platformos-check 0.4.8 → 0.4.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 579d15b95d0e00e65eb562778f0870bc28698bfe2f6c97ca66e7ca81a18b855c
-  data.tar.gz: 2f6afe88f067cccc169d62a9744399b5b11294537dd8c7653ca9d5ed9165f1f3
+  metadata.gz: e41eee4e2aa717be9663df4efbc1acf79bc8b571784808b80177f9298fdad9e9
+  data.tar.gz: 6bed8f9e1e3e22dbd02cee00a15d5e9ce1787f7826ee09e3e461fcf0161c681d
 SHA512:
-  metadata.gz: 2fa86abf31229208eaff48e7f95b212977682bd560234d99d2fa9b3162a33ca7139b8faad2960152951295b056ef41b834e9faa756b0627f02a14034f6d4e468
-  data.tar.gz: 18fa38e2613faf4e31dfdf0a432e4fbe3a8ced0b18f8f194698bf73606affd770cf2589dadb852c26c19f5ec31146535e95e863d7c31ab9c8977feb67fa99a07
+  metadata.gz: 71a9feab2a3d5e31a2436652036bf1669c65424f24cfa550feedb49bd43e03264f2feb51b0367c84a79805c3cda0d24ed3ccccdd27d2b63a09dd15f3e26a94b4
+  data.tar.gz: 56961261716dae13fce53dadb2c6e03d8c3f268195748e81783cfe4dd7162c18ffb05063530975939ad2805f2a2e33d5d63aab1da51de65f3c98e17e1e2df2b4

data/CHANGELOG.md

@@ -1,3 +1,24 @@
+v0.4.9 / 2024-01-10
+==================
+
+  * Skip FormAuthenticityToken check for GET forms
+  * Skip FormAuthenticityToken for action which is not relative path
+  * Fix FormAction to not report offenses on valid scenarios
+  * UnusedAssign will not automatically remove assign if it might change the business logic (which is a scenario when filters modifying objects are used)
+  * UnusedAssign will automatically rename result of background tag if variable not used
+  * Fix reporting UndefinedObject's missing argument offenses when the same partial is used multiple times (previously offenses where displayed only for the last render)
+  * Add autocorrector for UndefinedObject's missing argument error (explicitly provide null)
+  * Add autocorrector for ImgLazyLoading
+  * ConvertIncludeToRender will not report offense as autocorrect
+  * Improve inline GraphQL syntax check to raise error if result variable not provided
+  * Add autocorrector for UndefinedObject (Unused Argument offense) (FIXME: for N unused arguments in the same line it needs to be invoked N times)
+  * Add autocorrector for InvalidArgs - remove duplicates arguments
+  * Do not report ConvertIncludeToRender offenses for valid use cases (using `break` and using variable as a template name)
+  * Add IncludeInRender check
+  * Improve autocorrector for UndefinedObject's missing argument error - if variable is defined, it will be passed instead of hardcoding null
+  * Re-enable autocorrector for ConvertIncludeToRender
+  * Make UndefinedObject more clever - it will report undefined object if variable is used before declaration
+
 v0.4.8 / 2023-12-20
 ==================
 

data/README.md

@@ -11,7 +11,7 @@ PlatformOS Check currently checks for the following:
 ✅ Liquid syntax errors
 ✅ JSON syntax errors
 ✅ Missing partials and graphqls
-✅ Unused `{% assign ... %}`
+✅ Unused variables (via `{% assign var = ... %}`, {% function var = ... %} etc.)
 ✅ Unused partials
 ✅ Template length
 ✅ Deprecated tags
@@ -23,14 +23,14 @@ PlatformOS Check currently checks for the following:
 ✅ Deprecated filters
 ✅ Missing `platformos-check-enable` comment
 ✅ Invalid arguments provided to `{% graphql %}` tags
+✅ Missing `authenticity_token` in `<form>`
+✅ Unreachable code
 
 As well as checks that prevent easy to spot performance problems:
 
+✅ [GraphQL in for loop](/docs/checks/graphql_in_for_loop.md)
 ✅ Use of [parser-blocking](/docs/checks/parser_blocking_javascript.md) JavaScript
-✅ [Use of non-platformOS domains for assets](/docs/checks/remote_asset.md)
 ✅ [Missing width and height attributes on `img` tags](/docs/checks/img_width_and_height.md)
-✅ [Too much JavaScript](/docs/checks/asset_size_javascript.md)
-✅ [Too much CSS](/docs/checks/asset_size_css.md)
 
 For detailed descriptions and configuration options, [take a look at the complete list.](/docs/checks/)
 
@@ -52,12 +52,21 @@ With more to come! Suggestions welcome ([create an issue](https://github.com/Pla
 ### Install ruby and platform-check gem
 
 1. Download the latest version of Ruby - https://www.ruby-lang.org/en/documentation/installation/
+
+Verify that you've installed at least version 3.2:
+
+`ruby -v`
+
+⚠️ **Note:**  You might need to restart  the terminal after installing.
+⚠️ **Note:*** Please make sure you install ruby for your user, not the root
+
 2. Install platformos-check gem
 
 `gem install platformos-check`
 
 You can verify the installation was successful by invoking `platformos-check --version`. If you chose this method, use `platformos-check-language-server` as a path to your language server instead of `/Users/<username/platformos-check-language-server`
 
+⚠️ **Note:*** Please make sure you  install the gem for your user, not the root - i.e. without `sudo`
 
 ### Using Docker
 

data/config/default.yml

@@ -15,6 +15,10 @@ ConvertIncludeToRender:
   enabled: true
   ignore: []
 
+IncludeInRender:
+  enabled: true
+  ignore: []
+
 LiquidTag:
   enabled: true
   ignore: []
@@ -69,7 +73,6 @@ ValidYaml:
 UndefinedObject:
   enabled: true
   ignore: []
-  config_type: :default
 
 DeprecatedFilter:
   enabled: true

data/docs/checks/form_action.md

@@ -30,6 +30,12 @@ This check is aimed at ensuring you have not forgotten to start the path with /.
 </form>
 ```
 
+```liquid
+<form action="https://example.com/external">
+ ...
+</form>
+```
+
 ## Check Options
 
 The default configuration for this check is the following:

data/docs/checks/form_authenticity_token.md

@@ -3,7 +3,7 @@
 In platformOS all POST/PATCH/PUT/DELETE requests are protected from [CSRF Attacks][csrf-attack] through [authenticity_token][page-csrf]
 Form action defines the endpoint to which browser will make a request after submitting it.
 
-As a general rule you should include hidden input `<input type="hidden" name="authenticity_token" value="{{ context.authenticity_token }}">` in every form. Missing it will result in session invalidation and any logged in user will be automatically logged out.
+As a general rule you should include hidden input `<input type="hidden" name="authenticity_token" value="{{ context.authenticity_token }}">` in every form. Missing it will result in session invalidation and the logged in user will be automatically logged out.
 
 ## Check Details
 
@@ -12,18 +12,37 @@ This check is aimed at ensuring you have not forgotten to include authenticity_t
 :-1: Examples of **incorrect** code for this check:
 
 ```liquid
-<form action="dummy/create">
+<form action="/dummy/create" method="post">
 </form>
 ```
 
 :+1: Examples of **correct** code for this check:
 
+With token:
 ```liquid
-<form action="/dummy/create">
+<form action="/dummy/create" method="post">
   <input type="hidden" name="authenticity_token" value="{{ context.authenticity_token }}">
 </form>
 ```
 
+For GET request:
+```liquid
+<form action="/dummy/create">
+</form>
+```
+
+For external request:
+```liquid
+<form action="https://example.com/dummy/create" method="post">
+</form>
+```
+
+For parameterized request:
+```liquid
+<form action="{{ context.constants.MY_REQUEST_URL }}" method="post">
+</form>
+```
+
 ## Check Options
 
 The default configuration for this check is the following:

data/docs/checks/include_in_render.md

@@ -0,0 +1,62 @@
+# Reports usage of `include` tag inside `render` (`IncludeInRender`)
+
+Runtime error is used when `include` tag is used inside `render` tag.
+
+## Check Details
+
+This check is aimed at eliminating the use of `include` tags `render` tag.
+
+:-1: Examples of **incorrect** code for this check:
+
+```liquid
+{% liquid
+  # app/views/pages/index.liquid
+  render 'foo'
+%}
+```liquid
+{% liquid
+  # app/views/partials/foo.liquid
+  include 'bar'
+%}
+```
+
+:+1: Examples of **correct** code for this check:
+
+```liquid
+{% liquid
+  # app/views/pages/index.liquid
+  render 'foo'
+%}
+```liquid
+{% liquid
+  # app/views/partials/foo.liquid
+  render 'bar'
+%}
+```
+
+## Check Options
+
+The default configuration for this check is the following:
+
+```yaml
+IncludeInRender:
+  enabled: true
+```
+
+## When Not To Use It
+
+It is discouraged to disable this rule.
+
+## Version
+
+This check has been introduced in PlatformOS Check 0.4.9.
+
+## Resources
+
+- [Deprecated Tags Reference][deprecated]
+- [Rule Source][codesource]
+- [Documentation Source][docsource]
+
+[deprecated]: https://documentation.platformos.com/api-reference/liquid/include
+[codesource]: /lib/platformos_check/checks/convert_include_to_render.rb
+[docsource]: /docs/checks/convert_include_to_render.md

data/lib/platformos_check/checks/convert_include_to_render.rb

@@ -3,15 +3,54 @@
 module PlatformosCheck
   # Recommends replacing `include` for `render`
   class ConvertIncludeToRender < LiquidCheck
+    RENDER_INCOMPATIBLE_TAGS = %w[break include].freeze
+
     severity :suggestion
     category :liquid
     doc docs_url(__FILE__)
 
+    def initialize
+      @processed_files = {}
+    end
+
     def on_include(node)
+      return if allowed_usecase?(node)
+
       add_offense("`include` is deprecated - convert it to `render`", node:) do |corrector|
-        # We need to fix #445 and pass the variables from the context or don't replace at all.
-        # corrector.replace(node, "render \'#{node.value.template_name_expr}\' ")
+        match = node.markup.match(/(?<include>include\s*)/)
+        corrector.replace(node, node.markup.sub(match[:include], 'render '), node.start_index...node.end_index)
+      end
+    end
+
+    protected
+
+    def allowed_usecase?(node)
+      return true if name_is_variable?(node)
+      return true if include_node_contains_render_incompatible_tag?(root_node_from_include(node.value.template_name_expr))
+
+      false
+    end
+
+    def name_is_variable?(node)
+      !node.value.template_name_expr.is_a?(String)
+    end
+
+    def include_node_contains_render_incompatible_tag?(node)
+      return false if node.nil?
+
+      node.nodelist.any? do |n|
+        if RENDER_INCOMPATIBLE_TAGS.include?(n.respond_to?(:tag_name) && n.tag_name)
+          true
+        elsif n.respond_to?(:nodelist) && n.nodelist
+          include_node_contains_render_incompatible_tag?(n)
+        else
+          false
+        end
       end
     end
+
+    def root_node_from_include(path)
+      @platformos_app.grouped_files[PlatformosCheck::PartialFile][path]&.parse&.root
+    end
   end
 end

