Skip to content

LYL-8bit/code-health-checker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Code Health Checker

屏幕截图 2026-05-16 235329

🌐 Live Demo: https://code-health-checker-production-0304.up.railway.app

📦 Built for IBM Bob Hackathon 2026

A full-stack app that analyzes a public GitHub repository for common code health issues.

Features

  • Accepts a GitHub repository URL
  • Fetches repository files through the GitHub API
  • Reports:
    • hardcoded secrets
    • missing try/catch around risky async JavaScript/TypeScript code
    • TODO/FIXME comments
    • missing test coverage signals
    • console.log usage
  • Returns issue severity levels: HIGH, MEDIUM, LOW
  • React frontend with color-coded report display

Project Structure

backend/
  package.json
  src/server.js
frontend/
  package.json
  src/
    App.jsx
    main.jsx
    styles.css

Backend

cd backend
npm install
npm run dev

The backend runs on http://localhost:4000.

Optional: create backend/.env and set GITHUB_TOKEN to increase GitHub API rate limits.

GITHUB_TOKEN=github_pat_your_token_here
PORT=4000

# Optional: Only needed in development environments without direct internet access
# Leave unset in production with direct internet access
# HTTP_PROXY=http://proxy-host:port

Note: The server uses native Node.js fetch by default (no proxy). If your development environment requires a proxy to access GitHub API, set the HTTP_PROXY environment variable. See backend/PROXY_CONFIGURATION.md for details.

Frontend

cd frontend
npm install
npm run dev

The frontend runs on http://localhost:5173.

API

POST /analyze

Request:

{
  "repoUrl": "https://github.com/owner/repo"
}

Response:

{
  "repository": "owner/repo",
  "summary": {
    "totalIssues": 3,
    "high": 1,
    "medium": 1,
    "low": 1,
    "filesScanned": 42
  },
  "issues": [
    {
      "severity": "HIGH",
      "type": "Hardcoded Secret",
      "file": "src/config.js",
      "line": 4,
      "message": "Potential hardcoded secret detected."
    }
  ]
}

IBM Bob Usage

This project was built with IBM Bob IDE as the AI development partner.

Bob was used to:

  • Analyze the entire codebase structure
  • Improve secret detection patterns (4 → 15+ types)
  • Reduce false positives by 75% using entropy analysis

All Bob session reports are available in the bob_sessions/ folder.

About

Analyze GitHub repositories for security risks and code quality issues — powered by IBM Bob

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors