Add CodeRabbit configuration file

[sach2004]

Added configuration for CodeRabbit integration, enabling features like auto-reply in PR comments, issue enrichment, and review instructions for various file types.

Addressed Issues:

Closes

Additional Notes:

• followed this -: https://discord.com/channels/1022871757289422898/1235508903450775622/1474646668183081010

Checklist

• My PR addresses a single issue, fixes a single bug or makes a single improvement.
• My code follows the project's code style and conventions.
• If applicable, I have made corresponding changes or additions to the documentation.
• If applicable, I have made corresponding changes or additions to tests.
• My changes generate no new warnings or errors.
• I have joined the Stability Nexus's Discord server and I will share a link to this PR with the project maintainers there.
• I have read the Contribution Guidelines.
• Once I submit my PR, CodeRabbit AI will automatically review it and I will address CodeRabbit's comments.

AI Usage Disclosure

Check one of the checkboxes below:

• This PR does not contain AI-generated code at all.
• This PR contains AI-generated code. I have tested the code locally and I am responsible for it.

I have used the following AI models and tools: TODO

⚠️ AI Notice - Important!

We encourage contributors to use AI tools responsibly when creating Pull Requests. While AI can be a valuable aid, it is essential to ensure that your contributions meet the task requirements, build successfully, include relevant tests, and pass all linters. Submissions that do not meet these standards may be closed without warning to maintain the quality and integrity of the project. Please take the time to understand the changes you are proposing and their impact.

Summary by CodeRabbit

• Chores
  • Enhanced development infrastructure with comprehensive configuration enabling automated code reviews with structured feedback, intelligent issue labeling and planning, pre-merge validation checks, and integrated code quality analysis across multiple programming languages and frameworks.

[coderabbitai]

Warning

Ignoring CodeRabbit configuration file changes. For security, only the configuration from the base branch is applied for open source repositories.

📝 Walkthrough

Walkthrough

A new configuration file .coderabbit.yaml is introduced with 280 lines of settings for CodeRabbit IDE integration and review automation, including rules for issue enrichment, reviews, pre-merge checks, linters, and path-based review instructions across multiple programming languages.

Changes

Cohort / File(s)

Summary

CodeRabbit Configuration .coderabbit.yaml

Added comprehensive configuration enabling IDE integration, review automation, issue labeling rules, review profiles, pre-merge checks, linting/analysis tools (shellcheck, ruff, markdownlint, biome, hadolint, swiftlint, phpstan, golangci-lint, yamllint, gitleaks, checkov, detekt, eslint), path-based review exclusion filters, and detailed review instructions for Python, Solidity, TypeScript, Bash, Make, and test files.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 A config hops in, so shiny and new,
Rules for reviews and automated crew,
Tools aligned, paths set with care,
Quality checks now floating through air! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Add CodeRabbit configuration file' directly and accurately summarizes the main change in the pull request, which is the addition of a new .coderabbit.yaml configuration file.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

.coderabbit.yaml (3)

217-217: Redundant single-element brace expansion in glob pattern

**/*.{py} is equivalent to **/*.py; the braces serve no purpose here.

♻️ Proposed fix

-    - path: "**/*.{py}"
+    - path: "**/*.py"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml at line 217, Replace the redundant brace expansion in the
glob pattern: change the path entry that currently reads "**/*.{py}" to the
simpler equivalent "**/*.py" so the pattern is clearer and consistent; update
the path value in the .coderabbit.yaml where the pattern string "**/*.{py}"
appears.

---

249-258: Test path pattern doesn't cover .spec.* files

If any test files follow the *.spec.{ts,tsx,js,jsx} naming convention (common with Jest and Vitest), they won't receive the test-specific review instructions.

♻️ Proposed broader pattern

-    - path: "**/*.test.{ts,tsx,js,jsx}"
+    - path: "**/*.{test,spec}.{ts,tsx,js,jsx}"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 249 - 258, The current test path pattern
"**/*.test.{ts,tsx,js,jsx}" misses files named with the .spec.* convention;
update the pattern used (replace the string "**/*.test.{ts,tsx,js,jsx}") to a
broader glob such as "**/*.{test,spec}.{ts,tsx,js,jsx}" (or equivalent multiple
patterns) so .spec.ts/.spec.tsx/.spec.js/.spec.jsx files are also matched by the
test review instructions.

---

170-186: Next.js-specific instructions are applied to all .ts/.js files, including non-browser code

The "use client" directive and client-side rendering requirements on lines 173–174 apply to every TypeScript/JavaScript file in the repo. In a Solidity WebUI project, this glob will also match Hardhat scripts, deployment scripts, Node.js utilities, and config files — causing false-positive review comments for code that is intentionally server-side or environment-agnostic.