data/lib/platformos_check/checks/form_action.rb

@@ -6,11 +6,13 @@ module PlatformosCheck
     categories :html
     doc docs_url(__FILE__)
 
+    VALID_ACTION_START = ['/', '{%', '{{', '#', 'http'].freeze
+
     def on_form(node)
       action = node.attributes["action"]&.strip
       return if action.nil?
       return if action.empty?
-      return if action.start_with?('/', '{{')
+      return if action.start_with?(*VALID_ACTION_START)
 
       add_offense("Use action=\"/#{action}\" (start with /) to ensure the form can be submitted multiple times in case of validation errors", node:)
     end

data/lib/platformos_check/checks/form_authenticity_token.rb

@@ -9,6 +9,9 @@ module PlatformosCheck
     AUTHENTICITY_TOKEN_VALUE = /\A\s*{{\s*context\.authenticity_token\s*}}\s*\z/
 
     def on_form(node)
+      return if method_is_get(node.attributes['method'])
+      return unless action_is_relative_url(node.attributes['action'])
+
       authenticity_toke_inputs = node.children.select { |c| c.name == 'input' && c.attributes['name'] == 'authenticity_token' && c.attributes['value']&.match?(AUTHENTICITY_TOKEN_VALUE) }
       return if authenticity_toke_inputs.size == 1
       return add_offense('Duplicated authenticity_token inputs', node:) if authenticity_toke_inputs.size > 1
@@ -17,5 +20,22 @@ module PlatformosCheck
         corrector.insert_after(node, "\n<input type=\"hidden\" name=\"authenticity_token\" value=\"{{ context.authenticity_token }}\">")
       end
     end
+
+    protected
+
+    def method_is_get(method)
+      return true if method.nil?
+
+      method = method.downcase.strip
+      return true if method == ''
+
+      method == 'get'
+    end
+
+    def action_is_relative_url(action)
+      return true if action.nil?
+
+      action.lstrip[0] == '/'
+    end
   end
 end

data/lib/platformos_check/checks/img_lazy_loading.rb

@@ -6,13 +6,17 @@ module PlatformosCheck
     categories :html, :performance
     doc docs_url(__FILE__)
 
-    ACCEPTED_LOADING_VALUES = %w[lazy eager]
+    ACCEPTED_LOADING_VALUES = Set.new(%w[lazy eager]).freeze
+    LOADING_DEFAULT_ATTRIBUTE = ' loading="eager"'
 
     def on_img(node)
       loading = node.attributes["loading"]&.downcase
       return if ACCEPTED_LOADING_VALUES.include?(loading)
 
-      add_offense("Use loading=\"eager\" for images visible in the viewport on load and loading=\"lazy\" for others", node:)
+      add_offense("Use loading=\"eager\" for images visible in the viewport on load and loading=\"lazy\" for others", node:) do |corrector|
+        start_pos = node.start_index + node.markup.index('>')
+        corrector.insert_after(node, LOADING_DEFAULT_ATTRIBUTE, start_pos...start_pos)
+      end
     end
   end
 end

data/lib/platformos_check/checks/include_in_render.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module PlatformosCheck
+  # Recommends replacing `include` for `render`
+  class IncludeInRender < LiquidCheck
+    severity :error
+    category :liquid
+    doc docs_url(__FILE__)
+
+    def initialize
+      @processed_files = {}
+    end
+
+    def on_render(node)
+      path = node.value.template_name_expr
+      return unless include_tag_in_render?(root_node_for_render(path))
+
+      add_offense("`render` context does not allow to use `include`, either remove all includes from `#{app_file_for_path(path).relative_path}` or change `render` to `include`", node:)
+    end
+
+    protected
+
+    def include_tag_in_render?(node)
+      return false if node.nil?
+
+      node.nodelist.any? do |n|
+        if n.respond_to?(:tag_name) && n.tag_name == 'include'
+          true
+        elsif n.respond_to?(:nodelist) && n.nodelist
+          include_tag_in_render?(n)
+        else
+          false
+        end
+      end
+    end
+
+    def root_node_for_render(path)
+      app_file_for_path(path)&.parse&.root
+    end
+
+    def app_file_for_path(path)
