rigortype 0.1.17 → 0.1.18

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9379e94547d874f10fc2fcb79e354b16d0459350bdd68a9025dc5bd0ee6bdc3d
-  data.tar.gz: 4b773c4952be32d673358758340d85a34f9839890eede1669ff863a779b30d69
+  metadata.gz: 02ca1aeff8df7e80afcbc2f1fb03a808466dd307e1a935c68c4af7055dfa975b
+  data.tar.gz: 2a7b829348f75fe48bf3741a691fcfb1aa67b863675384feffe91a6fabb6ee6b
 SHA512:
-  metadata.gz: '08680ad9e159ff52c031548a45e862539419f0719a251b0b46dc3dddc5313373a7434806024429c1ebf1c580bafcdb7507fed1b2574139c17cb2394129bc0581'
-  data.tar.gz: 4469fa97e287f84772543d0525866a733fd0e075c486e8a8dc650b09e31a1a02e1b91602d61b0678de9c2fb914bd999a4cea998e0ab6c39f3ee4970892e3b39c
+  metadata.gz: f1dfc043a607024bc46987acf0fc925b7926294a6e46b668793bc03fa88e0b1066bea51db5e80a038483b602ad59e788269ac8baa5615a1694cbc8afd90614c4
+  data.tar.gz: 894eccadf5220d1c9b16d09e07f799e1104265a1e3cbedb9a738330441d931a77eb24314e63768a24da2e4d179221c34f297c32c82e905dcfce749b36264c94c

data/README.md

@@ -265,12 +265,14 @@ In-source suppression: `# rigor:disable <rule>` silences a single line;
 
 ## Status
 
-Current released version: **`v0.1.15`** (2026-05-29). The analyzer is
+Current released version: **`v0.1.18`** (2026-06-11). The analyzer is
 usable on real Ruby code today; the rule catalogue is deliberately
 conservative — Rigor's stance is to surface zero false positives while
 the inference surface stabilises. The `0.1.x` preview line has been
 hardened against real OSS Rails codebases (Mastodon / Redmine / GitLab
-FOSS); `v0.2.0` will open the first evaluation release.
+FOSS) and wired for CI — `rigor check` emits SARIF / GitHub / GitLab /
+Checkstyle / JUnit / TeamCity output and auto-detects the CI environment;
+`v0.2.0` will open the first evaluation release.
 
 Release history: [`CHANGELOG.md`](CHANGELOG.md). Forward-looking
 commitments: [Roadmap](https://rigor.typedduck.fail/reference/roadmap/).

data/lib/rigor/analysis/check_rules/always_truthy_condition_collector.rb

@@ -56,6 +56,10 @@ module Rigor
 
         Result = Data.define(:node, :polarity)
 
+        # ADR-53 Track B — the node classes the shared {RuleWalk}
+        # dispatches to this collector (outside loop / block bodies).
+        NODE_CLASSES = [Prism::IfNode, Prism::UnlessNode].freeze
+
         # @return [Array<Result>] one entry per qualifying
         #   predicate. Empty when the tree carries no firing
         #   predicates.
@@ -64,17 +68,30 @@ module Rigor
           @results = []
         end
 
+        # Legacy single-collector walk — kept as the oracle the
+        # ADR-53 Track B equivalence harness compares {RuleWalk}
+        # against; deleted when Track B completes.
         def collect(root)
           walk(root, in_loop_or_block: false)
           @results.freeze
         end
 
+        # {RuleWalk} entry point: the per-node logic of the legacy walk,
+        # invoked under the same traversal contract.
+        def visit(node)
+          collect_predicate(node)
+        end
+
+        def results
+          @results.freeze
+        end
+
         private
 
         def walk(node, in_loop_or_block:)
           return unless node.is_a?(Prism::Node)
 
