@critiq/rules 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (907) hide show
  1. package/CHANGELOG.md +468 -0
  2. package/README.md +13 -232
  3. package/catalog-metadata.json +47 -0
  4. package/catalog.yaml +4459 -1008
  5. package/package.json +1 -1
  6. package/rules/cfn/cfn.correctness.attributedefinitions-keyschemas-mismatch.rule.yaml +49 -0
  7. package/rules/cfn/cfn.correctness.base64-validation-of-parameters.rule.yaml +49 -0
  8. package/rules/cfn/cfn.correctness.basic-cloudformation-resource-check.rule.yaml +49 -0
  9. package/rules/cfn/cfn.correctness.basic-cloudformation-template-configuration.rule.yaml +49 -0
  10. package/rules/cfn/cfn.correctness.cannot-reference-resources-in-the-conditions-block-of-the-template.rule.yaml +49 -0
  11. package/rules/cfn/cfn.correctness.check-at-least-one-essential-container-is-specified.rule.yaml +49 -0
  12. package/rules/cfn/cfn.correctness.check-deletionpolicy-values-for-resources.rule.yaml +49 -0
  13. package/rules/cfn/cfn.correctness.check-dependson-values-for-resources.rule.yaml +49 -0
  14. package/rules/cfn/cfn.correctness.check-ec2-ebs-properties.rule.yaml +49 -0
  15. package/rules/cfn/cfn.correctness.check-elastic-cache-redis-cluster-settings.rule.yaml +49 -0
  16. package/rules/cfn/cfn.correctness.check-events-rule-targets-are-less-than-or-equal-to-5.rule.yaml +49 -0
  17. package/rules/cfn/cfn.correctness.check-fargate-service-scheduling-strategy.rule.yaml +49 -0
  18. package/rules/cfn/cfn.correctness.check-fn-and-structure-for-validity.rule.yaml +49 -0
  19. package/rules/cfn/cfn.correctness.check-fn-equals-structure-for-validity.rule.yaml +49 -0
  20. package/rules/cfn/cfn.correctness.check-fn-if-structure-for-validity.rule.yaml +49 -0
  21. package/rules/cfn/cfn.correctness.check-fn-not-structure-for-validity.rule.yaml +49 -0
  22. package/rules/cfn/cfn.correctness.check-fn-or-structure-for-validity.rule.yaml +49 -0
  23. package/rules/cfn/cfn.correctness.check-for-subscriptionfilters-have-beyond-2-attachments-to-a-cloudwatch-log-group.rule.yaml +49 -0
  24. package/rules/cfn/cfn.correctness.check-if-a-json-object-is-within-size-limits.rule.yaml +49 -0
  25. package/rules/cfn/cfn.correctness.check-if-a-list-has-between-min-and-max-number-of-values-specified.rule.yaml +49 -0
  26. package/rules/cfn/cfn.correctness.check-if-a-list-has-duplicate-values.rule.yaml +49 -0
  27. package/rules/cfn/cfn.correctness.check-if-a-number-is-between-min-and-max.rule.yaml +49 -0
  28. package/rules/cfn/cfn.correctness.check-if-a-string-has-between-min-and-max-number-of-values-specified.rule.yaml +49 -0
  29. package/rules/cfn/cfn.correctness.check-if-eol-lambda-function-runtimes-are-used.rule.yaml +49 -0
  30. package/rules/cfn/cfn.correctness.check-if-properties-have-a-valid-value.rule.yaml +49 -0
  31. package/rules/cfn/cfn.correctness.check-if-property-values-adhere-to-a-specific-pattern.rule.yaml +49 -0
  32. package/rules/cfn/cfn.correctness.check-if-refing-to-a-iam-resource-with-path-set.rule.yaml +49 -0
  33. package/rules/cfn/cfn.correctness.check-if-refs-exist.rule.yaml +49 -0
  34. package/rules/cfn/cfn.correctness.check-if-serverless-resources-have-serverless-transform.rule.yaml +49 -0
  35. package/rules/cfn/cfn.correctness.check-if-the-referenced-conditions-are-defined.rule.yaml +49 -0
  36. package/rules/cfn/cfn.correctness.check-minimum-90-period-is-met-between-backupplan-cold-and-delete.rule.yaml +49 -0
  37. package/rules/cfn/cfn.correctness.check-properties-that-are-mutually-exclusive.rule.yaml +49 -0
  38. package/rules/cfn/cfn.correctness.check-properties-that-are-required-together.rule.yaml +49 -0
  39. package/rules/cfn/cfn.correctness.check-properties-that-need-at-least-one-of-a-list-of-properties.rule.yaml +49 -0
  40. package/rules/cfn/cfn.correctness.check-properties-that-need-only-one-of-a-list-of-properties.rule.yaml +49 -0
  41. package/rules/cfn/cfn.correctness.check-resource-properties-values.rule.yaml +49 -0
  42. package/rules/cfn/cfn.correctness.check-state-machine-definition-for-proper-syntax.rule.yaml +49 -0
  43. package/rules/cfn/cfn.correctness.check-that-modules-resources-are-valid.rule.yaml +49 -0
  44. package/rules/cfn/cfn.correctness.check-the-configuration-of-a-resources-updatepolicy.rule.yaml +49 -0
  45. package/rules/cfn/cfn.correctness.check-updatereplacepolicy-values-for-resources.rule.yaml +49 -0
  46. package/rules/cfn/cfn.correctness.check-values-of-properties-for-valid-refs-and-getatts.rule.yaml +49 -0
  47. package/rules/cfn/cfn.correctness.cidr-validation-of-parameters.rule.yaml +49 -0
  48. package/rules/cfn/cfn.correctness.cloudfront-aliases.rule.yaml +49 -0
  49. package/rules/cfn/cfn.correctness.codepipeline-stage-actions.rule.yaml +49 -0
  50. package/rules/cfn/cfn.correctness.codepipeline-stages.rule.yaml +49 -0
  51. package/rules/cfn/cfn.correctness.conditions-have-appropriate-properties.rule.yaml +49 -0
  52. package/rules/cfn/cfn.correctness.default-value-cannot-use-refs.rule.yaml +49 -0
  53. package/rules/cfn/cfn.correctness.default-value-is-within-parameter-constraints.rule.yaml +49 -0
  54. package/rules/cfn/cfn.correctness.error-processing-rule-on-the-template.rule.yaml +49 -0
  55. package/rules/cfn/cfn.correctness.findinmap-validation-of-configuration.rule.yaml +49 -0
  56. package/rules/cfn/cfn.correctness.getatt-validation-of-parameters.rule.yaml +49 -0
  57. package/rules/cfn/cfn.correctness.getaz-validation-of-parameters.rule.yaml +49 -0
  58. package/rules/cfn/cfn.correctness.importvalue-validation-of-parameters.rule.yaml +49 -0
  59. package/rules/cfn/cfn.correctness.join-validation-of-parameters.rule.yaml +49 -0
  60. package/rules/cfn/cfn.correctness.length-validation-of-parameters.rule.yaml +49 -0
  61. package/rules/cfn/cfn.correctness.mapping-attribute-limit-not-exceeded.rule.yaml +49 -0
  62. package/rules/cfn/cfn.correctness.mapping-keys-are-strings-and-alphanumeric.rule.yaml +49 -0
  63. package/rules/cfn/cfn.correctness.mapping-limit-not-exceeded.rule.yaml +49 -0
  64. package/rules/cfn/cfn.correctness.mapping-name-limit-not-exceeded.rule.yaml +49 -0
  65. package/rules/cfn/cfn.correctness.mappings-are-appropriately-configured.rule.yaml +49 -0
  66. package/rules/cfn/cfn.correctness.mappings-have-appropriate-names.rule.yaml +49 -0
  67. package/rules/cfn/cfn.correctness.metadata-interface-have-appropriate-properties.rule.yaml +49 -0
  68. package/rules/cfn/cfn.correctness.output-description-limit-not-exceeded.rule.yaml +49 -0
  69. package/rules/cfn/cfn.correctness.output-limit-not-exceeded.rule.yaml +49 -0
  70. package/rules/cfn/cfn.correctness.output-name-limit-not-exceeded.rule.yaml +49 -0
  71. package/rules/cfn/cfn.correctness.outputs-descriptions-can-only-be-strings.rule.yaml +49 -0
  72. package/rules/cfn/cfn.correctness.outputs-have-appropriate-names.rule.yaml +49 -0
  73. package/rules/cfn/cfn.correctness.outputs-have-appropriate-properties.rule.yaml +49 -0
  74. package/rules/cfn/cfn.correctness.outputs-have-required-properties.rule.yaml +49 -0
  75. package/rules/cfn/cfn.correctness.outputs-have-values-of-strings.rule.yaml +49 -0
  76. package/rules/cfn/cfn.correctness.parameter-limit-not-exceeded.rule.yaml +49 -0
  77. package/rules/cfn/cfn.correctness.parameter-name-limit-not-exceeded.rule.yaml +49 -0
  78. package/rules/cfn/cfn.correctness.parameter-value-limit-not-exceeded.rule.yaml +49 -0
  79. package/rules/cfn/cfn.correctness.parameters-have-appropriate-names.rule.yaml +49 -0
  80. package/rules/cfn/cfn.correctness.parameters-have-appropriate-properties.rule.yaml +49 -0
  81. package/rules/cfn/cfn.correctness.parameters-have-appropriate-type.rule.yaml +49 -0
  82. package/rules/cfn/cfn.correctness.property-is-required-based-on-another-properties-value.rule.yaml +49 -0
  83. package/rules/cfn/cfn.correctness.property-is-unwanted-based-on-another-properties-value.rule.yaml +49 -0
  84. package/rules/cfn/cfn.correctness.rds-instance-type-is-compatible-with-the-rds-type.rule.yaml +49 -0
  85. package/rules/cfn/cfn.correctness.recordset-hostedzonename-is-a-superdomain-of-name.rule.yaml +49 -0
  86. package/rules/cfn/cfn.correctness.ref-validation-of-value.rule.yaml +49 -0
  87. package/rules/cfn/cfn.correctness.required-resource-properties-are-missing.rule.yaml +49 -0
  88. package/rules/cfn/cfn.correctness.resource-dependencies-are-not-circular.rule.yaml +49 -0
  89. package/rules/cfn/cfn.correctness.resource-ec2-security-group-ingress-properties.rule.yaml +49 -0
  90. package/rules/cfn/cfn.correctness.resource-elb-properties.rule.yaml +49 -0
  91. package/rules/cfn/cfn.correctness.resource-limit-not-exceeded.rule.yaml +49 -0
  92. package/rules/cfn/cfn.correctness.resource-name-limit-not-exceeded.rule.yaml +49 -0
  93. package/rules/cfn/cfn.correctness.resource-properties-are-invalid.rule.yaml +49 -0
  94. package/rules/cfn/cfn.correctness.resource-schema.rule.yaml +49 -0
  95. package/rules/cfn/cfn.correctness.resource-subnetroutetableassociation-properties.rule.yaml +49 -0
  96. package/rules/cfn/cfn.correctness.resources-have-appropriate-names.rule.yaml +49 -0
  97. package/rules/cfn/cfn.correctness.select-validation-of-parameters.rule.yaml +49 -0
  98. package/rules/cfn/cfn.correctness.snapstart-supports-the-configured-runtime.rule.yaml +49 -0
  99. package/rules/cfn/cfn.correctness.split-validation-of-parameters.rule.yaml +49 -0
  100. package/rules/cfn/cfn.correctness.sub-is-required-if-a-variable-is-used-in-a-string.rule.yaml +49 -0
  101. package/rules/cfn/cfn.correctness.sub-validation-of-parameters.rule.yaml +49 -0
  102. package/rules/cfn/cfn.correctness.template-description-can-only-be-a-string.rule.yaml +49 -0
  103. package/rules/cfn/cfn.correctness.template-description-limit.rule.yaml +49 -0
  104. package/rules/cfn/cfn.correctness.template-size-limit.rule.yaml +49 -0
  105. package/rules/cfn/cfn.correctness.tojsonstring-validation-of-parameters.rule.yaml +49 -0
  106. package/rules/cfn/cfn.correctness.unique-resource-and-parameter-names.rule.yaml +49 -0
  107. package/rules/cfn/cfn.correctness.validate-accesscontrol-are-set-with-ownershipcontrols.rule.yaml +49 -0
  108. package/rules/cfn/cfn.correctness.validate-aws-event-scheduleexpression-format.rule.yaml +49 -0
  109. package/rules/cfn/cfn.correctness.validate-parameters-for-in-a-nested-stack.rule.yaml +49 -0
  110. package/rules/cfn/cfn.correctness.validate-route53-recordsets.rule.yaml +49 -0
  111. package/rules/cfn/cfn.correctness.validate-the-configuration-of-the-metadata-section.rule.yaml +49 -0
  112. package/rules/cfn/cfn.correctness.validates-foreach-functions.rule.yaml +49 -0
  113. package/rules/cfn/cfn.correctness.validation-not-function-configuration.rule.yaml +49 -0
  114. package/rules/cfn/cfn.correctness.validationdomain-is-superdomain-of-domainname.rule.yaml +49 -0
  115. package/rules/cfn/cfn.maintainability.arns-should-use-correctly-placed-pseudo-parameters.rule.yaml +49 -0
  116. package/rules/cfn/cfn.maintainability.availability-zone-parameters-should-not-be-hardcoded.rule.yaml +49 -0
  117. package/rules/cfn/cfn.maintainability.check-iam-resource-policies-syntax.rule.yaml +49 -0
  118. package/rules/cfn/cfn.maintainability.check-if-a-list-that-allows-duplicates-has-any-duplicates.rule.yaml +49 -0
  119. package/rules/cfn/cfn.maintainability.check-if-conditions-are-used.rule.yaml +49 -0
  120. package/rules/cfn/cfn.maintainability.check-if-eol-lambda-function-runtimes-are-used-w2531.rule.yaml +49 -0
  121. package/rules/cfn/cfn.maintainability.check-if-imageid-parameters-have-the-correct-type.rule.yaml +49 -0
  122. package/rules/cfn/cfn.maintainability.check-if-mappings-are-used.rule.yaml +49 -0
  123. package/rules/cfn/cfn.maintainability.check-if-parameters-are-used.rule.yaml +49 -0