+      @platformos_app.grouped_files[PlatformosCheck::PartialFile][path]
+    end
+  end
+end

data/lib/platformos_check/checks/invalid_args.rb

@@ -42,7 +42,10 @@ module PlatformosCheck
 
     def add_duplicated_key_offense(node)
       node.value.duplicated_attrs.each do |duplicated_arg|
-        add_offense("Duplicated argument `#{duplicated_arg}`", node:)
+        add_offense("Duplicated argument `#{duplicated_arg}`", node:) do |corrector|
+          match = node.markup.match(/(?<attribute>,?\s*#{duplicated_arg}\s*:\s*#{Liquid::QuotedFragment})\s*/)
+          corrector.replace(node, node.markup.sub(match[:attribute], ''), node.start_index...node.end_index)
+        end
       end
     end
   end

data/lib/platformos_check/checks/undefined_object.rb

@@ -6,6 +6,9 @@ module PlatformosCheck
     doc docs_url(__FILE__)
     severity :error
 
+    NOTIFICATION_GLOBAL_OBJECTS = %w[data response form].freeze
+    FORM_GLOBAL_OBJECTS = %w[form form_builder].freeze
+
     class TemplateInfo
       def initialize(app_file: nil)
         @all_variable_lookups = {}
@@ -19,7 +22,8 @@ module PlatformosCheck
       attr_reader :all_assigns, :all_captures, :all_forloops, :app_file, :all_renders
 
       def add_render(name:, node:)
-        @all_renders[name] = node
+        @all_renders[name] ||= []
+        @all_renders[name] << node
       end
 
       def add_variable_lookup(name:, node:)
@@ -39,8 +43,10 @@ module PlatformosCheck
       end
 
       def each_partial
-        @all_renders.each do |(name, info)|
-          yield [name, info]
+        @all_renders.each do |(name, nodes)|
+          nodes.each do |node|
+            yield [name, node]
+          end
         end
       end
 
@@ -56,14 +62,17 @@ module PlatformosCheck
           yield [key, info]
         end
       end
+
+      def first_declaration(name)
+        [all_assigns[name], all_captures[name]].compact.sort_by(&:line_number).first
+      end
     end
 
     def self.single_file(**_args)
       true
     end
 
-    def initialize(config_type: :default)
-      @config_type = config_type
+    def initialize
       @files = {}
     end
 
@@ -72,15 +81,15 @@ module PlatformosCheck
     end
 
     def on_assign(node)
-      @files[node.app_file.name].all_assigns[node.value.to] = node
+      @files[node.app_file.name].all_assigns[node.value.to] ||= node
     end
 
     def on_capture(node)
-      @files[node.app_file.name].all_captures[node.value.instance_variable_get(:@to)] = node
+      @files[node.app_file.name].all_captures[node.value.instance_variable_get(:@to)] ||= node
     end
 
     def on_parse_json(node)
-      @files[node.app_file.name].all_captures[node.value.to] = node
+      @files[node.app_file.name].all_captures[node.value.to] ||= node
     end
 
     def on_for(node)
@@ -102,7 +111,7 @@ module PlatformosCheck
     end
 
     def on_function(node)
-      @files[node.app_file.name].all_assigns[node.value.to] = node
+      @files[node.app_file.name].all_assigns[node.value.to] ||= node
 
       return unless node.value.from.is_a?(String)
 
@@ -113,13 +122,13 @@ module PlatformosCheck
     end
 
     def on_graphql(node)
-      @files[node.app_file.name].all_assigns[node.value.to] = node
+      @files[node.app_file.name].all_assigns[node.value.to] ||= node
     end
 
     def on_background(node)
       return unless node.value.partial_syntax
 
-      @files[node.app_file.name].all_assigns[node.value.to] = node
+      @files[node.app_file.name].all_assigns[node.value.to] ||= node
 
       return unless node.value.partial_name.is_a?(String)
 
@@ -155,10 +164,10 @@ module PlatformosCheck
       each_template do |(_name, info)|
         if info.app_file.notification?
           # NOTE: `data` comes from graphql for notifications
-          check_object(info, all_global_objects + %w[data response form])
+          check_object(info, all_global_objects + NOTIFICATION_GLOBAL_OBJECTS)
         elsif info.app_file.form?