-          collect_predicate(node) if conditional_node?(node) && !in_loop_or_block
+          visit(node) if conditional_node?(node) && !in_loop_or_block
 
           child_in_loop_or_block = in_loop_or_block || enters_loop_or_block?(node)
           node.compact_child_nodes.each { |child| walk(child, in_loop_or_block: child_in_loop_or_block) }

data/lib/rigor/analysis/check_rules/rule_walk.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+require "prism"
+
+module Rigor
+  module Analysis
+    module CheckRules
+      # ADR-53 Track B — the engine-owned AST walk that hosts CheckRules'
+      # per-node collectors, so a file is traversed once for all of them
+      # instead of once per collector (the ADR-52 WD4 model applied to
+      # the built-in rules; this walk and {Plugin::NodeRuleWalk} converge
+      # in slice B4).
+      #
+      # Slice B2 hosts the two flow collectors
+      # ({AlwaysTruthyConditionCollector} / {UnreachableClauseCollector}),
+      # whose hand-rolled walks shared this exact traversal contract:
+      # visit-before-descend DFS over `compact_child_nodes`, with
+      # collection suppressed anywhere inside a loop / block body
+      # (mutation tracking through those is incomplete — each collector's
+      # envelope documents why). A collector joins the walk by declaring
+      # `NODE_CLASSES` and exposing `#visit(node)` with its per-node logic
+      # transplanted verbatim; a collector with a different traversal
+      # contract (class-nesting prefix, def-scoped scanning) stays on its
+      # own walk until a later slice threads the context it needs.
+      #
+      # Equivalence is load-bearing: every hosted collector keeps its
+      # legacy single-collector `#collect` walk as the oracle, compared
+      # against this walk by the permanent `rule_walk_equivalence_spec`
+      # and, over whole corpora, by `RIGOR_SHADOW_RULE_WALK=1`
+      # (see `CheckRules.flow_collector_results`).
+      module RuleWalk
+        LOOP_OR_BLOCK_NODE_CLASSES = [
+          Prism::WhileNode, Prism::UntilNode, Prism::ForNode, Prism::BlockNode
+        ].freeze
+
+        class << self
+          # Walks `root` once, dispatching each visited node to every
+          # collector whose `NODE_CLASSES` covers the node's class.
+          # Dispatch keys on the exact node class — Prism node classes
+          # are leaves, so this matches the collectors' `is_a?` gates.
+          def run(root, collectors)
+            hooks = {}
+            collectors.each do |collector|
+              collector.class::NODE_CLASSES.each do |node_class|
+                (hooks[node_class] ||= []) << collector
+              end
+            end
+            walk(root, hooks, in_loop_or_block: false)
+            collectors
+          end
+
+          private
+
+          def walk(node, hooks, in_loop_or_block:)
+            return unless node.is_a?(Prism::Node)
+
+            hooks[node.class]&.each { |collector| collector.visit(node) } unless in_loop_or_block
+
+            child_in_loop_or_block =
+              in_loop_or_block || LOOP_OR_BLOCK_NODE_CLASSES.any? { |klass| node.is_a?(klass) }
+            node.compact_child_nodes.each { |child| walk(child, hooks, in_loop_or_block: child_in_loop_or_block) }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rigor/analysis/check_rules/unreachable_clause_collector.rb

@@ -55,23 +55,40 @@ module Rigor
         #     `else` never runs).
         Result = Data.define(:clause, :body, :subject_name, :condition_source, :kind, :keyword)
 
+        # ADR-53 Track B — the node classes the shared {RuleWalk}
+        # dispatches to this collector (outside loop / block bodies).
+        NODE_CLASSES = [Prism::CaseNode, Prism::CaseMatchNode].freeze
+
         def initialize(scope_index)
           @scope_index = scope_index
           @results = []
         end
 
+        # Legacy single-collector walk — kept as the oracle the
+        # ADR-53 Track B equivalence harness compares {RuleWalk}
+        # against; deleted when Track B completes.
         # @return [Array<Result>] one entry per provably-dead `when` clause.
         def collect(root)
           walk(root, in_loop_or_block: false)
           @results.freeze
         end
 
+        # {RuleWalk} entry point: the per-node logic of the legacy walk,
+        # invoked under the same traversal contract.
+        def visit(node)
+          collect_case(node)
+        end
+
+        def results
+          @results.freeze
+        end
+
         private
 
         def walk(node, in_loop_or_block:)
           return unless node.is_a?(Prism::Node)
 