  124. package/rules/cfn/cfn.maintainability.check-if-parameters-have-a-valid-value-based-on-an-allowed-pattern.rule.yaml +49 -0
  125. package/rules/cfn/cfn.maintainability.check-if-parameters-have-a-valid-value.rule.yaml +49 -0
  126. package/rules/cfn/cfn.maintainability.check-obsolete-dependson-configuration-for-resources.rule.yaml +49 -0
  127. package/rules/cfn/cfn.maintainability.check-outputs-using-importvalue.rule.yaml +49 -0
  128. package/rules/cfn/cfn.maintainability.check-required-properties-for-lambda-if-the-deployment-package-is-a-zip-file.rule.yaml +49 -0
  129. package/rules/cfn/cfn.maintainability.check-resources-with-auto-expiring-content-have-explicit-retention-period.rule.yaml +49 -0
  130. package/rules/cfn/cfn.maintainability.check-resources-with-updatereplacepolicy-deletionpolicy-have-both.rule.yaml +49 -0
  131. package/rules/cfn/cfn.maintainability.check-stateful-resources-have-a-set-updatereplacepolicy-deletionpolicy.rule.yaml +49 -0
  132. package/rules/cfn/cfn.maintainability.checks-for-legacy-instance-type-generations.rule.yaml +49 -0
  133. package/rules/cfn/cfn.maintainability.findinmap-keys-exist-in-the-map.rule.yaml +49 -0
  134. package/rules/cfn/cfn.maintainability.fn-equals-will-always-return-true-or-false.rule.yaml +49 -0
  135. package/rules/cfn/cfn.maintainability.mapping-attribute-limit.rule.yaml +49 -0
  136. package/rules/cfn/cfn.maintainability.mapping-limit.rule.yaml +49 -0
  137. package/rules/cfn/cfn.maintainability.mapping-name-limit.rule.yaml +49 -0
  138. package/rules/cfn/cfn.maintainability.metadata-interface-parameters-exist.rule.yaml +49 -0
  139. package/rules/cfn/cfn.maintainability.output-description-limit.rule.yaml +49 -0
  140. package/rules/cfn/cfn.maintainability.output-limit.rule.yaml +49 -0
  141. package/rules/cfn/cfn.maintainability.output-name-limit.rule.yaml +49 -0
  142. package/rules/cfn/cfn.maintainability.parameter-limit.rule.yaml +49 -0
  143. package/rules/cfn/cfn.maintainability.parameter-memory-size-attributes-should-have-max-and-min.rule.yaml +49 -0
  144. package/rules/cfn/cfn.maintainability.parameter-name-limit.rule.yaml +49 -0
  145. package/rules/cfn/cfn.maintainability.parameter-value-limit.rule.yaml +49 -0
  146. package/rules/cfn/cfn.maintainability.ref-getatt-to-resource-that-is-available-when-conditions-are-applied.rule.yaml +49 -0
  147. package/rules/cfn/cfn.maintainability.resource-limit.rule.yaml +49 -0
  148. package/rules/cfn/cfn.maintainability.resource-name-limit.rule.yaml +49 -0
  149. package/rules/cfn/cfn.maintainability.sub-isn-t-needed-if-it-doesn-t-have-a-variable-defined.rule.yaml +49 -0
  150. package/rules/cfn/cfn.maintainability.sub-validation-of-parameters-w1019.rule.yaml +49 -0
  151. package/rules/cfn/cfn.maintainability.template-description-limit-i1003.rule.yaml +49 -0
  152. package/rules/cfn/cfn.maintainability.template-size-limit-i1002.rule.yaml +49 -0
  153. package/rules/cfn/cfn.maintainability.use-sub-instead-of-join.rule.yaml +49 -0
  154. package/rules/cfn/cfn.maintainability.validate-that-snapstart-is-configured-for-java11-runtimes.rule.yaml +49 -0
  155. package/rules/cfn/cfn.maintainability.validate-that-snapstart-is-properly-configured.rule.yaml +49 -0
  156. package/rules/cfn/cfn.maintainability.warn-when-properties-are-configured-to-only-work-with-the-package-command.rule.yaml +49 -0
  157. package/rules/cfn/cfn.security.check-dynamic-references-secure-strings-are-in-supported-locations.rule.yaml +53 -0
  158. package/rules/cfn/cfn.security.check-for-noecho-references.rule.yaml +53 -0
  159. package/rules/cfn/cfn.security.check-iam-permission-configuration.rule.yaml +53 -0
  160. package/rules/cfn/cfn.security.check-if-iam-policies-are-properly-configured.rule.yaml +53 -0
  161. package/rules/cfn/cfn.security.check-if-password-properties-are-correctly-configured.rule.yaml +53 -0
  162. package/rules/cfn/cfn.security.controlling-access-to-an-s3-bucket-should-be-done-with-bucket-policies.rule.yaml +53 -0
  163. package/rules/go/go.bug-risk.compound-assignment-misuse.rule.yaml +53 -0
  164. package/rules/go/go.bug-risk.deprecated-redis-methods.rule.yaml +57 -0
  165. package/rules/go/go.bug-risk.etcd-getlogger-misuse.rule.yaml +59 -0
  166. package/rules/go/go.bug-risk.etcd-invalid-compare-operator.rule.yaml +53 -0
  167. package/rules/go/go.bug-risk.gin-loadhtmlglob-ill-formed.rule.yaml +53 -0
  168. package/rules/go/go.bug-risk.gorm-dry-run-enabled.rule.yaml +58 -0
  169. package/rules/go/go.bug-risk.gorm-skip-default-transaction.rule.yaml +57 -0
  170. package/rules/go/go.bug-risk.gorm-updates-zero-values.rule.yaml +55 -0
  171. package/rules/go/go.bug-risk.gorm-where-zero-values.rule.yaml +53 -0
  172. package/rules/go/go.bug-risk.poorly-formed-nilness-guards.rule.yaml +57 -0
  173. package/rules/go/go.bug-risk.redis-incorrect-arg-count.rule.yaml +54 -0
  174. package/rules/go/go.bug-risk.redis-unimplemented-method.rule.yaml +53 -0
  175. package/rules/go/go.bug-risk.reflect-makefunc-usage.rule.yaml +55 -0
  176. package/rules/go/go.correctness.bare-return.rule.yaml +52 -0
  177. package/rules/go/go.correctness.boolean-literal-in-expression.rule.yaml +52 -0
  178. package/rules/go/go.correctness.boolean-simplification.rule.yaml +49 -0
  179. package/rules/go/go.correctness.deferred-func-literal.rule.yaml +52 -0
  180. package/rules/go/go.correctness.duplicate-branch-body.rule.yaml +49 -0
  181. package/rules/go/go.correctness.duplicate-function-arguments.rule.yaml +49 -0
  182. package/rules/go/go.correctness.duplicate-if-else-condition.rule.yaml +54 -0
  183. package/rules/go/go.correctness.duplicate-switch-cases.rule.yaml +48 -0
  184. package/rules/go/go.correctness.flag-pointer-immediate-deref.rule.yaml +49 -0
  185. package/rules/go/go.correctness.hidden-goroutine.rule.yaml +55 -0
  186. package/rules/go/go.correctness.http-nobody-nil.rule.yaml +52 -0
  187. package/rules/go/go.correctness.identical-binary-operands.rule.yaml +48 -0
  188. package/rules/go/go.correctness.impossible-interface-nil-check.rule.yaml +56 -0
  189. package/rules/go/go.correctness.incomplete-nil-check.rule.yaml +49 -0
  190. package/rules/go/go.correctness.integer-truncation.rule.yaml +51 -0
  191. package/rules/go/go.correctness.interface-any-preferred.rule.yaml +50 -0
  192. package/rules/go/go.correctness.nil-error-returned.rule.yaml +49 -0
  193. package/rules/go/go.correctness.off-by-one-index.rule.yaml +48 -0
  194. package/rules/go/go.correctness.redundant-type-declaration.rule.yaml +51 -0
  195. package/rules/go/go.correctness.signedness-casting.rule.yaml +56 -0
  196. package/rules/go/go.correctness.string-concat-simplify.rule.yaml +52 -0
  197. package/rules/go/go.correctness.suspicious-regex-pattern.rule.yaml +49 -0
  198. package/rules/go/go.correctness.terminal-call-with-defer.rule.yaml +50 -0
  199. package/rules/go/go.correctness.unexported-capital-name.rule.yaml +52 -0
  200. package/rules/go/go.correctness.unnecessary-dereference.rule.yaml +53 -0
  201. package/rules/go/go.correctness.unnecessary-else-return.rule.yaml +52 -0
  202. package/rules/go/go.correctness.unreachable-switch-case.rule.yaml +50 -0
  203. package/rules/go/go.doc.malformed-deprecated-comment.rule.yaml +59 -0
  204. package/rules/go/go.performance.avoid-large-loop-copy.rule.yaml +38 -0
  205. package/rules/go/go.performance.avoid-large-param-copy.rule.yaml +38 -0
  206. package/rules/go/go.performance.avoid-large-range-copy.rule.yaml +37 -0
  207. package/rules/go/go.performance.avoid-string-index-alloc.rule.yaml +38 -0
  208. package/rules/go/go.performance.combine-append-calls.rule.yaml +38 -0
  209. package/rules/go/go.performance.fmt-fprint.rule.yaml +44 -0
  210. package/rules/go/go.performance.iowriter-write-string.rule.yaml +45 -0
  211. package/rules/go/go.performance.non-idiomatic-slice-zeroing.rule.yaml +44 -0
  212. package/rules/go/go.performance.reorder-operands.rule.yaml +44 -0
  213. package/rules/go/go.performance.utf8-decode-rune.rule.yaml +44 -0
  214. package/rules/go/go.security.decompression-bomb.rule.yaml +55 -0
  215. package/rules/go/go.security.http-dir-path-traversal.rule.yaml +55 -0
  216. package/rules/go/go.security.incomplete-hostname-regex.rule.yaml +64 -0
  217. package/rules/go/go.security.insecure-ssl-protocol.rule.yaml +2 -0
  218. package/rules/go/go.security.jwt-without-verification.rule.yaml +2 -0
  219. package/rules/go/go.security.net-http-missing-timeouts.rule.yaml +3 -0
  220. package/rules/go/go.security.pprof-exposed.rule.yaml +2 -0
  221. package/rules/go/go.security.squirrel-unsafe-quoting.rule.yaml +64 -0
  222. package/rules/go/go.security.tainted-value-sink.rule.yaml +59 -0
  223. package/rules/go/go.security.tls-missing-min-version.rule.yaml +2 -0
  224. package/rules/go/go.security.unsafe-defer-close.rule.yaml +55 -0
  225. package/rules/go/go.security.weak-crypto-import.rule.yaml +3 -0
  226. package/rules/go/go.security.weak-file-permission.rule.yaml +56 -0
  227. package/rules/java/java.correctness.annotation-check-always-false.rule.yaml +42 -0
  228. package/rules/java/java.correctness.array-compared-to-non-array.rule.yaml +45 -0
  229. package/rules/java/java.correctness.array-index-bounds.rule.yaml +42 -0
  230. package/rules/java/java.correctness.assert-self-comparison.rule.yaml +46 -0
  231. package/rules/java/java.correctness.assertion-in-production.rule.yaml +49 -0
  232. package/rules/java/java.correctness.bad-short-circuit-null-check.rule.yaml +45 -0
  233. package/rules/java/java.correctness.bitwise-or-never-equal.rule.yaml +42 -0
  234. package/rules/java/java.correctness.boxed-boolean-conditional.rule.yaml +42 -0
  235. package/rules/java/java.correctness.cacheloader-null-return.rule.yaml +42 -0
  236. package/rules/java/java.correctness.case-insensitive-regex-lacks-unicode.rule.yaml +46 -0
  237. package/rules/java/java.correctness.catch-null-pointer.rule.yaml +5 -1
  238. package/rules/java/java.correctness.class-isinstance-on-class.rule.yaml +42 -0
  239. package/rules/java/java.correctness.class-name-collision.rule.yaml +45 -0
  240. package/rules/java/java.correctness.clone-without-super.rule.yaml +45 -0
  241. package/rules/java/java.correctness.closeable-provides-injection.rule.yaml +43 -0
  242. package/rules/java/java.correctness.collection-adds-self.rule.yaml +42 -0
  243. package/rules/java/java.correctness.collection-contains-self.rule.yaml +42 -0
  244. package/rules/java/java.correctness.collection-remove-type-mismatch.rule.yaml +42 -0
  245. package/rules/java/java.correctness.comparator-downcast-sign-flip.rule.yaml +42 -0
  246. package/rules/java/java.correctness.compareto-min-value.rule.yaml +44 -0
  247. package/rules/java/java.correctness.constructor-starts-thread.rule.yaml +45 -0
  248. package/rules/java/java.correctness.default-package-spring-scan.rule.yaml +46 -0
  249. package/rules/java/java.correctness.deprecated-thread-methods.rule.yaml +42 -0
  250. package/rules/java/java.correctness.double-assignment.rule.yaml +42 -0
  251. package/rules/java/java.correctness.double-checked-locking.rule.yaml +42 -0
  252. package/rules/java/java.correctness.duplicate-binary-argument.rule.yaml +45 -0
  253. package/rules/java/java.correctness.duration-with-nanos-misuse.rule.yaml +42 -0
  254. package/rules/java/java.correctness.enum-equals-method.rule.yaml +45 -0
  255. package/rules/java/java.correctness.enum-get-class.rule.yaml +42 -0
  256. package/rules/java/java.correctness.equals-inherits-parent.rule.yaml +45 -0
  257. package/rules/java/java.correctness.equals-null-check.rule.yaml +45 -0
  258. package/rules/java/java.correctness.equals-null.rule.yaml +45 -0
  259. package/rules/java/java.correctness.equals-on-array.rule.yaml +4 -0
  260. package/rules/java/java.correctness.explicit-finalizer-invocation.rule.yaml +45 -0
  261. package/rules/java/java.correctness.for-loop-mismatched-increment.rule.yaml +45 -0
  262. package/rules/java/java.correctness.getter-setter-sync-mismatch.rule.yaml +42 -0
  263. package/rules/java/java.correctness.hashcode-on-array.rule.yaml +42 -0
  264. package/rules/java/java.correctness.hashtable-contains-value.rule.yaml +42 -0
  265. package/rules/java/java.correctness.hasnext-invokes-next.rule.yaml +45 -0
  266. package/rules/java/java.correctness.ignored-inputstream-read.rule.yaml +45 -0
  267. package/rules/java/java.correctness.ignored-inputstream-skip.rule.yaml +45 -0
  268. package/rules/java/java.correctness.illegal-monitor-state-caught.rule.yaml +45 -0
  269. package/rules/java/java.correctness.impossible-toarray-downcast.rule.yaml +45 -0
  270. package/rules/java/java.correctness.incorrect-main-signature.rule.yaml +42 -0
  271. package/rules/java/java.correctness.indexof-reversed-arguments.rule.yaml +42 -0
  272. package/rules/java/java.correctness.instant-unsupported-temporal-unit.rule.yaml +42 -0
  273. package/rules/java/java.correctness.invalid-regex-literal.rule.yaml +45 -0
  274. package/rules/java/java.correctness.invalid-serial-version-uid.rule.yaml +42 -0
  275. package/rules/java/java.correctness.invalid-time-constants.rule.yaml +42 -0
  276. package/rules/java/java.correctness.invalidated-iterator.rule.yaml +42 -0
  277. package/rules/java/java.correctness.iterable-iterator-returns-this.rule.yaml +44 -0
  278. package/rules/java/java.correctness.iterable-path-type.rule.yaml +42 -0
  279. package/rules/java/java.correctness.jump-in-finally.rule.yaml +44 -0
  280. package/rules/java/java.correctness.loop-condition-never-true.rule.yaml +42 -0
  281. package/rules/java/java.correctness.lost-increment-in-assignment.rule.yaml +45 -0
  282. package/rules/java/java.correctness.math-max-min-swapped.rule.yaml +45 -0
  283. package/rules/java/java.correctness.missing-enum-switch-elements.rule.yaml +43 -0
  284. package/rules/java/java.correctness.modulus-multiplication-precedence.rule.yaml +42 -0
  285. package/rules/java/java.correctness.mutable-data-exposed.rule.yaml +42 -0
  286. package/rules/java/java.correctness.mutable-enum-fields.rule.yaml +44 -0
  287. package/rules/java/java.correctness.nan-comparison.rule.yaml +42 -0
  288. package/rules/java/java.correctness.ncopies-argument-order.rule.yaml +42 -0
  289. package/rules/java/java.correctness.noallocation-method-creates-object.rule.yaml +45 -0
  290. package/rules/java/java.correctness.non-final-immutable-fields.rule.yaml +45 -0
  291. package/rules/java/java.correctness.non-null-method-returns-null.rule.yaml +43 -0
  292. package/rules/java/java.correctness.non-terminating-loop.rule.yaml +42 -0
  293. package/rules/java/java.correctness.oddness-check-fails-negative.rule.yaml +45 -0
  294. package/rules/java/java.correctness.optional-get-without-present-check.rule.yaml +44 -0
  295. package/rules/java/java.correctness.optional-null.rule.yaml +42 -0
  296. package/rules/java/java.correctness.overloaded-equals.rule.yaml +45 -0
  297. package/rules/java/java.correctness.parameter-reassignment.rule.yaml +46 -0
  298. package/rules/java/java.correctness.possible-null-access-exception.rule.yaml +42 -0
  299. package/rules/java/java.correctness.possible-null-access.rule.yaml +42 -0
  300. package/rules/java/java.correctness.prepared-statement-in-loop.rule.yaml +52 -0
  301. package/rules/java/java.correctness.prepared-statement-index-zero.rule.yaml +44 -0
  302. package/rules/java/java.correctness.random-coerced-to-zero.rule.yaml +44 -0
  303. package/rules/java/java.correctness.read-resolve-return-type.rule.yaml +42 -0
  304. package/rules/java/java.correctness.readline-without-null-check.rule.yaml +45 -0
  305. package/rules/java/java.correctness.result-set-index-zero.rule.yaml +44 -0
  306. package/rules/java/java.correctness.runfinalizers-on-exit.rule.yaml +45 -0
  307. package/rules/java/java.correctness.runnable-run-direct.rule.yaml +45 -0
  308. package/rules/java/java.correctness.self-assignment.rule.yaml +45 -0
  309. package/rules/java/java.correctness.serializable-superclass.rule.yaml +42 -0
  310. package/rules/java/java.correctness.serialization-method-signature.rule.yaml +42 -0
  311. package/rules/java/java.correctness.servlet-mutable-fields.rule.yaml +45 -0
  312. package/rules/java/java.correctness.shift-out-of-range.rule.yaml +44 -0
  313. package/rules/java/java.correctness.static-date-field.rule.yaml +42 -0
  314. package/rules/java/java.correctness.stream-reuse.rule.yaml +42 -0
  315. package/rules/java/java.correctness.string-format-arg-mismatch.rule.yaml +45 -0
  316. package/rules/java/java.correctness.stringbuilder-char-ctor.rule.yaml +42 -0
  317. package/rules/java/java.correctness.switch-statement-labels.rule.yaml +44 -0
  318. package/rules/java/java.correctness.sync-boxed-primitive.rule.yaml +45 -0
  319. package/rules/java/java.correctness.sync-on-get-class.rule.yaml +42 -0
  320. package/rules/java/java.correctness.sync-on-lock-primitive.rule.yaml +45 -0
  321. package/rules/java/java.correctness.sync-on-mutable-ref.rule.yaml +42 -0
  322. package/rules/java/java.correctness.sync-on-nullable-field.rule.yaml +42 -0
  323. package/rules/java/java.correctness.sync-on-public-field.rule.yaml +42 -0
  324. package/rules/java/java.correctness.sync-on-string-literal.rule.yaml +2 -0
  325. package/rules/java/java.correctness.system-exit.rule.yaml +43 -0
  326. package/rules/java/java.correctness.thread-sleep-with-lock.rule.yaml +45 -0
  327. package/rules/java/java.correctness.thread-static-misuse.rule.yaml +42 -0
  328. package/rules/java/java.correctness.threadgroup-deprecated-methods.rule.yaml +43 -0
  329. package/rules/java/java.correctness.throw-null.rule.yaml +42 -0
  330. package/rules/java/java.correctness.timezone-invalid-id.rule.yaml +42 -0
  331. package/rules/java/java.correctness.two-lock-wait.rule.yaml +45 -0
  332. package/rules/java/java.correctness.unconditional-recursion.rule.yaml +42 -0
  333. package/rules/java/java.correctness.unescaped-whitespace.rule.yaml +42 -0
  334. package/rules/java/java.correctness.unimplementable-interface.rule.yaml +42 -0
  335. package/rules/java/java.correctness.unsafe-collection-downcast.rule.yaml +42 -0
  336. package/rules/java/java.correctness.unsafe-getresource.rule.yaml +45 -0
  337. package/rules/java/java.correctness.unsupported-jdk-api.rule.yaml +46 -0
  338. package/rules/java/java.correctness.unsupported-method-call.rule.yaml +42 -0
  339. package/rules/java/java.correctness.unsync-static-lazy-init.rule.yaml +42 -0
  340. package/rules/java/java.correctness.unsynchronized-wait-notify.rule.yaml +45 -0
  341. package/rules/java/java.correctness.unterminated-assertion-chain.rule.yaml +39 -0
  342. package/rules/java/java.correctness.volatile-array-elements.rule.yaml +45 -0
  343. package/rules/java/java.correctness.volatile-increment-non-atomic.rule.yaml +45 -0
  344. package/rules/java/java.correctness.wait-notify-on-thread.rule.yaml +45 -0
  345. package/rules/java/java.correctness.wait-on-condition.rule.yaml +45 -0
  346. package/rules/java/java.correctness.week-year-in-date-pattern.rule.yaml +44 -0
  347. package/rules/java/java.correctness.zoneid-invalid-timezone.rule.yaml +42 -0
  348. package/rules/java/java.doc.empty-javadoc-tag.rule.yaml +41 -0
  349. package/rules/java/java.doc.malformed-javadoc-comment.rule.yaml +41 -0
  350. package/rules/java/java.doc.parameter-tag-no-description.rule.yaml +41 -0
  351. package/rules/java/java.doc.unmatched-parameter-tag.rule.yaml +41 -0
  352. package/rules/java/java.performance.boxed-boolean-constructor.rule.yaml +43 -0
  353. package/rules/java/java.performance.boxed-double-constructor.rule.yaml +43 -0
  354. package/rules/java/java.performance.boxed-integer-constructor.rule.yaml +43 -0
  355. package/rules/java/java.performance.empty-string-constructor.rule.yaml +44 -0
  356. package/rules/java/java.performance.expensive-method-on-ui-thread.rule.yaml +50 -0
  357. package/rules/java/java.performance.explicit-gc.rule.yaml +43 -0
  358. package/rules/java/java.performance.inefficient-string-constructor.rule.yaml +44 -0
  359. package/rules/java/java.performance.keyset-instead-of-entryset.rule.yaml +49 -0
  360. package/rules/java/java.performance.non-zero-to-array.rule.yaml +49 -0
  361. package/rules/java/java.performance.pattern-compile-in-loop.rule.yaml +49 -0
  362. package/rules/java/java.performance.removeall-to-clear.rule.yaml +49 -0
  363. package/rules/java/java.performance.replaceall-instead-of-replace.rule.yaml +49 -0
  364. package/rules/java/java.performance.single-char-string-indexof.rule.yaml +49 -0
  365. package/rules/java/java.performance.string-concat-in-loop.rule.yaml +49 -0
  366. package/rules/java/java.performance.string-to-string.rule.yaml +43 -0
  367. package/rules/java/java.performance.thread-as-runnable.rule.yaml +44 -0
  368. package/rules/java/java.performance.url-in-collection.rule.yaml +44 -0
  369. package/rules/java/java.quality.c-style-array-declaration.rule.yaml +41 -0
  370. package/rules/java/java.quality.multiple-variables-same-line.rule.yaml +41 -0
  371. package/rules/java/java.quality.type-name-uppercase.rule.yaml +41 -0
  372. package/rules/java/java.testing.setup-teardown-annotation.rule.yaml +36 -0
  373. package/rules/java/java.testing.setup-without-super.rule.yaml +43 -0
  374. package/rules/java/java.testing.teardown-without-super.rule.yaml +43 -0
  375. package/rules/java/java.testing.wrong-assertion-argument-order.rule.yaml +43 -0
  376. package/rules/php/php.correctness.abstract-method-outside-abstract-class.rule.yaml +39 -0
  377. package/rules/php/php.correctness.abstract-method-with-body.rule.yaml +38 -0
  378. package/rules/php/php.correctness.assign-to-non-lvalue.rule.yaml +38 -0
  379. package/rules/php/php.correctness.attribute-on-class-constant.rule.yaml +38 -0
  380. package/rules/php/php.correctness.attribute-on-closure.rule.yaml +38 -0
  381. package/rules/php/php.correctness.attribute-on-function.rule.yaml +38 -0
  382. package/rules/php/php.correctness.attribute-on-property.rule.yaml +40 -0
  383. package/rules/php/php.correctness.break-continue-outside-loop.rule.yaml +38 -0
  384. package/rules/php/php.correctness.case-insensitive-define.rule.yaml +38 -0
  385. package/rules/php/php.correctness.class-implements-non-interface.rule.yaml +38 -0
  386. package/rules/php/php.correctness.default-parameter-not-last.rule.yaml +38 -0
  387. package/rules/php/php.correctness.deprecated-filter-constant.rule.yaml +38 -0
  388. package/rules/php/php.correctness.deprecated-libxml-entity-loader.rule.yaml +38 -0
  389. package/rules/php/php.correctness.deprecated-unset-cast.rule.yaml +38 -0
  390. package/rules/php/php.correctness.duplicate-array-key.rule.yaml +2 -0
  391. package/rules/php/php.correctness.duplicate-declaration.rule.yaml +38 -0
  392. package/rules/php/php.correctness.duplicate-union-type.rule.yaml +38 -0
  393. package/rules/php/php.correctness.echo-invalid-value.rule.yaml +38 -0
  394. package/rules/php/php.correctness.empty-array-literal-slot.rule.yaml +38 -0
  395. package/rules/php/php.correctness.empty-bracket-array-access.rule.yaml +38 -0
  396. package/rules/php/php.correctness.empty-code-block.rule.yaml +38 -0
  397. package/rules/php/php.correctness.empty-function-body.rule.yaml +38 -0
  398. package/rules/php/php.correctness.error-suppression-operator.rule.yaml +2 -0
  399. package/rules/php/php.correctness.function-comparison.rule.yaml +38 -0
  400. package/rules/php/php.correctness.inaccessible-property.rule.yaml +49 -0
  401. package/rules/php/php.correctness.incomplete-arrow-function.rule.yaml +38 -0
  402. package/rules/php/php.correctness.inconsistent-printf-params.rule.yaml +50 -0
  403. package/rules/php/php.correctness.instanceof-invalid-type.rule.yaml +40 -0
  404. package/rules/php/php.correctness.instantiate-abstract-class.rule.yaml +38 -0
  405. package/rules/php/php.correctness.interface-extends-non-interface.rule.yaml +38 -0
  406. package/rules/php/php.correctness.interface-implements-keyword.rule.yaml +38 -0
  407. package/rules/php/php.correctness.invalid-arrow-function-typehint.rule.yaml +38 -0
  408. package/rules/php/php.correctness.invalid-attribute-class.rule.yaml +49 -0
  409. package/rules/php/php.correctness.invalid-closure-return-typehint.rule.yaml +38 -0
  410. package/rules/php/php.correctness.invalid-constructor-promotion.rule.yaml +38 -0
  411. package/rules/php/php.correctness.invalid-cookie-options.rule.yaml +38 -0
  412. package/rules/php/php.correctness.invalid-dynamic-constant-fetch.rule.yaml +38 -0
  413. package/rules/php/php.correctness.invalid-extends-target.rule.yaml +38 -0
  414. package/rules/php/php.correctness.invalid-increment-operand.rule.yaml +38 -0
  415. package/rules/php/php.correctness.invalid-isset-argument.rule.yaml +38 -0
  416. package/rules/php/php.correctness.invalid-regex-literal.rule.yaml +36 -0
  417. package/rules/php/php.correctness.invalid-return-typehint.rule.yaml +38 -0
  418. package/rules/php/php.correctness.invalid-static-method.rule.yaml +40 -0
  419. package/rules/php/php.correctness.invalid-string-interpolation-type.rule.yaml +38 -0
  420. package/rules/php/php.correctness.invalid-type-cast.rule.yaml +38 -0
  421. package/rules/php/php.correctness.invalid-use-keyword.rule.yaml +48 -0
  422. package/rules/php/php.correctness.missing-member-visibility.rule.yaml +38 -0
  423. package/rules/php/php.correctness.missing-return-statement.rule.yaml +38 -0
  424. package/rules/php/php.correctness.named-arg-before-positional.rule.yaml +38 -0
  425. package/rules/php/php.correctness.nested-function-declaration.rule.yaml +38 -0
  426. package/rules/php/php.correctness.nested-switch.rule.yaml +38 -0
  427. package/rules/php/php.correctness.nullable-mixed-type.rule.yaml +38 -0
  428. package/rules/php/php.correctness.nullsafe-returned-by-reference.rule.yaml +3 -0
  429. package/rules/php/php.correctness.print-invalid-value.rule.yaml +38 -0
  430. package/rules/php/php.correctness.psr-class-constant-naming.rule.yaml +38 -0
  431. package/rules/php/php.correctness.psr-method-camel-case.rule.yaml +38 -0
  432. package/rules/php/php.correctness.redundant-final-method.rule.yaml +38 -0
  433. package/rules/php/php.correctness.redundant-string-cast-concat.rule.yaml +38 -0
  434. package/rules/php/php.correctness.self-assignment.rule.yaml +38 -0
  435. package/rules/php/php.correctness.switch-multiple-default.rule.yaml +2 -0
  436. package/rules/php/php.correctness.throw-as-expression.rule.yaml +38 -0
  437. package/rules/php/php.correctness.throw-non-exception.rule.yaml +38 -0
  438. package/rules/php/php.correctness.todo-fixme-marker.rule.yaml +36 -0
  439. package/rules/php/php.correctness.trait-as-attribute.rule.yaml +38 -0
  440. package/rules/php/php.correctness.trait-class-constant.rule.yaml +38 -0
  441. package/rules/php/php.correctness.undefined-constant-reference.rule.yaml +38 -0
  442. package/rules/php/php.correctness.undefined-function.rule.yaml +40 -0
  443. package/rules/php/php.correctness.undefined-method.rule.yaml +40 -0
  444. package/rules/php/php.correctness.undefined-property.rule.yaml +51 -0
  445. package/rules/php/php.correctness.undefined-static-property.rule.yaml +41 -0
  446. package/rules/php/php.correctness.undefined-variable.rule.yaml +48 -0
  447. package/rules/php/php.correctness.uninitialized-typed-property.rule.yaml +38 -0
  448. package/rules/php/php.correctness.unknown-magic-method.rule.yaml +38 -0
  449. package/rules/php/php.correctness.unreachable-after-return.rule.yaml +2 -0
  450. package/rules/php/php.correctness.unused-closure-use-variable.rule.yaml +38 -0
  451. package/rules/php/php.correctness.unused-constructor-parameter.rule.yaml +38 -0
  452. package/rules/php/php.correctness.unused-import.rule.yaml +38 -0
  453. package/rules/php/php.correctness.useless-post-increment.rule.yaml +38 -0
  454. package/rules/php/php.correctness.useless-unset.rule.yaml +38 -0
  455. package/rules/php/php.correctness.void-match-arm.rule.yaml +38 -0
  456. package/rules/php/php.performance.expensive-loop-condition.rule.yaml +38 -0
  457. package/rules/php/php.security.debug-function-exposure.rule.yaml +2 -0
  458. package/rules/php/php.security.insecure-session-id-generation.rule.yaml +2 -0
  459. package/rules/php/php.security.insecure-session-or-cookie-config.rule.yaml +3 -0
  460. package/rules/php/php.security.no-dynamic-eval.rule.yaml +2 -0
  461. package/rules/php/php.security.unsafe-include-with-user-input.rule.yaml +2 -0
  462. package/rules/php/php.security.unsafe-new-static.rule.yaml +44 -0
  463. package/rules/php/php.security.weak-cipher.rule.yaml +2 -0
  464. package/rules/php/php.security.xml-external-entity.rule.yaml +2 -0
  465. package/rules/python/py.correctness.assert-outside-test.rule.yaml +49 -0
  466. package/rules/python/py.correctness.global-statement.rule.yaml +51 -0
  467. package/rules/python/py.correctness.redefined-builtin.rule.yaml +51 -0
  468. package/rules/python/py.correctness.super-with-arguments.rule.yaml +51 -0
  469. package/rules/python/py.correctness.unnecessary-comprehension.rule.yaml +51 -0
  470. package/rules/python/py.correctness.useless-return.rule.yaml +51 -0
  471. package/rules/python/py.security.command-execution-with-request-input.rule.yaml +56 -0
  472. package/rules/python/py.security.ftp-usage.rule.yaml +51 -0
  473. package/rules/python/py.security.hardcoded-credentials.rule.yaml +51 -0
  474. package/rules/python/py.security.hardcoded-temp-directory.rule.yaml +51 -0
  475. package/rules/python/py.security.insecure-cipher-mode.rule.yaml +51 -0
  476. package/rules/python/py.security.insecure-cipher.rule.yaml +51 -0
  477. package/rules/python/py.security.insecure-crypto-import.rule.yaml +51 -0
  478. package/rules/python/py.security.insecure-http-transport.rule.yaml +56 -0
  479. package/rules/python/py.security.insecure-ssl-version.rule.yaml +53 -0
  480. package/rules/python/py.security.insecure-urllib-method.rule.yaml +51 -0
  481. package/rules/python/py.security.insecure-xml-parser.rule.yaml +53 -0
  482. package/rules/python/py.security.mako-insecure-templates.rule.yaml +53 -0
  483. package/rules/python/py.security.path-traversal-user-input.rule.yaml +51 -0
  484. package/rules/python/py.security.request-path-file-read.rule.yaml +56 -0
  485. package/rules/python/py.security.sensitive-logging.rule.yaml +51 -0
  486. package/rules/python/py.security.sql-interpolation.rule.yaml +56 -0
  487. package/rules/python/py.security.ssh-host-key-validation.rule.yaml +53 -0
  488. package/rules/python/py.security.telnet-usage.rule.yaml +51 -0
  489. package/rules/python/py.security.tls-verification-disabled.rule.yaml +56 -0
  490. package/rules/python/py.security.unsafe-deserialization.rule.yaml +56 -0
  491. package/rules/python/py.security.weak-crypto-key.rule.yaml +51 -0
  492. package/rules/python/py.security.weak-hash-algorithm.rule.yaml +57 -0
  493. package/rules/python/py.security.wildcard-subprocess-injection.rule.yaml +53 -0
  494. package/rules/python/py.security.xmlrpc-import.rule.yaml +53 -0
  495. package/rules/ruby/ruby.bug-risk.action-mailer-base-subclass.rule.yaml +53 -0
  496. package/rules/ruby/ruby.bug-risk.active-job-base-subclass.rule.yaml +53 -0
  497. package/rules/ruby/ruby.bug-risk.active-record-alias.rule.yaml +53 -0
  498. package/rules/ruby/ruby.bug-risk.active-record-base-subclass.rule.yaml +53 -0
  499. package/rules/ruby/ruby.bug-risk.active-record-method-override.rule.yaml +55 -0
  500. package/rules/ruby/ruby.bug-risk.active-support-alias.rule.yaml +52 -0
  501. package/rules/ruby/ruby.bug-risk.all-each-to-find-each.rule.yaml +55 -0
  502. package/rules/ruby/ruby.bug-risk.allow-blank-with-delegate.rule.yaml +52 -0
  503. package/rules/ruby/ruby.bug-risk.alter-queries-combine.rule.yaml +54 -0
  504. package/rules/ruby/ruby.bug-risk.ambiguous-block-association.rule.yaml +49 -0
  505. package/rules/ruby/ruby.bug-risk.ambiguous-operator-argument.rule.yaml +48 -0
  506. package/rules/ruby/ruby.bug-risk.ambiguous-regexp-literal.rule.yaml +49 -0
  507. package/rules/ruby/ruby.bug-risk.argument-overwritten-before-use.rule.yaml +51 -0
  508. package/rules/ruby/ruby.bug-risk.assert-not-usage.rule.yaml +51 -0
  509. package/rules/ruby/ruby.bug-risk.assignment-in-condition.rule.yaml +42 -0
  510. package/rules/ruby/ruby.bug-risk.bad-date-usage.rule.yaml +55 -0
  511. package/rules/ruby/ruby.bug-risk.bad-magic-comment-order.rule.yaml +50 -0
  512. package/rules/ruby/ruby.bug-risk.bad-operand-order.rule.yaml +46 -0
  513. package/rules/ruby/ruby.bug-risk.bad-rescue-ordering.rule.yaml +50 -0
  514. package/rules/ruby/ruby.bug-risk.branches-without-body.rule.yaml +49 -0
  515. package/rules/ruby/ruby.bug-risk.callback-order.rule.yaml +52 -0
  516. package/rules/ruby/ruby.bug-risk.callback-override.rule.yaml +53 -0
  517. package/rules/ruby/ruby.bug-risk.circular-argument-reference.rule.yaml +44 -0
  518. package/rules/ruby/ruby.bug-risk.class-name-should-be-string.rule.yaml +52 -0
  519. package/rules/ruby/ruby.bug-risk.console-output-instead-of-logger.rule.yaml +53 -0
  520. package/rules/ruby/ruby.bug-risk.constant-in-block.rule.yaml +52 -0
  521. package/rules/ruby/ruby.bug-risk.controller-base-subclass.rule.yaml +54 -0
  522. package/rules/ruby/ruby.bug-risk.dependent-option-cascade.rule.yaml +53 -0
  523. package/rules/ruby/ruby.bug-risk.deprecated-belongs-to-required.rule.yaml +54 -0
  524. package/rules/ruby/ruby.bug-risk.deprecated-big-decimal-new.rule.yaml +44 -0
  525. package/rules/ruby/ruby.bug-risk.deprecated-class-methods.rule.yaml +45 -0
  526. package/rules/ruby/ruby.bug-risk.deprecated-filter-methods.rule.yaml +54 -0
  527. package/rules/ruby/ruby.bug-risk.deprecated-find-by-dynamic.rule.yaml +55 -0
  528. package/rules/ruby/ruby.bug-risk.deprecated-http-status-symbols.rule.yaml +52 -0
  529. package/rules/ruby/ruby.bug-risk.deprecated-openssl-api.rule.yaml +42 -0
  530. package/rules/ruby/ruby.bug-risk.deprecated-uri-escape.rule.yaml +42 -0
  531. package/rules/ruby/ruby.bug-risk.deprecated-uri-regexp.rule.yaml +42 -0
  532. package/rules/ruby/ruby.bug-risk.disjunctive-assignment-in-constructor.rule.yaml +46 -0
  533. package/rules/ruby/ruby.bug-risk.division-by-zero.rule.yaml +42 -0
  534. package/rules/ruby/ruby.bug-risk.duplicate-case-conditions.rule.yaml +49 -0
  535. package/rules/ruby/ruby.bug-risk.duplicate-constant-assignment.rule.yaml +47 -0
  536. package/rules/ruby/ruby.bug-risk.duplicate-elsif-block.rule.yaml +51 -0
  537. package/rules/ruby/ruby.bug-risk.duplicate-hash-keys.rule.yaml +42 -0
  538. package/rules/ruby/ruby.bug-risk.duplicate-method-definitions.rule.yaml +49 -0
  539. package/rules/ruby/ruby.bug-risk.each-with-object-immutable-arg.rule.yaml +51 -0
  540. package/rules/ruby/ruby.bug-risk.else-followed-by-expression.rule.yaml +50 -0
  541. package/rules/ruby/ruby.bug-risk.else-without-rescue.rule.yaml +51 -0
  542. package/rules/ruby/ruby.bug-risk.empty-ensure-block.rule.yaml +49 -0
  543. package/rules/ruby/ruby.bug-risk.empty-expression.rule.yaml +48 -0
  544. package/rules/ruby/ruby.bug-risk.empty-interpolation.rule.yaml +49 -0
  545. package/rules/ruby/ruby.bug-risk.end-in-method.rule.yaml +49 -0
  546. package/rules/ruby/ruby.bug-risk.enum-array-syntax.rule.yaml +54 -0
  547. package/rules/ruby/ruby.bug-risk.enum-duplicate-values.rule.yaml +53 -0
  548. package/rules/ruby/ruby.bug-risk.equal-instead-of-equal.rule.yaml +50 -0
  549. package/rules/ruby/ruby.bug-risk.error-inherits-exception.rule.yaml +42 -0