           # NOTE: `data` comes from graphql for notifications
-          check_object(info, all_global_objects + %w[form form_builder])
+          check_object(info, all_global_objects + FORM_GLOBAL_OBJECTS)
         else
           check_object(info, all_global_objects)
         end
@@ -167,42 +176,37 @@ module PlatformosCheck
 
     private
 
-    attr_reader :config_type
-
     def each_template
       @files.each do |(name, info)|
         yield [name, info]
       end
     end
 
-    def check_object(info, all_global_objects, render_node = nil, visited_partials = Set.new, level = 0)
+    def check_object(info, all_global_objects, render_node = nil, level = 0)
       return if level > 1
 
       check_undefined(info, all_global_objects, render_node) unless info.app_file.partial? && render_node.nil? # ||
 
       info.each_partial do |(partial_name, node)|
-        next if visited_partials.include?(partial_name)
+        next unless @files[partial_name] # NOTE: undefined partial
 
         partial_info = @files[partial_name]
-
-        next unless partial_info # NOTE: undefined partial
-
         partial_variables = node.value.attributes.keys +
                             [node.value.instance_variable_get(:@alias_name)]
-        visited_partials << partial_name
-        check_object(partial_info, all_global_objects + partial_variables, node, visited_partials, level + 1)
+
+        check_object(partial_info, all_global_objects + partial_variables, node, level + 1)
       end
     end
 
     def check_undefined(info, all_global_objects, render_node)
-      all_variables = info.all_variables
       potentially_unused_variables = render_node.value.attributes.keys if render_node
+      missing_arguments = []
       info.each_variable_lookup(!!render_node) do |(key, node)|
         name, line_number = key
 
         potentially_unused_variables&.delete(name)
 
-        next if all_variables.include?(name)
+        next if info.all_variables.include?(name) && variable_declared_before_used?(name, info, line_number)
         next if all_global_objects.include?(name)
 
         node = node.parent
@@ -211,7 +215,7 @@ module PlatformosCheck
         next if node.variable? && node.filters.any? { |(filter_name)| filter_name == "default" }
 
         if render_node
-          add_offense("Missing argument `#{name}`", node: render_node)
+          missing_arguments << name
         elsif !info.app_file.partial?
           add_offense("Undefined object `#{name}`", node:, line_number:)
         end
@@ -219,8 +223,33 @@ module PlatformosCheck
 
       potentially_unused_variables -= render_node.value.internal_attributes if render_node && render_node.value.respond_to?(:internal_attributes)
       potentially_unused_variables&.each do |name|
-        add_offense("Unused argument `#{name}`", node: render_node)
+        add_offense("Unused argument `#{name}`", node: render_node) do |corrector|
+          match = render_node.markup.match(/(?<attribute>,?\s*#{name}\s*:\s*#{Liquid::QuotedFragment})\s*/)
+
+          corrector.replace(render_node, render_node.markup.sub(match[:attribute], ''), render_node.start_index...render_node.end_index)
+        end
       end
+
+      return if missing_arguments.empty?
+
+      add_offense("Missing arguments: #{missing_arguments.map { |name| "`#{name}`" }.join(', ')}", node: render_node) do |corrector|
+        new_attributes = ''
+        missing_arguments.each do |name|
+          new_attributes += ", #{name}: "
+          new_attributes += @files[render_node.app_file.name].all_assigns.key?(name) ? name : 'null'
+        end
+
+        start_pos = render_node.end_index
+        start_pos -= 1 while start_pos > 0 && render_node.source[start_pos - 1] == ' '
+        corrector.replace(render_node, new_attributes, start_pos...start_pos)
+      end
+    end
+
+    def variable_declared_before_used?(name, info, line_number_when_used)
+      declaration = info.first_declaration(name)
