maroayman/deno-lume-portfolio

https://github.com/maroayman/deno-lume-portfolio

Scanned on Mar 20, 2026

2 High
42 Medium
137 Low

AI Assessment

VERDICT

Based on automated scanner findings, this repository is not production-ready. While security and dependency scans passed, significant code quality issues and missing project governance files create substantial technical debt.

TOP RISKS

→ Duplicated code blocks (58 lines) detected across .opencode/agents/content.md, .opencode/agents/blog-post.md, and .opencode/agents/resume.md. The scanner flagged this 5 times, indicating repetitive patterns that violate DRY principles.

→ High cyclomatic complexity flagged in src/assets/blog-list.js at lines 273, 174, and 351 (CCN 13), suggesting functions that are difficult to test and maintain.

→ No Assign In Expressions violations (28 instances) scattered through the codebase indicate inconsistent code style that reduces readability.

→ No LICENSE file detected, making project licensing unclear and potentially problematic for users and contributors.

→ No tests detected in the repository, leaving code coverage unknown and regression detection impossible.

WHAT TO FIX FIRST

Consolidate the 58-line duplicated code block across the three markdown files in .opencode/agents/. This single issue is flagged 5 times and represents a straightforward improvement with immediate payoff. Extracting this to a shared template or include would eliminate a major code quality violation and likely improve the score significantly.

SECONDARY NOTES

128 low-severity findings exist primarily around formatting and style (comma operators, unused variables, arrow function conversion). While numerous, these are collectively lower impact than the medium-severity structural issues. The absence of CI/CD configuration, SECURITY.md, and CODEOWNERS suggests project governance gaps rather than code defects.

fix-prompt.md

Category Breakdown

Security0%Secrets & Credentials0%Dependencies0%Code Quality0%Best Practices0%
300/300
Security
200/200
Secrets & Credentials
150/150
Dependencies
64/100
Code Quality163 findings
87/100
Best Practices5 findings

Findings(181 in 24 groups)

Tip: 137 low-severity findings are style suggestions, not security risks.

The same code is copied in multiple places. If there's a bug in one copy, all the other copies still have it. This makes fixing bugs much harder.

AI Fix Prompt

In .opencode/agents/content.md at line 12, duplicated code was detected. Refactor it: 1. Identify the repeated code block 2. Extract it into a shared function with a descriptive name 3. Replace all multiple copies with calls to the new function 4. If the copies differ slightly, add parameters to the function to handle the differences 5. Make sure all existing behavior is preserved after the refactor

.opencode/agents/content.mdL12
.opencode/agents/blog-post.mdL15
.opencode/agents/resume.mdL29
.opencode/agents/resume.mdL20
src/assets/blog-list.jsL456

A code quality issue was found. It may not be a security risk, but fixing it makes your code more reliable and easier to work with.

AI Fix Prompt

In your project, there's a code quality issue: "No Assign In Expressions". Please review and fix this according to best practices. The linter rule lint/suspicious/noAssignInExpressions this as a problem — look up the rule for guidance on the correct fix.

A code quality issue was found. It may not be a security risk, but fixing it makes your code more reliable and easier to work with.

AI Fix Prompt

In your project, there's a code quality issue: "Use Iterable Callback Return". Please review and fix this according to best practices. The linter rule lint/suspicious/useIterableCallbackReturn this as a problem — look up the rule for guidance on the correct fix.

Your project has no license file. Without one, nobody can legally use, modify, or contribute to your code — even if it's public on GitHub.

AI Fix Prompt

Add a LICENSE file to your project root: 1. For open source: create a file called LICENSE and paste the MIT License text (most popular for open source) 2. For private/commercial: add a LICENSE file stating "All rights reserved" and your copyright 3. Choose a license at https://choosealicense.com if you're unsure 4. Add the license type to your package.json: "license": "MIT"

Your app has no automated tests. You won't know if a code change breaks something until real users complain. This is the #1 reason apps break after updates.

AI Fix Prompt

Your project has no test files. Add basic tests: 1. Install a test framework: npm install -D vitest (or jest) 2. Create a __tests__ folder or add .test.ts files next to your source files 3. Start by writing tests for your most important functions — the ones that handle money, auth, or user data 4. Add a "test" script to your package.json: "test": "vitest" 5. Run tests with: npm test

A code quality issue was found. It may not be a security risk, but fixing it makes your code more reliable and easier to work with.

AI Fix Prompt

In your project, there's a code quality issue: "No Double Equals". Please review and fix this according to best practices. The linter rule lint/suspicious/noDoubleEquals this as a problem — look up the rule for guidance on the correct fix.

A code quality issue was found. It may not be a security risk, but fixing it makes your code more reliable and easier to work with.

AI Fix Prompt

In your project, there's a code quality issue: "No Comma Operator". Please review and fix this according to best practices. The linter rule lint/complexity/noCommaOperator this as a problem — look up the rule for guidance on the correct fix.

A code quality issue was found. It may not be a security risk, but fixing it makes your code more reliable and easier to work with.

AI Fix Prompt

In your project, there's a code quality issue: "Format". Please review and fix this according to best practices. The linter rule format this as a problem — look up the rule for guidance on the correct fix.

A code quality issue was found. It may not be a security risk, but fixing it makes your code more reliable and easier to work with.

AI Fix Prompt

In your project, there's a code quality issue: "No Explicit Any". Please review and fix this according to best practices. The linter rule lint/suspicious/noExplicitAny this as a problem — look up the rule for guidance on the correct fix.

This function is overly complex (complexity score: 13). It likely has hidden bugs that are hard to find, and AI coding tools will struggle to modify it correctly.

AI Fix Prompt

In src/assets/blog-list.js at line 273, there's a function with cyclomatic complexity of 13 (should be under 15). Break it down: 1. Identify the different things this function does (each if/else branch, each loop) 2. Extract each logical step into its own smaller function with a clear name 3. The main function should read like a high-level description of the process 4. Each new function should do ONE thing and be easy to understand on its own 5. Aim for functions with complexity under 10

src/assets/blog-list.jsL273
src/assets/blog-list.jsL174
src/assets/blog-list.jsL351
src/assets/blog-list.jsL273
src/assets/blog-list.jsL174

Share your ShipScanner

Show the world your code quality. Your report has a beautiful preview image built in.

LinkedInTwitter / X

Embed Trust Badge

Show your code quality score in your README. The badge updates automatically every time you re-scan.

README.md
ShipScanner: B 679
[![ShipScanner: B 679](https://shipscanner.dev/api/badge/cmmy63bp80001ky04ebdromk6)](https://shipscanner.dev/report/cmmy63bp80001ky04ebdromk6)