Skip to content

Code Quality: PR #416 #1375

Sign in to view logs

Code Quality: PR #416

Code Quality: PR #416 #1375

Triggered via dynamic May 21, 2026 22:21
@cameroncookecameroncooke
bf7753e
refs/pull/416/head
Status Success
Total duration 1m 22s
Artifacts

codeql

on: dynamic
Matrix: analyze
Fit to window
Zoom out
Zoom in

Annotations

4 warnings
ui-action-result v2 schema mutated in place while schemaVersion const stays '2': schemas/structured-output/xcodebuildmcp.output.ui-action-result/2.schema.json#L337
Adding new `action` variants (`batch`, `type-text`, `key-press`, `key-sequence`) and optional `capture`/`uiError` fields to `2.schema.json` while keeping `"schemaVersion": { "const": "2" }` means any previously-distributed portable package carries a stale v2 schema that would reject runtime outputs with `action.type: "batch"` — use version 3 (already created) and update the tool manifests instead.
O(n²) element scan in findActiveForegroundRoot for snapshots with many scrollable elements: src/mcp/tools/ui-automation/shared/runtime-next-steps.ts#L388
Each scrollable candidate in `foregroundScore` runs a full `records.filter(isForegroundCandidateForRoot)` plus a `findSheetGrabberDescendant` scan (another O(n)), making the total work O(n × k) where k is the number of scrollable elements — which can be O(n²) in complex UIs. Consider pre-grouping elements by path prefix or building a parent→children index once before scoring.
[HW5-264] O(n²) element scan in findActiveForegroundRoot for snapshots with many scrollable elements (additional location): src/mcp/tools/ui-automation/shared/runtime-next-steps.ts#L579
Each scrollable candidate in `foregroundScore` runs a full `records.filter(isForegroundCandidateForRoot)` plus a `findSheetGrabberDescendant` scan (another O(n)), making the total work O(n × k) where k is the number of scrollable elements — which can be O(n²) in complex UIs. Consider pre-grouping elements by path prefix or building a parent→children index once before scoring.
Generic destructive labels ('close', 'delete', 'remove', '+') are permanently deprioritized across all app workflows: src/utils/structured-output-envelope.ts#L57
Labels like `'close'`, `'delete'`, `'remove'`, `'clear'`, `'+'`, and `'-'` are placed in `LOW_PRIORITY_RUNTIME_TARGET_LABELS` alongside calculator-specific symbols, giving them priority score 90 (sorted last). When a screen has more than 64 tappable elements these controls will be silently dropped from the compact `targets` array, meaning agents working in any non-calculator app (e.g. 'Delete Account', 'Remove from Favorites', 'Close' dialogs, stepper `+`/`-` buttons) may never see those controls in a runtime snapshot. Consider either restricting these labels to a calculator-specific context or only demoting them rather than making them droppable under the hard limit.