  550. package/rules/ruby/ruby.bug-risk.exception-class-overwritten.rule.yaml +42 -0
  551. package/rules/ruby/ruby.bug-risk.exit-in-app-code.rule.yaml +53 -0
  552. package/rules/ruby/ruby.bug-risk.flip-flop-operator.rule.yaml +49 -0
  553. package/rules/ruby/ruby.bug-risk.git-in-gemspec.rule.yaml +48 -0
  554. package/rules/ruby/ruby.bug-risk.grouped-parentheses-in-call.rule.yaml +51 -0
  555. package/rules/ruby/ruby.bug-risk.has-and-belongs-to-many.rule.yaml +52 -0
  556. package/rules/ruby/ruby.bug-risk.helper-instance-variables.rule.yaml +52 -0
  557. package/rules/ruby/ruby.bug-risk.heredoc-method-order.rule.yaml +51 -0
  558. package/rules/ruby/ruby.bug-risk.http-methods-without-params.rule.yaml +54 -0
  559. package/rules/ruby/ruby.bug-risk.identical-binary-operands.rule.yaml +53 -0
  560. package/rules/ruby/ruby.bug-risk.ignored-column-accessed.rule.yaml +50 -0
  561. package/rules/ruby/ruby.bug-risk.inconsistent-request-referrer.rule.yaml +50 -0
  562. package/rules/ruby/ruby.bug-risk.inconsistent-safe-navigation-try.rule.yaml +51 -0
  563. package/rules/ruby/ruby.bug-risk.inconsistent-safe-navigation.rule.yaml +51 -0
  564. package/rules/ruby/ruby.bug-risk.incorrect-pluralization.rule.yaml +51 -0
  565. package/rules/ruby/ruby.bug-risk.ineffective-access-modifier.rule.yaml +50 -0
  566. package/rules/ruby/ruby.bug-risk.interpolation-in-single-quote.rule.yaml +50 -0
  567. package/rules/ruby/ruby.bug-risk.invalid-integer-times.rule.yaml +52 -0
  568. package/rules/ruby/ruby.bug-risk.invalid-percent-string-literal.rule.yaml +51 -0
  569. package/rules/ruby/ruby.bug-risk.invalid-percent-symbol-array.rule.yaml +51 -0
  570. package/rules/ruby/ruby.bug-risk.invalid-rails-env-predicate.rule.yaml +51 -0
  571. package/rules/ruby/ruby.bug-risk.invalid-rescue-type.rule.yaml +51 -0
  572. package/rules/ruby/ruby.bug-risk.io-select-single-arg.rule.yaml +48 -0
  573. package/rules/ruby/ruby.bug-risk.irreversible-migration.rule.yaml +57 -0
  574. package/rules/ruby/ruby.bug-risk.missing-inverse-of.rule.yaml +53 -0
  575. package/rules/ruby/ruby.bug-risk.mixed-regex-captures.rule.yaml +51 -0
  576. package/rules/ruby/ruby.bug-risk.multiple-rescues-for-same-exception.rule.yaml +49 -0
  577. package/rules/ruby/ruby.bug-risk.non-local-exit-from-iterator.rule.yaml +51 -0
  578. package/rules/ruby/ruby.bug-risk.non-null-column-without-default.rule.yaml +51 -0
  579. package/rules/ruby/ruby.bug-risk.non-preferred-assert-falseness.rule.yaml +50 -0
  580. package/rules/ruby/ruby.bug-risk.old-style-validation-macro.rule.yaml +49 -0
  581. package/rules/ruby/ruby.bug-risk.outer-variable-shadowed.rule.yaml +47 -0
  582. package/rules/ruby/ruby.bug-risk.plain-method-instead-of-proc.rule.yaml +48 -0
  583. package/rules/ruby/ruby.bug-risk.predicate-method-without-parentheses.rule.yaml +51 -0
  584. package/rules/ruby/ruby.bug-risk.rails-env-equality.rule.yaml +53 -0
  585. package/rules/ruby/ruby.bug-risk.rails-root-join.rule.yaml +53 -0
  586. package/rules/ruby/ruby.bug-risk.rake-task-missing-environment.rule.yaml +46 -0
  587. package/rules/ruby/ruby.bug-risk.raw-sql-without-squish.rule.yaml +42 -0
  588. package/rules/ruby/ruby.bug-risk.redundant-allow-nil.rule.yaml +52 -0
  589. package/rules/ruby/ruby.bug-risk.redundant-foreign-key.rule.yaml +50 -0
  590. package/rules/ruby/ruby.bug-risk.redundant-with-options-receiver.rule.yaml +52 -0
  591. package/rules/ruby/ruby.bug-risk.regex-literal-in-condition.rule.yaml +51 -0
  592. package/rules/ruby/ruby.bug-risk.relative-date-as-constant.rule.yaml +51 -0
  593. package/rules/ruby/ruby.bug-risk.renamed-column-accessed.rule.yaml +50 -0
  594. package/rules/ruby/ruby.bug-risk.rescue-exception.rule.yaml +42 -0
  595. package/rules/ruby/ruby.bug-risk.return-in-ensure.rule.yaml +49 -0
  596. package/rules/ruby/ruby.bug-risk.routes-match-single-verb.rule.yaml +51 -0
  597. package/rules/ruby/ruby.bug-risk.safe-navigation-with-blank.rule.yaml +50 -0
  598. package/rules/ruby/ruby.bug-risk.safe-navigation-with-empty.rule.yaml +52 -0
  599. package/rules/ruby/ruby.bug-risk.self-assignment.rule.yaml +52 -0
  600. package/rules/ruby/ruby.bug-risk.skip-filter-conditional.rule.yaml +55 -0
  601. package/rules/ruby/ruby.bug-risk.suppressed-exceptions.rule.yaml +49 -0
  602. package/rules/ruby/ruby.bug-risk.symbol-boolean-name.rule.yaml +44 -0
  603. package/rules/ruby/ruby.bug-risk.table-without-timestamps.rule.yaml +53 -0
  604. package/rules/ruby/ruby.bug-risk.time-without-zone.rule.yaml +51 -0
  605. package/rules/ruby/ruby.bug-risk.to-json-without-argument.rule.yaml +51 -0
  606. package/rules/ruby/ruby.bug-risk.trailing-comma-attribute.rule.yaml +50 -0
  607. package/rules/ruby/ruby.bug-risk.undefined-action-filter.rule.yaml +53 -0
  608. package/rules/ruby/ruby.bug-risk.unintended-string-concatenation.rule.yaml +51 -0
  609. package/rules/ruby/ruby.bug-risk.unnecessary-require.rule.yaml +51 -0
  610. package/rules/ruby/ruby.bug-risk.unnecessary-splat.rule.yaml +50 -0
  611. package/rules/ruby/ruby.bug-risk.unqualified-constant.rule.yaml +51 -0
  612. package/rules/ruby/ruby.bug-risk.unreachable-code.rule.yaml +49 -0
  613. package/rules/ruby/ruby.bug-risk.unreachable-loop.rule.yaml +51 -0
  614. package/rules/ruby/ruby.bug-risk.unsafe-number-conversion.rule.yaml +51 -0
  615. package/rules/ruby/ruby.bug-risk.unsafe-safe-navigation-chain.rule.yaml +50 -0
  616. package/rules/ruby/ruby.bug-risk.unused-method-arguments.rule.yaml +51 -0
  617. package/rules/ruby/ruby.bug-risk.use-blank-simplify.rule.yaml +49 -0
  618. package/rules/ruby/ruby.bug-risk.use-delegate.rule.yaml +50 -0
  619. package/rules/ruby/ruby.bug-risk.use-presence-over-explicit-check.rule.yaml +49 -0
  620. package/rules/ruby/ruby.bug-risk.use-present-to-simplify-conditional.rule.yaml +48 -0
  621. package/rules/ruby/ruby.bug-risk.use-square-brackets-for-attributes.rule.yaml +50 -0
  622. package/rules/ruby/ruby.bug-risk.useless-access-modifier.rule.yaml +49 -0
  623. package/rules/ruby/ruby.bug-risk.useless-comparison.rule.yaml +50 -0
  624. package/rules/ruby/ruby.bug-risk.useless-setter-call.rule.yaml +49 -0
  625. package/rules/ruby/ruby.bug-risk.when-branch-without-body.rule.yaml +49 -0
  626. package/rules/ruby/ruby.bug-risk.where-first-over-find-by.rule.yaml +54 -0
  627. package/rules/ruby/ruby.bug-risk.with-index-value-unused.rule.yaml +50 -0
  628. package/rules/ruby/ruby.bug-risk.with-object-value-unused.rule.yaml +50 -0
  629. package/rules/ruby/ruby.performance.efficient-hash-search.rule.yaml +42 -0
  630. package/rules/ruby/ruby.performance.enumerable-index-by.rule.yaml +51 -0
  631. package/rules/ruby/ruby.performance.enumerable-index-with.rule.yaml +52 -0
  632. package/rules/ruby/ruby.performance.merge-single-key.rule.yaml +42 -0
  633. package/rules/ruby/ruby.performance.no-static-size-computation.rule.yaml +43 -0
  634. package/rules/ruby/ruby.performance.prefer-delete-prefix.rule.yaml +53 -0
  635. package/rules/ruby/ruby.performance.prefer-delete-suffix.rule.yaml +53 -0
  636. package/rules/ruby/ruby.performance.prefer-flat-map.rule.yaml +41 -0
  637. package/rules/ruby/ruby.performance.prefer-struct-over-openstruct.rule.yaml +42 -0
  638. package/rules/ruby/ruby.performance.range-cover-over-include.rule.yaml +43 -0
  639. package/rules/ruby/ruby.performance.regex-match-over-match.rule.yaml +42 -0
  640. package/rules/ruby/ruby.performance.yield-over-block-call.rule.yaml +41 -0
  641. package/rules/ruby/ruby.security.debugger-call.rule.yaml +53 -0
  642. package/rules/ruby/ruby.security.dynamic-code-execution.rule.yaml +54 -0
  643. package/rules/ruby/ruby.security.insecure-json-load.rule.yaml +53 -0
  644. package/rules/ruby/ruby.security.io-shell-command.rule.yaml +50 -0
  645. package/rules/ruby/ruby.security.kernel-open.rule.yaml +53 -0
  646. package/rules/ruby/ruby.security.plaintext-password-in-callback.rule.yaml +46 -0
  647. package/rules/ruby/ruby.security.rails-http-digest-auth.rule.yaml +51 -0
  648. package/rules/ruby/ruby.security.rails-link-to-blank-without-noopener.rule.yaml +48 -0
  649. package/rules/ruby/ruby.security.rails-output-unsafe.rule.yaml +47 -0
  650. package/rules/ruby/ruby.security.rails-render-inline.rule.yaml +55 -0
  651. package/rules/ruby/ruby.security.rails-skip-validation.rule.yaml +51 -0
  652. package/rules/rust/rust.correctness.empty-range-expression.rule.yaml +49 -0
  653. package/rules/rust/rust.correctness.erasing-operation.rule.yaml +49 -0
  654. package/rules/rust/rust.correctness.forget-drop-on-copy-type.rule.yaml +50 -0
  655. package/rules/rust/rust.correctness.forget-drop-on-non-drop-type.rule.yaml +50 -0
  656. package/rules/rust/rust.correctness.forget-drop-on-reference.rule.yaml +49 -0
  657. package/rules/rust/rust.correctness.hash-unit-value.rule.yaml +49 -0
  658. package/rules/rust/rust.correctness.identical-binary-operands.rule.yaml +49 -0
  659. package/rules/rust/rust.correctness.ignored-future-value.rule.yaml +53 -0
  660. package/rules/rust/rust.correctness.invalid-regex-literal.rule.yaml +49 -0
  661. package/rules/rust/rust.correctness.iter-next-in-for-loop.rule.yaml +49 -0
  662. package/rules/rust/rust.correctness.mistyped-suffix.rule.yaml +50 -0
  663. package/rules/rust/rust.correctness.nan-comparison.rule.yaml +49 -0
  664. package/rules/rust/rust.correctness.non-binding-let-on-lock.rule.yaml +50 -0
  665. package/rules/rust/rust.correctness.non-octal-permissions.rule.yaml +60 -0
  666. package/rules/rust/rust.correctness.print-in-display-impl.rule.yaml +48 -0
  667. package/rules/rust/rust.correctness.self-not-self-type.rule.yaml +49 -0
  668. package/rules/rust/rust.correctness.step-by-zero.rule.yaml +48 -0
  669. package/rules/rust/rust.correctness.syntax-error.rule.yaml +49 -0
  670. package/rules/rust/rust.correctness.transmute-float-char-to-ref-or-ptr.rule.yaml +48 -0
  671. package/rules/rust/rust.correctness.transmute-int-lit-to-raw-ptr.rule.yaml +48 -0
  672. package/rules/rust/rust.correctness.transmute-int-to-fn-ptr.rule.yaml +48 -0
  673. package/rules/rust/rust.correctness.transmute-integer-to-bool.rule.yaml +49 -0
  674. package/rules/rust/rust.correctness.transmute-integer-to-char.rule.yaml +48 -0
  675. package/rules/rust/rust.correctness.transmute-integer-to-nonzero.rule.yaml +48 -0
  676. package/rules/rust/rust.correctness.transmute-number-to-slice-or-array.rule.yaml +48 -0
  677. package/rules/rust/rust.correctness.transmute-ptr-to-ptr.rule.yaml +49 -0
  678. package/rules/rust/rust.correctness.transmute-ptr-to-ref.rule.yaml +49 -0
  679. package/rules/rust/rust.correctness.transmute-ref-to-ptr.rule.yaml +49 -0
  680. package/rules/rust/rust.correctness.transmute-t-to-ptr-ref.rule.yaml +49 -0
  681. package/rules/rust/rust.correctness.transmute-tuple-to-slice-or-array.rule.yaml +48 -0
  682. package/rules/rust/rust.correctness.unhandled-io-result.rule.yaml +49 -0
  683. package/rules/rust/rust.correctness.unit-argument.rule.yaml +50 -0
  684. package/rules/rust/rust.correctness.unit-comparison.rule.yaml +49 -0
  685. package/rules/rust/rust.performance.single-char-string-literal-pattern.rule.yaml +51 -0
  686. package/rules/rust/rust.quality.approximate-floating-constant.rule.yaml +51 -0
  687. package/rules/rust/rust.quality.builtin-type-shadow.rule.yaml +49 -0
  688. package/rules/rust/rust.quality.clone-on-double-reference.rule.yaml +50 -0
  689. package/rules/rust/rust.quality.crate-in-macro-definition.rule.yaml +50 -0
  690. package/rules/rust/rust.quality.deprecated-function-use.rule.yaml +52 -0
  691. package/rules/rust/rust.quality.env-string-literal.rule.yaml +50 -0
  692. package/rules/rust/rust.quality.explicit-self-assignment.rule.yaml +49 -0
  693. package/rules/rust/rust.quality.fn-ptr-null-comparison.rule.yaml +49 -0
