Day 2 / Andriy Zhmaylo Workshop Assignment#6
Open
andzhm wants to merge 1 commit intokoldovsky:masterfrom
Open
Conversation
WalkthroughДодано набір конфігураційних файлів Cursor IDE та документацію проєкту: чотири нові команди для автоматизації (тестування, створення компонентів, рефакторинг, перевірка безпеки), п'ять правил кодування (конвенції, CSS, архітектура, безпека, тестування) та кореневий документ AGENTS.md для керування поведінкою AI-агентів у репозиторії. Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Примітки ментора
|
| Check name | Status | Explanation | Resolution |
|---|---|---|---|
| Minimum 6 Rules | 6 файлів створено, але do-not-touch.mdc порожній (без description), 5/6 правил не мають секції 'How to verify', правила занадто генеричні. | Додайте обов'язкову секцію '## How to verify' з конкретними кроками до кожного правила. Наповніть do-not-touch.mdc змістом й описом. Зробіть правила специфічнішими для Excalidraw. | |
| A/B Validation Document | A/B валідаційний документ повністю відсутній у PR. Не знайдено файлу docs/ab-validation.md або директорії docs/ab-validation/ з обов'язковими 5 елементами (назва правила, сценарій, результат A, результат B, висновок). | Створіть файл docs/ab-validation.md та документуйте тестування вибраного правила: яке правило, точний prompt, результат без правила, результат з правилом, висновок про вплив. |
✅ Passed checks (5 passed)
| Check name | Status | Explanation |
|---|---|---|
| Description Check | ✅ Passed | Check skipped - CodeRabbit’s high-level summary is enabled. |
| Title check | ✅ Passed | Заголовок відповідає формату вимог з назвою учасника та днем воркшопу, але використовує '/' замість '—' (довіра/тире). |
| Docstring Coverage | ✅ Passed | No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check. |
| Minimum 2 Custom Commands | ✅ Passed | PR містить 4 команди в .cursor/commands/ з чіткою структурою (frontmatter + пронумеровані кроки), clear instructions та substantive content. Мінімум 2 команди перевищено. |
| Agents.Md Complete | ✅ Passed | AGENTS.md існує з 114 рядків, містить 5 з 7 обов'язкових секцій з substantive content, що задовольняє критерій «5+». Однак критично відсутні Project Overview та Tech Stack для повноти контексту. |
✏️ Tip: You can configure your own custom pre-merge checks in the settings.
✨ Finishing Touches
🧪 Generate unit tests (beta)
- Create PR with unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.
Comment @coderabbitai help to get the list of available commands and usage tips.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 15
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.cursor/commands/add-test-for-component.md:
- Line 5: Add a top-level H1 heading to the markdown (immediately after the
frontmatter) to satisfy markdownlint MD041; update the file containing the line
"Add or update tests for the React component named $ARGUMENTS:" by inserting a
clear H1 like "# Add or update tests for the React component" (or include
$ARGUMENTS in the title) so the document begins with an explicit H1 as required.
In @.cursor/commands/create-react-component-with-test.md:
- Around line 5-14: The markdown file is missing a top-level H1 header after the
frontmatter and a final trailing newline; update
.cursor/commands/create-react-component-with-test.md to insert a single H1 line
immediately after the YAML frontmatter block (e.g., a descriptive "# Create
React component with test" header) and ensure the file ends with one newline
character so there is exactly one trailing blank line at EOF.
- Around line 7-12: Add an explicit step after step 5 to run the nearest
relevant test suite for the colocated test file created in step 5: invoke the
project's test runner (e.g., pnpm/npm/yarn test or vitest/jest) targeting the
generated test file or its directory (so the runner verifies the new
{Name}.test.*), and ensure the generator fails/returns non‑zero if tests do not
pass; reference the "colocated test file" created in step 5 as the target to
run.
In @.cursor/commands/refactor-code.md:
- Around line 5-12: The instructions in .cursor/commands/refactor-code.md (the
Refactor a React component named $ARGUMENTS section) are too vague and
grammatically weak; rewrite this command to be specific, corrected for grammar,
and include an explicit expected result and example usage: replace the current
steps with concrete actions (e.g., "1. Read target file(s) specified by
$ARGUMENTS; 2. Match patterns against .cursor/rules and list rule hits; 3.
Identify DRY/code-smell instances and list suggested refactors; 4. Produce a
proposed refactored code snippet and ensure it compiles; 5. Provide a short
changelog summarizing modifications"), add a sample CLI invocation and a sample
before/after output snippet, and ensure the command description references
$ARGUMENTS so the caller knows what to pass.
In @.cursor/commands/security-check.md:
- Around line 5-14: Add a top-level H1 heading immediately after the existing
frontmatter in the Markdown (insert a single line starting with "# " and the
document title or summary) and ensure the file ends with exactly one newline
character (no extra blank lines); locate the frontmatter block and update the
content following it to insert the H1 and verify/trim the EOF so there's a
single trailing newline.
- Around line 7-12: Update the generic security checklist to add explicit
Excalidraw-specific checks: include a step to validate SVG/XSS sanitization for
embedded SVGs, a step to verify safe import/handling of .excalidraw and library
data (schema/whitelist/size checks), a step to review collaborative flow for
access controls and data exposure (presence of per-room permissions and
telemetry limits), and a required "security-callout" entry in the PR summary
that flags any security-sensitive behavior changes; ensure these items are added
alongside the existing numbered checklist so reviewers must confirm them before
sign-off.
In @.cursor/rules/conventions.mdc:
- Around line 1-25: Add a mandatory "How to verify" subsection to each rule in
.cursor/rules/conventions.mdc that gives a concrete, testable checklist or
commands for validating the rule (e.g., lint commands, unit-test names, or
manual steps); replace generic items under "Components", "TypeScript", and
"Files" with Excalidraw-specific checks (examples: conventions for element
utilities in src/element/, rules for interacting with canvas context, naming
conventions for action creators, and expected structure for geometry/math
utilities) and include a verification step for each new rule showing exactly how
to confirm compliance (lint rule or grep pattern, unit test name, or sample code
snippet to run).
In @.cursor/rules/css-conventions.mdc:
- Around line 3-25: The CSS rule is too generic and lacks verification steps;
update the rule in the CSS Conventions block to target Excalidraw-specific
patterns (editor/canvas components) by narrowing globs from "**/*.css,**/*.scss"
to module-scoped patterns (e.g., component directories) and add a "How to
verify" section with concrete checks (examples: confirm no global resets, ensure
variables used for Excalidraw tokens, verify selectors are limited to
.excalidraw- or component-specific classes, and run a quick style smoke test on
the editor/canvas). Also adjust the Maintainability/Tokens and Values/Safety and
Scope items to reference Excalidraw conventions (e.g., prefer --excalidraw-
variables, avoid !important in canvas controls) so the rule is actionable and
verifiable.
In @.cursor/rules/do-not-touch.mdc:
- Around line 1-3: The rule file contains only frontmatter with alwaysApply and
is missing required metadata and verification steps; update the frontmatter to
include a descriptive "description" field, add meaningful rule content
explaining the specific Excalidraw constraint this rule enforces (make it
concrete and testable), and append a "How to verify" section with step-by-step
verification steps that confirm the rule applies to Excalidraw artifacts; ensure
the rule text references Excalidraw explicitly and that the frontmatter and body
conform to the `.cursor/rules/*.mdc` guidelines (include the existing
alwaysApply key alongside the new description and verification sections).
In @.cursor/rules/project-architecture.mdc:
- Around line 12-13: The rule references incorrect symbols: replace uses of
actionManager.dispatch() with the actual API executeAction() (refer to the
actions manager implementation where executeAction is exported) and correct the
AppState type reference to use the repository's Excalidraw types module (the
exported AppState type from the project types module) instead of the wrong
src/types.ts; update the rule text to name the real symbol executeAction and the
real type symbol AppState from the project's types module so generated code
points to existing APIs.
- Around line 18-24: The "Render pipeline: Scene -> renderScene()" rule is too
vague and missing a "How to verify" section; update the rule text to explicitly
describe the Excalidraw-specific render flow (e.g., Scene model ->
layout/transform -> renderScene() invocation -> canvas 2D context draw calls and
any post-processing), remove/keep the prohibition on
react-konva/fabric.js/pixi.js as-is, and add a concrete "How to verify" section
that lists steps to validate behavior (unit/integration test targets, manual
verification steps in Excalidraw, expected DOM/canvas outputs and performance
checks). Reference the existing rule header "Render pipeline: Scene ->
renderScene()" and ensure the new text mentions renderScene(), Scene, canvas
context, and verification steps.
In @.cursor/rules/security-rules.mdc:
- Around line 7-30: The Security Rules section is too generic for this repo and
missing Excalidraw-specific controls and a "How to verify" section; update the
existing headings ("Secrets and Sensitive Data", "Input and Output Safety",
"Access and Permissions", "Dependencies and Risky Changes") to include concrete
rules for Excalidraw: add explicit SVG/XSS mitigation guidance (sanitize
imported SVGs, forbid unsafe innerHTML, validate shape data), safe
import/handling rules for .excalidraw and library files (whitelist parsers,
validate JSON structure and types), collaboration/encryption and Firebase rules
(require end-to-end encryption flags, strict Firestore rules for drawing
documents), and require tests/CI checks for validation/sanitization; finally add
a "How to verify" subsection with reproducible verification steps and automated
test expectations so reviewers can validate each rule.
In @.cursor/rules/testing-conventions.mdc:
- Around line 1-31: Rename the "Agent Verification" section header to the exact
"How to verify" header and replace its contents with concrete, testable
verification steps (run the nearest relevant test file/suite, run lint and
typecheck for shared/type-heavy changes); additionally extend the rule with
Excalidraw-specific patterns: explicit guidance for canvas rendering tests
(mocking getContext("2d") / canvas API), action flow tests using
actionManager.dispatch(), collaboration/multi-user scenario patterns, and
geometry/math utilities testing patterns (deterministic inputs and edge cases);
ensure each new item is framed as a verifiable check (what to run/assert) so the
rule in .cursor/rules/testing-conventions.mdc is specific and testable.
In `@AGENTS.md`:
- Line 115: The file AGENTS.md is missing a trailing newline (MD047); add a
single newline character after the final line ("Call out security-sensitive
changes explicitly in summaries.") so the file ends with one blank line, save
and commit the change.
- Around line 1-16: Add a new "Project Overview" section under the "# AGENTS.md"
header with a 2–5 sentence summary describing Excalidraw (what the project is,
its purpose, and key features) and expand the existing "Quick Facts" / "Tech
Stack" area to explicitly list core technologies (React, TypeScript, Vite,
Vitest, Yarn workspaces) so AI agents have clear context; update the "Project
Overview" and "Tech Stack" headings in AGENTS.md accordingly.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: ASSERTIVE
Plan: Pro
Run ID: 5f970941-c501-40b4-9986-7f2d7ee058e8
⛔ Files ignored due to path filters (5)
packages/excalidraw/components/ElementPropertiesPanel.tsxis excluded by none and included by nonepackages/excalidraw/components/LayerUI.tsxis excluded by none and included by nonepackages/excalidraw/components/LockButton.tsxis excluded by none and included by nonepackages/excalidraw/components/MegaButton.test.tsxis excluded by none and included by nonepackages/excalidraw/components/MegaButton.tsxis excluded by none and included by none
📒 Files selected for processing (11)
.cursor/commands/add-test-for-component.md.cursor/commands/create-react-component-with-test.md.cursor/commands/refactor-code.md.cursor/commands/security-check.md.cursor/rules/conventions.mdc.cursor/rules/css-conventions.mdc.cursor/rules/do-not-touch.mdc.cursor/rules/project-architecture.mdc.cursor/rules/security-rules.mdc.cursor/rules/testing-conventions.mdcAGENTS.md
| description: "Add tests for a React component" | ||
| --- | ||
|
|
||
| Add or update tests for the React component named $ARGUMENTS: |
There was a problem hiding this comment.
Line 5: markdownlint MD041 валідно сигналізує, що після frontmatter має бути H1-заголовок.
As per coding guidelines: ".cursor/commands/*.md ... Файл містить чіткий опис, що команда робить" (для цього краще почати з явного H1).
🧰 Tools
🪛 markdownlint-cli2 (0.22.0)
[warning] 5-5: First line in a file should be a top-level heading
(MD041, first-line-heading, first-line-h1)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.cursor/commands/add-test-for-component.md at line 5, Add a top-level H1
heading to the markdown (immediately after the frontmatter) to satisfy
markdownlint MD041; update the file containing the line "Add or update tests for
the React component named $ARGUMENTS:" by inserting a clear H1 like "# Add or
update tests for the React component" (or include $ARGUMENTS in the title) so
the document begins with an explicit H1 as required.
