feat: increase analyzed events

[MatteoGabriele]

Use 200 events instead of 100 to better capture more violations.

Summary by CodeRabbit

• New Features

  • Analysis now supports multi-page data fetching, enabling retrieval and processing of larger datasets.

• Bug Fixes

  • Minor template markup adjustment to improve rendering consistency.

• Tests

  • Removed several test fixtures and the automated test suite.

• Chores

  • Removed a test runner from development dependencies.

[netlify]

✅ Deploy Preview for agentscan ready!

Name	Link
🔨 Latest commit	a4eb16f
🔍 Latest deploy log	https://app.netlify.com/projects/agentscan/deploys/69b84832bd30d20008ebc1a8
😎 Deploy Preview	https://deploy-preview-26--agentscan.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds optional multi-page fetching to the identify-replicant flow (frontend and API), removes Vitest and an associated snapshot test suite plus several JSON fixtures.

Changes

Cohort / File(s)	Summary
Frontend Analysis app/components/Analysis/Card.vue	Adds pages=2 to analyze API request query; minor template markup reformat of a NuxtLink closing tag.
API Multi-Page Fetching server/api/identify-replicant/[username].get.ts	Introduces pages query param with bounds (1–2), clamps/validates pages, issues parallel requests for pages 1..N via Promise.all, and flattens aggregated events; adds GitHubEvent import.
Dependency Management package.json	Removes vitest from devDependencies.
Test Fixtures Deletion test/fixtures/automation/..., test/fixtures/organic/...	Deletes multiple JSON fixture files used by automation/organic tests (several large user+events fixtures).
Test Suite Deletion test/verified-automations.test.ts	Removes the Vitest snapshot/property-based test file that consumed the deleted fixtures.

Sequence Diagram(s)

sequenceDiagram
    participant Browser
    participant Frontend as Analysis Card
    participant Server as identify-replicant API
    participant GitHub as GitHub API

    Browser->>Frontend: user triggers analyze
    Frontend->>Server: GET /api/identify-replicant/:user?pages=2
    Server->>GitHub: GET /user/events?page=1
    Server->>GitHub: GET /user/events?page=2
    GitHub-->>Server: events(page1)
    GitHub-->>Server: events(page2)
    Server->>Server: flatten & aggregate events
    Server-->>Frontend: aggregated events
    Frontend-->>Browser: render analysis

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat: add voight-kampff-test #23: Modifies server/api/identify-replicant/[username].get.ts and changes reliance/usage of the voight-kampff-test package (strong overlap in API file changes).

Poem

🐰
I hopped through pages, one then two,
Promise.all fetched fields anew,
Old fixtures shed like winter fur,
New aggregated events—pitter-purr,
A happy hare, I thump and chew. 🥕

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: increase analyzed events' directly and clearly describes the main objective of the changeset—increasing the number of analyzed events from 100 to 200 to capture more violations.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/increase-analyzed-events

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

You can disable poems in the walkthrough.

Disable the reviews.poem setting to disable the poems in the walkthrough.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	agentscan	a4eb16f	Commit Preview URL Branch Preview URL	Mar 16 2026, 06:14 PM

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

package.json (1)

12-12: ⚠️ Potential issue | 🟠 Major

test script points to a removed dependency.

The test script references vitest (line 12), but vitest has been removed from devDependencies (lines 27-31). Running npm test or pnpm test will fail.

Either restore vitest to devDependencies:

Option 1: Restore dependency

   "devDependencies": {
+    "vitest": "^4.0.18",
     "unocss": "^66.6.0"
   }

Or replace the script with a placeholder if tests are intentionally removed:

Option 2: Update script

   "scripts": {
-    "test": "vitest"
+    "test": "echo \"No test runner configured\""
   }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@package.json` at line 12, The package.json "test" script currently runs
"vitest" but vitest was removed from devDependencies; either restore vitest to
devDependencies or change the "test" script to a safe placeholder. To fix,
either add vitest back into devDependencies (so the "test" script can run) or
update the "test" script value (e.g., to "echo \"No tests\"" or another runner)
so running npm test/pnpm test doesn't fail; locate the "test" script entry in
package.json and adjust it or the devDependencies accordingly.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@server/api/identify-replicant/`[username].get.ts:
- Around line 20-24: The pages validator currently allows 0 and has no upper
bound, enabling empty analyses or huge parallel request bursts; update the pages
validation (the v.pipe for pages using v.number/v.integer) to enforce a minimum
of 1 (replace v.minValue(0, ...) with v.minValue(1, ...)) and add a
v.maxValue(...) cap (e.g., v.maxValue(10, "pages must be ≤ 10")) to prevent
large fan-out, and apply the same change to the other pages validators
referenced in this diff so the downstream logic that spawns parallel requests
(the code around lines that iterate pages) cannot be driven to 0 or an
excessively large count.

