chore(eslint): enable @tanstack/query/exhaustive-deps rule#1132
Merged
carlosthe19916 merged 3 commits intoJul 2, 2026
Merged
Conversation
Fix 4 violations where queryFn referenced variables not in queryKey: - advisories.ts, sboms.ts, sbom-groups.ts: move requestParamsQuery() destructuring inside queryFn so derived variables are local - vulnerabilities.ts: inline the API call to eliminate the chunks closure dependency Part of guacsec#1128. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Contributor
Reviewer's GuideEnables the @tanstack/query/exhaustive-deps ESLint rule by removing its override and updating several React Query hooks so that their query functions no longer close over undeclared dependencies, primarily by moving parameter derivation into queryFn and inlining a helper closure around analyzeV3. Sequence diagram for updated useFetchVulnerabilitiesByPackageIds React Query interactionsequenceDiagram
participant Component
participant useFetchVulnerabilitiesByPackageIds
participant useQueries
participant analyzeV3
participant client
Component->>useFetchVulnerabilitiesByPackageIds: call(ids)
useFetchVulnerabilitiesByPackageIds->>useFetchVulnerabilitiesByPackageIds: chunkedIds = ids.reduce(...)
useFetchVulnerabilitiesByPackageIds->>useQueries: useQueries({ queries: chunkedIds.map(...) })
loop for each chunkIds in chunkedIds
useQueries->>analyzeV3: queryFn() with { client, body: { purls: chunkIds } }
analyzeV3-->>useQueries: response.data
end
useQueries-->>Component: userQueries
Sequence diagram for updated useQuery hooks deriving params inside queryFnsequenceDiagram
participant Component
participant useFetchSBOMs
participant useQuery
participant requestParamsQuery
participant listSboms
Component->>useFetchSBOMs: call(groupId, params, labels, disableQuery)
useFetchSBOMs->>useQuery: useQuery({ queryKey, queryFn, enabled })
useQuery->>requestParamsQuery: queryFn() with params
requestParamsQuery-->>useQuery: { q, rest }
useQuery->>listSboms: listSboms({ client, query: { ...rest, group, q } })
listSboms-->>useQuery: data
useQuery-->>Component: { data, isLoading, error, refetch }
File-Level Changes
Possibly linked issues
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
Contributor
There was a problem hiding this comment.
Hey - I've left some high level feedback:
- In
useFetchVulnerabilitiesByPackageIds, consider extracting the chunking logic andanalyzeV3call into a reusable helper to make the query definition more readable and reduce duplication if similar chunked calls are needed elsewhere. - For
useFetchSBOMGroups,useFetchSBOMs, anduseFetchAdvisories, you’re now recomputingrequestParamsQueryinsidequeryFn; if this function is non-trivial, consider memoizing its result (e.g., withuseMemo) or derivingq/restonce and safely including the necessary pieces in thequeryKeyto avoid repeated work on each fetch.
Prompt for AI Agents
Please address the comments from this code review:
## Overall Comments
- In `useFetchVulnerabilitiesByPackageIds`, consider extracting the chunking logic and `analyzeV3` call into a reusable helper to make the query definition more readable and reduce duplication if similar chunked calls are needed elsewhere.
- For `useFetchSBOMGroups`, `useFetchSBOMs`, and `useFetchAdvisories`, you’re now recomputing `requestParamsQuery` inside `queryFn`; if this function is non-trivial, consider memoizing its result (e.g., with `useMemo`) or deriving `q`/`rest` once and safely including the necessary pieces in the `queryKey` to avoid repeated work on each fetch.Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #1132 +/- ##
==========================================
- Coverage 53.09% 53.07% -0.03%
==========================================
Files 270 270
Lines 5882 5879 -3
Branches 1843 1843
==========================================
- Hits 3123 3120 -3
+ Misses 2456 2455 -1
- Partials 303 304 +1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
kahboom
approved these changes
Jul 2, 2026
# Conflicts: # client/src/app/queries/vulnerabilities.ts # eslint.config.mjs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
@tanstack/query/exhaustive-depsESLint rule by fixing 4 violations and removing the"off"overriderequestParamsQuery()destructuring insidequeryFnsorest/qare local variables instead of closured dependencies missing fromqueryKeyanalyzeV3call directly inqueryFn, eliminating thechunksobject closure. Rename the iteration variable tochunkIdsfor clarityPart of #1128 (PR 3 of 8). Depends on #1131.
Test plan
npm run lintpasses with zero errorsnpx tsc --noEmitpasses with no type errors🤖 Generated with Claude Code
Summary by Sourcery
Enable TanStack Query exhaustive-deps lint rule by updating query functions to avoid closures over undeclared dependencies.
Enhancements:
Build: