Skip to content

BED-6138 - StBernard Output and Error Handling Iteration #1662

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 9, 2025
Merged

BED-6138 - StBernard Output and Error Handling Iteration #1662

merged 1 commit into from
Jul 9, 2025

Conversation

zinic
Copy link
Contributor

@zinic zinic commented Jul 8, 2025
edited by coderabbitai bot
Loading

Description

StBernard ergonomic work. See CodeRabbit's summary.

Motivation and Context

Resolves BED-6138

No broken windows.

How Has This Been Tested?

Unit tests updated and integration tests pass.

Types of changes

  • Chore (a change that does not modify the application functionality)

Checklist:

Summary by CodeRabbit

Summary by CodeRabbit

  • New Features

    • Added an option to display all analysis severities in the output.
    • Improved grouping and sorting of analysis results by severity and file location.

  • Bug Fixes

    • Enhanced error handling and reporting for command executions.

  • Refactor

    • Streamlined analysis output formatting for better readability.
    • Switched several command executions to interactive mode, providing real-time feedback during operations such as building, testing, formatting, and documentation generation.

@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Jul 8, 2025
edited
Loading

Walkthrough

This update refactors the analysis and command execution infrastructure, introducing a strongly typed severity system, new severity grouping utilities, and interactive command execution. It modifies analysis output handling to print formatted results directly, adds a new output flag, and updates related workflows and recipes to accommodate these changes.

Changes

File(s) Change Summary
justfile Updated analyze recipe to accept flags and removed output redirection in _prep-steps.
packages/go/stbernard/analyzers/analyzers.go Refactored Run to use severity maps, print output directly, and updated signature; added helper for severity output.
packages/go/stbernard/analyzers/codeclimate/codeclimate.go Introduced typed Severity, constants, parsing, priority, grouping by severity, and sorting utilities.
packages/go/stbernard/analyzers/golang/golang.go
packages/go/stbernard/analyzers/js/js.go		 Changed analyzer Run functions to return severity maps; improved error handling and output processing.
packages/go/stbernard/cmdrunner/cmdrunner.go Refactored error handling, introduced ExecutionError, added RunInteractive for real-time command output.
packages/go/stbernard/command/analysis/analysis.go Added -all flag, updated usage, and integrated new analyzer interface and output flag.
packages/go/stbernard/git/git.go Updated error type assertion to use new ExecutionError.
packages/go/stbernard/workspace/golang/build.go
generate.go
goimports.go
sync.go
tester.go		 Switched Go workspace build, generate, imports, sync, and test commands to use RunInteractive.
packages/go/stbernard/workspace/redoc/redoc.go
workspace.go		 Changed OpenAPI doc and schema generation to use interactive command execution.
packages/go/stbernard/workspace/yarn/yarn.go Updated all yarn-related commands to use RunInteractive.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI
    participant AnalysisCmd
    participant Analyzers
    participant GoAnalyzer
    participant JSAnalyzer

    User->>CLI: just analyze [-all]
    CLI->>AnalysisCmd: Parse flags, call Run
    AnalysisCmd->>Analyzers: Run(paths, env, outputAllSeverity)
    Analyzers->>GoAnalyzer: Run(paths, env)
    GoAnalyzer-->>Analyzers: SeverityMap
    Analyzers->>JSAnalyzer: Run(paths, env)
    JSAnalyzer-->>Analyzers: SeverityMap
    Analyzers->>AnalysisCmd: Print grouped results, return error if needed
    AnalysisCmd->>CLI: Exit with code based on severity
Loading

Possibly related PRs

  • BED-6138 - StBernard Error Handling #1651: Refactors the analyzers.Run function signature and output handling, introduces severity types, and modifies the justfile analyze recipe; related by changes to analysis output and severity handling.

Suggested labels

tooling

Suggested reviewers

  • superlinkx

Poem

A rabbit hopped through code so neat,
Typed severities—what a treat!
Commands now chat in real-time flair,
Grouped by file, each bug laid bare.
With flags and maps, the tools advance—
The warren’s code now leaps and prance!
🐇✨

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 279d0a8 and 24e0718.

