1.10.2

[digitalghost-dev]

Summary by CodeRabbit

• New Features

  • Added Cloudflare Tunnel and n8n pipeline infrastructure documentation.

• Bug Fixes

  • Added size limits on HTTP responses to avoid excessive downloads.
  • Improved HTTP request handling with a shared client to reduce inconsistencies.

• Documentation

  • Updated Docker installation examples and badges; added detailed infrastructure guides and improved Mermaid support.
  • Updated Content-Security-Policy directives.

• Chores / Refactor

  • Bumped project/package versions to v1.10.2.
  • Standardized CLI argument handling across commands and updated tests.

[coderabbitai]

Warning

Rate limit exceeded

@digitalghost-dev has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 57 minutes and 7 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2fd753ec-fa1e-4a9e-a0bb-e1805e24a46c

📥 Commits

Reviewing files that changed from the base of the PR and between aa8d04b and 0a32ff7.

📒 Files selected for processing (10)

• .github/workflows/ci.yml
• cmd/ability/ability_test.go
• cmd/item/item_test.go
• cmd/move/move_test.go
• cmd/natures/natures_test.go
• cmd/pokemon/pokemon_test.go
• cmd/speed/speed_test.go
• cmd/types/types.go
• cmd/types/types_test.go
• docs/Infrastructure_Guide/n8n.md

📝 Walkthrough

Walkthrough

This PR refactors CLI commands to accept explicit args instead of reading global os.Args, centralizes HTTP clients with response-size limits, bumps the project version to v1.10.2 across manifests and docs, and adds infrastructure guides for Cloudflare Tunnel and n8n.

Changes

CLI Arguments Refactoring with HTTP Client Centralization

Layer / File(s)	Summary
Version bump across all manifests .github/workflows/ci.yml, .goreleaser.yml, Dockerfile, README.md, card_data/pipelines/poke_cli_dbt/dbt_project.yml, card_data/pyproject.toml, nfpm.yaml, web/pyproject.toml, testdata/main_latest_flag.golden	All version references updated from v1.10.1 to v1.10.2 across CI/CD, build configs, package manifests, docs, and test fixtures.
CLI dispatcher and execution cli.go, cli_test.go	Dispatcher now stores raw command funcs func([]string)(string,error) and invokes them via utils.HandleCommandOutput(cmdFunc, remainingArgs)(); tests call runCLI with explicit args.
Command output & help utilities cmd/utils/output.go, cmd/utils/output_test.go	HandleCommandOutput accepts fn func([]string)(string,error) and args; CheckHelpFlag takes args []string and detects `-h
Argument validation logic cmd/utils/validateargs.go, cmd/utils/validateargs_test.go	Validators use dynamic index for help checks, RequireName fires at len(args)==1, ValidatePokemonArgs requires ≥2 args and shifts post-name validation to args[2:]. Tests consolidated into table-driven coverage.
Commands (ability, berry, card, item, move, natures, pokemon, search, speed, tcg, types) cmd/*/*.go, cmd/*/*_test.go	All commands now accept args []string, use utils.CheckHelpFlag(args, usage) and utils.ValidateArgs(args, ...), adjust indexing (endpoint/name from args[0]/args[1]), and shift flag parsing to args[2:]. Tests call commands directly and assert errors via assert/require.
Image downloads: berry & card cmd/berry/berryinfo.go, cmd/card/cardinfo.go	Image fetching uses shared HTTP client; berry images capped at 5 MiB via io.LimitReader, card images continue using 10 MiB cap; HTTP 200 checks added.
Shared HTTP client & API limits connections/connection.go, connections/connection_test.go	Adds NewDefaultHTTPClient(), centralized httpClient, DefaultHTTPTimeout, and maxAPIResponseBytes; ApiCallSetup enforces size limit and CallTCGData reuses shared client. Test added for oversized responses.
Flags: pokemon sprites & latest-release flags/pokemonflagset.go, flags/version.go, flags/version_test.go	Pokemon sprite downloads use shared client and 5 MiB limit; latest-release fetch refactored to latestReleaseFromURL using shared client and bounded reads; tests include stubbed HTTP client and error cases.
Tests: utils & validation updates cmd/utils/output_test.go, cmd/utils/validateargs_test.go, various command tests	Tests refactored to pass args directly, avoid mutating os.Args, and validate errors with require/assert; validateargs tests consolidated table-driven.

