🎯 auto-cr-cmd is a high-speed automated code review CLI powered by SWC static analysis, built for JavaScript / TypeScript teams to surface risky code before it merges.
🔧 auto-cr-rules provides an extensible static analysis rule set and SDK so you can tailor enterprise-grade review policies with minimal effort.
📘 Prefer Chinese? Read the Chinese README.
- Built-in Rule Library: Ships with SWC AST static analysis rules out of the box, such as
no-deep-relative-imports,no-circular-dependencies,no-swallowed-errors,no-catastrophic-regex,no-deep-clone-in-loop, andno-n2-array-lookup. - Extensible SDK:
auto-cr-rulesexposes helpers likedefineRuleandhelpers.imports, reducing the friction of authoring custom TypeScript / JavaScript rules. - Workspace Friendly: Manage both the CLI and rule package via pnpm workspaces and validate the full pipeline with a single build.
- Publishing Toolkit: Version bump scripts and npm publish commands keep both packages in sync.
Package Overview (auto-cr-cmd & auto-cr-rules)
- auto-cr-cmd: A lightning-fast SWC-based CLI focused on automated reviews, CI integration, and static code scanning.
- auto-cr-rules: A developer-facing rule SDK with tag-based grouping, internationalized messaging, and support for publishing team-specific rules.
npx auto-cr-cmd --language en [path-to-your-code]Common flags:
--language <zh|en>: Switch CLI output language (defaults to auto-detection).--rule-dir <directory>: Load additional custom rules from a directory or package.--output <text|json>: Choose between human-friendly text logs or structured JSON results (defaults totext).--progress [tty-only|yes|no]: Progress mode (text output only, defaulttty-only); output goes tostderr.--config <path>: Point to a.autocrrc.jsonor.autocrrc.jsfile to enable/disable rules.--ignore-path <path>: Point to a.autocrignore.jsonor.autocrignore.jsfile to exclude files/directories from scanning.--tsconfig <path>: Use a customtsconfig.json(defaults to<cwd>/tsconfig.json).--help: Display the full command reference.
Sample output:
[auto-cr] [warning] /Volumes/Wei/Codes/github/auto-cr/examples/src/app/features/admin/pages/dashboard.ts:2 Import path "../../../../shared/deep/utils" must not exceed max depth 2 rule: no-deep-relative-imports (Base) code: ../../../../shared/deep/utils suggestion: - Use a path alias (for example: @shared/deep/utils). - Create an index file at a higher level to re-export the module and shorten the import. [auto-cr] [warning] /Volumes/Wei/Codes/github/auto-cr/examples/src/app/features/admin/pages/dashboard.ts:3 Import ../../consts/index is not allowed. Import the concrete file instead. rule: no-index-import (untagged) ✔ Code scan complete, scanned 3 files: 0 with errors, 1 with warnings, 0 with optimizing hints! JSON output sample:
npx auto-cr-cmd --output json -- ./src | jq{"summary":{"scannedFiles": 2, "filesWithErrors": 1, "filesWithWarnings": 0, "filesWithOptimizing": 1, "violationTotals":{"total": 3, "error": 2, "warning": 0, "optimizing": 1 } }, "files": [{"filePath": "/workspace/src/example.ts", "severityCounts":{"error": 2, "warning": 0, "optimizing": 1 }, "totalViolations": 3, "errorViolations": 2, "violations": [{"tag": "imports", "ruleName": "no-deep-relative-imports", "severity": "error", "message": "Avoid deep relative imports from src/components/button", "line": 13 } ] } ], "notifications": [] }- Place
.autocrrc.jsonor.autocrrc.jsin your repo root (search order as listed). Use--config <path>to point elsewhere. rulesacceptsoff | warning | error | optimizing | true/false | 0/1/2; unspecified rules keep their default severity.
- Place
.autocrignore.jsonor.autocrignore.jsin repo root (search order as listed), or pass--ignore-path <file>. - Supports glob patterns (picomatch) via JSON/JS arrays (
{ignore: [...] }).
// .autocrignore.jsmodule.exports={ignore: ['node_modules','dist/**','**/*.test.ts','public/**']}// .autocrignore.json{"ignore": [ "node_modules", "dist/**", "**/*.test.ts", "public/**" ] }The CLI consumes rules from the auto-cr-rules package by default, and you can extend it with your own logic.
mkdir custom-rulesPlace Node.js-compatible .js / .cjs / .mjs files inside the directory.
pnpm add auto-cr-rules// custom-rules/no-index-import.jsconst{ defineRule }=require('auto-cr-rules')module.exports=defineRule('no-index-import',({ helpers, language })=>{for(constrefofhelpers.imports){if(ref.value.endsWith('/index')){constmessage=language==='zh' ? `禁止直接导入 ${ref.value},请改用具体文件` : `Import ${ref.value} is not allowed. Import the concrete file instead.`helpers.reportViolation(message,ref.span)}}})RuleContext offers:
helpers.imports: Normalizedimport/require/ dynamic import references.helpers.isRelativePath,helpers.relativeDepth: Common path utilities.helpers.reportViolation(message, span?): Unified reporting API.languageandreporter: Access the active language and low-level reporter APIs.
You can export multiple rules at once:
const{ defineRule }=require('auto-cr-rules')construleA=defineRule('rule-a',(context)=>{/* ... */})construleB=defineRule('rule-b',(context)=>{/* ... */})module.exports={rules: [ruleA,ruleB]}cd examples npx auto-cr-cmd -l zh -r ./custom-rules/rules -- ./custom-rules/demopackages/ auto-cr-rules/ # Rule SDK and built-in rules (createRuleContext, defineRule, etc.) auto-cr-cmd/ # CLI entry point, reporter, i18n, and command handling scripts/ bump-version.mjs # Keep both package versions aligned examples/ custom-rules # Custom rule samples src # Example that triggers the base rule Essential scripts:
pnpm run version [major|minor|patch]: Bump both packages together (defaults to patch).pnpm run publish: Run version bump, build, and publish for both packages sequentially.
We welcome contributions through Issues or Pull Requests. Please read:
- Issues: Issue Tracker
- Discussions: Community Discussions
Auto CR © [2025] [dengfengwang]. Licensed under the MIT License