Showing AI reviews for avriti
Project AI Score ?
63%
Quality Avg ?
68%
Security Avg ?
45%
Reviews ?
56

Review Result ?

jattin01/avriti · a64300a4
The commit adds significant frontend functionality including cart quantity updates, contact form submission, and user authentication handling. While these features add business value, the implementation has several concerns such as silent catch blocks, minimal error handling, no validation or sanitization on fetched data, and some code duplication. These aspects lower the security and bug risk scores. The commit message is generic and doesn't describe the specifics of the changes.
Quality ?
75%
Security ?
40%
Business Value ?
80%
Maintainability ?
68%
Issues & Suggested Fixes ?
1AI detects the issue
2Shows file, line, or evidence
3Suggests the fix to apply
Issue
Where commit message
Issue / Evidence issue
Suggested Fix make commit message more descriptive and specific about changes for better traceability
Non Async Event Handler Function Calling A...
Where app/cart/page.tsx:124
Issue / Evidence non-async event handler function calling async apiUpdateQty without error handling
Suggested Fix add try-catch with error handling for asynchronous calls
Custom Event Dispatched On Window Without...
Where app/cart/page.tsx:129
Issue / Evidence custom event dispatched on window without clear documentation
Suggested Fix consider adding comments or using a centralized event handler
Handleqty Called With Decremented Quantity...
Where app/cart/page.tsx:238
Issue / Evidence handleQty called with decremented quantity, no check to prevent negative or zero values
Suggested Fix add validation in handleQty to disallow invalid quantities
Duplicate Logic
Where app/cart/page.tsx:256
Issue / Evidence duplicated similar button code with slightly different styling
Suggested Fix refactor to a reusable component to improve maintainability
Missing Validation
Where app/contact/page.tsx:188
Issue / Evidence fetch request has no error handling or validation on response
Suggested Fix add try-catch and validate server response
Missing Validation
Where app/register/page.tsx:23
Issue / Evidence only phone is validated for empty, other inputs may require validation
Suggested Fix add comprehensive input validations for all fields
Security Issue
Where lib/cart.ts:87
Issue / Evidence empty catch block in handleUnauthorized swallowing exceptions
Suggested Fix log errors or handle them appropriately to not hide failures
Security Issue
Where lib/cart.ts:94
Issue / Evidence handleUnauthorized directly modifies window.location.href, which can affect SPA routing
Suggested Fix consider using router-based navigation for better UX
Code Change Preview · app/cart/page.tsx ?
Removed / Before Commit
- 
- const handleQty = async (item: CartItem, qty: number) => {
- if (qty < 1) return;
-     if (loggedIn && item.id) {
-       await apiUpdateQty(item.id, qty);
-     } else {
-       updateLocalQty(item.product_id, item.attribute_name, qty);
-     }
- setItems((prev) =>
- prev.map((c) =>
- c.product_id === item.product_id && c.attribute_name === item.attribute_name
- ? { ...c, quantity: qty }
- : c
- )
- );
- };
- 
- const handleRemove = async (item: CartItem) => {
Added / After Commit
+ 
+ const handleQty = async (item: CartItem, qty: number) => {
+ if (qty < 1) return;
+ setItems((prev) =>
+ prev.map((c) =>
+ c.product_id === item.product_id && c.attribute_name === item.attribute_name
+ ? { ...c, quantity: qty }
+ : c
+ )
+ );
+     if (loggedIn && item.id) {
+       await apiUpdateQty(item.id, qty);
+     } else {
+       updateLocalQty(item.product_id, item.attribute_name, qty);
+     }
+     window.dispatchEvent(new CustomEvent("cart-updated", { detail: { type: "qty" } }));
+ };
+ 
Removed / Before Commit
- setLoading(true);
- 
- try {
-       const res = await fetch('http://localhost:8000/api/contact', {
- method: 'POST',
- headers: { 'Content-Type': 'application/json' },
- body: JSON.stringify(formData),
Added / After Commit
+ setLoading(true);
+ 
+ try {
+       const res = await fetch(`${process.env.NEXT_PUBLIC_API_URL}/api/contact`, {
+ method: 'POST',
+ headers: { 'Content-Type': 'application/json' },
+ body: JSON.stringify(formData),
Removed / Before Commit
- 
