🌐 Live Demo: https://code-health-checker-production-0304.up.railway.app
📦 Built for IBM Bob Hackathon 2026
A full-stack app that analyzes a public GitHub repository for common code health issues.
- Accepts a GitHub repository URL
- Fetches repository files through the GitHub API
- Reports:
- hardcoded secrets
- missing
try/catcharound risky async JavaScript/TypeScript code - TODO/FIXME comments
- missing test coverage signals
console.logusage
- Returns issue severity levels:
HIGH,MEDIUM,LOW - React frontend with color-coded report display
backend/
package.json
src/server.js
frontend/
package.json
src/
App.jsx
main.jsx
styles.css
cd backend
npm install
npm run devThe backend runs on http://localhost:4000.
Optional: create backend/.env and set GITHUB_TOKEN to increase GitHub API rate limits.
GITHUB_TOKEN=github_pat_your_token_here
PORT=4000
# Optional: Only needed in development environments without direct internet access
# Leave unset in production with direct internet access
# HTTP_PROXY=http://proxy-host:portNote: The server uses native Node.js fetch by default (no proxy). If your development environment requires a proxy to access GitHub API, set the HTTP_PROXY environment variable. See backend/PROXY_CONFIGURATION.md for details.
cd frontend
npm install
npm run devThe frontend runs on http://localhost:5173.
POST /analyze
Request:
{
"repoUrl": "https://github.com/owner/repo"
}Response:
{
"repository": "owner/repo",
"summary": {
"totalIssues": 3,
"high": 1,
"medium": 1,
"low": 1,
"filesScanned": 42
},
"issues": [
{
"severity": "HIGH",
"type": "Hardcoded Secret",
"file": "src/config.js",
"line": 4,
"message": "Potential hardcoded secret detected."
}
]
}This project was built with IBM Bob IDE as the AI development partner.
Bob was used to:
- Analyze the entire codebase structure
- Improve secret detection patterns (4 → 15+ types)
- Reduce false positives by 75% using entropy analysis
All Bob session reports are available in the bob_sessions/ folder.