Add CodeRabbit configuration file (.coderabbit.yaml)

[anshulchikhale30-p]

Summary

This PR adds the standardized .coderabbit.yaml configuration file from the AOSSIE Template Repository.

Purpose

• Enables consistent automated review behavior
• Discourages verbose or boilerplate comments
• Encourages concise, high-quality documentation
• Aligns this repository with organization-wide standards

Please let me know if any repository-specific adjustments are required.

Summary by CodeRabbit

• Chores

  • Added configuration for automated code reviews across multiple languages with integrated code quality analysis and issue labeling workflows.

• Documentation

  • Fixed minor text in documentation.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
identity-tokens-evm-frontend	Ready	Preview, Comment	Feb 21, 2026 6:57am

[coderabbitai]

Warning

Ignoring CodeRabbit configuration file changes. For security, only the configuration from the base branch is applied for open source repositories.

📝 Walkthrough

Walkthrough

A new CodeRabbit configuration file is introduced, establishing automated code review, issue enrichment, labeling, and pre-merge check rules. The README is updated with minor text revisions.

Changes

Cohort / File(s)	Summary
Configuration & Automation .coderabbit.yaml	New configuration file defining CI/code review automation workflows, including auto-reply settings, issue labeling and planning rules, review profiles, pre-merge checks, static analyzer tools, and language-specific review instructions for TypeScript, JavaScript, Python, Solidity, HTML, CSS, and assets.
Documentation README.md	Minor text edits: removed trailing exclamation mark from final sentence and removed accompanying copyright line.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰 A config is born with such care and detail,
Rules for reviews that shall never fail,
Automation flows through each language and test,
CodeRabbit's burrow is dressed in its best! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and directly describes the main change: adding a CodeRabbit configuration file. It is specific, concise, and accurately reflects the primary modification in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 5

🧹 Nitpick comments (2)

.coderabbit.yaml (2)

88-123: Consider trimming tools to those relevant to the project's tech stack.

Several enabled tools target languages/platforms not used in this repository (Swift → swiftlint, PHP → phpstan, Go → golangci-lint, Kotlin → detekt, Docker → hadolint). While harmless (they won't fire without matching files), removing them reduces config noise and makes intent clearer. Keep eslint, biome, markdownlint, shellcheck, yamllint, gitleaks, github-checks, and languagetool.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 88 - 123, Update the tools list under the
top-level tools key in .coderabbit.yaml to remove linters irrelevant to this
repo’s tech stack: delete swiftlint, phpstan, golangci-lint, detekt, and
hadolint entries and keep the relevant tools (eslint, biome, markdownlint,
shellcheck, yamllint, gitleaks, github-checks, languagetool) so the config is
concise and intent is clear; locate and edit the section shown by the tools:
{swiftlint, phpstan, golangci-lint, detekt, hadolint} entries and remove those
blocks while leaving the remaining tool blocks unchanged.

---

273-280: Asset review instructions reference mobile conventions.

@2x and @3x screen-density variants (line 278) are a React Native/iOS convention. For a web frontend, consider replacing this with web-appropriate guidance such as responsive srcset usage, WebP/AVIF format preference, or SVG optimization.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 273 - 280, The asset review guidance under the
"assets/**/*" entry references mobile-specific `@2x/`@3x variants; update that
instructions block to use web-appropriate conventions: replace the `@2x/`@3x
bullet with guidance to provide responsive images via srcset/sizes and
width-based variants, prefer modern formats (WebP/AVIF) with fallbacks to
JPEG/PNG, ensure SVGs are optimized and served inline or as optimized files, and
add a note to validate font licensing and subset/woff2 delivery; keep the same
"assets/**/*" key so tooling still targets the same asset set.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.coderabbit.yaml:
- Around line 67-68: The inline comment for request_changes_workflow is
misleading: it says "just leave comments" but when request_changes_workflow:
true CodeRabbit will auto-approve the PR once comments are resolved and
pre-merge checks pass; update the inline comment to accurately describe this
behavior (e.g., "auto-approve PR when all CodeRabbit comments are resolved and
pre-merge checks pass") or change request_changes_workflow to false if you want
to prevent auto-approval (adjust the boolean at request_changes_workflow
accordingly).
- Around line 248-257: The test file matcher block currently references the
wrong testing library string ("@testing-library/react-native") for a Next.js web
frontend; update the YAML entry under the Javascript/Typescript test files block
(the line that lists "@testing-library/react-native") to use the web testing
library "@testing-library/react" so the guidance and linting/review tooling
target the correct library for the project.
- Around line 170-197: The template contains React Native/Expo-specific
directives that should be removed or replaced: remove or replace the lines
containing "Ensure that 'use client' is being used", "Use expo-secure-store for
sensitive storage", and "Validate deep linking configurations" with
Next.js/web-frontend appropriate checks; update the "Ensure that 'use client' is
being used" directive to advise App Router rules (only add "use client" to
interactive client components and never in server components), replace "Use
expo-secure-store for sensitive storage" with web-safe guidance (secure handling
of secrets: use server-side environment vars, HttpOnly cookies, and avoid
storing secrets in localStorage), and replace "Validate deep linking
configurations" with routing/security checks relevant to Next.js (route
validation, open-redirects, and deep-link handling in web context); ensure the
file references the actual stack (Next.js, React, wagmi, ethers.js) and remove
any Expo/React Native-specific mentions.
- Around line 152-166: The YAML uses an unsupported top-level property
"instructions" under the "reviews" object (which has additionalProperties:
false), so the block will be ignored; fix this by removing "instructions" from
under "reviews" and moving those directives into the "path_instructions" section
(or another schema-approved place) using a catch-all glob like "**" to apply
them globally, or update the schema-compliant property per the latest CodeRabbit
docs; ensure you reference the "reviews" object, the "instructions" block, and
"path_instructions" when making the change.