  694. package/rules/rust/rust.quality.fn-ptr-to-non-pointer-cast.rule.yaml +50 -0
  695. package/rules/rust/rust.quality.inaccurate-duration-calculation.rule.yaml +50 -0
  696. package/rules/rust/rust.quality.isize-usize-overflow.rule.yaml +50 -0
  697. package/rules/rust/rust.quality.iter-count-instead-of-len.rule.yaml +49 -0
  698. package/rules/rust/rust.quality.iter-nth-instead-of-get.rule.yaml +50 -0
  699. package/rules/rust/rust.quality.map-followed-by-count.rule.yaml +50 -0
  700. package/rules/rust/rust.quality.non-owned-rc-pointer-into-vec.rule.yaml +50 -0
  701. package/rules/rust/rust.quality.non-utf8-literal-in-from-utf8-unchecked.rule.yaml +54 -0
  702. package/rules/rust/rust.quality.option-env-unwrap.rule.yaml +50 -0
  703. package/rules/rust/rust.quality.ordered-iteration-on-unordered.rule.yaml +52 -0
  704. package/rules/rust/rust.quality.possible-missing-comma-in-array.rule.yaml +49 -0
  705. package/rules/rust/rust.quality.potentially-incomplete-ascii-range.rule.yaml +49 -0
  706. package/rules/rust/rust.quality.redundant-mem-replace-with-default.rule.yaml +48 -0
  707. package/rules/rust/rust.quality.redundant-mem-replace-with-none.rule.yaml +48 -0
  708. package/rules/rust/rust.quality.redundant-mem-replace-with-zero.rule.yaml +48 -0
  709. package/rules/rust/rust.quality.replace-same-pattern-and-replacement.rule.yaml +49 -0
  710. package/rules/rust/rust.quality.size-of-val-on-reference.rule.yaml +49 -0
  711. package/rules/rust/rust.quality.unused-enumerate-or-zip-items.rule.yaml +50 -0
  712. package/rules/rust/rust.security.actix-namedfile-path-traversal.rule.yaml +61 -0
  713. package/rules/rust/rust.security.bind-all-interfaces.rule.yaml +2 -0
  714. package/rules/rust/rust.security.const-to-mut-ptr.rule.yaml +61 -0
  715. package/rules/rust/rust.security.differently-sized-slice-conversion.rule.yaml +61 -0
  716. package/rules/rust/rust.security.global-write-permission.rule.yaml +61 -0
  717. package/rules/rust/rust.security.insecure-temp-file.rule.yaml +2 -0
  718. package/rules/rust/rust.security.invisible-unicode.rule.yaml +60 -0
  719. package/rules/rust/rust.security.manual-error-type-id.rule.yaml +59 -0
  720. package/rules/rust/rust.security.missing-regex-anchor.rule.yaml +61 -0
  721. package/rules/rust/rust.security.misused-bitwise-xor.rule.yaml +54 -0
  722. package/rules/rust/rust.security.open-redirect.rule.yaml +64 -0
  723. package/rules/rust/rust.security.potentially-vulnerable-regex.rule.yaml +61 -0
  724. package/rules/rust/rust.security.raw-slice-to-ptr.rule.yaml +60 -0
  725. package/rules/rust/rust.security.unsafe-remove-dir-all.rule.yaml +62 -0
  726. package/rules/rust/rust.security.weak-crypto-import.rule.yaml +2 -0
  727. package/rules/rust/rust.security.weak-rsa-key-size.rule.yaml +2 -0
  728. package/rules/rust/rust.testing.ignore-without-ticket-reference.rule.yaml +13 -7
  729. package/rules/rust/rust.testing.thread-sleep-in-unit-test.rule.yaml +6 -6
  730. package/rules/shared/security.no-command-execution-with-request-input.rule.yaml +3 -0
  731. package/rules/shared/security.no-sensitive-data-in-logs-and-telemetry.rule.yaml +2 -0
  732. package/rules/shared/security.no-sql-interpolation.rule.yaml +2 -0
  733. package/rules/shared/security.permissive-file-permissions.rule.yaml +2 -0
  734. package/rules/shared/security.weak-hash-algorithm.rule.yaml +2 -0
  735. package/rules/sql/sql.correctness.undefined-reference.rule.yaml +37 -0
  736. package/rules/sql/sql.style.ambiguous-distinct.rule.yaml +37 -0
  737. package/rules/sql/sql.style.column-expression-without-alias.rule.yaml +37 -0
  738. package/rules/sql/sql.style.distinct-with-parenthesis.rule.yaml +37 -0
  739. package/rules/sql/sql.style.duplicate-table-aliases.rule.yaml +37 -0
  740. package/rules/sql/sql.style.implicit-column-alias.rule.yaml +37 -0
  741. package/rules/sql/sql.style.implicit-table-alias.rule.yaml +37 -0
  742. package/rules/sql/sql.style.inconsistent-capitalization.rule.yaml +37 -0
  743. package/rules/sql/sql.style.inconsistent-keyword-case.rule.yaml +37 -0
  744. package/rules/sql/sql.style.keyword-as-identifier.rule.yaml +37 -0
  745. package/rules/sql/sql.style.trailing-select-comma.rule.yaml +37 -0
  746. package/rules/sql/sql.style.unqualified-references.rule.yaml +37 -0
  747. package/rules/sql/sql.style.unused-table-alias.rule.yaml +37 -0
  748. package/rules/typescript/ts.angularjs.inject-function-assignments-only.rule.yaml +36 -0
  749. package/rules/typescript/ts.angularjs.no-controller.rule.yaml +36 -0
  750. package/rules/typescript/ts.angularjs.no-deprecated-cookie-store.rule.yaml +36 -0
  751. package/rules/typescript/ts.angularjs.no-deprecated-directive-replace.rule.yaml +36 -0
  752. package/rules/typescript/ts.angularjs.no-deprecated-http-success-error.rule.yaml +36 -0
  753. package/rules/typescript/ts.angularjs.no-jquery-wrapping-angular-element.rule.yaml +36 -0
  754. package/rules/typescript/ts.angularjs.prefer-angular-for-each.rule.yaml +36 -0
  755. package/rules/typescript/ts.angularjs.prefer-angular-is-string.rule.yaml +36 -0
  756. package/rules/typescript/ts.correctness.array-callback-missing-return.rule.yaml +2 -0
  757. package/rules/typescript/ts.correctness.array-sort-without-compare.rule.yaml +5 -3
  758. package/rules/typescript/ts.correctness.assignment-in-condition.rule.yaml +4 -2
  759. package/rules/typescript/ts.correctness.assignment-to-exports.rule.yaml +38 -0
  760. package/rules/typescript/ts.correctness.assignment-to-import-binding.rule.yaml +2 -0
  761. package/rules/typescript/ts.correctness.async-promise-executor.rule.yaml +2 -0
  762. package/rules/typescript/ts.correctness.blocking-call-in-async-flow.rule.yaml +14 -3
  763. package/rules/typescript/ts.correctness.callback-missing-error-handling.rule.yaml +38 -0
  764. package/rules/typescript/ts.correctness.callback-not-error-first.rule.yaml +38 -0
  765. package/rules/typescript/ts.correctness.compound-assignment-with-await.rule.yaml +37 -0
  766. package/rules/typescript/ts.correctness.confusing-multiline-expression.rule.yaml +37 -0
  767. package/rules/typescript/ts.correctness.constructor-return-value.rule.yaml +37 -0
  768. package/rules/typescript/ts.correctness.control-flow-in-finally.rule.yaml +2 -0
  769. package/rules/typescript/ts.correctness.declaration-in-nested-block.rule.yaml +39 -0
  770. package/rules/typescript/ts.correctness.delete-on-variable.rule.yaml +37 -0
  771. package/rules/typescript/ts.correctness.deprecated-api-usage.rule.yaml +39 -0
  772. package/rules/typescript/ts.correctness.duplicate-class-member.rule.yaml +37 -0
  773. package/rules/typescript/ts.correctness.duplicate-export.rule.yaml +37 -0
  774. package/rules/typescript/ts.correctness.duplicate-function-parameter.rule.yaml +2 -0
  775. package/rules/typescript/ts.correctness.duplicate-if-else-condition.rule.yaml +2 -0
  776. package/rules/typescript/ts.correctness.duplicate-import-source.rule.yaml +2 -0
  777. package/rules/typescript/ts.correctness.duplicate-object-key.rule.yaml +2 -0
  778. package/rules/typescript/ts.correctness.duplicate-switch-case.rule.yaml +2 -0
  779. package/rules/typescript/ts.correctness.empty-block-statement.rule.yaml +2 -0
  780. package/rules/typescript/ts.correctness.empty-destructuring-pattern.rule.yaml +37 -0
  781. package/rules/typescript/ts.correctness.extraneous-import.rule.yaml +38 -0
  782. package/rules/typescript/ts.correctness.flawed-string-comparison.rule.yaml +38 -0
  783. package/rules/typescript/ts.correctness.global-object-called-as-function.rule.yaml +38 -0
  784. package/rules/typescript/ts.correctness.identical-comparison-operands.rule.yaml +2 -0
  785. package/rules/typescript/ts.correctness.implicit-undefined-return.rule.yaml +2 -0
  786. package/rules/typescript/ts.correctness.infinite-loop.rule.yaml +16 -7
  787. package/rules/typescript/ts.correctness.invalid-async-await-call.rule.yaml +37 -0
  788. package/rules/typescript/ts.correctness.invalid-shebang.rule.yaml +37 -0
  789. package/rules/typescript/ts.correctness.invalid-typeof-comparison.rule.yaml +2 -0
  790. package/rules/typescript/ts.correctness.invalid-variable-usage.rule.yaml +37 -0
  791. package/rules/typescript/ts.correctness.missing-async-on-promise-method.rule.yaml +2 -0
  792. package/rules/typescript/ts.correctness.missing-super-call.rule.yaml +2 -0
  793. package/rules/typescript/ts.correctness.missing-timeout-on-external-call.rule.yaml +13 -6
  794. package/rules/typescript/ts.correctness.missing-type-annotation.rule.yaml +37 -0
  795. package/rules/typescript/ts.correctness.namespace-import-unexported-name.rule.yaml +37 -0
  796. package/rules/typescript/ts.correctness.negative-zero-comparison.rule.yaml +37 -0
  797. package/rules/typescript/ts.correctness.new-expression-with-require.rule.yaml +39 -0
  798. package/rules/typescript/ts.correctness.new-symbol-instance.rule.yaml +38 -0
  799. package/rules/typescript/ts.correctness.no-confusing-label-in-switch.rule.yaml +39 -0
  800. package/rules/typescript/ts.correctness.no-href-with-nuxt-link.rule.yaml +39 -0
  801. package/rules/typescript/ts.correctness.no-ts-suppress-directive.rule.yaml +36 -0
  802. package/rules/typescript/ts.correctness.non-existent-assignment-operators.rule.yaml +38 -0
  803. package/rules/typescript/ts.correctness.off-by-one-loop-boundary.rule.yaml +2 -0
  804. package/rules/typescript/ts.correctness.parse-int-on-number-literal.rule.yaml +38 -0
  805. package/rules/typescript/ts.correctness.prefer-as-const-over-literal-type.rule.yaml +37 -0
  806. package/rules/typescript/ts.correctness.prefer-includes-over-indexof.rule.yaml +37 -0
  807. package/rules/typescript/ts.correctness.prefer-nullish-coalescing.rule.yaml +37 -0
  808. package/rules/typescript/ts.correctness.private-member-should-be-readonly.rule.yaml +37 -0
  809. package/rules/typescript/ts.correctness.promise-reject-non-error.rule.yaml +2 -0
  810. package/rules/typescript/ts.correctness.prototype-builtin-called-directly.rule.yaml +38 -0
  811. package/rules/typescript/ts.correctness.reassign-catch-binding.rule.yaml +2 -0
  812. package/rules/typescript/ts.correctness.reassign-class-member.rule.yaml +37 -0
  813. package/rules/typescript/ts.correctness.reassign-const-binding.rule.yaml +37 -0
  814. package/rules/typescript/ts.correctness.reassign-function-declaration.rule.yaml +38 -0
  815. package/rules/typescript/ts.correctness.regexp-constructor-invalid-pattern.rule.yaml +38 -0
  816. package/rules/typescript/ts.correctness.regexp-empty-character-class.rule.yaml +38 -0
  817. package/rules/typescript/ts.correctness.regexp-multicodepoint-character-class.rule.yaml +37 -0
  818. package/rules/typescript/ts.correctness.regexp-pattern-unusual-control-character.rule.yaml +2 -0
  819. package/rules/typescript/ts.correctness.regexp-useless-backreference.rule.yaml +37 -0
  820. package/rules/typescript/ts.correctness.require-outside-import.rule.yaml +37 -0
  821. package/rules/typescript/ts.correctness.restricted-global-variable.rule.yaml +37 -0
  822. package/rules/typescript/ts.correctness.restricted-object-property.rule.yaml +37 -0
  823. package/rules/typescript/ts.correctness.self-assignment.rule.yaml +2 -0
  824. package/rules/typescript/ts.correctness.setter-return-value.rule.yaml +37 -0
  825. package/rules/typescript/ts.correctness.simplify-boolean-return.rule.yaml +38 -0
  826. package/rules/typescript/ts.correctness.sparse-array-literal.rule.yaml +38 -0
  827. package/rules/typescript/ts.correctness.switch-case-fallthrough.rule.yaml +37 -0
  828. package/rules/typescript/ts.correctness.template-placeholder-in-string.rule.yaml +37 -0
  829. package/rules/typescript/ts.correctness.this-before-super.rule.yaml +3 -0
  830. package/rules/typescript/ts.correctness.this-outside-class.rule.yaml +37 -0