Comment on lines
+5
to
+14
| Create a React component named $ARGUMENTS: | ||
|
|
||
| 1. Create the component file following project conventions | ||
| 2. Define a TypeScript props interface: `{Name}Props` | ||
| 3. Use functional component with hooks | ||
| 4. Use named export | ||
| 5. Create a colocated test file with basic render test | ||
| 6. Follow the patterns from existing components in the same directory | ||
|
|
||
| Check .cursor/rules/ for architecture and convention constraints. No newline at end of file |
There was a problem hiding this comment.
Line 5-14: додай H1 після frontmatter і один trailing newline в кінці файлу.
🧰 Tools
🪛 markdownlint-cli2 (0.22.0)
[warning] 5-5: First line in a file should be a top-level heading
(MD041, first-line-heading, first-line-h1)
[warning] 14-14: Files should end with a single newline character
(MD047, single-trailing-newline)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.cursor/commands/create-react-component-with-test.md around lines 5 - 14,
The markdown file is missing a top-level H1 header after the frontmatter and a
final trailing newline; update
.cursor/commands/create-react-component-with-test.md to insert a single H1 line
immediately after the YAML frontmatter block (e.g., a descriptive "# Create
React component with test" header) and ensure the file ends with one newline
character so there is exactly one trailing blank line at EOF.
Comment on lines
+7
to
+12
| 1. Create the component file following project conventions | ||
| 2. Define a TypeScript props interface: `{Name}Props` | ||
| 3. Use functional component with hooks | ||
| 4. Use named export | ||
| 5. Create a colocated test file with basic render test | ||
| 6. Follow the patterns from existing components in the same directory |
There was a problem hiding this comment.
Line 7-12: команда створює компонент і тест, але не вимагає виконати nearest test suite/конкретну команду верифікації. Для воркфлоу це критично, інакше результат може лишитись неперевіреним.
Based on learnings: "Run the nearest relevant test file/suite after changes."
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.cursor/commands/create-react-component-with-test.md around lines 7 - 12,
Add an explicit step after step 5 to run the nearest relevant test suite for the
colocated test file created in step 5: invoke the project's test runner (e.g.,
pnpm/npm/yarn test or vitest/jest) targeting the generated test file or its
directory (so the runner verifies the new {Name}.test.*), and ensure the
generator fails/returns non‑zero if tests do not pass; reference the "colocated
test file" created in step 5 as the target to run.
Comment on lines
+5
to
+12
| Refactor a React component named $ARGUMENTS: | ||
|
|
||
| 1. Read a files | ||
| 2. Check .cursor/rules to match it | ||
| 3. Check for DRY and code smell | ||
| 4. Propose changes regarding what was finded | ||
| 5. Check that new code compiles | ||
| 6. Describe what changes been done No newline at end of file |
There was a problem hiding this comment.
Line 5-12: інструкції загальні, з граматичними помилками, і без чіткого expected result/прикладу запуску (що саме має бути на виході після рефакторингу).
As per coding guidelines: ".cursor/commands/*.md ... Інструкції конкретні та корисні ... Приклади використання або очікуваний результат описані."
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.cursor/commands/refactor-code.md around lines 5 - 12, The instructions in
.cursor/commands/refactor-code.md (the Refactor a React component named
$ARGUMENTS section) are too vague and grammatically weak; rewrite this command
to be specific, corrected for grammar, and include an explicit expected result
and example usage: replace the current steps with concrete actions (e.g., "1.
Read target file(s) specified by $ARGUMENTS; 2. Match patterns against
.cursor/rules and list rule hits; 3. Identify DRY/code-smell instances and list
suggested refactors; 4. Produce a proposed refactored code snippet and ensure it
compiles; 5. Provide a short changelog summarizing modifications"), add a sample
CLI invocation and a sample before/after output snippet, and ensure the command
description references $ARGUMENTS so the caller knows what to pass.
Comment on lines
+5
to
+14
| Perform a security check for this project: | ||
|
|
||
| 1. Inspect current changes and identify security-sensitive files. | ||
| 2. Scan for obvious secrets, unsafe patterns, and risky defaults. | ||
| 3. Review auth, input handling, and data exposure paths in touched code. | ||
| 4. Check dependencies and scripts for known risky usage. | ||
| 5. Report findings by severity with file paths and concrete fixes. | ||
| 6. If no issues are found, state that clearly and note residual risks. | ||
|
|
||
| Check `.cursor/rules/` and `AGENTS.md` for project guardrails before suggesting changes. |
There was a problem hiding this comment.
