@critiq/rules 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (907) hide show
  1. package/CHANGELOG.md +468 -0
  2. package/README.md +13 -232
  3. package/catalog-metadata.json +47 -0
  4. package/catalog.yaml +4459 -1008
  5. package/package.json +1 -1
  6. package/rules/cfn/cfn.correctness.attributedefinitions-keyschemas-mismatch.rule.yaml +49 -0
  7. package/rules/cfn/cfn.correctness.base64-validation-of-parameters.rule.yaml +49 -0
  8. package/rules/cfn/cfn.correctness.basic-cloudformation-resource-check.rule.yaml +49 -0
  9. package/rules/cfn/cfn.correctness.basic-cloudformation-template-configuration.rule.yaml +49 -0
  10. package/rules/cfn/cfn.correctness.cannot-reference-resources-in-the-conditions-block-of-the-template.rule.yaml +49 -0
  11. package/rules/cfn/cfn.correctness.check-at-least-one-essential-container-is-specified.rule.yaml +49 -0
  12. package/rules/cfn/cfn.correctness.check-deletionpolicy-values-for-resources.rule.yaml +49 -0
  13. package/rules/cfn/cfn.correctness.check-dependson-values-for-resources.rule.yaml +49 -0
  14. package/rules/cfn/cfn.correctness.check-ec2-ebs-properties.rule.yaml +49 -0
  15. package/rules/cfn/cfn.correctness.check-elastic-cache-redis-cluster-settings.rule.yaml +49 -0
  16. package/rules/cfn/cfn.correctness.check-events-rule-targets-are-less-than-or-equal-to-5.rule.yaml +49 -0
  17. package/rules/cfn/cfn.correctness.check-fargate-service-scheduling-strategy.rule.yaml +49 -0
  18. package/rules/cfn/cfn.correctness.check-fn-and-structure-for-validity.rule.yaml +49 -0
  19. package/rules/cfn/cfn.correctness.check-fn-equals-structure-for-validity.rule.yaml +49 -0
  20. package/rules/cfn/cfn.correctness.check-fn-if-structure-for-validity.rule.yaml +49 -0
  21. package/rules/cfn/cfn.correctness.check-fn-not-structure-for-validity.rule.yaml +49 -0
  22. package/rules/cfn/cfn.correctness.check-fn-or-structure-for-validity.rule.yaml +49 -0
  23. package/rules/cfn/cfn.correctness.check-for-subscriptionfilters-have-beyond-2-attachments-to-a-cloudwatch-log-group.rule.yaml +49 -0
  24. package/rules/cfn/cfn.correctness.check-if-a-json-object-is-within-size-limits.rule.yaml +49 -0
  25. package/rules/cfn/cfn.correctness.check-if-a-list-has-between-min-and-max-number-of-values-specified.rule.yaml +49 -0
  26. package/rules/cfn/cfn.correctness.check-if-a-list-has-duplicate-values.rule.yaml +49 -0
  27. package/rules/cfn/cfn.correctness.check-if-a-number-is-between-min-and-max.rule.yaml +49 -0
  28. package/rules/cfn/cfn.correctness.check-if-a-string-has-between-min-and-max-number-of-values-specified.rule.yaml +49 -0
  29. package/rules/cfn/cfn.correctness.check-if-eol-lambda-function-runtimes-are-used.rule.yaml +49 -0
  30. package/rules/cfn/cfn.correctness.check-if-properties-have-a-valid-value.rule.yaml +49 -0
  31. package/rules/cfn/cfn.correctness.check-if-property-values-adhere-to-a-specific-pattern.rule.yaml +49 -0
  32. package/rules/cfn/cfn.correctness.check-if-refing-to-a-iam-resource-with-path-set.rule.yaml +49 -0
  33. package/rules/cfn/cfn.correctness.check-if-refs-exist.rule.yaml +49 -0
  34. package/rules/cfn/cfn.correctness.check-if-serverless-resources-have-serverless-transform.rule.yaml +49 -0
  35. package/rules/cfn/cfn.correctness.check-if-the-referenced-conditions-are-defined.rule.yaml +49 -0
  36. package/rules/cfn/cfn.correctness.check-minimum-90-period-is-met-between-backupplan-cold-and-delete.rule.yaml +49 -0