Documentation and Configuration

Layer / File(s)	Summary
Infrastructure guides for Cloudflare Tunnel and n8n docs/Infrastructure_Guide/cloudflare-tunnel.md, docs/Infrastructure_Guide/n8n.md	New guides document Cloudflare Tunnel setup for Dagster, securing via Cloudflare Zero Trust, Dagster GraphQL examples, and n8n Cloud pipelines with node configs and transformation examples.
Installation docs and mkdocs docs/installation.md, mkdocs.yml	Docker examples updated to use v1.10.2; mkdocs configured with a mermaid fence for diagrams.
Security/config docs/nginx.conf	CSP connect-src directive expanded to include https://unpkg.com.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~75 minutes

Possibly related PRs

• digitalghost-dev/poke-cli#232: Related release/version wiring changes in CI/build files.
• digitalghost-dev/poke-cli#246: Related CLI argument-validation work touching cmd/utils/validateargs.go.
• digitalghost-dev/poke-cli#253: Related earlier tcg command implementation and argument handling.

Poem

🐰 I hopped through args and made them clear,
No globals now to disappear,
Clients share their careful might,
Responses bounded, tidy, tight,
Version bumped — a joyful cheer!

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 12.70% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The PR title '1.10.2' is extremely vague and does not convey any meaningful information about the changes. While the version number is updated throughout the codebase, the title lacks descriptive content about what the PR accomplishes.	Consider updating the title to describe the primary change more clearly, such as 'Bump version to 1.10.2' or 'Release version 1.10.2 with CLI refactoring and HTTP client improvements'.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch 1.10.2

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

❌ Patch coverage is 90.97222% with 13 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
cmd/speed/speed.go	42.85%	4 Missing ⚠️
flags/pokemonflagset.go	33.33%	3 Missing and 1 partial ⚠️
cmd/berry/berryinfo.go	50.00%	1 Missing and 1 partial ⚠️
cmd/ability/ability.go	90.00%	0 Missing and 1 partial ⚠️
cmd/move/move.go	85.71%	0 Missing and 1 partial ⚠️
cmd/types/types.go	87.50%	1 Missing ⚠️

Files with missing lines	Coverage Δ
cli.go	87.50% <100.00%> (+0.13%)	⬆️
cmd/berry/berry.go	65.04% <100.00%> (+0.57%)	⬆️
cmd/card/card.go	32.75% <100.00%> (+2.40%)	⬆️
cmd/card/cardinfo.go	76.19% <100.00%> (-0.74%)	⬇️
cmd/item/item.go	94.54% <100.00%> (+0.10%)	⬆️
cmd/natures/natures.go	100.00% <100.00%> (ø)
cmd/pokemon/pokemon.go	85.54% <100.00%> (-0.18%)	⬇️
cmd/search/search.go	92.30% <100.00%> (+0.30%)	⬆️
cmd/tcg/tcg.go	61.64% <100.00%> (+1.64%)	⬆️
cmd/utils/output.go	100.00% <100.00%> (ø)
... and 9 more

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[codspeed-hq]

