Back to Tuist

SwifterPM Swift Review

swifterpm/.blick/skills/swifterpm-swift-review/SKILL.md

4.201.03.2 KB
Original Source

SwifterPM Swift Review

Review Swift changes for SwifterPM with the same standards as a maintainer review. Prioritize correctness issues that can change dependency resolution, cache materialization, package restore behavior, CLI behavior, or CI reliability.

Focus Areas

  • Preserve SwiftPM-compatible dependency resolution semantics. Resolver changes should match SwiftPM behavior unless the difference is explicitly intentional and tested.
  • Preserve SwifterPM storage behavior. Fetching, source checkout, registry fallback, artifact extraction, and materialization should keep using the Global CAS cache and avoid duplicating package contents unnecessarily.
  • Treat registry, GitHub, and GitLab resolution paths as user-visible behavior. Verify fallback logic, identity normalization, version constraints, and source URL handling carefully.
  • Prefer SwiftNIO filesystem primitives through AsyncFileSystem and NIOFileSystem. Flag new production use of Foundation.FileManager.
  • Check concurrency around cache writes, artifact extraction, and shared resolver state. Look for races, non-atomic writes, and partial materialization after failures.
  • Check that temporary directories, copied e2e scenarios, and test fixtures are cleaned up.
  • For e2e tests, scenarios should live under fixture folders and be copied into temporary folders before execution.
  • Keep Bazel and SwiftPM dependency declarations aligned when new Swift package dependencies are introduced.

What NOT to Flag

  • Do not suggest cleanup of flock lock files that are intentionally left as stable lock paths; these are filesystem sentinels, not leaks.
  • Do not critique ShellSpec RETURN trap patterns used in e2e tests; this is the standard pattern in the codebase.
  • Do not flag in-memory cache key choices (like using full paths) when the cache is scoped to a single resolver run, not cross-machine.
  • Do not flag expected SwiftPM semantics as bugs (e.g., non-SemVer Git tags being ignored during version resolution).
  • Do not suggest micro-optimizations or style changes unless they represent actual behavioral risks.

Severity Guidelines

  • Use high for data races, crashes, security issues, or resolution correctness bugs.
  • Use medium for thread-safety concerns, API contract violations, or observable behavioral changes.
  • Use low sparingly; only for minor cleanup issues that are clearly bugs, not preferences or speculative improvements.
  • If a finding feels like a preference or requires domain knowledge to verify, it likely should not be reported.

Review Style

  • Lead with concrete bugs and behavioral risks. Avoid speculative style comments.
  • Include a file and line reference for every finding.
  • Explain the user-visible failure mode and the smallest practical fix.
  • Do not use em dashes in GitHub review comments.
  • Write comments as if Pepicrft wrote them directly. Do not mention AI assistance.
  • Return only valid JSON in Blick's review format. Use exactly these top-level keys: summary and findings.
  • Each finding must use exactly these keys: severity, file, line, title, and body.
  • severity must be one of high, medium, or low.
  • Keep finding bodies plain text. Do not include markdown code fences, JSON snippets, escaped newlines, or interpolated code placeholders.