blog: code refactoring

[gapry]

No description provided.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the blog's codebase by introducing a more structured directory layout for components, data, and styles. It also updates the build script reference to align with the new file naming convention. These changes aim to enhance the project's maintainability and clarity by organizing related files into logical groups.

Highlights

• Build Process Update: The build command in package.json was updated to reference a renamed post-build script, post.config.js, which was previously build.js.
• File Structure Reorganization: Several core application files and assets, including components, configuration, and stylesheets, were moved into new, more descriptive subdirectories (e.g., components, data, pages, styles) to improve project organization.
• Import Path Adjustments: Corresponding import statements across various JavaScript/JSX files (App.jsx, Analytics.jsx, main.jsx, NotFound.jsx) were updated to reflect the new locations of the moved files.
• Code Cleanup in NotFound Component: The Analytics component import and its usage were removed from NotFound.jsx, streamlining the 404 page component.

Changelog

• build.js
  • Renamed to post.config.js.
  • Applied minor formatting changes, such as adding blank lines and aligning variable assignments.
• package.json
  • Updated the 'build' script to call 'bun post.config.js' instead of 'bun build.js'.
• src/Analytics.jsx
  • Renamed to src/components/Analytics.jsx.
  • Updated the import path for config.json to ../data/config.json.
• src/App.css
  • Renamed to src/styles/App.css.
• src/App.jsx
  • Updated import paths for Analytics, NotFound, Home components and App.css to reflect their new locations.
• src/Home.css
  • Renamed to src/pages/Home/Home.css.
• src/Home.jsx
  • Renamed to src/pages/Home/Home.jsx.
• src/NotFound.css
  • Renamed to src/pages/NotFound/NotFound.css.
• src/NotFound.jsx
  • Renamed to src/pages/NotFound/NotFound.jsx.
  • Removed the import and usage of the Analytics component.
• src/config.json
  • Renamed to src/data/config.json.
• src/index.css
  • Renamed to src/styles/index.css.
• src/main.jsx
  • Updated the import path for index.css to src/styles/index.css.

Activity

• No specific activity has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[amazon-q-developer]

This PR successfully refactors the codebase by reorganizing files into a cleaner directory structure. The changes include updating import paths to reflect the new organization (components, pages, styles, data directories) and centralizing the Analytics component at the App level. All import path updates are correct and consistent with the new structure. The build script reference has been updated from build.js to post.config.js to match the actual filename. No blocking issues identified.

---

You can now have the agent implement changes and create commits directly on your pull request's source branch. Simply comment with /q followed by your request in natural language to ask the agent to make changes.

[gemini-code-assist]

Code Review

This pull request primarily involves code refactoring, reorganizing the project structure by moving components, pages, and styles into dedicated folders and updating their import paths. A build script was also renamed, improving the project's organization. However, a path traversal vulnerability was identified in the build script post.config.js where untrusted filenames are used to construct file paths for output generation, which should be addressed to prevent potential file overwrite attacks during the build process. Additionally, there are stylistic choices in post.config.js that affect maintainability, specifically regarding inconsistent and unconventional code alignment.

[gemini-code-assist]

A path traversal vulnerability was identified here. The build script parses filenames in the public/posts directory to determine the output path for generated HTML files. By using a specially crafted filename (e.g., ..-..-..-tmp-evil.md), an attacker who can commit files to the repository can cause the build script to write files outside the intended dist directory. This could be used to overwrite sensitive files on the build server or CI/CD runner. To remediate this, validate that the year, month, day, and slug components derived from the filename do not contain path traversal sequences like .. or /. Additionally, the vertical alignment of assignments and property definitions, specifically for slug on line 23, appears to be inconsistent. This style can be difficult to maintain, and it's recommended to use a single space around operators and avoid manual vertical alignment for better consistency.

        const y    = parts[0];
        const m    = parts[1];
        const d    = parts[2];
        const slug = parts.slice(3).join('-');

        if ([y, m, d, slug].some(p => !p || p.includes('..') || p.includes('/') || p.includes('\\'))) {
          return;
        }

[gemini-code-assist]

Aligning a variable with spaces within a function call is unconventional and harms readability and maintainability. Please use a single space for consistency.

      path.join(distDir, 'index.html'),