--- allowed-tools: Bash(git diff:*), Bash(git log:*), Bash(git status:*), Bash(dotnet build:*), Bash(dotnet test:*), Read, Grep, Glob, Edit description: Comprehensive code review of recent changes --- ## Context - Current branch: !`git branch --show-current` - Recent commits on this branch: !`git log --oneline -10` - Changed files: !`git diff --name-only HEAD~5 2>/dev/null || git diff --name-only` - Staged changes: !`git diff --cached --stat` ## Code Review Checklist Perform a comprehensive code review of recent changes. For each category, check the changed files and report findings. ### 1. Code Conventions - Follows Clean Architecture layer separation (Domain → Application → Infrastructure → Web) - Proper namespacing and file organization - XML documentation on public members (English) - Consistent naming (PascalCase for public, camelCase for private) - No magic strings/numbers - use constants or enums - DTOs in Application layer, Entities in Domain ### 2. Error Handling & Loading States - Try-catch with proper exception types - Blazor components handle loading states (`IsLoading` patterns) - Null checks where appropriate - Validation on user inputs - Graceful degradation on failures ### 3. Accessibility (a11y) - MudBlazor components use `aria-*` attributes where needed - Proper `Label` properties on form fields - Color contrast considerations - Keyboard navigation support - Screen reader compatibility ### 4. Test Coverage - New public methods have unit tests - Tests in `test/Koogle.Tests` follow existing patterns - Use FluentAssertions and Moq - Edge cases covered - Run: `dotnet test test/Koogle.Tests` ### 5. Security - No SQL injection (use parameterized queries/EF Core) - No XSS vulnerabilities (Blazor auto-escapes, but check `MarkupString`) - Authorization attributes on protected endpoints - Sensitive data not logged - Input validation on boundaries - CSRF protection maintained ### 6. Performance - No N+1 query patterns (use `.Include()` appropriately) - Async/await used correctly - No blocking calls in async context - Large collections paginated - Expensive operations cached where appropriate ### 7. Documentation - CLAUDE.md updated if new patterns introduced - Implementation plan updated if phase completed - Public APIs documented with XML comments ## Your Task 1. Review all changed files against each checklist category 2. Build the project: `dotnet build` 3. Run tests: `dotnet test test/Koogle.Tests` 4. Report findings per category with file:line references 5. Suggest fixes for any issues found 6. If new patterns discovered, update CLAUDE.md accordingly 7. Provide overall assessment: PASS / PASS WITH NOTES / NEEDS CHANGES