Code Quality
Systematically maintain and enforce code quality standards through automated formatting, linting, and static analysis.
Purpose
Ensure code meets quality standards by:
- •Consistent formatting across the codebase
- •Zero warnings from static analysis
- •No known security vulnerabilities
- •Adherence to best practices and conventions
- •Continuous improvement through regular quality checks
Tools & Commands
Rust Formatting (rustfmt)
Check formatting without changes:
cargo fmt -- --check
Auto-format all code:
cargo fmt
Format specific crates:
cargo fmt -p memory-core cargo fmt -p memory-storage-turso
Clippy Linting
Basic clippy:
cargo clippy
Strict mode (zero warnings enforced):
cargo clippy --all -- -D warnings
Auto-fix common issues:
cargo clippy --fix --allow-dirty --allow-staged
Clippy for specific targets:
cargo clippy --all-targets --all-features -- -D warnings
Security Audit
Check for vulnerabilities:
cargo audit
Update vulnerability database first:
cargo audit --fetch
Check specific advisory:
cargo audit --advisory <id>
Combined Quality Check
Run all checks (as in quality-gates.sh):
cargo fmt -- --check cargo clippy --all -- -D warnings cargo audit
Common Clippy Warnings & Solutions
Dead Code
Warning: warning: unused field: [...]
Solution: Remove unused code or add #[allow(dead_code)] with justification comment
Unnecessary Clones
Warning: warning: using 'clone()' on a double-reference
Solution: Use references or borrowing instead of cloning
Inefficient Collections
Warning: warning: calling 'push' within a loop
Solution: Use extend() or pre-allocate with Vec::with_capacity()
Complex Expressions
Warning: warning: this expression has a cyclomatic complexity of...
Solution: Extract complex logic into separate functions
Manual Implementations
Warning: warning: you are implementing 'From' manually
Solution: Use derive macros or implement via blanket impl
Formatting Standards
rustfmt Configuration
The project uses standard rustfmt with these patterns:
- •100 character line width
- •4 space indentation
- •Consistent struct literal formatting
- •Chain formatting for long method calls
Common Formatting Issues
- •Line too long: Break at logical operators or method calls
- •Inconsistent spacing: Run
cargo fmtto auto-fix - •Trailing whitespace: Automatically removed by fmt
- •Inconsistent imports: Sorted and grouped by fmt
Security Best Practices
Dependency Management
# Check for outdated dependencies cargo outdated # Update specific package cargo update -p package_name # Update everything cargo update
Vulnerability Response
- •Run
cargo auditto identify vulnerabilities - •Check CVE details and severity
- •Update to patched version using
cargo update - •Verify fix with
cargo audit - •If patch unavailable: Document mitigation in SECURITY.md
Quality Gates
Pre-Commit Checklist
- • Code formatted with
cargo fmt - • Zero clippy warnings (
cargo clippy --all -- -D warnings) - • No security vulnerabilities (
cargo audit) - • Tests passing (
cargo test --all)
CI/CD Integration
Quality gates should run in CI/CD:
- •Formatting check (fast, fails early)
- •Clippy (medium speed, catches bugs)
- •Security audit (medium speed, catches vulnerabilities)
- •Tests (slowest, validates functionality)
Quality Metrics
Track these metrics:
- •Formatting Compliance: Should be 100%
- •Clippy Warnings: Target 0
- •Security Vulnerabilities: Target 0
- •Code Coverage: Target >90%
- •Duplicate Code: Monitor with tools like
cargo-dup
When to Run Quality Checks
Mandatory Runs
- •Before committing code
- •Before creating pull requests
- •In CI/CD pipelines
- •Before releases
Recommended Runs
- •After refactoring
- •After adding dependencies
- •Periodically (weekly/monthly)
- •When onboarding new contributors
Troubleshooting
Formatting Issues
Problem: cargo fmt changes code unexpectedly
Solution:
- •Review changes with
git diff - •Check
rustfmt.tomlconfiguration - •Run
cargo fmt -- --checkto preview changes
Clippy False Positives
Problem: Clippy warns about code that's correct Solution:
- •Verify code is actually correct
- •Add
#[allow(lint_name)]with justification comment - •Report false positive to Clippy team if warranted
Audit Failures
Problem: cargo audit reports vulnerability but no patch available
Solution:
- •Check advisory severity (low/medium/high)
- •Look for workaround or mitigation
- •Document in SECURITY.md with planned resolution
- •Monitor for patch release
Project-Specific Standards
For this Rust memory project, quality standards from AGENTS.md:
- •Clippy Warnings: 0 (strictly enforced with
-D warnings) - •Code Formatting: 100% rustfmt compliant
- •Security: Zero known vulnerabilities
- •Test Coverage: >90% (current: 92.5%)
- •File Size: <500 LOC per module
Quality Gates Script
The project includes ./scripts/quality-gates.sh which runs all quality checks automatically.
Best Practices
DO:
✓ Run quality checks before every commit ✓ Fix clippy warnings immediately ✓ Keep dependencies up-to-date ✓ Document why warnings are suppressed ✓ Review automated suggestions before applying
DON'T:
✗ Suppress warnings without justification
✗ Skip quality checks to save time
✗ Commit code that fails quality gates
✗ Ignore security vulnerabilities
✗ Use #[allow(...)] at file level (be specific)
Integration with Other Skills
- •rust-code-quality: For deeper analysis of code patterns and structure
- •clean-code-developer: For refactoring to meet quality standards
- •testing-qa: For ensuring quality through comprehensive testing
Example Workflow
When working on a feature:
- •Write code and tests
- •Run
cargo fmtto format - •Run
cargo clippy --fixto auto-fix issues - •Manually review and fix remaining clippy warnings
- •Run
cargo auditto check security - •Run
cargo test --allto validate functionality - •Commit only if all checks pass