Each PR on
vets-website will run through an automated process which looks for code additions/modifications which could be considered bad for the platform. If a potential issue is found, a bot will leave an automated comment and request a review from the frontend-review-group.
Any of the following items if found in a PR diff will prompt a manual review
A call to
ESLint being disabled
An icon being added with
Adding a new trigger
The automation right now only supports triggers in the form of regular expressions. If you can represent your trigger in the form of a regular expression then all you should need to do is add a bit of YAML config.
In the Github Actions workflow file there is a
jobs section that has an list of
steps that contain each check:
jobs: eslint-disable-check: ... icon-check: ... sentry-check: ...
Each of these jobs has its own specification up in the section of the YAML config. There is some boiler-plate config that must be included, but to add a new trigger you will only need to change three environment variables:
We review logs to Sentry to ensure that any new logs will be useful and will not contain PII.
Don't log an entire request response if all that's important is an error code
Don't log user-identifying information such as names, emails, or user IDs
We have various ESLint rules in place to help improve code quality. Disabling ESLint rules will be evaluated on a case-by-case basis.
We use Font Awesome as a dependency, which uses the
<i> tag for adding icons. Sometimes an icon is used purely as decoration, but other times it is used to convey meaning to the user.
We review to ensure that whenever an icon is being used semantically, those semantics are also conveyed to a screen reader.
Required environment variables
The script relies on some environment variables.
Configured in the github action
Regex pattern which will trigger a review comment if found
Review comment for an individual line comment
Review comment for the whole review