 With whiskers twitched and ESLint bright,
We've swept the scripts into linting's light!
Config files stand in rows so neat,
No more ignored—the rules now greet,
Hopping through tests, our victory's sweet! ✨

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 4.17% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'ci(lint): expand scripts and config lint coverage' directly and clearly describes the main objective of the changeset, which is to expand ESLint and Prettier coverage to include scripts and configuration files.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into main

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch ci/lint-coverage-scripts-config

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @Mehdi-Bl, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the project's code quality infrastructure by broadening the scope of ESLint and Prettier checks. It ensures that utility scripts and various configuration files adhere to established coding standards and formatting guidelines. The changes also include new tests to safeguard these expanded linting and formatting gates, preventing regressions and maintaining code consistency across the repository.

Highlights

• Expanded ESLint Coverage: ESLint now covers JavaScript files within the scripts directory and various root configuration files (e.g., *.config.js, .eslintrc.js, .babelrc.js, tests/.eslintrc.js), ensuring consistent code quality across more parts of the codebase.
• Extended Formatter Checks: Prettier's format:check script has been updated to include JavaScript and TypeScript files in the scripts directory and root configuration files, enforcing consistent formatting for these files.
• Added Guard Tests for Lint/Format Gates: New unit tests have been introduced to validate that the lint and format:check commands correctly include the expanded scope, and that lint-staged is configured to cover the scripts directory.
• Applied Prettier Normalization: Prettier formatting has been applied to several existing script files, standardizing their style now that they are covered by the formatting checks.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• eslint.config.js
  • Removed 'scripts/**' from the global ignore list to enable linting for script files.
  • Added a new configuration block to apply ESLint rules specifically to 'scripts/**/*.js' and various root configuration files, setting 'ecmaVersion: 2022' and 'sourceType: 'commonjs''.
  • Disabled 'no-unused-vars', 'no-case-declarations', and 'no-useless-escape' rules for the newly covered script and config files.
  • Reformatted the 'import/order' groups array for improved readability.
• package.json
  • Expanded the 'lint' script to include 'scripts' directory and various root configuration files for ESLint scanning.
  • Extended the 'format:check' script to include 'scripts/**/*.js' and various root configuration files for Prettier formatting.
  • Modified the 'lint-staged' configuration to apply 'eslint --fix' to files in the 'scripts' directory in addition to 'src' and 'tests'.
• scripts/audit-actions-freshness.js
  • Applied Prettier formatting.
• scripts/capture-ui-screenshot.js
  • Applied Prettier formatting.
• scripts/lib/actions-freshness.js
  • Applied Prettier formatting.
• scripts/lib/security.js
  • Applied Prettier formatting.
• scripts/lib/utils.js
  • Applied Prettier formatting.
• scripts/lint-markdown-links.js
  • Applied Prettier formatting.
• scripts/publish-stress-metrics.js
  • Applied Prettier formatting.
• scripts/run-perf-metrics-job.js
  • Applied Prettier formatting.
• scripts/sonar-scan.js
  • Applied Prettier formatting.
• scripts/validate-test-catalog.js
  • Applied Prettier formatting.
• scripts/verify-prometheus-metrics.js
  • Applied Prettier formatting.
• tests/catalog.md
  • Added a new entry for 'tests/unit/scripts/lint-gates.test.js' to the test catalog.
• tests/unit/scripts/eslint-config.test.js
  • Added a test to ensure ESLint configuration correctly includes scripts/config files and does not globally ignore scripts.
• tests/unit/scripts/lint-gates.test.js
  • Added a new test file to verify that the 'lint' and 'format:check' commands in 'package.json' cover the intended scripts and config files, and that 'lint-staged' includes script path coverage.

Activity

• The 'npm run lint' command was executed, demonstrating expanded ESLint coverage for source, tests, scripts, and various configuration files, with no warnings.
• The 'npm run format:check' command was executed twice, confirming that all matched files adhere to Prettier code style, including the newly covered script and config files.
• Markdown linting ('npm run lint:md') was performed successfully, checking links and style across 18 markdown files.
• Test catalog validation ('npm run test:catalog') passed, confirming 33 references against 31 discovered tests.
• Changelog validation ('npm run changelog:validate') passed for 'CHANGELOG.md'.
• A SonarQube scan was initiated, which included generating a Jest coverage report. The SonarQube scan failed locally due to missing environment variables (SONAR_TOKEN), which is expected in this specific environment.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[sourcery-ai]

Hey - I've found 1 issue, and left some high level feedback:

• The updated lint and format:check scripts in package.json hardcode a long list of config filenames, which will be easy to forget when adding new tooling files; consider using a more general glob (e.g. *.{config,rc}.js or a dedicated config/**/*.js directory) to keep this DRY and less brittle over time.
• The eslint override for scripts/config files currently disables no-unused-vars, no-case-declarations, and no-useless-escape globally for those paths; it may be worth tightening this (e.g. using /* eslint-disable */ in specific legacy files or limiting the override to known-problematic files) so real issues in newer scripts aren’t silently ignored.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The updated `lint` and `format:check` scripts in `package.json` hardcode a long list of config filenames, which will be easy to forget when adding new tooling files; consider using a more general glob (e.g. `*.{config,rc}.js` or a dedicated `config/**/*.js` directory) to keep this DRY and less brittle over time.
- The eslint override for scripts/config files currently disables `no-unused-vars`, `no-case-declarations`, and `no-useless-escape` globally for those paths; it may be worth tightening this (e.g. using `/* eslint-disable */` in specific legacy files or limiting the override to known-problematic files) so real issues in newer scripts aren’t silently ignored.