- if (!email.trim()) { setError("Email is required."); return; }
- if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) { setError("Enter a valid email address."); return; }
- if (!password) { setError("Password is required."); return; }
- if (password.length < 8) { setError("Password must be at least 8 characters."); return; }
- if (!confirmPassword) { setError("Please confirm your password."); return; }
- if (password !== confirmPassword) { setError("Passwords do not match."); return; }
-     if (!phone.trim()) { setError("Phone number is required."); return; }
- if (!/^[0-9]{10}$/.test(phone)) { setError("Enter a valid 10-digit phone number."); return; }
- setLoading(true);
- try {
Added / After Commit
+ 
+ if (!email.trim()) { setError("Email is required."); return; }
+ if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) { setError("Enter a valid email address."); return; }
+      if (!phone.trim()) { setError("Phone number is required."); return; }
+ if (!password) { setError("Password is required."); return; }
+ if (password.length < 8) { setError("Password must be at least 8 characters."); return; }
+ if (!confirmPassword) { setError("Please confirm your password."); return; }
+ if (password !== confirmPassword) { setError("Passwords do not match."); return; }
+    
+ if (!/^[0-9]{10}$/.test(phone)) { setError("Enter a valid 10-digit phone number."); return; }
+ setLoading(true);
+ try {
Removed / Before Commit
- <p className="text-[20px] font-bold text-gray-900">₹{order.price}</p>
- </div>
- <Link href={`/my-order?id=${order.id}`}>
-         <button className="inline-flex items-center justify-center gap-2 px-5 py-2.5 text-sm font-semibold transition focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-[var(--color-primary-600)] disabled:pointer-events-none disabled:opacity-50 border-[var(--color-primary-300)] bg-white text-[var(--color-primary-700)] hover:bg-[var(--color-primary-100)]/35 min-h-11 pl-[10px] pr-[0px] rounded-[10px] border-[1px]">TRACK ORDER <span className="buttonArrow ml-[15px]"></span></button> </Link>
- </div>
- 
- </Card>
Added / After Commit
+ <p className="text-[20px] font-bold text-gray-900">₹{order.price}</p>
+ </div>
+ <Link href={`/my-order?id=${order.id}`}>
+         <button className="inline-flex items-center justify-center gap-2 px-5 py-2.5 text-sm font-semibold transition focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-[var(--color-primary-600)] disabled:pointer-events-none disabled:opacity-50 border-[var(--color-primary-300)] bg-white text-[var(--color-primary-700)] hover:bg-[var(--color-primary-100)]/35 min-h-11 pl-[10px] pr-[0px] rounded-[10px] border-[1px]"> My Orders <span className="buttonArrow ml-[15px]"></span></button> </Link>
+ </div>
+ 
+ </Card>
Removed / Before Commit
- useEffect(() => {
- refreshCartCount();
- refreshWishlistCount();
-     const onCartUpdated = () => {
- refreshCartCount();
- setToast(true);
- setTimeout(() => setToast(false), 2500);
- };
Added / After Commit
+ useEffect(() => {
+ refreshCartCount();
+ refreshWishlistCount();
+     const onCartUpdated = (e: Event) => {
+ refreshCartCount();
+       if ((e as CustomEvent).detail?.type === "qty") return;
+ setToast(true);
+ setTimeout(() => setToast(false), 2500);
+ };
Removed / Before Commit
- // ── API helpers ───────────────────────────────────────────────
- const API = process.env.NEXT_PUBLIC_API_URL ?? "";
- 
- export async function apiAddToCart(item: {
- product_id: number;
- attribute_name: string;
- const res = await fetch(`${API}/api/customer/cart`, {
- headers: { Authorization: `Bearer ${token}` },
- });
- const data = await res.json();
- return data.success ? data.data : [];
- }
Added / After Commit
+ // ── API helpers ───────────────────────────────────────────────
+ const API = process.env.NEXT_PUBLIC_API_URL ?? "";
+ 
+ export function handleUnauthorized(): void {
+   try {
+     localStorage.removeItem("avriti_customer");
+     localStorage.removeItem("avriti_user");
+     localStorage.removeItem("avriti_cart");
+   } catch {}
+   window.location.href = "/login";
+ }
+ 
+ export async function apiAddToCart(item: {
+ product_id: number;
+ attribute_name: string;
+ const res = await fetch(`${API}/api/customer/cart`, {
+ headers: { Authorization: `Bearer ${token}` },
+ });