📒 Files selected for processing (16)
  • justfile (2 hunks)
  • packages/go/stbernard/analyzers/analyzers.go (1 hunks)
  • packages/go/stbernard/analyzers/codeclimate/codeclimate.go (2 hunks)
  • packages/go/stbernard/analyzers/golang/golang.go (2 hunks)
  • packages/go/stbernard/analyzers/js/js.go (2 hunks)
  • packages/go/stbernard/cmdrunner/cmdrunner.go (3 hunks)
  • packages/go/stbernard/command/analysis/analysis.go (3 hunks)
  • packages/go/stbernard/git/git.go (1 hunks)
  • packages/go/stbernard/workspace/golang/build.go (1 hunks)
  • packages/go/stbernard/workspace/golang/generate.go (1 hunks)
  • packages/go/stbernard/workspace/golang/goimports.go (1 hunks)
  • packages/go/stbernard/workspace/golang/sync.go (2 hunks)
  • packages/go/stbernard/workspace/golang/tester.go (1 hunks)
  • packages/go/stbernard/workspace/redoc/redoc.go (1 hunks)
  • packages/go/stbernard/workspace/workspace.go (1 hunks)
  • packages/go/stbernard/workspace/yarn/yarn.go (4 hunks)
🚧 Files skipped from review as they are similar to previous changes (15)
  • packages/go/stbernard/workspace/redoc/redoc.go
  • packages/go/stbernard/workspace/golang/build.go
  • packages/go/stbernard/workspace/golang/sync.go
  • packages/go/stbernard/workspace/golang/generate.go
  • packages/go/stbernard/workspace/golang/tester.go
  • packages/go/stbernard/workspace/golang/goimports.go
  • packages/go/stbernard/git/git.go
  • packages/go/stbernard/workspace/workspace.go
  • packages/go/stbernard/workspace/yarn/yarn.go
  • justfile
  • packages/go/stbernard/command/analysis/analysis.go
  • packages/go/stbernard/analyzers/golang/golang.go
  • packages/go/stbernard/analyzers/analyzers.go
  • packages/go/stbernard/cmdrunner/cmdrunner.go
  • packages/go/stbernard/analyzers/js/js.go
🧰 Additional context used
🧠 Learnings (2)
📓 Common learnings 
Learnt from: zinic
PR: SpecterOps/BloodHound#1573
File: packages/go/dawgs/drivers/pg/query/sql/schema_up.sql:514-581
Timestamp: 2025-06-12T15:42:11.258Z
Learning: Contributor "zinic" prefers not to receive automated refactor suggestions/comments on their pull requests.
packages/go/stbernard/analyzers/codeclimate/codeclimate.go (3) 
Learnt from: superlinkx
PR: SpecterOps/BloodHound#1606
File: .golangci.json:3-5
Timestamp: 2025-06-25T18:23:53.103Z
Learning: In the BloodHound project's .golangci.json, errcheck linter is intentionally disabled because it was too noisy, but the severity override settings are preserved for when it gets re-enabled in the future.

Learnt from: zinic
PR: SpecterOps/BloodHound#1573
File: packages/go/dawgs/drivers/pg/query/sql/schema_up.sql:514-581
Timestamp: 2025-06-12T15:42:11.258Z
Learning: Contributor "zinic" prefers not to receive automated refactor suggestions/comments on their pull requests.

Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
  • GitHub Check: Build BloodHound Container Image / Build and Package Container
  • GitHub Check: run-tests
  • GitHub Check: run-analysis
  • GitHub Check: build-ui
🔇 Additional comments (9)
packages/go/stbernard/analyzers/codeclimate/codeclimate.go (9)

19-24: Import statements updated appropriately.

The new imports (fmt, maps, slices) are correctly added to support the new severity parsing, map operations, and sorting functionality.

28-28: Entry struct correctly updated to use typed severity.

The change from string to the new Severity type provides better type safety and validation.

43-52: Well-defined severity constants.

The severity constants provide a clear hierarchy and are consistent with CodeClimate standards.

54-61: Robust severity parsing with validation.

The ParseSeverity function properly validates input and returns appropriate errors for invalid severities.

63-78: Priority method correctly implemented.

The priority ordering is logical (info=1, minor=2, major=3, critical=4, blocker=5) and the default case properly handles invalid severities.

80-97: EntryMap implementation is correct.

Both the Merge and Copy methods are properly implemented with correct map operations and slice copying.

99-133: SeverityMap construction and combination logic is sound.

The NewSeverityMap function properly groups entries by severity and file path, and CombineSeverityMaps handles the combining logic correctly including edge cases.