Merging this PR will not alter performance

✅ 12 untouched benchmarks
🆕 41 new benchmarks
⏩ 10 skipped benchmarks¹

Performance Changes

	Benchmark	BASE	HEAD	Efficiency
🆕	test_build_dataframe_raises_on_empty_dataframe	N/A	122 ms	N/A
🆕	test_extract_card_name_dash_and_variant_suffix	N/A	55.4 µs	N/A
🆕	test_extract_card_name_accented_characters	N/A	59.4 µs	N/A
🆕	test_extract_card_name_plain	N/A	57 µs	N/A
🆕	test_extract_card_name_strip_full_art	N/A	58.5 µs	N/A
🆕	test_build_dataframe_concatenates_all_sets	N/A	124.9 ms	N/A
🆕	test_extract_card_name_strip_dash_variant	N/A	56.8 µs	N/A
🆕	test_get_card_number_no_extended_data	N/A	16.9 µs	N/A
🆕	test_get_card_number_no_number_field	N/A	17.9 µs	N/A
🆕	test_pull_product_information_sm_normalizes_card_number	N/A	3.2 ms	N/A
🆕	test_pull_product_information_success	N/A	3.3 ms	N/A
🆕	test_pull_product_information_validation_error_raises	N/A	3.2 ms	N/A
🆕	test_extract_series_data_all_filtered_out	N/A	123.6 ms	N/A
🆕	test_extract_card_name_strip_gold	N/A	56 µs	N/A
🆕	test_extract_series_data_http_error	N/A	123.2 ms	N/A
🆕	test_extract_card_name_strip_parenthetical_number	N/A	55.5 µs	N/A
🆕	test_extract_series_data_validation_error	N/A	123.4 ms	N/A
🆕	test_discord_failure_sensor_handles_generic_exception	N/A	292 µs	N/A
🆕	test_extract_card_name_strip_reverse_holofoil	N/A	57.6 µs	N/A
🆕	test_discord_failure_sensor_handles_request_exception	N/A	300.4 µs	N/A
...	...	...	...	...

ℹ️ Only the first 20 benchmarks are displayed. Go to the app to view all benchmarks.

---

_{Comparing 1.10.2 (0a32ff7) with main (a935015)²}

Footnotes

1. 10 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩

2. No successful run was found on main (31176b4) during the generation of this report, so a935015 was used instead as the comparison base. There might be some changes unrelated to this pull request in this report. ↩

[coderabbitai]

Actionable comments posted: 8

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

cmd/utils/validateargs.go (1)

77-86: ⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

Guard empty argument before indexing arg[0] to prevent panic.

With iteration now starting at args[2:], an empty positional argument can reach this branch and panic on arg[0].

Proposed fix

 if len(args) > 2 {
 	for _, arg := range args[2:] {
+		if arg == "" {
+			return fmt.Errorf("%s", FormatError("Empty argument provided.\nOnly flags are allowed after declaring a Pokémon's name"))
+		}
 		// Check for an empty flag after Pokémon's name
 		if arg == "-" || arg == "--" {
 			return fmt.Errorf("%s", FormatError(fmt.Sprintf("Empty flag '%s'.\nPlease specify valid flag(s).", arg)))
 		}
 
 		// Check if the argument after Pokémon's name is an attempted flag
 		if arg[0] != '-' {
 			return fmt.Errorf("%s", FormatError(fmt.Sprintf("Invalid argument '%s'.\nOnly flags are allowed after declaring a Pokémon's name", arg)))
 		}
 	}
 }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@cmd/utils/validateargs.go` around lines 77 - 86, The loop over args[2:]
accesses arg[0] without checking for an empty string, which can panic; modify
the loop in validateargs.go to first guard empty arguments (e.g., if arg == ""
or len(arg) == 0) and return a formatted error via FormatError (similar style to
the existing empty-flag check) before any access to arg[0]; keep the existing
checks for "-" / "--" and the flag-character check afterwards so invalid or
empty positional values are rejected safely.

connections/connection.go (1)

157-168: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Apply bounded read pattern to CallTCGData to match the hardening pattern used elsewhere in the file.

Line 167 reads the response body without limits, risking memory exhaustion on oversized responses. The codebase already implements a bounded read pattern with io.LimitReader and validation (lines 107-113) that should be replicated here.

Proposed fix

-	body, err := io.ReadAll(resp.Body)
+	body, err := io.ReadAll(io.LimitReader(resp.Body, maxAPIResponseBytes+1))
 	if err != nil {
 		return nil, fmt.Errorf("error reading response body: %w", err)
 	}
+	if len(body) > maxAPIResponseBytes {
+		return nil, fmt.Errorf("response body exceeds %d bytes", maxAPIResponseBytes)
+	}