  831. package/rules/typescript/ts.correctness.undeclared-variable.rule.yaml +38 -0
  832. package/rules/typescript/ts.correctness.unhandled-async-error.rule.yaml +7 -1
  833. package/rules/typescript/ts.correctness.unnecessary-return-await.rule.yaml +2 -0
  834. package/rules/typescript/ts.correctness.unresolved-import.rule.yaml +37 -0
  835. package/rules/typescript/ts.correctness.unsafe-negation-in-relational.rule.yaml +38 -0
  836. package/rules/typescript/ts.correctness.unused-expression.rule.yaml +37 -0
  837. package/rules/typescript/ts.correctness.unused-variable.rule.yaml +37 -0
  838. package/rules/typescript/ts.correctness.use-number-is-nan.rule.yaml +2 -0
  839. package/rules/typescript/ts.correctness.used-before-definition.rule.yaml +38 -0
  840. package/rules/typescript/ts.correctness.var-declaration.rule.yaml +38 -0
  841. package/rules/typescript/ts.next.no-document-import-outside-custom-document.rule.yaml +39 -0
  842. package/rules/typescript/ts.next.no-head-import-in-custom-document.rule.yaml +39 -0
  843. package/rules/typescript/ts.performance.no-await-in-loop.rule.yaml +6 -6
  844. package/rules/typescript/ts.performance.no-json-parse-stringify-clone.rule.yaml +8 -0
  845. package/rules/typescript/ts.performance.sequential-async-calls.rule.yaml +16 -7
  846. package/rules/typescript/ts.quality.no-banned-type.rule.yaml +36 -0
  847. package/rules/typescript/ts.quality.no-empty-function.rule.yaml +1 -1
  848. package/rules/typescript/ts.quality.no-side-effect-in-pure-callback.rule.yaml +36 -0
  849. package/rules/typescript/ts.quality.swallowed-error.rule.yaml +6 -3
  850. package/rules/typescript/ts.react.no-deprecated-is-mounted.rule.yaml +36 -0
  851. package/rules/typescript/ts.react.no-deprecated-react-dom-root-api.rule.yaml +24 -2
  852. package/rules/typescript/ts.react.no-direct-state-mutation.rule.yaml +2 -0
  853. package/rules/typescript/ts.react.no-duplicate-jsx-attributes.rule.yaml +2 -0
  854. package/rules/typescript/ts.react.no-hooks-rule-violation.rule.yaml +38 -0
  855. package/rules/typescript/ts.react.no-invalid-markup-characters.rule.yaml +36 -0
  856. package/rules/typescript/ts.react.no-lifecycle-method-typo.rule.yaml +36 -0
  857. package/rules/typescript/ts.react.no-render-invalid-return-type.rule.yaml +36 -0
  858. package/rules/typescript/ts.react.no-set-state-in-component-did-mount.rule.yaml +2 -0
  859. package/rules/typescript/ts.react.no-set-state-in-component-did-update.rule.yaml +2 -0
  860. package/rules/typescript/ts.react.no-set-state-in-component-will-update.rule.yaml +36 -0
  861. package/rules/typescript/ts.react.no-should-component-update.rule.yaml +36 -0
  862. package/rules/typescript/ts.react.no-target-blank-without-rel.rule.yaml +2 -0
  863. package/rules/typescript/ts.react.no-this-state-in-set-state.rule.yaml +38 -0
  864. package/rules/typescript/ts.react.no-unnecessary-fragment.rule.yaml +36 -0
  865. package/rules/typescript/ts.runtime.no-process-exit.rule.yaml +3 -0
  866. package/rules/typescript/ts.runtime.process-exit-control-flow.rule.yaml +46 -0
  867. package/rules/typescript/ts.security.dangerous-insert-html.rule.yaml +5 -0
  868. package/rules/typescript/ts.security.express-insecure-listen.rule.yaml +52 -0
  869. package/rules/typescript/ts.security.express-nosql-injection.rule.yaml +16 -11
  870. package/rules/typescript/ts.security.express-static-dotfiles-allow.rule.yaml +5 -0
  871. package/rules/typescript/ts.security.iframe-missing-sandbox-attribute.rule.yaml +18 -6
  872. package/rules/typescript/ts.security.import-using-user-input.rule.yaml +62 -10
  873. package/rules/typescript/ts.security.insecure-auth-cookie-flags.rule.yaml +12 -4
  874. package/rules/typescript/ts.security.missing-request-timeout-or-retry.rule.yaml +8 -6
  875. package/rules/typescript/ts.security.no-assign-mutable-export.rule.yaml +2 -0
  876. package/rules/typescript/ts.security.no-dynamic-execution.rule.yaml +3 -3
  877. package/rules/typescript/ts.security.no-javascript-url.rule.yaml +42 -8
  878. package/rules/typescript/ts.security.no-native-prototype-extension.rule.yaml +13 -1
  879. package/rules/typescript/ts.security.non-literal-fs-filename.rule.yaml +13 -1
  880. package/rules/typescript/ts.security.observable-timing-discrepancy.rule.yaml +3 -3
  881. package/rules/typescript/ts.security.open-redirect.rule.yaml +6 -0
  882. package/rules/typescript/ts.security.path-join-user-input.rule.yaml +50 -0
  883. package/rules/typescript/ts.security.sensitive-data-written-to-file.rule.yaml +16 -6
  884. package/rules/typescript/ts.security.ssrf.rule.yaml +1 -0
  885. package/rules/typescript/ts.security.unsafe-dirname-path-concat.rule.yaml +3 -0
  886. package/rules/typescript/ts.security.unsanitized-http-response.rule.yaml +14 -3
  887. package/rules/typescript/ts.security.user-controlled-regexp.rule.yaml +52 -0
  888. package/rules/typescript/ts.testing.no-flaky-timer-test.rule.yaml +7 -7
  889. package/rules/typescript/ts.testing.no-legacy-test-waiter.rule.yaml +36 -0
  890. package/rules/typescript/ts.testing.no-network-call-in-unit-test.rule.yaml +7 -1
  891. package/rules/typescript/ts.testing.no-skipped-test-without-ticket.rule.yaml +3 -3
  892. package/rules/typescript/ts.testing.useless-assertion.rule.yaml +37 -0
  893. package/rules/typescript/ts.vue.emits-validator-return-boolean.rule.yaml +36 -0
  894. package/rules/typescript/ts.vue.no-browser-globals-in-created.rule.yaml +39 -0
  895. package/rules/typescript/ts.vue.no-computed-missing-dependency.rule.yaml +36 -0
  896. package/rules/typescript/ts.vue.no-computed-mutation.rule.yaml +36 -0
  897. package/rules/typescript/ts.vue.no-data-object-declaration.rule.yaml +36 -0
  898. package/rules/typescript/ts.vue.no-deprecated-keycodes-config.rule.yaml +36 -0
  899. package/rules/typescript/ts.vue.no-deprecated-listeners.rule.yaml +36 -0
  900. package/rules/typescript/ts.vue.no-deprecated-model-option.rule.yaml +36 -0
  901. package/rules/typescript/ts.vue.no-deprecated-scoped-slots.rule.yaml +36 -0
  902. package/rules/typescript/ts.vue.no-keycode-modifiers.rule.yaml +36 -0
  903. package/rules/typescript/ts.vue.no-reserved-key-overwrite.rule.yaml +36 -0
  904. package/rules/typescript/ts.vue.no-server-env-in-client-hooks.rule.yaml +39 -0
  905. package/rules/typescript/ts.vue.no-slot-property-access.rule.yaml +36 -0
  906. package/rules/typescript/ts.vue.prefer-prop-type-constructor.rule.yaml +36 -0
  907. package/rules/typescript/ts.vue.require-transition-conditional.rule.yaml +36 -0
package/rules/java/java.correctness.assert-self-comparison.rule.yaml ADDED
@@ -0,0 +1,46 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.assert-self-comparison
5
+ title: Objects should not be compared to themselves within assertions
6
+ summary: Assertions comparing a value to itself always pass and indicate a testing bug where a different expected value should be used.
7
+ rationale: Self-comparison in assertions (assertEquals(a, a), assertSame(a, a), assertTrue(a == a)) is a common copy-paste mistake. These assertions always pass and never validate actual behavior.
8
+ detection:
9
+ kind: pattern
10
+ aliases:
11
+ - JAVA-E1012
12
+ tags:
13
+ - correctness
14
+ - java
15
+ - rules-catalog
16
+ - testing
17
+ stability: experimental
18
+ appliesTo: block
19
+ scope:
20
+ languages:
21
+ - java
22
+ paths:
23
+ include:
24
+ - "**/*.java"
25
+ exclude:
26
+ - "**/src/test/**"
27
+ - "**/tests/**"
28
+ - "**/*Test.java"
29
+ match:
30
+ fact:
31
+ kind: java.correctness.assert-self-comparison
32
+ bind: issue
33
+ emit:
34
+ finding:
35
+ category: correctness.logic
36
+ severity: high
37
+ confidence: 0.85
38
+ tags:
39
+ - correctness
40
+ - java
41
+ - testing
42
+ message:
43
+ title: Self-comparison in assertion
44
+ summary: "`${captures.issue.text}` compares an object to itself. This assertion always passes and does not test anything meaningful."
45
+ remediation:
46
+ summary: Replace the self-comparison with the actual expected value. If testing equality contract, check equals/hashCode explicitly.
package/rules/java/java.correctness.assertion-in-production.rule.yaml ADDED
@@ -0,0 +1,49 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.assertion-in-production
5
+ title: Assert statement in production code
6
+ summary: "The `assert` keyword in Java is disabled at runtime. Do not use it for argument validation or precondition checks in production code."
7
+ rationale: "Java assertions are disabled by default and throw `AssertionError` (not a typed exception) when enabled. They should not be used for input validation, precondition checks, or any logic that must execute. Use `IllegalArgumentException`, `Objects.requireNonNull`, or explicit condition checks instead."
8
+ detection:
9
+ kind: pattern
10
+ references:
11
+ - kind: cwe
12
+ id: CWE-617
13
+ title: Reachable Assertion
14
+ aliases:
15
+ - JAVA-S0336
16
+ tags:
17
+ - correctness
18
+ - java
19
+ - defensive-programming
20
+ - rules-catalog
21
+ stability: stable
22
+ appliesTo: block
23
+ scope:
24
+ languages:
25
+ - java
26
+ paths:
27
+ include:
28
+ - "**/*.java"
29
+ exclude:
30
+ - "**/src/test/**"
31
+ - "**/tests/**"
32
+ - "**/*Test.java"
33
+ match:
34
+ fact:
35
+ kind: java.correctness.assertion-in-production
36
+ bind: issue
37
+ emit:
38
+ finding:
39
+ category: correctness.defensive-programming
40
+ severity: low
41
+ confidence: 0.92
42
+ tags:
43
+ - correctness
44
+ - java
45
+ message:
46
+ title: Replace assert with proper validation in `${captures.issue.text}`
47
+ summary: "`${captures.issue.text}` uses the Java `assert` keyword which is disabled by default. Use explicit validation such as `Objects.requireNonNull` or `IllegalArgumentException` instead."
48
+ remediation:
49
+ summary: "Replace `assert` with explicit validation: `if (!condition) throw new IllegalArgumentException(\"...\")` or use `Objects.requireNonNull(value)` for null checks."
package/rules/java/java.correctness.bad-short-circuit-null-check.rule.yaml ADDED
@@ -0,0 +1,45 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.bad-short-circuit-null-check
5
+ title: Bad short-circuiting null check
6
+ summary: Null check uses || instead of && causing a NullPointerException when the variable is null.
7
+ rationale: In `x != null || x.method()`, if x is null, the first condition is false, so x.method() executes and throws NPE. Use && for null-guarded access.
8
+ detection:
9
+ kind: pattern
10
+ aliases:
11
+ - JAVA-E1003
12
+ tags:
13
+ - correctness
14
+ - java
15
+ - defensive-programming
16
+ - rules-catalog
17
+ stability: experimental
18
+ appliesTo: block
19
+ scope:
20
+ languages:
21
+ - java
22
+ paths:
23
+ include:
24
+ - "**/*.java"
25
+ exclude:
26
+ - "**/src/test/**"
27
+ - "**/tests/**"
28
+ - "**/*Test.java"
29
+ match:
30
+ fact:
31
+ kind: java.correctness.bad-short-circuit-null-check
32
+ bind: issue
33
+ emit:
34
+ finding:
35
+ category: correctness.logic
36
+ severity: high
37
+ confidence: 0.90
38
+ tags:
39
+ - correctness
40
+ - java
41
+ message:
42
+ title: Bad short-circuit null check
43
+ summary: Using `||` instead of `&&` after a null check causes a NullPointerException when the variable is null.
44
+ remediation:
45
+ summary: Change `x != null || x.method()` to `x != null && x.method()` so the method call is guarded by the null check.
package/rules/java/java.correctness.bitwise-or-never-equal.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.bitwise-or-never-equal
5
+ title: Bitwise OR expression will never equal the comparison constant
6
+ summary: A bitwise OR expression is compared with `==` to a constant but will never equal it.
7
+ rationale: When using `(expr | C) == D`, if `C` has bits that `D` doesn't have, the expression always evaluates to false because OR adds bits.
8
+ aliases:
9
+ - JAVA-E1073
10
+ tags:
11
+ - correctness
12
+ - java
13
+ - rules-catalog
14
+ stability: experimental
15
+ appliesTo: block
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.bitwise-or-never-equal
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.logic
33
+ severity: high
34
+ confidence: 0.95
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Bitwise OR expression never equals constant in `${captures.issue.text}`
40
+ summary: "A bitwise OR comparison will always evaluate to the same result."
41
+ remediation:
42
+ summary: Use `&` (bitwise AND) instead of `|` to test for specific bits, or use a valid constant for comparison.
package/rules/java/java.correctness.boxed-boolean-conditional.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.boxed-boolean-conditional
5
+ title: Boxed Boolean in conditional expressions
6
+ summary: Using a boxed Boolean directly in a conditional can throw NullPointerException if the value is null.
7
+ rationale: Auto-unboxing a null Boolean in if/while/ternary expressions throws NullPointerException at runtime.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: stable
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1054
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.boxed-boolean-conditional
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.general
33
+ severity: high
34
+ confidence: 0.80
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Boxed Boolean in conditional expression
40
+ summary: Unboxing a null Boolean will throw NullPointerException.
41
+ remediation:
42
+ summary: Use `Boolean.TRUE.equals(flag)` or `boolean` primitive type, or guard with a null check before the conditional.
package/rules/java/java.correctness.cacheloader-null-return.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.cacheloader-null-return
5
+ title: CacheLoader load method should not return null
6
+ summary: Returning null from a CacheLoader.load() method causes InvalidCacheLoadException at runtime. Guava caches do not support null values.
7
+ rationale: CacheLoader.load() must never return null. Guava caches treat null returns as failures and throw InvalidCacheLoadException. The method should either return a non-null value or throw an exception.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: stable
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1104
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.cacheloader-null-return
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.exceptions
33
+ severity: medium
34
+ confidence: 0.7
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: CacheLoader.load() returns null which will throw InvalidCacheLoadException
40
+ summary: The load() method of a CacheLoader subclass returns null. Guava caches do not allow null values and will throw InvalidCacheLoadException.
41
+ remediation:
42
+ summary: Return a non-null value, use Optional, or throw an exception instead of returning null from CacheLoader.load().
package/rules/java/java.correctness.case-insensitive-regex-lacks-unicode.rule.yaml ADDED
@@ -0,0 +1,46 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.case-insensitive-regex-lacks-unicode
5
+ title: Case insensitive regex does not properly handle Unicode input
6
+ summary: CASE_INSENSITIVE or (?i) without UNICODE_CASE or (?u) does not handle Unicode-aware case folding.
7
+ rationale: Without UNICODE_CASE, case-insensitive matching only handles ASCII characters. Unicode characters (e.g., accented letters, non-Latin scripts) will not be matched case-insensitively, leading to text processing bugs in internationalized applications.
8
+ detection:
9
+ kind: pattern
10
+ aliases:
11
+ - JAVA-E1010
12
+ tags:
13
+ - correctness
14
+ - java
15
+ - rules-catalog
16
+ - i18n
17
+ stability: experimental
18
+ appliesTo: block
19
+ scope:
20
+ languages:
21
+ - java
22
+ paths:
23
+ include:
24
+ - "**/*.java"
25
+ exclude:
26
+ - "**/src/test/**"
27
+ - "**/tests/**"
28
+ - "**/*Test.java"
29
+ match:
30
+ fact:
31
+ kind: java.correctness.case-insensitive-regex-lacks-unicode
32
+ bind: issue
33
+ emit:
34
+ finding:
35
+ category: correctness.api-usage
36
+ severity: high
37
+ confidence: 0.85
38
+ tags:
39
+ - correctness
40
+ - java
41
+ - i18n
42
+ message:
43
+ title: Case-insensitive regex pattern without Unicode support
44
+ summary: "`${captures.issue.text}` uses case-insensitive matching without Unicode support. Add UNICODE_CASE or (?u) for proper internationalization."
45
+ remediation:
46
+ summary: Add Pattern.UNICODE_CASE (or (?u) flag) alongside CASE_INSENSITIVE flag for proper Unicode-aware case-insensitive matching.
package/rules/java/java.correctness.catch-null-pointer.rule.yaml CHANGED
@@ -5,6 +5,10 @@ metadata:
5
5
  title: Do not catch NullPointerException
6
6
  summary: NullPointerException indicates a programming error.
7
7
  rationale: Catching NPE masks bugs that should be fixed at the source.
8
+ detection:
9
+ kind: pattern
10
+ aliases:
11
+ - JAVA-E1070
8
12
  tags:
9
13
  - correctness
10
14
  - java
@@ -28,7 +32,7 @@ match:
28
32
  emit:
29
33
  finding:
30
34
  category: correctness.exceptions
31
- severity: low
35
+ severity: critical
32
36
  confidence: 0.88
33
37
  tags:
34
38
  - correctness
package/rules/java/java.correctness.class-isinstance-on-class.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.class-isinstance-on-class
5
+ title: "Use `instanceof` instead of `Class.isInstance()`"
6
+ summary: "Calling `.class.isInstance(obj)` should be replaced with `obj instanceof Type` for clarity and type safety."
7
+ rationale: "`SomeClass.class.isInstance(obj)` is equivalent to `obj instanceof SomeClass`, but the `instanceof` operator is more readable, type-safe at compile time, and is the idiomatic Java pattern for runtime type checking."
8
+ aliases:
9
+ - JAVA-E1091
10
+ tags:
11
+ - correctness
12
+ - java
13
+ - rules-catalog
14
+ stability: experimental
15
+ appliesTo: block
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.class-isinstance-on-class
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.code-style
33
+ severity: high
34
+ confidence: 0.95
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: "Use `instanceof` instead of `.class.isInstance()` in `${captures.issue.text}`"
40
+ summary: "`SomeClass.class.isInstance(obj)` should be replaced with `obj instanceof SomeClass` for readability and compile-time type safety."
41
+ remediation:
42
+ summary: "Replace `X.class.isInstance(obj)` with `obj instanceof X`."
package/rules/java/java.correctness.class-name-collision.rule.yaml ADDED
@@ -0,0 +1,45 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.class-name-collision
5
+ title: Class name collides with superclass simple name
6
+ summary: A class shares its simple name with a superclass referenced in the extends clause, causing ambiguity.
7
+ rationale: When a class name matches the simple name of its explicit superclass, it can lead to confusion and subtle bugs where the wrong type is referenced. The collision obscures the inheritance relationship and reduces code clarity.
8
+ detection:
9
+ kind: pattern
10
+ aliases:
11
+ - JAVA-E0169
12
+ tags:
13
+ - correctness
14
+ - java
15
+ - types
16
+ - rules-catalog
17
+ stability: experimental
18
+ appliesTo: block
19
+ scope:
20
+ languages:
21
+ - java
22
+ paths:
23
+ include:
24
+ - "**/*.java"
25
+ exclude:
26
+ - "**/src/test/**"
27
+ - "**/tests/**"
28
+ - "**/*Test.java"
29
+ match:
30
+ fact:
31
+ kind: java.correctness.class-name-collision
32
+ bind: issue
33
+ emit:
34
+ finding:
35
+ category: correctness.types
36
+ severity: medium
37
+ confidence: 0.85
38
+ tags:
39
+ - correctness
40
+ - java
41
+ message:
42
+ title: Class name collides with superclass name
43
+ summary: "Class `${captures.issue.text}` has the same simple name as its explicit superclass."
44
+ remediation:
45
+ summary: Rename the class or the superclass reference to avoid the name collision.
package/rules/java/java.correctness.clone-without-super.rule.yaml ADDED
@@ -0,0 +1,45 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.clone-without-super
5
+ title: Clone method does not call super.clone()
6
+ summary: "`clone()` methods should call `super.clone()` to create the correct object."
7
+ rationale: "Without `super.clone()`, the cloned object may not be properly initialized. `super.clone()` copies the object's internal state."
8
+ detection:
9
+ kind: pattern
10
+ aliases:
11
+ - JAVA-E0048
12
+ tags:
13
+ - correctness
14
+ - java
15
+ - contract-violation
16
+ - rules-catalog
17
+ stability: stable
18
+ appliesTo: block
19
+ scope:
20
+ languages:
21
+ - java
22
+ paths:
23
+ include:
24
+ - "**/*.java"
25
+ exclude:
26
+ - "**/src/test/**"
27
+ - "**/tests/**"
28
+ - "**/*Test.java"
29
+ match:
30
+ fact:
31
+ kind: java.correctness.clone-without-super
32
+ bind: issue
33
+ emit:
34
+ finding:
35
+ category: correctness.contract-violation
36
+ severity: high
37
+ confidence: 0.80
38
+ tags:
39
+ - correctness
40
+ - java
41
+ message:
42
+ title: clone() does not call super.clone()
43
+ summary: "`clone()` methods should call `super.clone()` to create the correct object."
44
+ remediation:
45
+ summary: "Add `super.clone()` call at the beginning of the `clone()` method."
package/rules/java/java.correctness.closeable-provides-injection.rule.yaml ADDED
@@ -0,0 +1,43 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.closeable-provides-injection
5
+ title: Closeable values should not be injected via @Provides annotated methods
6
+ summary: "@Provides/@Inject methods returning Closeable types can cause resource management problems."
7
+ rationale: DI frameworks may hold Closeable resources longer than intended, preventing proper cleanup. Scope the resource or use a factory that manages lifecycle.
8
+ aliases:
9
+ - JAVA-E1103
10
+ tags:
11
+ - correctness
12
+ - java
13
+ - framework
14
+ - rules-catalog
15
+ stability: experimental
16
+ appliesTo: block
17
+ scope:
18
+ languages:
19
+ - java
20
+ paths:
21
+ include:
22
+ - "**/*.java"
23
+ exclude:
24
+ - "**/src/test/**"
25
+ - "**/tests/**"
26
+ - "**/*Test.java"
27
+ match:
28
+ fact:
29
+ kind: java.correctness.closeable-provides-injection
30
+ bind: issue
31
+ emit:
32
+ finding:
33
+ category: correctness.resource-management
34
+ severity: high
35
+ confidence: 0.85
36
+ tags:
37
+ - correctness
38
+ - java
39
+ message:
40
+ title: Closeable type returned from @Provides method
41
+ summary: "The method returns a Closeable type that may not be properly closed by the DI container."
42
+ remediation:
43
+ summary: Return a factory or wrapper that manages the Closeable lifecycle instead of exposing it directly from @Provides/@Inject.
package/rules/java/java.correctness.collection-adds-self.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.collection-adds-self
5
+ title: Collections should not be added to themselves
6
+ summary: A collection is being added to itself, which is likely a logic error.
7
+ rationale: Self-add operations on collections are almost always unintentional typos where the wrong variable was used.
8
+ aliases:
9
+ - JAVA-E1077
10
+ tags:
11
+ - correctness
12
+ - java
13
+ - rules-catalog
14
+ stability: experimental
15
+ appliesTo: block
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.collection-adds-self
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.logic
33
+ severity: high
34
+ confidence: 0.95
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Collection added to itself in `${captures.issue.text}`
40
+ summary: "A collection is being added to itself, which is likely a logic error."
41
+ remediation:
42
+ summary: Use a different collection reference for the add operation.
package/rules/java/java.correctness.collection-contains-self.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.collection-contains-self
5
+ title: Collections should not contain themselves
6
+ summary: A collection checks if it contains itself — likely a logic error.
7
+ rationale: Self-containment checks on collections are almost always unintentional typos where the wrong variable was used.
8
+ aliases:
9
+ - JAVA-E1076
10
+ tags:
11
+ - correctness
12
+ - java
13
+ - rules-catalog
14
+ stability: experimental
15
+ appliesTo: block
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.collection-contains-self
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.logic
33
+ severity: critical
34
+ confidence: 0.95
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Collection contains check on itself in `${captures.issue.text}`
40
+ summary: "A collection checks for containment of itself, which is likely a logic error."
41
+ remediation:
42
+ summary: Use a different collection reference for the containment check.
package/rules/java/java.correctness.collection-remove-type-mismatch.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.collection-remove-type-mismatch
5
+ title: Wrong argument type for Collection remove method
6
+ summary: Passing a numeric literal to Collection.remove() on a collection with a non-numeric generic type will silently fail to remove the intended element.
7
+ rationale: Although Collection.remove(Object) accepts any Object, passing an argument of the wrong type (e.g., an int to a List<String>) will never match an existing element. The remove call may succeed in removing a value that happens to match the object's equals/hashCode, but typically represents a bug.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: experimental
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1036
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.collection-remove-type-mismatch
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.types
33
+ severity: high
34
+ confidence: 0.85
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Possible type mismatch in Collection.remove()
40
+ summary: "`${captures.issue.text}` passes a numeric literal to `remove()` on a collection with a non-numeric generic type. This may never match an intended element."
41
+ remediation:
42
+ summary: Verify that the argument type matches the collection's generic type. If the collection is `List<String>`, pass a `String` argument to `remove()`.
package/rules/java/java.correctness.comparator-downcast-sign-flip.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.comparator-downcast-sign-flip
5
+ title: Downcast may flip integer sign in comparator method
6
+ summary: Narrowing casts (short, byte, int) of subtraction results inside compare/compareTo methods can overflow and flip the comparison sign, producing incorrect ordering.
7
+ rationale: Comparing values by casting (short)(a - b) or (int)(a - b) discards overflow bits, potentially returning the wrong sign for large values. Use Long.compare or Integer.compare instead.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: stable
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1102
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.comparator-downcast-sign-flip
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.general
33
+ severity: medium
34
+ confidence: 0.85
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Narrowing cast of subtraction may flip comparison sign
40
+ summary: Casting (a - b) to a narrower type inside a comparator can overflow and produce incorrect ordering. Use Long.compare(a, b) or Integer.compare(a, b) instead.
41
+ remediation:
42
+ summary: Replace `(short)(a - b)` or similar narrow casts with `Long.compare(a, b)` or `Integer.compare(a, b)` to avoid overflow sign flips.