135-149: SeverityMap merge and sorting methods are well-implemented.

The Merge method correctly handles existing and new entries, and the SortedSeverities method efficiently uses the standard library's sorting capabilities.

151-169: Utility methods for severity comparison and copying are correct.

The HasGreaterSeverity method provides useful functionality for threshold checking, and the Copy method properly deep copies the nested map structure.

✨ Finishing Touches
  • 📝 Generate Docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Jul 8, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)

156-156: Remove incomplete comment.

The comment // ? appears to be incomplete or a placeholder.

-	// ?
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a5f6679 and e08d1ac.

📒 Files selected for processing (16)
  • justfile (2 hunks)
  • packages/go/stbernard/analyzers/analyzers.go (1 hunks)
  • packages/go/stbernard/analyzers/codeclimate/codeclimate.go (2 hunks)
  • packages/go/stbernard/analyzers/golang/golang.go (2 hunks)
  • packages/go/stbernard/analyzers/js/js.go (2 hunks)
  • packages/go/stbernard/cmdrunner/cmdrunner.go (3 hunks)
  • packages/go/stbernard/command/analysis/analysis.go (3 hunks)
  • packages/go/stbernard/git/git.go (1 hunks)
  • packages/go/stbernard/workspace/golang/build.go (1 hunks)
  • packages/go/stbernard/workspace/golang/generate.go (1 hunks)
  • packages/go/stbernard/workspace/golang/goimports.go (1 hunks)
  • packages/go/stbernard/workspace/golang/sync.go (2 hunks)
  • packages/go/stbernard/workspace/golang/tester.go (1 hunks)
  • packages/go/stbernard/workspace/redoc/redoc.go (1 hunks)
  • packages/go/stbernard/workspace/workspace.go (1 hunks)
  • packages/go/stbernard/workspace/yarn/yarn.go (4 hunks)
🧰 Additional context used
🧠 Learnings (15)
📓 Common learnings 
Learnt from: zinic
PR: SpecterOps/BloodHound#1573
File: packages/go/dawgs/drivers/pg/query/sql/schema_up.sql:514-581
Timestamp: 2025-06-12T15:42:11.258Z
Learning: Contributor "zinic" prefers not to receive automated refactor suggestions/comments on their pull requests.
packages/go/stbernard/workspace/golang/tester.go (3) 
Learnt from: superlinkx
PR: SpecterOps/BloodHound#1503
File: cmd/api/src/services/job/jobs_test.go:19-143
Timestamp: 2025-05-27T16:58:33.295Z
Learning: Tests in cmd/api/src/services/job/jobs_test.go have been found to be flaky in the past and are due for rewrite. They should be skipped with t.Skip() until they can be properly rewritten.

Learnt from: LawsonWillard
PR: SpecterOps/BloodHound#1595
File: cmd/api/src/api/v2/saved_queries_test.go:2594-2594
Timestamp: 2025-06-17T22:37:36.389Z
Learning: In Go table-driven tests, there's a distinction between main test function parallelism and subtest parallelism. Main test functions can safely use t.Parallel() for performance benefits, but individual subtests within table-driven tests may need to run sequentially to avoid race conditions with mocks, deferred functions, or shared resources.

Learnt from: LawsonWillard
PR: SpecterOps/BloodHound#1595
File: cmd/api/src/api/v2/saved_queries_test.go:2197-2197
Timestamp: 2025-06-17T22:37:50.192Z
Learning: In Go tests using table-driven patterns, t.Parallel() at the function level allows test functions to run in parallel with other test functions, which is generally beneficial. However, when subtests contain deferred goroutines, the individual t.Run() calls should not use t.Parallel() to avoid flakiness. The comment "Tests will be flaky if run in parallel due to use of go routine in deferred function" specifically refers to subtest parallelization, not function-level parallelization.
packages/go/stbernard/workspace/workspace.go (1) 
Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.
packages/go/stbernard/workspace/golang/generate.go (3) 
Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.

Learnt from: LawsonWillard
PR: SpecterOps/BloodHound#1595
File: cmd/api/src/api/v2/saved_queries_test.go:2197-2197
Timestamp: 2025-06-17T22:37:50.192Z
Learning: In Go tests using table-driven patterns, t.Parallel() at the function level allows test functions to run in parallel with other test functions, which is generally beneficial. However, when subtests contain deferred goroutines, the individual t.Run() calls should not use t.Parallel() to avoid flakiness. The comment "Tests will be flaky if run in parallel due to use of go routine in deferred function" specifically refers to subtest parallelization, not function-level parallelization.