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@connections/connection.go` around lines 157 - 168, The CallTCGData code reads
resp.Body with io.ReadAll unbounded; mirror the bounded-read hardening used
earlier (the pattern around the previous io.LimitReader usage) by wrapping
resp.Body with io.LimitReader using the same max size constant (e.g.,
maxResponseBodySize or maxPayloadSize), read from that limited reader instead of
resp.Body directly, and validate the returned byte length (error if it equals
the limit implying truncation or exceeds allowed size). Update the logic in
CallTCGData (around the httpClient.Do(req), resp.Body and subsequent io.ReadAll
call) to use io.LimitReader and the same validation check used in the other
function.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@cmd/ability/ability_test.go`:
- Line 64: The test currently ignores the returned error from AbilityCommand, so
negative-path expectations (wantError) aren't asserted; update the table-driven
test to capture both outputs by changing the call to retrieve (output, err) :=
AbilityCommand(tt.args) and then assert err presence/absence matches
tt.wantError (and optionally assert error contents when wantError is true),
referring to the AbilityCommand call and the tt.wantError field in the test
table to implement the check.

In `@cmd/speed/speed_test.go`:
- Line 32: The test currently ignores the error returned from SpeedCommand (call
site: SpeedCommand in cmd/speed/speed_test.go) which can hide failures; update
the test to capture the error (e.g., output, err := SpeedCommand(tt.args)) and
assert or fail on it — for example use t.Fatalf/t.Errorf or the test helper
being used (require.NoError/assert.NoError) to fail the test when err != nil
before asserting on output so command failures don't produce false positives.

In `@cmd/types/types_test.go`:
- Line 38: The test currently discards the error from TypesCommand (output, _ :=
TypesCommand(tt.args)); change this to capture the error (output, err :=
TypesCommand(tt.args)) and assert it against the test case expectation
(tt.wantErr) instead of ignoring it: if tt.wantErr { assert.Error(t, err) /
require.Error(t, err) } else { assert.NoError(t, err) / require.NoError(t, err)
} and then continue asserting on output; update references to TypesCommand,
output, err and tt.wantErr in the test to perform these checks.

In `@cmd/types/types.go`:
- Line 41: The current derivation endpoint := strings.ToLower(args[0])[0:4] is
brittle and can panic on short args; replace this with a named constant (e.g.,
const endpoint = "xxxx") for the fixed endpoint and stop slicing args[0];
additionally add a short input validation that checks len(args) and len(args[0])
(or ensure args[0] exists) before using it to avoid panics, updating any
references to the local variable endpoint and the args usage in the surrounding
function to use the constant and the new guard.

In `@docs/Infrastructure_Guide/cloudflare-tunnel.md`:
- Around line 96-97: The docs hardcode /home/ubuntu for copying cloudflared
credentials; update the commands to use a generic home reference (e.g., $HOME or
~ or a variable like CLOUD_USER_HOME or use $(whoami) to build the path) and
reference the cloudflared source as ~/.cloudflared/cert.pem and
~/.cloudflared/*.json so the copy to /etc/cloudflared/ works for non‑Ubuntu or
differently named user accounts; ensure the example shows the variable usage
consistently for both cert.pem and the JSON files.
- Around line 51-54: The doc hardcodes the ARM64 binary URL
(cloudflared-linux-arm64) in the curl command which will fail on amd64 hosts;
update the install snippet to be architecture-neutral by detecting architecture
(e.g., use curl .../cloudflared-linux-$(uname -m) -o /usr/local/bin/cloudflared
or map uname -m to the correct release name) and ensure the target path
(/usr/local/bin/cloudflared) and curl -L usage remain the same so the same
command works for both x86_64 and aarch64 hosts.

In `@docs/Infrastructure_Guide/n8n.md`:
- Line 13: Fix the typos in the user-facing documentation by replacing the
misspelled tokens: change "reasoons" to "reasons", "sucess" to "success", and
"defaut" to "default" in the n8n.md content so the sentences read correctly and
clearly (search for those exact tokens to locate where to update).
- Around line 376-384: The GraphQL mutation in LaunchRun uses the outdated
signature launchRun(selector: $s) and JobOrPipelineSelector; update it to the
current Dagster shape by changing the mutation to accept executionParams (e.g.,
mutation LaunchRun($p: ExecutionParams!) { launchRun(executionParams: $p) {
__typename ... on LaunchRunSuccess { run { runId } } ... on PythonError {
message } } }) so callers use $p/ExecutionParams instead of
$s/JobOrPipelineSelector and the documented launchRun(executionParams: $p)
pattern.