Line 5-14: додай top-level heading після frontmatter і один newline в кінці файлу.
🧰 Tools
🪛 markdownlint-cli2 (0.22.0)
[warning] 5-5: First line in a file should be a top-level heading
(MD041, first-line-heading, first-line-h1)
[warning] 12-12: Files should end with a single newline character
(MD047, single-trailing-newline)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.cursor/commands/security-check.md around lines 5 - 14, Add a top-level H1
heading immediately after the existing frontmatter in the Markdown (insert a
single line starting with "# " and the document title or summary) and ensure the
file ends with exactly one newline character (no extra blank lines); locate the
frontmatter block and update the content following it to insert the H1 and
verify/trim the EOF so there's a single trailing newline.
Comment on lines
+18
to
+24
| - Render pipeline: Scene -> renderScene() -> canvas context | ||
| - DO NOT use react-konva, fabric.js, pixi.js | ||
|
|
||
| ## Dependencies | ||
|
|
||
| - No new npm packages without explicit approval | ||
| - Check src/utils/ before adding external helpers |
There was a problem hiding this comment.
Line 18-24: формулювання Scene -> renderScene() занадто спрощене для поточної архітектури, і в правилі відсутній розділ "How to verify". У такому вигляді агент отримує неточний орієнтир.
As per coding guidelines: "Тіло правила конкретне та стосується Excalidraw" і "Є секція 'How to verify'."
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.cursor/rules/project-architecture.mdc around lines 18 - 24, The "Render
pipeline: Scene -> renderScene()" rule is too vague and missing a "How to
verify" section; update the rule text to explicitly describe the
Excalidraw-specific render flow (e.g., Scene model -> layout/transform ->
renderScene() invocation -> canvas 2D context draw calls and any
post-processing), remove/keep the prohibition on react-konva/fabric.js/pixi.js
as-is, and add a concrete "How to verify" section that lists steps to validate
behavior (unit/integration test targets, manual verification steps in
Excalidraw, expected DOM/canvas outputs and performance checks). Reference the
existing rule header "Render pipeline: Scene -> renderScene()" and ensure the
new text mentions renderScene(), Scene, canvas context, and verification steps.
Comment on lines
+7
to
+30
| # Security Rules | ||
|
|
||
| ## Secrets and Sensitive Data | ||
|
|
||
| - Never hardcode secrets, tokens, passwords, or private keys. | ||
| - Do not commit credentials or `.env` values into source files or tests. | ||
| - Redact sensitive values in logs, test fixtures, and examples. | ||
|
|
||
| ## Input and Output Safety | ||
|
|
||
| - Treat all external/user input as untrusted and validate/sanitize it. | ||
| - Avoid unsafe HTML injection patterns; do not bypass sanitization intentionally. | ||
| - Validate URLs and external resource identifiers before use. | ||
|
|
||
| ## Access and Permissions | ||
|
|
||
| - Follow least-privilege principles when adding new capabilities. | ||
| - Do not broaden data access or permissions without explicit justification. | ||
|
|
||
| ## Dependencies and Risky Changes | ||
|
|
||
| - No new dependencies without explicit approval. | ||
| - Flag security-sensitive behavior changes in PR/summary notes. | ||
| - Add tests for security-relevant logic (validation, sanitization, permissions). |
There was a problem hiding this comment.
Line 7-30: зміст занадто загальний. Для цього репозиторію потрібні конкретні пункти про SVG/XSS, безпечний імпорт .excalidraw/library-файлів, collaboration encryption/Firebase rules, плюс верифікація правила.
As per coding guidelines: ".cursor/rules/security* ... Стосується реальних security-аспектів Excalidraw ... Має секцію 'How to verify'."
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.cursor/rules/security-rules.mdc around lines 7 - 30, The Security Rules
section is too generic for this repo and missing Excalidraw-specific controls
and a "How to verify" section; update the existing headings ("Secrets and
Sensitive Data", "Input and Output Safety", "Access and Permissions",
"Dependencies and Risky Changes") to include concrete rules for Excalidraw: add
explicit SVG/XSS mitigation guidance (sanitize imported SVGs, forbid unsafe
innerHTML, validate shape data), safe import/handling rules for .excalidraw and
library files (whitelist parsers, validate JSON structure and types),
collaboration/encryption and Firebase rules (require end-to-end encryption
flags, strict Firestore rules for drawing documents), and require tests/CI
checks for validation/sanitization; finally add a "How to verify" subsection
with reproducible verification steps and automated test expectations so
reviewers can validate each rule.