Learnt from: LawsonWillard
PR: SpecterOps/BloodHound#1595
File: cmd/api/src/api/v2/saved_queries_test.go:2594-2594
Timestamp: 2025-06-17T22:37:36.389Z
Learning: In Go table-driven tests, there's a distinction between main test function parallelism and subtest parallelism. Main test functions can safely use t.Parallel() for performance benefits, but individual subtests within table-driven tests may need to run sequentially to avoid race conditions with mocks, deferred functions, or shared resources.
packages/go/stbernard/workspace/golang/build.go (1) 
Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.
packages/go/stbernard/workspace/golang/goimports.go (1) 
Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.
packages/go/stbernard/workspace/yarn/yarn.go (2) 
Learnt from: superlinkx
PR: SpecterOps/BloodHound#1503
File: cmd/api/src/services/job/jobs_test.go:19-143
Timestamp: 2025-05-27T16:58:33.295Z
Learning: Tests in cmd/api/src/services/job/jobs_test.go have been found to be flaky in the past and are due for rewrite. They should be skipped with t.Skip() until they can be properly rewritten.

Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.
packages/go/stbernard/workspace/golang/sync.go (2) 
Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.

Learnt from: superlinkx
PR: SpecterOps/BloodHound#1503
File: cmd/api/src/services/job/jobs_test.go:19-143
Timestamp: 2025-05-27T16:58:33.295Z
Learning: Tests in cmd/api/src/services/job/jobs_test.go have been found to be flaky in the past and are due for rewrite. They should be skipped with t.Skip() until they can be properly rewritten.
packages/go/stbernard/git/git.go (1) 
Learnt from: zinic
PR: SpecterOps/BloodHound#1651
File: packages/go/stbernard/cmdrunner/cmdrunner.go:118-137
Timestamp: 2025-07-07T16:19:35.830Z
Learning: zinic designed the cmdrunner.ExecutionResult to implement the error interface as a safety measure to prevent nil dereference issues and eliminate the need for nil checks when commands fail. The error struct contains all necessary execution information, prioritizing API safety over Go conventions.
justfile (1) 
Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.
packages/go/stbernard/analyzers/golang/golang.go (2) 
Learnt from: superlinkx
PR: SpecterOps/BloodHound#1606
File: .golangci.json:3-5
Timestamp: 2025-06-25T18:23:53.103Z
Learning: In the BloodHound project's .golangci.json, errcheck linter is intentionally disabled because it was too noisy, but the severity override settings are preserved for when it gets re-enabled in the future.

Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.
packages/go/stbernard/command/analysis/analysis.go (1) 
Learnt from: zinic
PR: SpecterOps/BloodHound#1651
File: packages/go/stbernard/cmdrunner/cmdrunner.go:118-137
Timestamp: 2025-07-07T16:19:35.830Z
Learning: zinic designed the cmdrunner.ExecutionResult to implement the error interface as a safety measure to prevent nil dereference issues and eliminate the need for nil checks when commands fail. The error struct contains all necessary execution information, prioritizing API safety over Go conventions.
packages/go/stbernard/cmdrunner/cmdrunner.go (6) 
Learnt from: zinic
PR: SpecterOps/BloodHound#1651
File: packages/go/stbernard/cmdrunner/cmdrunner.go:118-137
Timestamp: 2025-07-07T16:19:35.830Z
Learning: zinic designed the cmdrunner.ExecutionResult to implement the error interface as a safety measure to prevent nil dereference issues and eliminate the need for nil checks when commands fail. The error struct contains all necessary execution information, prioritizing API safety over Go conventions.

Learnt from: superlinkx
PR: SpecterOps/BloodHound#1606
File: cmd/api/src/analysis/azure/post.go:33-35
Timestamp: 2025-06-25T17:52:33.291Z
Learning: In BloodHound Go code, prefer using explicit slog type functions like slog.Any(), slog.String(), slog.Int(), etc. over simple key-value pairs for structured logging. This provides better type safety and makes key-value pairs more visually distinct. For error types, use slog.Any("key", err) or slog.String("key", err.Error()).