Scope Next.js rules to the front-end source tree only:

♻️ Proposed scoping

-    - path: "**/*.{ts,tsx,js,jsx}"
+    - path: "src/**/*.{ts,tsx,js,jsx}"  # or wherever the Next.js app lives, e.g. app/**
       instructions: |
         NextJS:
         - Ensure that "use client" is being used

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 170 - 186, The Next.js-specific glob currently
applied ("**/*.{ts,tsx,js,jsx}") is too broad and triggers frontend rules for
backend scripts; narrow the scope by changing that path to target only the
front-end source tree (e.g., replace the existing glob with a front-end-specific
pattern such as "frontend/**/*.{ts,tsx,js,jsx}" or "webui/**/*.{ts,tsx,js,jsx}")
and, if needed, add a separate rule block for backend/Hardhat/Node files to
ensure server-side scripts are not validated against Next.js client-only checks;
update the path string in the .coderabbit.yaml entry to the chosen front-end
directory name.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.coderabbit.yaml:
- Around line 67-68: Update the misleading inline comment for the
request_changes_workflow setting: replace "just leave comments" with text that
accurately states the behavior when request_changes_workflow: true — CodeRabbit
will submit a formal "Request Changes" GitHub review and then auto-approve the
PR once all comments are resolved; locate the request_changes_workflow key and
change the adjacent comment to reflect that exact behavior.
- Around line 153-165: The top-level reviews.instructions block is invalid and
will be ignored; remove the unsupported reviews.instructions entry and instead
add a catch-all object inside the existing reviews.path_instructions array
(e.g., an entry with path: "**" and the instructions property containing the
nine rules currently listed) so the spelled-out rules (spelling, test coverage,
copyright year checks, comment quality, duplication, TODO/FIXME completions,
etc.) are applied; update the YAML so only reviews.path_instructions contains
instruction objects and ensure the new object uses the exact keys expected by
the schema: path and instructions.

---

Nitpick comments:
In @.coderabbit.yaml:
- Line 217: Replace the redundant brace expansion in the glob pattern: change
the path entry that currently reads "**/*.{py}" to the simpler equivalent
"**/*.py" so the pattern is clearer and consistent; update the path value in the
.coderabbit.yaml where the pattern string "**/*.{py}" appears.
- Around line 249-258: The current test path pattern "**/*.test.{ts,tsx,js,jsx}"
misses files named with the .spec.* convention; update the pattern used (replace
the string "**/*.test.{ts,tsx,js,jsx}") to a broader glob such as
"**/*.{test,spec}.{ts,tsx,js,jsx}" (or equivalent multiple patterns) so
.spec.ts/.spec.tsx/.spec.js/.spec.jsx files are also matched by the test review
instructions.
- Around line 170-186: The Next.js-specific glob currently applied
("**/*.{ts,tsx,js,jsx}") is too broad and triggers frontend rules for backend
scripts; narrow the scope by changing that path to target only the front-end
source tree (e.g., replace the existing glob with a front-end-specific pattern
such as "frontend/**/*.{ts,tsx,js,jsx}" or "webui/**/*.{ts,tsx,js,jsx}") and, if
needed, add a separate rule block for backend/Hardhat/Node files to ensure
server-side scripts are not validated against Next.js client-only checks; update
the path string in the .coderabbit.yaml entry to the chosen front-end directory
name.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Misleading comment on request_changes_workflow

The comment says "just leave comments" but request_changes_workflow: true does the opposite: it makes CodeRabbit formally submit a Request Changes GitHub review and then auto-approve the PR once all its comments are resolved. Consider updating the comment to accurately reflect this behavior.

📝 Suggested comment correction

-  # Automatically request changes on the PR (just leave comments)
-  request_changes_workflow: true
+  # Formally request changes via GitHub's review mechanism and auto-approve once all comments are resolved
+  request_changes_workflow: true

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# Automatically request changes on the PR (just leave comments)
	request_changes_workflow: true
	# Formally request changes via GitHub's review mechanism and auto-approve once all comments are resolved
	request_changes_workflow: true

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 67 - 68, Update the misleading inline comment
for the request_changes_workflow setting: replace "just leave comments" with
text that accurately states the behavior when request_changes_workflow: true —
CodeRabbit will submit a formal "Request Changes" GitHub review and then
auto-approve the PR once all comments are resolved; locate the
request_changes_workflow key and change the adjacent comment to reflect that
exact behavior.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

CodeRabbit .coderabbit.yaml reviews instructions schema

💡 Result:

Where “review instructions” live in .coderabbit.yaml

1) Path-based review instructions (most common)

Schema (repo root → reviews):

reviews:
  path_instructions:
    - path: "**/*.js"          # glob
      instructions: "..."      # string (extra guidance for matching files)

path_instructions is an array of objects with:

• path (string glob)
• instructions (string) (docs.coderabbit.ai)

2) “Code Guidelines” files (don’t put these in path_instructions)

Instead of writing instructions inline, you can point CodeRabbit at guideline documents (e.g., CLAUDE.md, .cursorrules, Copilot instruction files). These are configured under Knowledge Base → Code Guidelines and are scoped to the directory tree containing the guideline file. (docs.coderabbit.ai)