Comment on lines
+1
to
+31
| --- | ||
| description: "Testing standards for unit and component tests" | ||
| globs: **/*.test.ts,**/*.test.tsx | ||
| alwaysApply: false | ||
| --- | ||
|
|
||
| # Testing Conventions | ||
|
|
||
| ## Coverage Expectations | ||
|
|
||
| - Add or update tests for any behavior change. | ||
| - Prefer focused tests near the changed code over broad snapshot-only tests. | ||
| - Cover happy path and at least one failure/edge path when applicable. | ||
|
|
||
| ## Test Quality | ||
|
|
||
| - Use clear test names that describe behavior, not implementation details. | ||
| - Assert observable outcomes (rendered output, callbacks, state effects). | ||
| - Keep tests deterministic; avoid real timers/network unless explicitly needed. | ||
| - Reuse existing test utilities from the package before adding new helpers. | ||
|
|
||
| ## Safety | ||
|
|
||
| - Do not use `it.only`/`describe.only` or leave skipped tests unintentionally. | ||
| - Avoid overly broad snapshots that hide regressions. | ||
| - Keep test data minimal and readable. | ||
|
|
||
| ## Agent Verification | ||
|
|
||
| - Run the nearest relevant test file/suite after changes. | ||
| - For shared/type-heavy changes, also run lint and typecheck. |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial
Чеклист завдання вимагає секцію з назвою "How to verify". Хоча "Agent Verification" семантично близька, краще дотримуватись точної назви для консистентності з іншими правилами.
Поточні конвенції (clear test names, deterministic tests, avoid snapshots) — універсальні для будь-якого проєкту. Для Excalidraw варто додати специфічні патерни тестування:
- Як тестувати canvas rendering (використання
getContext("2d"), mock canvas API) - Як тестувати action flows через
actionManager.dispatch() - Як тестувати collaboration features (multi-user scenarios)
- Patterns для geometry/math utilities testing
♻️ Приклад доповнення
## Safety
- Do not use `it.only`/`describe.only` or leave skipped tests unintentionally.
- Avoid overly broad snapshots that hide regressions.
- Keep test data minimal and readable.
+
+## Excalidraw-Specific Testing Patterns
+
+- **Canvas rendering**: Mock `getContext("2d")` or use test utilities from `packages/excalidraw/tests/`
+- **Action flows**: Test via `actionManager.dispatch()`, verify state changes in `appState`/`elements`
+- **Geometry/math**: Use property-based testing for coordinate transforms where applicable
+- **Collaboration**: Test socket message handling, conflict resolution, multi-user state sync
-## Agent Verification
+## How to Verify
- Run the nearest relevant test file/suite after changes.
- For shared/type-heavy changes, also run lint and typecheck.
+- Example: After editing `LayerUI.tsx`, run `yarn test LayerUI.test.tsx`
+- Verify no `it.only` left: `rg "it\.only|describe\.only" --glob "**/*.test.{ts,tsx}"`Як per coding guidelines для .cursor/rules/*.mdc: правило має бути конкретним та перевірюваним, з секцією "How to verify".
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.cursor/rules/testing-conventions.mdc around lines 1 - 31, Rename the "Agent
Verification" section header to the exact "How to verify" header and replace its
contents with concrete, testable verification steps (run the nearest relevant
test file/suite, run lint and typecheck for shared/type-heavy changes);
additionally extend the rule with Excalidraw-specific patterns: explicit
guidance for canvas rendering tests (mocking getContext("2d") / canvas API),
action flow tests using actionManager.dispatch(), collaboration/multi-user
scenario patterns, and geometry/math utilities testing patterns (deterministic
inputs and edge cases); ensure each new item is framed as a verifiable check
(what to run/assert) so the rule in .cursor/rules/testing-conventions.mdc is
specific and testable.
Comment on lines
+1
to
+16
| # AGENTS.md | ||
|
|
||
| This file provides project-specific guidance for coding agents working in this repository. | ||
|
|
||
| ## Quick Facts | ||
|
|
||
| - Monorepo name: `excalidraw-monorepo` | ||
| - Package manager: `yarn@1.22.22` (use `yarn`, not `npm`) | ||
| - Node: `>=18.0.0` | ||
| - Main workspace areas: | ||
| - `excalidraw-app/` - app shell and app-specific runtime | ||
| - `packages/excalidraw/` - core editor package | ||
| - `packages/common/`, `packages/element/`, `packages/math/`, `packages/utils/` - shared modules | ||
| - `examples/` - integration examples | ||
| - `scripts/` - build/release/tooling scripts | ||
|
|
There was a problem hiding this comment.