Learnt from: superlinkx
PR: SpecterOps/BloodHound#1509
File: packages/go/stbernard/command/license/internal/cmd.go:49-51
Timestamp: 2025-05-29T18:24:23.227Z
Learning: In the stbernard package, use slog for all logging prints instead of fmt.Printf/fmt.Fprintf to maintain consistency with the codebase's logging standards.

Learnt from: superlinkx
PR: SpecterOps/BloodHound#1606
File: cmd/api/src/analysis/azure/post.go:33-35
Timestamp: 2025-06-25T18:24:25.014Z
Learning: In BloodHound Go code, for error types in slog structured logging, prefer using slog.String("key", err.Error()) over slog.Any("key", err). The explicit string conversion with err.Error() is preferred over using slog.Any() for error types.

Learnt from: superlinkx
PR: SpecterOps/BloodHound#1509
File: packages/go/stbernard/command/license/internal/cmd.go:49-51
Timestamp: 2025-05-29T18:38:42.769Z
Learning: In the stbernard package, use structured slog logging with explicit parameter functions like slog.String(), slog.Int(), etc. instead of fmt.Sprintf() with slog for new logs. Example: slog.Warn("message", slog.String("key", value)) rather than slog.Warn(fmt.Sprintf("message %s", value)).

Learnt from: superlinkx
PR: SpecterOps/BloodHound#1503
File: cmd/api/src/services/upload/upload.go:70-84
Timestamp: 2025-05-27T17:28:37.963Z
Learning: The current pattern in upload.go of passing both io.ReadCloser and *os.File to validation functions creates unclear resource ownership and makes lifecycle management error-prone. The user identified this as a "logical mess" that should be refactored to separate validation concerns from file I/O management.
packages/go/stbernard/analyzers/analyzers.go (1) 
Learnt from: superlinkx
PR: SpecterOps/BloodHound#1606
File: .golangci.json:3-5
Timestamp: 2025-06-25T18:23:53.103Z
Learning: In the BloodHound project's .golangci.json, errcheck linter is intentionally disabled because it was too noisy, but the severity override settings are preserved for when it gets re-enabled in the future.
packages/go/stbernard/analyzers/codeclimate/codeclimate.go (1) 
Learnt from: superlinkx
PR: SpecterOps/BloodHound#1606
File: .golangci.json:3-5
Timestamp: 2025-06-25T18:23:53.103Z
Learning: In the BloodHound project's .golangci.json, errcheck linter is intentionally disabled because it was too noisy, but the severity override settings are preserved for when it gets re-enabled in the future.
🧬 Code Graph Analysis (9)
packages/go/stbernard/workspace/golang/tester.go (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)
  • RunInteractive (153-163)
packages/go/stbernard/workspace/workspace.go (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)
  • RunInteractive (153-163)
packages/go/stbernard/workspace/redoc/redoc.go (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)
  • RunInteractive (153-163)
packages/go/stbernard/workspace/golang/generate.go (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)
  • RunInteractive (153-163)
packages/go/stbernard/workspace/golang/build.go (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)
  • RunInteractive (153-163)
packages/go/stbernard/workspace/golang/goimports.go (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)
  • RunInteractive (153-163)
packages/go/stbernard/workspace/yarn/yarn.go (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)
  • RunInteractive (153-163)
packages/go/stbernard/workspace/golang/sync.go (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)
  • RunInteractive (153-163)
packages/go/stbernard/git/git.go (1)
packages/go/stbernard/cmdrunner/cmdrunner.go (1)
  • ExecutionError (61-63)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
  • GitHub Check: Build BloodHound Container Image / Build and Package Container
  • GitHub Check: run-analysis
  • GitHub Check: build-ui
  • GitHub Check: run-tests
🔇 Additional comments (42)
packages/go/stbernard/workspace/golang/tester.go (1)

86-86: Good change to enable interactive test execution.

The switch from cmdrunner.Run to cmdrunner.RunInteractive will provide real-time output streaming during test execution, improving the user experience by showing progress as tests run.

packages/go/stbernard/git/git.go (1)

88-88: Correct update to align with cmdrunner refactoring.

The change from *cmdrunner.ExecutionResult to *cmdrunner.ExecutionError is consistent with the cmdrunner package refactoring. Since ExecutionError embeds ExecutionResult, the .ReturnCode field remains accessible.

packages/go/stbernard/workspace/redoc/redoc.go (1)

46-46: Good change to enable interactive OpenAPI doc generation.