## Individual Comments

### Comment 1
<location> `eslint.config.js:45-48` </location>
<code_context>
   js.configs.recommended,
+  {
+    files: [
+      'scripts/**/*.js',
+      '*.config.js',
+      'eslint.config.js',
+      '.eslintrc.js',
+      '.babelrc.js',
+      'tests/.eslintrc.js',
+    ],
+    languageOptions: {
+      ecmaVersion: 2022,
+      sourceType: 'commonjs',
+      globals: {
+        ...globals.node,
+        ...globals.browser,
+      },
+    },
</code_context>

<issue_to_address>
**suggestion:** Consider avoiding browser globals for Node-only scripts to keep linting stricter and more accurate.

This config enables both Node and browser globals for all `scripts/**/*.js`, even though these files are primarily Node CLI/utility scripts. That can hide accidental use of browser-only APIs in Node code. Prefer keeping `scripts/**/*.js` Node-only and scoping browser globals only to the few files that truly run in a browser context (if any).

```suggestion
      globals: {
        ...globals.node,
      },
```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues found.

Scanned Files

None

[gemini-code-assist]

Code Review

This pull request is a great step towards improving code quality and consistency by expanding ESLint and Prettier coverage to include scripts and configuration files. The addition of guard tests to prevent regressions in this coverage is also an excellent practice. My review includes a few suggestions to further improve the new ESLint configuration and simplify the updated npm scripts for better maintainability.

[gemini-code-assist]

Disabling these core ESLint rules is generally discouraged as it can hide potential bugs and reduce code quality.

• no-unused-vars: Instead of turning this off completely, consider configuring it to ignore variables with a specific pattern (e.g., prefixed with an underscore) for intentionally unused variables. This helps catch accidentally unused variables. For example: 'no-unused-vars': ['error', { 'argsIgnorePattern': '^_', 'varsIgnorePattern': '^_' }].
• no-case-declarations: This rule prevents bugs from lexical declarations being visible across case clauses. Instead of disabling it, you can wrap the code within each case clause in a block { ... }.
• no-useless-escape: This rule helps maintain cleaner code by removing unnecessary escape characters. It's usually safe to keep it enabled.

If these rules were disabled to facilitate the initial rollout of linting for these files, it would be beneficial to create a follow-up ticket to address the reported issues and re-enable these rules.

[gemini-code-assist]

The list of config files in the lint script is quite long. You can simplify this by using globs, which would make the script shorter and easier to maintain. For example, "*.config.js" covers many of the explicitly listed files.

Suggested change

	"lint": "npm run format:check && eslint src tests scripts eslint.config.js .eslintrc.js .babelrc.js babel.config.js jest.config.js playwright.config.ts postcss.config.js prettier.config.js tailwind.config.js webpack.config.js --cache --max-warnings 0 && npm run lint:md && npm run test:catalog && npm run changelog:validate",
	"lint": "npm run format:check && eslint src tests scripts \"*.config.js\" \".*rc.js\" \"playwright.config.ts\" --cache --max-warnings 0 && npm run lint:md && npm run test:catalog && npm run changelog:validate",

[gemini-code-assist]

This script can be simplified. The two prettier commands can be combined into one, and the list of config files can be shortened using globs. This improves readability and maintainability.

Suggested change

	"format:check": "prettier --check --end-of-line auto \"**/*.{json,md,html,css}\" && prettier --check --end-of-line auto \"scripts/**/*.js\" \"*.config.js\" \"eslint.config.js\" \".eslintrc.js\" \".babelrc.js\" \"jest.config.js\" \"postcss.config.js\" \"prettier.config.js\" \"tailwind.config.js\" \"webpack.config.js\" \"playwright.config.ts\"",
	"format:check": "prettier --check --end-of-line auto \"**/*.{json,md,html,css}\" \"scripts/**/*.js\" \"*.config.js\" \".*rc.js\" \"*.config.ts\"",

[qodo-free-for-open-source-projects]

Code Review by Qodo

🐞 Bugs (2) 📘 Rule violations (0) 📎 Requirement gaps (0)

1. Browser globals too broad 🐞 Bug ⛯ Reliability

Description

The new ESLint override enables browser globals for all scripts/**/*.js and *.config.js, even though
most of these files run in Node. This reduces lint’s ability to catch accidental use of browser-only
identifiers in Node tooling/config (potential runtime ReferenceError).

