Ran Repowise on ShopSmart (full-stack e-commerce, 92 files, 80 commits) — the auth controller finding surprised me #625
Seeratzahra500
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I'm a CS student applying for the intern role. I ran Repowise on ShopSmart, a multi-tenant e-commerce platform I built which has Next.js frontend, Node.js/Express backend, MongoDB, JWT auth, 80 commits.
The finding that surprised me most:
server/src/controllers/auth.controller.js scored 5.3/10 with a CCN of 10 and nesting depth of 2. I considered this file one of the cleaner parts of the codebase — it handles JWT login, registration, and email password-reset. I was surprised it ranked in the bottom 6 files by health score.
Looking at it now, the complexity likely comes from the branching logic across multiple auth flows packed into single controller functions rather than separated into smaller handlers. I also noticed it has no test marker despite being the most security-critical file in the project — my 25 Jest/Supertest tests cover the routes but not the controller functions directly.
The dead code finding was also interesting:
AuthContext.jsx and CartContext.jsx both flagged as unreachable (in_degree=0). These are Next.js app-router context providers — they're consumed via React's tree, not static imports, which is why the dependency graph can't trace them. A false positive, but an understandable one given how Next.js app router works differently from traditional import graphs.
Overall: 8/20 lowest-health files had bug fixes in the last 6 months at 2.37x baseline — that correlation held up on my codebase too. The auth controller had the most revision churn of any backend file.
Beta Was this translation helpful? Give feedback.
All reactions