The switch from cmdrunner.Run to cmdrunner.RunInteractive will provide real-time output streaming during OpenAPI documentation generation, helping users track progress.

packages/go/stbernard/workspace/workspace.go (1)

120-120: Good change to enable interactive schema generation.

The switch from cmdrunner.Run to cmdrunner.RunInteractive will provide real-time output streaming during schema generation, improving visibility into the process.

packages/go/stbernard/workspace/golang/sync.go (2)

49-49: LGTM: Interactive execution for go mod tidy

The switch to RunInteractive enables real-time output streaming for go mod tidy operations, which improves user experience during dependency management tasks.

75-75: LGTM: Interactive execution for go work sync

The switch to RunInteractive enables real-time output streaming for go work sync operations, providing better feedback during workspace synchronization.

packages/go/stbernard/workspace/golang/goimports.go (1)

35-35: LGTM: Interactive execution for goimports

The switch to RunInteractive enables real-time output streaming for the goimports tool, providing better feedback during code formatting operations.

packages/go/stbernard/workspace/golang/generate.go (1)

112-112: LGTM: Interactive execution for go generate

The switch to RunInteractive enables real-time output streaming for go generate operations, which is particularly beneficial for code generation tasks that can be time-consuming.

justfile (2)

43-44: LGTM: Simplified analyze recipe

The changes streamline the analyze recipe by removing the jq processing step and enabling direct flag passing to the stbernard analysis command, which aligns with the refactored analysis output handling.

66-66: LGTM: Removed output redirection in prep steps

The removal of output redirection aligns with the analysis command now handling output formatting internally, simplifying the preparation workflow.

packages/go/stbernard/workspace/yarn/yarn.go (4)

66-66: LGTM: Interactive execution for yarn install

The switch to RunInteractive enables real-time output streaming for yarn install operations, providing better feedback during dependency installation.

81-81: LGTM: Interactive execution for yarn format

The switch to RunInteractive enables real-time output streaming for yarn format operations, improving user experience during code formatting tasks.

95-95: LGTM: Interactive execution for yarn build

The switch to RunInteractive enables real-time output streaming for yarn build operations, providing better feedback during build processes.

109-109: LGTM: Interactive execution for yarn test

The switch to RunInteractive enables real-time output streaming for yarn test operations, improving user experience during test execution with coverage reporting.

packages/go/stbernard/workspace/golang/build.go (1)

101-101: LGTM! Consistent with interactive execution pattern.

The change to RunInteractive aligns with the broader refactoring across workspace packages to enable real-time output streaming during build operations.

packages/go/stbernard/command/analysis/analysis.go (4)

32-34: LGTM! Enhanced usage formatting.

The addition of UsageFmt constant provides better structured usage output formatting.

38-39: LGTM! Clean addition of severity control flag.

The new outputAllSeverity field properly extends the command structure to support the new functionality.

61-71: LGTM! Improved flag parsing with better variable naming.

The refactoring from cmd to flagSet improves code clarity, and the new -all flag is properly integrated with usage formatting.

82-82: LGTM! Correct integration with updated analyzers.Run signature.

The function call properly passes the new outputAllSeverity parameter and uses the updated signature.

packages/go/stbernard/analyzers/golang/golang.go (6)

20-20: LGTM! Necessary import for buffer handling.

The bytes import is required for the new output buffer handling pattern.

35-35: LGTM! Improved return type with severity mapping.

The change to codeclimate.SeverityMap enables better severity-based processing and aligns with the refactored analyzer architecture.

38-38: LGTM! Proper buffer initialization for output handling.

The output buffer variable correctly handles command output in both success and error cases.

47-57: LGTM! Robust error handling with output extraction.

The error handling correctly uses cmdrunner.ExecutionError type assertion to extract output from failed executions, ensuring JSON decoding can proceed in both success and error scenarios.

59-59: LGTM! Consistent JSON decoding from output buffer.

The JSON decoding now uses the unified output buffer regardless of command success or failure.

63-63: LGTM! Proper conversion to severity map.

The return statement correctly converts the entries to a severity map using the new codeclimate.NewSeverityMap function.

packages/go/stbernard/analyzers/js/js.go (8)

20-20: LGTM! Necessary import for buffer handling.