---

Outside diff comments:
In `@cmd/utils/validateargs.go`:
- Around line 77-86: The loop over args[2:] accesses arg[0] without checking for
an empty string, which can panic; modify the loop in validateargs.go to first
guard empty arguments (e.g., if arg == "" or len(arg) == 0) and return a
formatted error via FormatError (similar style to the existing empty-flag check)
before any access to arg[0]; keep the existing checks for "-" / "--" and the
flag-character check afterwards so invalid or empty positional values are
rejected safely.

In `@connections/connection.go`:
- Around line 157-168: The CallTCGData code reads resp.Body with io.ReadAll
unbounded; mirror the bounded-read hardening used earlier (the pattern around
the previous io.LimitReader usage) by wrapping resp.Body with io.LimitReader
using the same max size constant (e.g., maxResponseBodySize or maxPayloadSize),
read from that limited reader instead of resp.Body directly, and validate the
returned byte length (error if it equals the limit implying truncation or
exceeds allowed size). Update the logic in CallTCGData (around the
httpClient.Do(req), resp.Body and subsequent io.ReadAll call) to use
io.LimitReader and the same validation check used in the other function.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 90725948-e9df-44bd-8cea-1a7699054d18

📥 Commits

Reviewing files that changed from the base of the PR and between 31176b4 and a0d742e.

📒 Files selected for processing (49)

• .github/workflows/ci.yml
• .goreleaser.yml
• Dockerfile
• README.md
• card_data/pipelines/poke_cli_dbt/dbt_project.yml
• card_data/pyproject.toml
• cli.go
• cli_test.go
• cmd/ability/ability.go
• cmd/ability/ability_test.go
• cmd/berry/berry.go
• cmd/berry/berry_test.go
• cmd/berry/berryinfo.go
• cmd/card/card.go
• cmd/card/card_test.go
• cmd/card/cardinfo.go
• cmd/item/item.go
• cmd/item/item_test.go
• cmd/move/move.go
• cmd/move/move_test.go
• cmd/natures/natures.go
• cmd/natures/natures_test.go
• cmd/pokemon/pokemon.go
• cmd/pokemon/pokemon_test.go
• cmd/search/search.go
• cmd/search/search_test.go
• cmd/speed/speed.go
• cmd/speed/speed_test.go
• cmd/tcg/tcg.go
• cmd/tcg/tcg_test.go
• cmd/types/types.go
• cmd/types/types_test.go
• cmd/utils/output.go
• cmd/utils/output_test.go
• cmd/utils/validateargs.go
• cmd/utils/validateargs_test.go
• connections/connection.go
• connections/connection_test.go
• docs/Infrastructure_Guide/cloudflare-tunnel.md
• docs/Infrastructure_Guide/n8n.md
• docs/installation.md
• docs/nginx.conf
• flags/pokemonflagset.go
• flags/version.go
• flags/version_test.go
• mkdocs.yml
• nfpm.yaml
• testdata/main_latest_flag.golden
• web/pyproject.toml

💤 Files with no reviewable changes (1)

• cli_test.go

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

cmd/natures/natures_test.go (1)

44-47: ⚡ Quick win

Prefer require.Error for expected-error branches.

Using require.Error here keeps behavior consistent with strict testifylint configurations and fails fast in the subtest.

Suggested change

 			if tt.wantError {
-				assert.Error(t, err)
+				require.Error(t, err)
 			} else {
 				require.NoError(t, err)
 			}

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@cmd/natures/natures_test.go` around lines 44 - 47, In the test subtest branch
that checks for expected errors (where tt.wantError is true), replace
assert.Error(t, err) with require.Error(t, err) so the subtest fails fast and
complies with strict testifylint rules; update the conditional in the test loop
that currently reads "if tt.wantError { assert.Error(t, err) } else {
require.NoError(t, err) }" to use require.Error for the true branch while
keeping require.NoError in the false branch.

cmd/pokemon/pokemon_test.go (1)

106-109: ⚡ Quick win

Use require.Error in expected-error branch for consistency.