❌ Відсутня секція "Project Overview"
Згідно з вимогами завдання, AGENTS.md має містити короткий опис проєкту Excalidraw (2-5 речень). Це критично для AI-агентів, щоб розуміти контекст: що це за проєкт, яка його мета, основні особливості.
У "Quick Facts" згадується лише yarn та Node, але немає явного переліку ключових технологій:
- React (UI framework)
- TypeScript (мова)
- Vite (bundler для dev/production)
- Vitest (testing framework)
- Yarn workspaces (monorepo management)
📋 Приклад доповнення
Додай на початку файлу (після заголовка):
# AGENTS.md
This file provides project-specific guidance for coding agents working in this repository.
+
+## Project Overview
+
+Excalidraw is an open-source virtual whiteboard for sketching hand-drawn diagrams and collaborating in real-time. The editor provides an infinite canvas with primitive shapes (rectangles, ellipses, arrows, text, freehand), supports multi-user collaboration via WebRTC/WebSocket, and renders everything to HTML5 Canvas. The project is built as a monorepo containing the core editor package, app shell, and shared utility libraries.
## Quick Facts
- Monorepo name: `excalidraw-monorepo`
- Package manager: `yarn@1.22.22` (use `yarn`, not `npm`)
- Node: `>=18.0.0`
+
+## Tech Stack
+
+- **UI Framework**: React 18+ (functional components, hooks)
+- **Language**: TypeScript (strict mode)
+- **Build Tool**: Vite (dev server + production builds)
+- **Testing**: Vitest (unit/integration), React Testing Library
+- **Monorepo**: Yarn workspaces
+- **Rendering**: HTML5 Canvas API (native, no abstraction libraries)
+
- Main workspace areas:Як per coding guidelines для AGENTS.md: мінімум 5 з 7 секцій мають бути присутні та заповнені — у вас 5/7 ✅, але Project Overview та повний Tech Stack критичні для розуміння контексту.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@AGENTS.md` around lines 1 - 16, Add a new "Project Overview" section under
the "# AGENTS.md" header with a 2–5 sentence summary describing Excalidraw (what
the project is, its purpose, and key features) and expand the existing "Quick
Facts" / "Tech Stack" area to explicitly list core technologies (React,
TypeScript, Vite, Vitest, Yarn workspaces) so AI agents have clear context;
update the "Project Overview" and "Tech Stack" headings in AGENTS.md
accordingly.
| - Never commit secrets, credentials, or private tokens. | ||
| - Validate and sanitize untrusted inputs where relevant. | ||
| - Avoid risky defaults that can leak data or broaden permissions. | ||
| - Call out security-sensitive changes explicitly in summaries. No newline at end of file |
There was a problem hiding this comment.
Файл має закінчуватися одним порожнім рядком (newline character). Це стандарт POSIX та вимога більшості linters.
🔧 Виправлення
Додай порожній рядок в кінці файлу після останнього речення:
- Call out security-sensitive changes explicitly in summaries.
+Based on learnings from static analysis tools: markdownlint-cli2 flags MD047 (single-trailing-newline).
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| - Call out security-sensitive changes explicitly in summaries. | |
| - Call out security-sensitive changes explicitly in summaries. | |
🧰 Tools
🪛 markdownlint-cli2 (0.22.0)
[warning] 115-115: Files should end with a single newline character
(MD047, single-trailing-newline)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@AGENTS.md` at line 115, The file AGENTS.md is missing a trailing newline
(MD047); add a single newline character after the final line ("Call out
security-sensitive changes explicitly in summaries.") so the file ends with one
blank line, save and commit the change.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Day 2: Workshop Assignment
Учасник:
Чеклист
.cursor/rules/(кожне з секцією "How to verify").cursor/commands/AGENTS.md— заповнений повністю (контекст проєкту, команди, архітектура, конвенції)yarn buildпроходить успішноБонус (необов'язково)
npx repomix --skill-generate.cursorrules— legacy-формат правил для CursorНотатки
Summary by CodeRabbit
Примітки до випуску