The bytes import is required for the new output buffer handling pattern, consistent with the golang analyzer.

47-47: LGTM! Improved return type with severity mapping.

The change to codeclimate.SeverityMap enables better severity-based processing and aligns with the refactored analyzer architecture.

54-54: LGTM! Consistent error handling.

Returning nil on error is appropriate for the new SeverityMap return type.

62-62: LGTM! Proper conversion to severity map.

The return statement correctly converts the entries to a severity map using the new codeclimate.NewSeverityMap function.

70-70: LGTM! Proper buffer initialization for output handling.

The output buffer variable correctly handles command output in both success and error cases, consistent with the golang analyzer pattern.

76-86: LGTM! Robust error handling with output extraction.

The error handling correctly uses cmdrunner.ExecutionError type assertion to extract output from failed executions, ensuring JSON decoding can proceed in both success and error scenarios.

88-88: LGTM! Consistent JSON decoding from output buffer.

The JSON decoding now uses the unified output buffer regardless of command success or failure.

94-94: LGTM! Improved type safety with severity constants.

The change from string literals to typed codeclimate.Severity constants improves type safety and consistency across the codebase.

Also applies to: 98-98, 100-100, 102-102

packages/go/stbernard/analyzers/analyzers.go (4)

23-23: LGTM! Necessary imports for the refactored architecture.

The addition of codeclimate and workspace imports supports the new severity-based processing and workspace path handling.

Also applies to: 27-27

34-59: LGTM! Well-structured severity output handling.

The outputSeverityMap function correctly processes severity maps with proper priority ordering, conditional output based on severity levels, and appropriate exit error handling for high severity issues.

65-65: LGTM! Improved function signature with workspace integration.

The new signature properly accepts workspace paths and environment, along with the output control flag, replacing the previous individual path parameters.

68-78: LGTM! Clean orchestration of analyzer execution.

The refactored implementation correctly runs both Go and JavaScript analyzers with the new signature, processes their severity maps, and accumulates exit errors appropriately.

packages/go/stbernard/cmdrunner/cmdrunner.go (5)

21-21: LGTM: Context import added for logging level checks.

The context import is properly added to support the logging level check in the RunInteractive function.

60-76: LGTM: Clean error handling refactor with ExecutionError wrapper.

The introduction of ExecutionError as a wrapper around ExecutionResult properly separates concerns and follows Go conventions better than having ExecutionResult implement the error interface directly.

127-143: LGTM: Improved error handling in run function.

The refactored run function now properly returns ExecutionError for exit errors and preserves other system errors, providing cleaner error handling semantics.

145-149: LGTM: Clean separation of concerns in Run function.

The Run function now properly delegates to the run function, maintaining a clean separation between command preparation and execution.

151-163: LGTM: RunInteractive function provides real-time output streaming.

The RunInteractive function correctly implements interactive command execution with conditional output streaming based on logging level. The MultiWriter approach properly maintains both buffered output and real-time streaming.

superlinkx
superlinkx reviewed Jul 8, 2025
View reviewed changes
computator
computator reviewed Jul 8, 2025
View reviewed changes
superlinkx
superlinkx approved these changes Jul 8, 2025
View reviewed changes
Copy link
Contributor

@superlinkx superlinkx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving, the two cleanup comments are probably worth a final commit, but there's nothing functional needed at this stage. Local testing shows it works quite effectively.

Confirmed my direct file:line links in my integrated terminal work again, so I'm more than happy with these QoL upgrades.

coderabbitai[bot]
coderabbitai bot reviewed Jul 9, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

♻️ Duplicate comments (1)
packages/go/stbernard/analyzers/codeclimate/codeclimate.go (1)

45-52: Verify if eslint severities need to be supported.

Based on the previous review comment, eslint uses severities like "error" and "warning" that aren't included here. If this code needs to handle eslint output, consider adding these severities or implementing a mapping mechanism.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0c437f4 and 279d0a8.