This keeps table tests consistent with require-first error assertion style and stricter testifylint setups.

Suggested change

 			if tt.expectedError {
-				assert.Error(t, err)
+				require.Error(t, err)
 			} else {
 				require.NoError(t, err)
 			}

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@cmd/pokemon/pokemon_test.go` around lines 106 - 109, Replace the assert-based
error assertion with a require one for consistency: in the test table branch
that checks tt.expectedError, call require.Error(t, err) instead of
assert.Error(t, err) so it matches the require.NoError(t, err) usage and
satisfies stricter testifylint rules; update the assertion in the same test
function where tt.expectedError and err are used.

cmd/speed/speed_test.go (1)

33-36: ⚡ Quick win

Align expected-error assertion with require style.

Switching to require.Error keeps assertion style consistent with lint-enforced tests in this PR.

Suggested change

 			if tt.wantError {
-				assert.Error(t, err)
+				require.Error(t, err)
 			} else {
 				require.NoError(t, err)
 			}

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@cmd/speed/speed_test.go` around lines 33 - 36, Replace the assert-style error
check with the require-style to match the rest of the test: in the test block
that inspects tt.wantError, change the call from assert.Error(t, err) to
require.Error(t, err) so it aligns with require.NoError(t, err) and the
lint-enforced assertion style used in these tests.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@cmd/item/item_test.go`:
- Around line 63-66: Replace the non-fatal assertion with a fatal one: in the
test branch that checks tt.expectedError, change the call that uses assert.Error
to require.Error so failures abort the test immediately; locate the assertion
referencing tt.expectedError and replace assert.Error(...) with
require.Error(...) to satisfy the testifylint rule and prevent subsequent test
code from running on error.

In `@cmd/move/move_test.go`:
- Around line 51-54: Replace the non-fatal assertion with a fatal one so the
test halts on the expected-error path: change the call that currently uses
assert.Error(t, err) (inside the test table branch checking tt.expectedError) to
require.Error(t, err) so it matches the existing require.NoError path and
satisfies the testifylint require-error rule; ensure the surrounding if
tt.expectedError { ... } else { require.NoError(t, err) } structure remains
unchanged and still references the same variables (tt.expectedError, err).

---

Nitpick comments:
In `@cmd/natures/natures_test.go`:
- Around line 44-47: In the test subtest branch that checks for expected errors
(where tt.wantError is true), replace assert.Error(t, err) with require.Error(t,
err) so the subtest fails fast and complies with strict testifylint rules;
update the conditional in the test loop that currently reads "if tt.wantError {
assert.Error(t, err) } else { require.NoError(t, err) }" to use require.Error
for the true branch while keeping require.NoError in the false branch.

In `@cmd/pokemon/pokemon_test.go`:
- Around line 106-109: Replace the assert-based error assertion with a require
one for consistency: in the test table branch that checks tt.expectedError, call
require.Error(t, err) instead of assert.Error(t, err) so it matches the
require.NoError(t, err) usage and satisfies stricter testifylint rules; update
the assertion in the same test function where tt.expectedError and err are used.

In `@cmd/speed/speed_test.go`:
- Around line 33-36: Replace the assert-style error check with the require-style
to match the rest of the test: in the test block that inspects tt.wantError,
change the call from assert.Error(t, err) to require.Error(t, err) so it aligns
with require.NoError(t, err) and the lint-enforced assertion style used in these
tests.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: f55e2a0a-fa57-427f-984b-44bd91aa6984

📥 Commits

Reviewing files that changed from the base of the PR and between a0d742e and aa8d04b.

📒 Files selected for processing (8)

• cmd/ability/ability_test.go
• cmd/item/item_test.go
• cmd/move/move_test.go
• cmd/natures/natures_test.go
• cmd/pokemon/pokemon_test.go
• cmd/speed/speed_test.go
• cmd/types/types_test.go
• docs/Infrastructure_Guide/n8n.md

🚧 Files skipped from review as they are similar to previous changes (1)

• cmd/types/types_test.go