---

Outside diff comments:
In `@package.json`:
- Line 12: The package.json "test" script currently runs "vitest" but vitest was
removed from devDependencies; either restore vitest to devDependencies or change
the "test" script to a safe placeholder. To fix, either add vitest back into
devDependencies (so the "test" script can run) or update the "test" script value
(e.g., to "echo \"No tests\"" or another runner) so running npm test/pnpm test
doesn't fail; locate the "test" script entry in package.json and adjust it or
the devDependencies accordingly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8d2d2403-53b5-4c15-8ea1-5becd4044106

📥 Commits

Reviewing files that changed from the base of the PR and between e1d8a17 and 71daf1c.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• test/__snapshots__/verified-automations.test.ts.snap is excluded by !**/*.snap

📒 Files selected for processing (10)

• app/components/Analysis/Card.vue
• package.json
• server/api/identify-replicant/[username].get.ts
• test/fixtures/automation/automation_user-5a92586d-63b0-4675-8ea1-014552da1f7b.json
• test/fixtures/automation/automation_user-6f5f10b3-13c9-452c-aa43-236a222ea91f.json
• test/fixtures/automation/automation_user-af06c06a-4523-4949-9487-803829468d7e.json
• test/fixtures/automation/automation_user-d9de21cb-5319-46fe-a807-0386e685a606.json
• test/fixtures/organic/organic_user-09dd1a6d-b3f9-4a6f-b0d2-959aa549d90c.json
• test/fixtures/organic/organic_user-77c6d7f7-addf-4443-b334-8d2980d59ee5.json
• test/verified-automations.test.ts

💤 Files with no reviewable changes (7)

• test/fixtures/automation/automation_user-d9de21cb-5319-46fe-a807-0386e685a606.json
• test/fixtures/automation/automation_user-af06c06a-4523-4949-9487-803829468d7e.json
• test/fixtures/automation/automation_user-6f5f10b3-13c9-452c-aa43-236a222ea91f.json
• test/fixtures/automation/automation_user-5a92586d-63b0-4675-8ea1-014552da1f7b.json
• test/fixtures/organic/organic_user-09dd1a6d-b3f9-4a6f-b0d2-959aa549d90c.json
• test/verified-automations.test.ts
• test/fixtures/organic/organic_user-77c6d7f7-addf-4443-b334-8d2980d59ee5.json

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@server/api/identify-replicant/`[username].get.ts:
- Line 44: The parsing of query.pages and query.repos_count uses parseInt which
silently accepts strings like "2abc"; update the handler to perform strict
integer validation before parsing: check that String(query.pages) and
String(query.repos_count) match /^\d+$/ (or use Number.isInteger after
converting with Number) and if not, respond with an explicit 400/throw a
BadRequest; only then convert with parseInt/Number and assign to pages and
repos_count. Reference the query.pages and query.repos_count parsing sites and
the surrounding request handler/QuerySchema flow so the failure is surfaced
immediately rather than relying on downstream validation.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1ac4b3f1-b06d-41a8-bc22-d20ffa77c9a0

📥 Commits

Reviewing files that changed from the base of the PR and between 71daf1c and a4eb16f.

📒 Files selected for processing (1)

• server/api/identify-replicant/[username].get.ts

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

In JavaScript, what does parseInt("2abc", 10) return, and does Number("2abc") return NaN?

💡 Result:

• parseInt("2abc", 10) returns 2 (it parses from the start and stops at the first non-numeric character). [1]
• Yes—Number("2abc") returns NaN (the whole string must be a valid number, otherwise conversion fails). [2]

Sources: [1] [2]

---

🏁 Script executed:

# First, locate and inspect the target file
find . -type f -name '[username].get.ts' | head -5

Repository: MatteoGabriele/agentscan

Length of output: 50

---

🏁 Script executed:

# Once we have the file, check the surrounding context
cat -n "server/api/identify-replicant/[username].get.ts" | head -60

Repository: MatteoGabriele/agentscan

Length of output: 2224

---

🏁 Script executed:

# Search for QuerySchema definition to understand validation rules
rg -A 10 "QuerySchema" --type ts --type js | head -50

Repository: MatteoGabriele/agentscan

Length of output: 1822

---

Use strict integer parsing to reject malformed input explicitly.

Line 44 (and 46 for repos_count) use parseInt, which silently coerces values like "2abc" to 2. While the QuerySchema validation provides downstream protection, it's better practice to fail fast with strict parsing rather than allow coercion.

🔧 Suggested fix

+const parseStrictInteger = (value: unknown, fallback: number): number => {
+  if (value === undefined) return fallback;
+  const raw = String(value).trim();
+  return /^-?\d+$/.test(raw) ? Number(raw) : Number.NaN;
+};
+
 export default defineEventHandler(async (event) => {
@@
   const parsedQuery = v.safeParse(QuerySchema, {
     created_at: query.created_at,
-    pages: query.pages ? parseInt(String(query.pages), 10) : 1,
+    pages: parseStrictInteger(query.pages, 1),
     repos_count: query.repos_count
-      ? parseInt(String(query.repos_count), 10)
-      : 0,
+      ? parseStrictInteger(query.repos_count, 0)
+      : 0,
   });

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@server/api/identify-replicant/`[username].get.ts at line 44, The parsing of
query.pages and query.repos_count uses parseInt which silently accepts strings
like "2abc"; update the handler to perform strict integer validation before
parsing: check that String(query.pages) and String(query.repos_count) match
/^\d+$/ (or use Number.isInteger after converting with Number) and if not,
respond with an explicit 400/throw a BadRequest; only then convert with
parseInt/Number and assign to pages and repos_count. Reference the query.pages
and query.repos_count parsing sites and the surrounding request
handler/QuerySchema flow so the failure is surfaced immediately rather than
relying on downstream validation.