+      return true if declaration.nil?
+
+      declaration.line_number <= line_number_when_used
     end
   end
 end

data/lib/platformos_check/checks/unreachable_code.rb

@@ -8,7 +8,7 @@ module PlatformosCheck
 
     FLOW_COMMAND = %i[break continue return]
     CONDITION_TYPES = Set.new(%i[condition else_condition])
-    INCLUDE_FLOW_COMMAND = %w[break]
+    INCLUDE_FLOW_COMMAND = %w[break].freeze
 
     def on_document(node)
       @processed_files = {}
@@ -94,16 +94,16 @@ module PlatformosCheck
       @processed_files[path]
     end
 
-    def include_node_contains_flow_command?(root)
-      return false if root.nil?
+    def include_node_contains_flow_command?(node)
+      return false if node.nil?
 
-      root.nodelist.any? do |node|
-        if INCLUDE_FLOW_COMMAND.include?(node.respond_to?(:tag_name) && node.tag_name)
+      node.nodelist.any? do |n|
+        if INCLUDE_FLOW_COMMAND.include?(n.respond_to?(:tag_name) && n.tag_name)
           true
-        elsif node.respond_to?(:nodelist) && node.nodelist
-          include_node_contains_flow_command?(node)
-        elsif node.respond_to?(:tag_name) && node.tag_name == 'include' && node.template_name_expr.is_a?(String)
-          evaluate_include(node.template_name_expr)
+        elsif n.respond_to?(:nodelist) && n.nodelist
+          include_node_contains_flow_command?(n)
+        elsif n.respond_to?(:tag_name) && n.tag_name == 'include' && n.template_name_expr.is_a?(String)
+          evaluate_include(n.template_name_expr)
         else
           false
         end

data/lib/platformos_check/checks/unused_assign.rb

@@ -7,6 +7,13 @@ module PlatformosCheck
     category :liquid
     doc docs_url(__FILE__)
 
+    TAGS_FOR_AUTO_VARIABLE_PREPEND = Set.new(%i[graphql function background]).freeze
+    FILTERS_THAT_MODIFY_OBJECT = Set.new(%w[array_add add_to_array
+                                            prepend_to_array array_prepend
+                                            assign_to_hash_key hash_add_key add_hash_key
+                                            remove_hash_key hash_delete_key delete_hash_key]).freeze
+    PREPEND_CHARACTER = '_'
+
     class TemplateInfo < Struct.new(:used_assigns, :assign_nodes, :includes)
       def collect_used_assigns(templates, visited = Set.new)
         collected = used_assigns
@@ -34,7 +41,8 @@ module PlatformosCheck
     end
 
     def on_assign(node)
-      return if ignore_underscored?(node)
+      return if ignore_prepended?(node)
+      return if node.value.from.filters.any? { |filter_name, *_arguments| FILTERS_THAT_MODIFY_OBJECT.include?(filter_name) }
 
       @templates[node.app_file.name].assign_nodes[node.value.to] = node
     end
@@ -44,13 +52,21 @@ module PlatformosCheck
     end
 
     def on_function(node)
-      return if ignore_underscored?(node)
+      return if ignore_prepended?(node)
 
       @templates[node.app_file.name].assign_nodes[node.value.to] = node
     end
 
     def on_graphql(node)
-      return if ignore_underscored?(node)
+      return if node.value.to.nil?
+      return if ignore_prepended?(node)
+
+      @templates[node.app_file.name].assign_nodes[node.value.to] = node
+    end
+
+    def on_background(node)
+      return if node.value.to.nil?
+      return if ignore_prepended?(node)
 
       @templates[node.app_file.name].assign_nodes[node.value.to] = node
     end
@@ -77,25 +93,8 @@ module PlatformosCheck
           next if used.include?(name)
 
           add_offense("`#{name}` is never used", node:) do |corrector|
-            case node.type_name
-            when :graphql
-              offset = node.markup.match(/^graphql\s+/)[0].size
-
-              corrector.insert_before(
-                node,
-                '_',
-                (node.start_index + offset)...(node.start_index + offset)
-              )
-            when :function
-              offset = node.markup.match(/^function\s+/)[0].size