📒 Files selected for processing (16)
  • justfile (2 hunks)
  • packages/go/stbernard/analyzers/analyzers.go (1 hunks)
  • packages/go/stbernard/analyzers/codeclimate/codeclimate.go (2 hunks)
  • packages/go/stbernard/analyzers/golang/golang.go (2 hunks)
  • packages/go/stbernard/analyzers/js/js.go (2 hunks)
  • packages/go/stbernard/cmdrunner/cmdrunner.go (3 hunks)
  • packages/go/stbernard/command/analysis/analysis.go (3 hunks)
  • packages/go/stbernard/git/git.go (1 hunks)
  • packages/go/stbernard/workspace/golang/build.go (1 hunks)
  • packages/go/stbernard/workspace/golang/generate.go (1 hunks)
  • packages/go/stbernard/workspace/golang/goimports.go (1 hunks)
  • packages/go/stbernard/workspace/golang/sync.go (2 hunks)
  • packages/go/stbernard/workspace/golang/tester.go (1 hunks)
  • packages/go/stbernard/workspace/redoc/redoc.go (1 hunks)
  • packages/go/stbernard/workspace/workspace.go (1 hunks)
  • packages/go/stbernard/workspace/yarn/yarn.go (4 hunks)
🚧 Files skipped from review as they are similar to previous changes (15)
  • packages/go/stbernard/workspace/golang/tester.go
  • packages/go/stbernard/workspace/golang/build.go
  • packages/go/stbernard/workspace/redoc/redoc.go
  • packages/go/stbernard/workspace/golang/goimports.go
  • packages/go/stbernard/workspace/golang/sync.go
  • packages/go/stbernard/workspace/workspace.go
  • packages/go/stbernard/workspace/yarn/yarn.go
  • justfile
  • packages/go/stbernard/workspace/golang/generate.go
  • packages/go/stbernard/git/git.go
  • packages/go/stbernard/command/analysis/analysis.go
  • packages/go/stbernard/analyzers/golang/golang.go
  • packages/go/stbernard/analyzers/js/js.go
  • packages/go/stbernard/analyzers/analyzers.go
  • packages/go/stbernard/cmdrunner/cmdrunner.go
🧰 Additional context used
🧠 Learnings (2)
📓 Common learnings 
Learnt from: zinic
PR: SpecterOps/BloodHound#1573
File: packages/go/dawgs/drivers/pg/query/sql/schema_up.sql:514-581
Timestamp: 2025-06-12T15:42:11.258Z
Learning: Contributor "zinic" prefers not to receive automated refactor suggestions/comments on their pull requests.
packages/go/stbernard/analyzers/codeclimate/codeclimate.go (3) 
Learnt from: superlinkx
PR: SpecterOps/BloodHound#1606
File: .golangci.json:3-5
Timestamp: 2025-06-25T18:23:53.103Z
Learning: In the BloodHound project's .golangci.json, errcheck linter is intentionally disabled because it was too noisy, but the severity override settings are preserved for when it gets re-enabled in the future.

Learnt from: zinic
PR: SpecterOps/BloodHound#1573
File: packages/go/dawgs/drivers/pg/query/sql/schema_up.sql:514-581
Timestamp: 2025-06-12T15:42:11.258Z
Learning: Contributor "zinic" prefers not to receive automated refactor suggestions/comments on their pull requests.

Learnt from: elikmiller
PR: SpecterOps/BloodHound#1563
File: packages/go/graphschema/azure/azure.go:24-24
Timestamp: 2025-06-06T23:12:14.181Z
Learning: In BloodHound, files in packages/go/graphschema/*/`*.go` are generated from CUE schemas. When `just prepare-for-codereview` is run, it triggers code generation that may automatically add import aliases or other formatting changes. These changes are legitimate outputs of the generation process, not manual edits that would be overwritten.
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
  • GitHub Check: Build BloodHound Container Image / Build and Package Container
  • GitHub Check: build-ui
  • GitHub Check: run-analysis
  • GitHub Check: run-tests
🔇 Additional comments (1)
packages/go/stbernard/analyzers/codeclimate/codeclimate.go (1)

63-78: Priority method correctly handles all severity levels.

Good job fixing the previously missing SeverityMajor case. The priority ordering is now complete and consistent.

@zinic zinic enabled auto-merge (squash) July 9, 2025 15:23
@zinic zinic merged commit 85bb2dc into main Jul 9, 2025
9 checks passed
@zinic zinic deleted the BED-6138 branch July 9, 2025 15:33
@github-actions github-actions bot locked and limited conversation to collaborators Jul 9, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@superlinkx superlinkx superlinkx approved these changes

@computator computator computator approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@zinic @superlinkx @computator