-          collect_case(node) if case_like?(node) && !in_loop_or_block
+          visit(node) if case_like?(node) && !in_loop_or_block
 
           child_in_loop_or_block = in_loop_or_block || enters_loop_or_block?(node)
           node.compact_child_nodes.each { |child| walk(child, in_loop_or_block: child_in_loop_or_block) }

data/lib/rigor/analysis/check_rules.rb

@@ -7,6 +7,7 @@ require_relative "../source/node_walker"
 require_relative "../type"
 require_relative "diagnostic"
 require_relative "dependency_recorder"
+require_relative "check_rules/rule_walk"
 require_relative "check_rules/always_truthy_condition_collector"
 require_relative "check_rules/unreachable_clause_collector"
 require_relative "check_rules/dead_assignment_collector"
@@ -183,13 +184,40 @@ module Rigor
           end
         end
         diagnostics.concat(self_undefined_method_diagnostics(path, self_call_misses, root, scope_index))
-        diagnostics.concat(always_truthy_condition_diagnostics(path, root, scope_index))
-        diagnostics.concat(unreachable_clause_diagnostics(path, root, scope_index))
+        always_truthy_results, unreachable_clause_results = flow_collector_results(root, scope_index)
+        diagnostics.concat(always_truthy_condition_diagnostics(path, always_truthy_results))
+        diagnostics.concat(unreachable_clause_diagnostics(path, unreachable_clause_results))
         diagnostics.concat(ivar_write_mismatch_diagnostics(path, root, scope_index))
         diagnostics.concat(dead_assignment_diagnostics(path, root, scope_index))
         filter_suppressed(diagnostics, comments: comments, disabled_rules: disabled_rules)
       end
 
+      # ADR-53 Track B (slice B2) — both flow collectors ride one
+      # {RuleWalk} traversal instead of walking the file once each.
+      # Under `RIGOR_SHADOW_RULE_WALK=1` the legacy per-collector walks
+      # also run as the oracle and any divergence aborts the run — the
+      # corpus-scale half of the equivalence harness (the curated half
+      # is `rule_walk_equivalence_spec`).
+      def flow_collector_results(root, scope_index)
+        always_truthy = AlwaysTruthyConditionCollector.new(scope_index)
+        unreachable_clauses = UnreachableClauseCollector.new(scope_index)
+        RuleWalk.run(root, [always_truthy, unreachable_clauses])
+        if ENV["RIGOR_SHADOW_RULE_WALK"]
+          shadow_verify_flow_collectors(root, scope_index, always_truthy.results, unreachable_clauses.results)
+        end
+        [always_truthy.results, unreachable_clauses.results]
+      end
+
+      def shadow_verify_flow_collectors(root, scope_index, always_truthy_results, unreachable_clause_results)
+        legacy_always = AlwaysTruthyConditionCollector.new(scope_index).collect(root)
+        legacy_clauses = UnreachableClauseCollector.new(scope_index).collect(root)
+        return if legacy_always == always_truthy_results && legacy_clauses == unreachable_clause_results
+
+        raise "RIGOR_SHADOW_RULE_WALK divergence: always-truthy legacy=#{legacy_always.size} " \
+              "walk=#{always_truthy_results.size}; unreachable-clause legacy=#{legacy_clauses.size} " \
+              "walk=#{unreachable_clause_results.size}"
+      end
+
       def call_node_diagnostics(path, node, scope_index)
         [
           undefined_method_diagnostic(path, node, scope_index),
@@ -251,8 +279,8 @@ module Rigor
       # predicate skip envelope (see
       # `Analysis::CheckRules::AlwaysTruthyConditionCollector`
       # for the full triage rationale).
-      def always_truthy_condition_diagnostics(path, root, scope_index)
-        AlwaysTruthyConditionCollector.new(scope_index).collect(root).map do |result|
+      def always_truthy_condition_diagnostics(path, results)
+        results.map do |result|
           build_always_truthy_condition_diagnostic(path, result.node, result.polarity)
         end
       end
@@ -261,8 +289,8 @@ module Rigor
       # the flow engine's narrowing proves can never match (its narrowed
       # subject is `bot`). The squiggle lands on the dead clause's body,
       # mirroring `flow.unreachable-branch`.
-      def unreachable_clause_diagnostics(path, root, scope_index)
-        UnreachableClauseCollector.new(scope_index).collect(root).map do |result|
+      def unreachable_clause_diagnostics(path, results)
+        results.map do |result|
           build_unreachable_clause_diagnostic(path, result)
         end
       end