-
-              corrector.insert_before(
-                node,
-                '_',
-                (node.start_index + offset)...(node.start_index + offset)
-              )
-            when :parse_json
-              # noop
+            if TAGS_FOR_AUTO_VARIABLE_PREPEND.include?(node.type_name)
+              prepend_variable(node, corrector)
             else
               corrector.remove(node)
             end
@@ -106,8 +105,18 @@ module PlatformosCheck
 
     private
 
-    def ignore_underscored?(node)
-      node.value.to.start_with?('_')
+    def ignore_prepended?(node)
+      node.value.to.start_with?(PREPEND_CHARACTER)
+    end
+
+    def prepend_variable(node, corrector)
+      offset = node.markup.match(/^#{node.type_name}\s+/)[0].size
+
+      corrector.insert_before(
+        node,
+        PREPEND_CHARACTER,
+        (node.start_index + offset)...(node.start_index + offset)
+      )
     end
   end
 end

data/lib/platformos_check/cli.rb

@@ -188,7 +188,7 @@ module PlatformosCheck
     def check(out_stream = STDOUT)
       update_docs
 
-      warn "Checking #{@config.root} ..."
+      warn "Checking #{@config.root}:"
       storage = PlatformosCheck::FileSystemStorage.new(@config.root, ignored_patterns: @config.ignored_patterns)
       raise Abort, "No platformos_app files found." if storage.platformos_app.all.empty?
 

data/lib/platformos_check/graphql_file.rb

@@ -71,6 +71,10 @@ module PlatformosCheck
       end
     end
 
+    def optional_arguments
+      @optional_arguments ||= defined_arguments - required_arguments
+    end
+
     def defined_arguments
       @defined_arguments ||= variables.map(&:name)
     end

data/lib/platformos_check/tags/graphql.rb

@@ -5,6 +5,7 @@ module PlatformosCheck
     class Graphql < Base
       QUERY_NAME_SYNTAX = /(#{Liquid::VariableSignature}+)\s*=\s*(.*)\s*/om
       INLINE_SYNTAX = /(#{Liquid::QuotedFragment}+)(\s*(#{Liquid::QuotedFragment}+))?/o
+      INLINE_SYNTAX_WITHOUT_RESULT_VARIABLE = /\A([\w\-\.\[\]])+\s*:\s*/om
       CLOSE_TAG_SYNTAX = /\A(.*)(?-mix:\{%-?)\s*(\w+)\s*(.*)?(?-mix:%\})\z/m # based on Liquid::Raw::FullTokenPossiblyInvalid
 
       attr_reader :to, :from, :inline_query, :value_expr, :partial_name, :attributes_expr, :attributes
@@ -28,6 +29,8 @@ module PlatformosCheck
           @partial_name = value_expr
           @from = Liquid::Variable.new(after_assign_markup.join('|'), options)
         elsif INLINE_SYNTAX.match?(markup)
+          raise Liquid::SyntaxError, 'Invalid syntax for inline graphql tag - missing result name. Valid syntax: graphql result, arg1: var1, ...' if markup.match?(INLINE_SYNTAX_WITHOUT_RESULT_VARIABLE)
+
           @inline_query = true
           parse_markup(tag_name, markup)
           @attributes = attributes_expr.keys

data/lib/platformos_check/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PlatformosCheck
-  VERSION = "0.4.8"
+  VERSION = "0.4.9"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: platformos-check
 version: !ruby/object:Gem::Version
-  version: 0.4.8
+  version: 0.4.9
 platform: ruby
 authors:
 - Piotr Bliszczyk
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-12-29 00:00:00.000000000 Z
+date: 2024-01-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: graphql
@@ -123,6 +123,7 @@ files:
 - docs/checks/html_parsing_error.md
 - docs/checks/img_lazy_loading.md
 - docs/checks/img_width_and_height.md
+- docs/checks/include_in_render.md
 - docs/checks/invalid_args.md
 - docs/checks/liquid_tag.md
 - docs/checks/missing_enable_comment.md
@@ -169,6 +170,7 @@ files:
 - lib/platformos_check/checks/html_parsing_error.rb
 - lib/platformos_check/checks/img_lazy_loading.rb
 - lib/platformos_check/checks/img_width_and_height.rb
+- lib/platformos_check/checks/include_in_render.rb
 - lib/platformos_check/checks/invalid_args.rb
 - lib/platformos_check/checks/liquid_tag.rb
 - lib/platformos_check/checks/missing_enable_comment.rb