In config-schema terms, this appears under:

• knowledge_base.code_guidelines.filePatterns (array of strings; defaults include common guideline filenames) (docs.coderabbit.ai)

3) AST-based instructions (Pro): ast-grep tool config

Enable and point CodeRabbit at your ast-grep rule directories/packages via:

reviews:
  tools:
    ast-grep:
      essential_rules: true
      rule_dirs: ["rules"]     # directories containing rule YAML files
      util_dirs: ["utils"]     # optional utility rules
      packages: ["org/repo"]   # optional shared rule packages

This is how CodeRabbit wires AST rules into automated reviews. (docs.coderabbit.ai)

Notes

• The canonical list of fields/types/defaults is the auto-generated configuration reference (updated 2026-02-11). (docs.coderabbit.ai)
• .coderabbit.yaml must be in the repo root (and present on the PR branch being reviewed). (docs.coderabbit.ai)

Citations:

• 1: https://docs.coderabbit.ai/reference/configuration/
• 2: https://docs.coderabbit.ai/guides/review-instructions
• 3: https://docs.coderabbit.ai/reference/configuration/
• 4: https://docs.coderabbit.ai/guides/review-instructions
• 5: https://docs.coderabbit.ai/reference/configuration/
• 6: https://docs.coderabbit.ai/getting-started/configure-coderabbit/?utm_source=openai

---

🌐 Web query:

CodeRabbit path_instructions documentation additionalProperties

💡 Result:

In CodeRabbit’s .coderabbit.yaml, reviews.path_instructions is an array of objects where each item must contain only:

• path (string; glob pattern)
• instructions (string)

In the published JSON Schema, each path_instructions item sets "additionalProperties": false, meaning no extra keys are allowed in each object (helps catch typos like instruction vs instructions). [1]

Example:

reviews:
  path_instructions:
    - path: "**/*.js"
      instructions: "Review against our JS style guide; flag security/perf issues."

The field is documented in the configuration reference as “Path Instructions | Add path-specific guidance for code review.” [2]

Sources: CodeRabbit configuration schema (schema.v2.json) [1]; CodeRabbit configuration reference [2].

---

🏁 Script executed:

# Check if there are any example .coderabbit.yaml files or schema references in the repo
find . -name "*.coderabbit.yaml" -o -name ".coderabbit.yaml" -o -name "*schema*" | head -20

Repository: StabilityNexus/hodlCoin-Solidity-WebUI

Length of output: 100

---

reviews.instructions is not a valid schema field and will be silently ignored

The reviews object in CodeRabbit's schema defines path_instructions as the location for review instructions, configured as an array of objects with path and instructions properties. There is no top-level instructions field under reviews. As a result, all nine rules defined here (spelling, test coverage, copyright years, comment quality, duplication, TODO/FIXME completions) will never be applied to any review.

Move these instructions into a catch-all entry at the top of path_instructions:

🔧 Proposed fix

-  # Review instructions that apply to all files
-  instructions: >-
-    - Verify that documentation and comments are free of spelling mistakes
-    - Ensure that test code is automated, comprehensive, and follows testing best practices
-    - Verify that all critical functionality is covered by tests
-    - Confirm that the code meets the project's requirements and objectives
-    - Confirm that copyright years are up-to date whenever a file is changed
-    - Point out redundant obvious comments that do not add clarity to the code
-    - Ensure that comments are concise and suggest more concise comment statements if possible
-    - Discourage usage of verbose comment styles such as NatSpec
-    - Look for code duplication
-    - Suggest code completions when:
-        - seeing a TODO comment
-        - seeing a FIXME comment

   # Custom review instructions for specific file patterns
   path_instructions:
+    # Global instructions that apply to all files
+    - path: "**/*"
+      instructions: |
+        - Verify that documentation and comments are free of spelling mistakes
+        - Ensure that test code is automated, comprehensive, and follows testing best practices
+        - Verify that all critical functionality is covered by tests
+        - Confirm that the code meets the project's requirements and objectives
+        - Confirm that copyright years are up-to-date whenever a file is changed
+        - Point out redundant obvious comments that do not add clarity to the code
+        - Ensure that comments are concise and suggest more concise comment statements if possible
+        - Discourage usage of verbose comment styles such as NatSpec
+        - Look for code duplication
+        - Suggest code completions when seeing a TODO or FIXME comment
     # TypeScript/JavaScript files
     - path: "**/*.{ts,tsx,js,jsx}"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 153 - 165, The top-level reviews.instructions
block is invalid and will be ignored; remove the unsupported
reviews.instructions entry and instead add a catch-all object inside the
existing reviews.path_instructions array (e.g., an entry with path: "**" and the
instructions property containing the nine rules currently listed) so the
spelled-out rules (spelling, test coverage, copyright year checks, comment
quality, duplication, TODO/FIXME completions, etc.) are applied; update the YAML
so only reviews.path_instructions contains instruction objects and ensure the
new object uses the exact keys expected by the schema: path and instructions.