Code

eslint.config.js[R33-49]

+  {
+    files: [
+      'scripts/**/*.js',
+      '*.config.js',
+      'eslint.config.js',
+      '.eslintrc.js',
+      '.babelrc.js',
+      'tests/.eslintrc.js',
+    ],
+    languageOptions: {
+      ecmaVersion: 2022,
+      sourceType: 'commonjs',
+      globals: {
+        ...globals.node,
+        ...globals.browser,
+      },
+    },

Evidence

eslint.config.js applies ...globals.browser to a wide set of Node-executed files (scripts and root
config files). package.json shows these scripts are invoked via node ... (Node context). Only some
code (e.g., capture-ui-screenshot’s page-init script) legitimately references browser globals like
window/document/localStorage, suggesting browser globals can be scoped to those specific files
instead of everything.

eslint.config.js[33-55]
package.json[7-23]
scripts/capture-ui-screenshot.js[364-377]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`eslint.config.js` currently enables browser globals (`window`, `document`, etc.) for **all** `scripts/**/*.js` and `*.config.js`. Most of these files execute under Node, so this configuration makes the linter less effective at catching accidental browser-only API usage in Node tooling/config.
### Issue Context
Some scripts (notably Playwright-driven ones) legitimately reference browser globals inside `page.addInitScript` / `page.evaluate` functions. Those should remain lintable without false positives, but the browser globals should be scoped to only those scripts.
### Fix Focus Areas
- eslint.config.js[33-55]
- scripts/capture-ui-screenshot.js[364-377]
- package.json[7-23]
### Suggested change
1. Keep a `scripts/config` override with **Node globals only**.
2. Add a second override for `scripts/capture-ui-screenshot.js` (and any other scripts that truly need browser globals) that extends globals with `...globals.browser`.
3. Optionally document why those specific scripts need browser globals (to reduce future confusion).

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Brittle config gate tests 🐞 Bug ⛯ Reliability

Description

New unit tests validate lint/format “gates” by searching for exact substrings in package.json and
eslint.config.js source text. These tests are sensitive to harmless formatting/reordering and don’t
assert the actual exported config structure, increasing CI flakiness and maintenance burden.

Code

tests/unit/scripts/lint-gates.test.js[R8-16]

+  test('lint command covers scripts and config files', () => {
+    const lintScript = packageJson.scripts.lint;
+
+    expect(lintScript).toContain('eslint src tests scripts');
+    expect(lintScript).toContain('eslint.config.js');
+    expect(lintScript).toContain('.eslintrc.js');
+    expect(lintScript).toContain('playwright.config.ts');
+    expect(lintScript).toContain('--max-warnings 0');
+  });

Evidence

The new tests read files as raw strings and use toContain(...) with specific formatting/order
expectations. This is likely to fail when scripts/config are reformatted (which this PR already does
broadly) or when arguments are reordered without changing behavior. The eslint-config test similarly
inspects raw source instead of requiring the exported config and checking structure.

tests/unit/scripts/lint-gates.test.js[7-16]
tests/unit/scripts/eslint-config.test.js[4-6]
tests/unit/scripts/eslint-config.test.js[38-43]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
The new gate tests assert on raw file text via `toContain(...)`, which is brittle against formatting changes and doesn’t validate runtime semantics (e.g., actual exported ESLint config objects).
### Issue Context
This PR intentionally reformats JS files via Prettier, which is exactly the kind of change that can cause string-based tests to fail without any functional regression.
### Fix Focus Areas
- tests/unit/scripts/lint-gates.test.js[7-24]
- tests/unit/scripts/eslint-config.test.js[4-6]
- tests/unit/scripts/eslint-config.test.js[38-43]
### Suggested change
1. For `eslint.config.js`:
- `const eslintConfig = require('../../../eslint.config.js')`
- Assert structurally that an entry exists whose `files` includes `scripts/**/*.js`, etc., and that `ignores` does not include `scripts/**`.
2. For `package.json` script checks:
- Prefer semantic assertions (e.g., regex that ensures the eslint invocation includes `scripts` and `--max-warnings 0` regardless of ordering), or tokenize carefully (respecting quoted segments).
3. Keep the intent (guard wiring), but make the tests resilient to reformatting and argument reordering.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

ⓘ The new review experience is currently in Beta. Learn more

[sonarqubecloud]

Quality Gate passed

Issues
7 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[Mehdi-Bl]

Follow-up on review comments:

• Addressed: browser globals are now scoped only to scripts/capture-ui-screenshot.js; shared script/config lint scope is Node-only.
• Deferred in this PR by design: tightening no-unused-vars / no-case-declarations / no-useless-escape for all scripts, and further collapsing lint/format globs.

Reason for defer: this change set was scoped to expanding gate coverage with zero behavior drift. Re-enabling stricter rules and broadening glob patterns can introduce cross-platform/tooling regressions and should be handled as a dedicated hardening pass with targeted cleanup commits.