Claude Code can help review code to find bugs, performance issues, best practice violations, and security vulnerabilities. This supplements (not replaces) human review.
Claude Code có thể giúp review code để tìm bugs, vấn đề performance, vi phạm best practices và lỗ hổng bảo mật. Điều này bổ sung (không thay thế) human review.
1# Review current changes2"review my changes for bugs and issues"34# Review specific file5"review UserService.ts for security issues"67# Review a PR (with GitHub MCP)8"review PR #123 and provide feedback"910# Focused review11"check this function for edge cases I might have missed"- Logic errors: bugs, off-by-one, missing null checks.
Logic errors: bugs, off-by-one, null checks thiếu.
- Security: injection, XSS, authentication issues.
Security: injection, XSS, authentication issues.
- Performance: N+1 queries, unnecessary loops, memory leaks.
Performance: N+1 queries, unnecessary loops, memory leaks.
- Best practices: naming, structure, SOLID principles.
Best practices: naming, structure, SOLID principles.
- Type safety: TypeScript errors, missing types.
Type safety: TypeScript errors, missing types.
Claude can help write tests, analyze test coverage, and identify edge cases that need testing.
Claude có thể giúp viết tests, phân tích test coverage, và xác định các edge cases cần test.
1# Generate tests for a function2"write unit tests for the calculateDiscount function"34# Generate tests for edge cases5"what edge cases should I test for this validation function?"67# Run and fix failing tests8"run the tests and fix any failures"910# Improve test coverage11"analyze test coverage and suggest missing tests"UltraQA is a workflow that automatically runs build, lint, tests and fixes failures until everything passes.
UltraQA là workflow tự động chạy build, lint, tests và fix failures cho đến khi mọi thứ pass.
1# Start UltraQA2/ultraqa34# UltraQA cycle:5# 1. Run build6# 2. Run lint7# 3. Run tests8# 4. If failures → fix and repeat9# 5. Max 5 cycles or until all pass1# Set up continuous QA during development2/loop 5m "run tests and report any failures"34# After each change5"verify my changes don't break existing tests"Code Reviewer agent provides structured feedback with severity levels so you know which issues need immediate attention.
Code Reviewer agent cung cấp feedback có cấu trúc với severity levels để bạn biết vấn đề nào cần fix ngay.
1# Example review output:2## Critical (must fix)3- Line 45: SQL injection vulnerability in user query45## High (should fix)6- Line 78: Missing error handling for API call7- Line 92: Race condition in concurrent update89## Medium (consider)10- Line 23: Function too long, consider extracting1112## Low (style)13- Line 15: Inconsistent naming conventionFocus vào Critical và High issues trước. Low severity có thể để lại cho refactoring sau.
Security Reviewer agent specializes in finding security vulnerabilities per OWASP Top 10 and unsafe patterns.
Security Reviewer agent chuyên tìm lỗ hổng bảo mật theo OWASP Top 10 và các pattern không an toàn.
1# Security-focused review2"review this auth code for security vulnerabilities"34# OWASP checks5"check for OWASP Top 10 vulnerabilities"67# Secrets scanning8"scan for exposed secrets or credentials"Key Takeaways
Điểm Chính
- AI review supplements human review, not replaces itAI review bổ sung cho human review, không thay thế
- Reviews cover logic, security, performance, and best practicesReview bao gồm logic, security, performance và best practices
- UltraQA automatically fixes failures until tests passUltraQA tự động fix failures cho đến khi tests pass
- Structured feedback has severity levels for prioritizationFeedback có cấu trúc với severity levels để ưu tiên
Practice
Test your understanding of this chapter
What does UltraQA do?
UltraQA làm gì?
AI code review should completely replace human review.
AI code review nên thay thế hoàn toàn human review.
Complete the command to start QA workflow
Hoàn thành lệnh để bắt đầu QA workflow
/
Which severity should you fix first?
Severity nào nên fix trước?