In `@README.md`:
- Line 186: Add a terminal period to the sentence "We appreciate your feedback
and contributions" in the README so it ends with a period (i.e., change it to
"We appreciate your feedback and contributions.").

---

Nitpick comments:
In @.coderabbit.yaml:
- Around line 88-123: Update the tools list under the top-level tools key in
.coderabbit.yaml to remove linters irrelevant to this repo’s tech stack: delete
swiftlint, phpstan, golangci-lint, detekt, and hadolint entries and keep the
relevant tools (eslint, biome, markdownlint, shellcheck, yamllint, gitleaks,
github-checks, languagetool) so the config is concise and intent is clear;
locate and edit the section shown by the tools: {swiftlint, phpstan,
golangci-lint, detekt, hadolint} entries and remove those blocks while leaving
the remaining tool blocks unchanged.
- Around line 273-280: The asset review guidance under the "assets/**/*" entry
references mobile-specific `@2x/`@3x variants; update that instructions block to
use web-appropriate conventions: replace the `@2x/`@3x bullet with guidance to
provide responsive images via srcset/sizes and width-based variants, prefer
modern formats (WebP/AVIF) with fallbacks to JPEG/PNG, ensure SVGs are optimized
and served inline or as optimized files, and add a note to validate font
licensing and subset/woff2 delivery; keep the same "assets/**/*" key so tooling
still targets the same asset set.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Misleading inline comment.

The comment says "just leave comments," but request_changes_workflow: true actually auto-approves the PR once all CodeRabbit comments are resolved and pre-merge checks pass. This is the opposite of "just leaving comments." Please update the comment to reflect the actual behavior, or set this to false if auto-approval is not desired.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 67 - 68, The inline comment for
request_changes_workflow is misleading: it says "just leave comments" but when
request_changes_workflow: true CodeRabbit will auto-approve the PR once comments
are resolved and pre-merge checks pass; update the inline comment to accurately
describe this behavior (e.g., "auto-approve PR when all CodeRabbit comments are
resolved and pre-merge checks pass") or change request_changes_workflow to false
if you want to prevent auto-approval (adjust the boolean at
request_changes_workflow accordingly).

[coderabbitai]

⚠️ Potential issue | 🟠 Major

instructions is not a valid property under reviews — this block will be silently ignored.

Per the CodeRabbit configuration schema, the reviews object does not define an instructions property and sets additionalProperties: false. This entire block of review directives (spelling checks, test coverage, copyright years, etc.) will have no effect.

If you intend these as global review instructions, consider moving them into path_instructions with a catch-all glob pattern like **, or check the latest CodeRabbit docs for the correct placement.

