Skip to content

Fix MBA-471: Resolve High severity string duplication and cognitive complexity issues#70

Open
devin-ai-integration[bot] wants to merge 1 commit intomainfrom
devin/1766517283-mba-471-vulnerability-remediation
Open

Fix MBA-471: Resolve High severity string duplication and cognitive complexity issues#70
devin-ai-integration[bot] wants to merge 1 commit intomainfrom
devin/1766517283-mba-471-vulnerability-remediation

Conversation

@devin-ai-integration
Copy link

@devin-ai-integration devin-ai-integration bot commented Dec 23, 2025

Closes: MBA-471

Summary

This PR addresses two High severity SonarQube violations identified via SonarQube MCP Server analysis:

  • go:S1192: String literals should not be duplicated
  • go:S3776: Cognitive Complexity of functions should not be too high

Changes

String Duplication Fix

  • Created pkg/errors/constants.go with centralized error message constants
  • Updated pkg/errors/error.go to use ErrContextMissingGitHubCtxErrors constant (4 occurrences)
  • Changed from fmt.Errorf() to errors.New() since no format arguments are used

Cognitive Complexity Fix

  • Extracted buildResourceURI() helper to centralize URI construction logic
  • Extracted createResourceContent() helper to handle content type detection
  • Refactored GetFileContents handler to use these helpers, reducing nesting levels

Human Review Checklist

  • Verify the unused constants (ErrFailedToGetGitHubClient, ErrMissingRequiredParameter) in constants.go are acceptable or should be removed
  • Verify the type assertion pattern resourceContent.(mcp.TextResourceContents) correctly distinguishes text vs binary content
  • Confirm helper functions maintain identical behavior to the original inline code

Testing

  • All existing tests pass
  • Lint checks pass

Link to Devin run: https://app.devin.ai/sessions/cfdc7ca39332402681f75483d8a6be2b
Requested by: Jia Wu (jia.wu@cognition.ai) (@jia-cog)

@devin-ai-integration @jia-cog
Fix MBA-471: Resolve High severity string duplication and cognitive c…
eb55d63 
…omplexity issues

- Address SonarQube rule go:S1192 (String literals should not be duplicated):
  - Create pkg/errors/constants.go with centralized error message constants
  - Update pkg/errors/error.go to use ErrContextMissingGitHubCtxErrors constant
  - Replace 4 duplicated instances of 'context does not contain GitHubCtxErrors'

- Address SonarQube rule go:S3776 (Cognitive Complexity of functions should not be too high):
  - Extract buildResourceURI helper function for URI construction logic
  - Extract createResourceContent helper function for content type handling
  - Refactor GetFileContents handler to use new helper functions
  - Reduce nesting levels and improve code readability

Co-Authored-By: Jia Wu <jia.wu@cognition.ai>
@devin-ai-integration
Copy link
Author

devin-ai-integration bot commented Dec 23, 2025

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 23, 2025

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants