# 1️⃣ 🧹 ESLint Config (Production Enforcement) ## 📁 `eslint.config.mjs` (root) ```javascript // ESLint v9 (flat config) import js from '@eslint/js'; import tseslint from 'typescript-eslint'; export default [ js.configs.recommended, ...tseslint.configs.recommended, { files: ['**/*.ts', '**/*.tsx'], rules: { // 🔴 CRITICAL RULES '@typescript-eslint/no-explicit-any': 'error', 'no-console': 'error', // 🔥 UUID MISUSE DETECTION 'no-restricted-syntax': [ 'error', { selector: "CallExpression[callee.name='parseInt']", message: '❌ parseInt() is forbidden (UUID risk)', }, { selector: "UnaryExpression[operator='+']", message: '❌ +value is forbidden (UUID risk)', }, ], // 🟡 GOOD PRACTICE '@typescript-eslint/explicit-function-return-type': 'off', }, }, ]; ``` --- ## 📁 เพิ่ม script ใน `package.json` ```json { "scripts": { "lint": "eslint .", "lint:fix": "eslint . --fix" } } ``` --- ## 🔥 เพิ่ม Custom UUID Guard (optional แต่แนะนำ) ```ts // utils/uuid-guard.ts export const assertUuid = (value: string) => { const uuidRegex = /^[0-9a-f]{8}-[0-9a-f]{4}-7[0-9a-f]{3}-[0-9a-f]{4}-[0-9a-f]{12}$/i; if (!uuidRegex.test(value)) { throw new Error(`Invalid UUID: ${value}`); } return value; }; ``` --- # 2️⃣ 🪝 Pre-commit Hook (กันพลาดตั้งแต่เครื่อง dev) ## 📦 ติดตั้ง ```bash pnpm add -D husky lint-staged npx husky init ``` --- ## 📁 `.husky/pre-commit` ```bash #!/bin/sh . "$(dirname "$0")/_/husky.sh" echo "🔍 Running pre-commit checks..." # Lint pnpm lint if [ $? -ne 0 ]; then echo "❌ Lint failed" exit 1 fi # UUID misuse check grep -r "parseInt(.*uuid" . && { echo "❌ UUID misuse detected (parseInt)" exit 1 } # console.log check grep -r "console.log" . && { echo "❌ console.log is not allowed" exit 1 } echo "✅ Pre-commit passed" ``` --- ## 📁 `package.json` ```json { "lint-staged": { "*.{ts,tsx,js}": ["eslint --fix"] } } ``` --- # 3️⃣ 🚀 CI Pipeline (Gitea Actions) ## 📁 `.gitea/workflows/ci.yml` ```yaml name: CI Pipeline on: push: branches: [main, develop] pull_request: jobs: build: runs-on: ubuntu-latest steps: - name: 📥 Checkout uses: actions/checkout@v4 - name: 🟢 Setup Node uses: actions/setup-node@v4 with: node-version: 20 - name: 📦 Install pnpm run: npm install -g pnpm - name: 📦 Install deps run: pnpm install # 🔴 LINT - name: 🧹 Lint run: pnpm lint # 🔴 UUID CHECK - name: 🔍 UUID misuse check run: | if grep -r "parseInt(.*uuid" .; then echo "❌ UUID misuse detected" exit 1 fi # 🔴 console.log CHECK - name: 🔍 console.log check run: | if grep -r "console.log" .; then echo "❌ console.log detected" exit 1 fi # 🧪 TEST - name: 🧪 Run Tests run: pnpm test # 🏗️ BUILD - name: 🏗️ Build run: pnpm build - name: ✅ Done run: echo "CI Passed" ``` --- # 🔥 BONUS (โคตรแนะนำ) ## เพิ่ม Coverage Check ```yaml - name: 📊 Coverage run: pnpm test:cov - name: ❌ Fail if coverage < 70% run: | COVERAGE=$(grep -oP 'All files[^|]*\|\s*\K\d+' coverage/lcov-report/index.html | head -1) if [ "$COVERAGE" -lt 70 ]; then echo "Coverage too low: $COVERAGE%" exit 1 fi ``` --- # 🧠 Architecture ที่คุณได้หลัง setup นี้ ## 🔴 CI Blocker จริง - UUID misuse → fail - console.log → fail - any → fail - test fail → fail ## 🟡 Dev Experience ดีขึ้น - lint auto fix - pre-commit กันพลาด - CI คุมมาตรฐาน --- # 🏁 สรุป คุณตอนนี้มีครบ: | ระบบ | สถานะ | | ---------- | ------------------- | | Rules | ✅ v2 optimized | | ESLint | ✅ enforce จริง | | Pre-commit | ✅ กันพลาด | | CI/CD | ✅ production-ready | --- # 🚀 ถัดไป (ขั้นเทพจริง) ถ้าจะไปต่ออีกระดับ: 1. 🔍 `scan repo` → ผมหา violation จริงให้ 2. 🧠 `refactor critical modules` → ปรับ performance + structure 3. 🔐 `security audit` → เจาะ OWASP จริง --- 👉 พิมพ์มา: - `scan repo` - หรือ `security audit` ผมจะลุยต่อให้ระดับ enterprise จริง ๆ 👍