🔧 Possible workaround: move to a catch-all path instruction

-  # Review instructions that apply to all files
-  instructions: >-
-    - Verify that documentation and comments are free of spelling mistakes
-    - Ensure that test code is automated, comprehensive, and follows testing best practices
-    - Verify that all critical functionality is covered by tests
-    - Confirm that the code meets the project's requirements and objectives
-    - Confirm that copyright years are up-to date whenever a file is changed
-    - Point out redundant obvious comments that do not add clarity to the code
-    - Ensure that comments are concise and suggest more concise comment statements if possible
-    - Discourage usage of verbose comment styles such as NatSpec
-    - Look for code duplication
-    - Suggest code completions when:
-        - seeing a TODO comment
-        - seeing a FIXME comment
-
   # Custom review instructions for specific file patterns
   path_instructions:
+    # Global instructions that apply to all files
+    - path: "**"
+      instructions: |
+        - Verify that documentation and comments are free of spelling mistakes
+        - Ensure that test code is automated, comprehensive, and follows testing best practices
+        - Verify that all critical functionality is covered by tests
+        - Confirm that the code meets the project's requirements and objectives
+        - Confirm that copyright years are up-to-date whenever a file is changed
+        - Point out redundant obvious comments that do not add clarity to the code
+        - Ensure that comments are concise and suggest more concise comment statements if possible
+        - Discourage usage of verbose comment styles such as NatSpec
+        - Look for code duplication
+        - Suggest code completions when:
+            - seeing a TODO comment
+            - seeing a FIXME comment
+
     # TypeScript/JavaScript files
     - path: "**/*.{ts,tsx,js,jsx}"

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 152 - 166, The YAML uses an unsupported
top-level property "instructions" under the "reviews" object (which has
additionalProperties: false), so the block will be ignored; fix this by removing
"instructions" from under "reviews" and moving those directives into the
"path_instructions" section (or another schema-approved place) using a catch-all
glob like "**" to apply them globally, or update the schema-compliant property
per the latest CodeRabbit docs; ensure you reference the "reviews" object, the
"instructions" block, and "path_instructions" when making the change.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Template contains React Native/Expo-specific directives that don't apply to this Next.js web frontend.

Several instructions in this section appear to be carried over from a mobile/React Native template and are not relevant to this project (IdentityTokens-EVM-Frontend, a Next.js app):

• Line 173: "Ensure that 'use client' is being used" — Too broad. In Next.js App Router, only interactive components need "use client"; server components must not use it. This will generate false positives on every server component.
• Line 190: "Use expo-secure-store for sensitive storage" — This is an Expo/React Native API and not applicable to a web frontend.
• Line 191: "Validate deep linking configurations" — Primarily a mobile concern.

Please tailor these instructions to match the actual tech stack (Next.js, React, wagmi, ethers.js).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 170 - 197, The template contains React
Native/Expo-specific directives that should be removed or replaced: remove or
replace the lines containing "Ensure that 'use client' is being used", "Use
expo-secure-store for sensitive storage", and "Validate deep linking
configurations" with Next.js/web-frontend appropriate checks; update the "Ensure
that 'use client' is being used" directive to advise App Router rules (only add
"use client" to interactive client components and never in server components),
replace "Use expo-secure-store for sensitive storage" with web-safe guidance
(secure handling of secrets: use server-side environment vars, HttpOnly cookies,
and avoid storing secrets in localStorage), and replace "Validate deep linking
configurations" with routing/security checks relevant to Next.js (route
validation, open-redirects, and deep-link handling in web context); ensure the
file references the actual stack (Next.js, React, wagmi, ethers.js) and remove
any Expo/React Native-specific mentions.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Wrong testing library referenced for a web frontend project.

Line 253 references @testing-library/react-native, but this is a Next.js web project. The correct library is @testing-library/react.

✏️ Suggested fix

     - path: "**/*.test.{ts,tsx,js,jsx}"
       instructions: |
         Review test files for:
         - Comprehensive coverage of component behavior
-        - Proper use of `@testing-library/react-native`
+        - Proper use of `@testing-library/react`
         - Async behavior is properly tested
         - Accessibility testing is included
         - Test descriptions are sufficiently detailed to clarify the purpose of each test
         - The tests are not tautological

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.coderabbit.yaml around lines 248 - 257, The test file matcher block
currently references the wrong testing library string
("@testing-library/react-native") for a Next.js web frontend; update the YAML
entry under the Javascript/Typescript test files block (the line that lists
"@testing-library/react-native") to use the web testing library
"@testing-library/react" so the guidance and linting/review tooling target the
correct library for the project.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Missing terminal punctuation.

The sentence ends without a period.

✏️ Suggested fix

-We appreciate your feedback and contributions
+We appreciate your feedback and contributions.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	We appreciate your feedback and contributions
	We appreciate your feedback and contributions.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@README.md` at line 186, Add a terminal period to the sentence "We appreciate
your feedback and contributions" in the README so it ends with a period (i.e.,
change it to "We appreciate your feedback and contributions.").