TypeScript Code Review with LGTM

When you connect a TypeScript repo to LGTM, our tree-sitter indexer parses every .ts/.tsx file and builds a symbol graph: exported functions, types, interfaces, classes, React components, and the imports that connect them. On a PR, personalised PageRank ranks the symbols related to the diff and the 6 specialist agents (Bugs, Security, Performance, Readability, Best-Practices, Documentation) see the changed code with its actual repo context attached.

TypeScript-specific signals our agents look at: type narrowing inside conditions (the classic 'I checked for undefined above but TS still says possibly undefined' confusion), unsafe `as` casts, `any` introductions, missing return types on exported functions, untyped event handlers, React hook dependency arrays, and async functions whose promises aren't awaited.

Findings come back as inline GitHub PR comments anchored to the changed lines. False positives get filtered by the synthesizer using a confidence threshold — TypeScript projects with `strict: false` get a more relaxed pass than projects with `strict: true` because the same pattern means different things in those modes.

Type assertions that lie. `const user = data as User` — but data is actually `unknown` from an API response. LGTM flags assertions on inputs that haven't been validated upstream.

Narrowing gone wrong. After `if (typeof x === 'string')`, calling a callback that closes over x — the narrowing doesn't propagate. The Bugs agent recognises this pattern.

Async functions not awaited. `async function save() { db.write() }` — db.write() returns a Promise that floats untouched. Easy to miss in review; the agent catches missing `await` on Promise-returning calls.

Stale closures in React. `useEffect(() => { setTimeout(() => doThing(state), 1000) }, [])` — state captured at mount, doThing runs with stale data. The agent reads hook dependency arrays and the closure body together.

Discriminated union exhaustiveness. `switch (action.type)` with a default fall-through that should be `never`. Catches off-by-one when a new action type is added.

Unused exported symbols. A `export function helper()` that no other file imports — flagged for cleanup. Crosses the diff boundary because the indexer sees the whole repo.

Tree-sitter's TypeScript grammar is mature — it's the language tree-sitter was originally co-developed against (Atom/GitHub). All major constructs parse cleanly: ESM imports, CommonJS requires, JSX/TSX, generics, conditional types, mapped types, decorators.

Edge cases: deeply nested template literal types parse but generate noisy trees. Heavy macro-like generic abuse (libraries doing type-level computation) can produce ERROR nodes in places — LGTM falls back to diff-only review for those files and notes it in the review summary.

Monorepo support: TypeScript project references via `tsconfig.json` are followed. Each package gets its own symbol graph, with cross-package imports linking them. NX-style monorepos work without configuration; Turborepo same.

Install the LGTM GitHub App on your TypeScript repos. The first index run takes 30-90 seconds for a typical project, 2-5 minutes for a large monorepo. After that, incremental updates run on every push to default branch — only changed files re-parse.

Generated TypeScript (Prisma client, GraphQL codegen, etc.) is auto-detected by common heuristics (`/generated/`, `.gen.ts`, `// THIS FILE IS AUTO-GENERATED`) and excluded from review. If you have custom-generated paths, add them to `.lgtmignore` at the repo root.

BYOK works as expected — your OpenAI / Anthropic / Gemini key handles the LLM call. Per-repo model overrides let you pin GPT-4o-class on a critical service repo and Haiku/Mini on a marketing site. The same key, different models per repo.