  37. package/rules/cfn/cfn.correctness.check-properties-that-are-mutually-exclusive.rule.yaml +49 -0
  38. package/rules/cfn/cfn.correctness.check-properties-that-are-required-together.rule.yaml +49 -0
  39. package/rules/cfn/cfn.correctness.check-properties-that-need-at-least-one-of-a-list-of-properties.rule.yaml +49 -0
  40. package/rules/cfn/cfn.correctness.check-properties-that-need-only-one-of-a-list-of-properties.rule.yaml +49 -0
  41. package/rules/cfn/cfn.correctness.check-resource-properties-values.rule.yaml +49 -0
  42. package/rules/cfn/cfn.correctness.check-state-machine-definition-for-proper-syntax.rule.yaml +49 -0
  43. package/rules/cfn/cfn.correctness.check-that-modules-resources-are-valid.rule.yaml +49 -0
  44. package/rules/cfn/cfn.correctness.check-the-configuration-of-a-resources-updatepolicy.rule.yaml +49 -0
  45. package/rules/cfn/cfn.correctness.check-updatereplacepolicy-values-for-resources.rule.yaml +49 -0
  46. package/rules/cfn/cfn.correctness.check-values-of-properties-for-valid-refs-and-getatts.rule.yaml +49 -0
  47. package/rules/cfn/cfn.correctness.cidr-validation-of-parameters.rule.yaml +49 -0
  48. package/rules/cfn/cfn.correctness.cloudfront-aliases.rule.yaml +49 -0
  49. package/rules/cfn/cfn.correctness.codepipeline-stage-actions.rule.yaml +49 -0
  50. package/rules/cfn/cfn.correctness.codepipeline-stages.rule.yaml +49 -0
  51. package/rules/cfn/cfn.correctness.conditions-have-appropriate-properties.rule.yaml +49 -0
  52. package/rules/cfn/cfn.correctness.default-value-cannot-use-refs.rule.yaml +49 -0
  53. package/rules/cfn/cfn.correctness.default-value-is-within-parameter-constraints.rule.yaml +49 -0
  54. package/rules/cfn/cfn.correctness.error-processing-rule-on-the-template.rule.yaml +49 -0
  55. package/rules/cfn/cfn.correctness.findinmap-validation-of-configuration.rule.yaml +49 -0
  56. package/rules/cfn/cfn.correctness.getatt-validation-of-parameters.rule.yaml +49 -0
  57. package/rules/cfn/cfn.correctness.getaz-validation-of-parameters.rule.yaml +49 -0
  58. package/rules/cfn/cfn.correctness.importvalue-validation-of-parameters.rule.yaml +49 -0
  59. package/rules/cfn/cfn.correctness.join-validation-of-parameters.rule.yaml +49 -0
  60. package/rules/cfn/cfn.correctness.length-validation-of-parameters.rule.yaml +49 -0
  61. package/rules/cfn/cfn.correctness.mapping-attribute-limit-not-exceeded.rule.yaml +49 -0
  62. package/rules/cfn/cfn.correctness.mapping-keys-are-strings-and-alphanumeric.rule.yaml +49 -0
  63. package/rules/cfn/cfn.correctness.mapping-limit-not-exceeded.rule.yaml +49 -0
  64. package/rules/cfn/cfn.correctness.mapping-name-limit-not-exceeded.rule.yaml +49 -0
  65. package/rules/cfn/cfn.correctness.mappings-are-appropriately-configured.rule.yaml +49 -0
  66. package/rules/cfn/cfn.correctness.mappings-have-appropriate-names.rule.yaml +49 -0
  67. package/rules/cfn/cfn.correctness.metadata-interface-have-appropriate-properties.rule.yaml +49 -0
  68. package/rules/cfn/cfn.correctness.output-description-limit-not-exceeded.rule.yaml +49 -0
  69. package/rules/cfn/cfn.correctness.output-limit-not-exceeded.rule.yaml +49 -0
  70. package/rules/cfn/cfn.correctness.output-name-limit-not-exceeded.rule.yaml +49 -0
  71. package/rules/cfn/cfn.correctness.outputs-descriptions-can-only-be-strings.rule.yaml +49 -0
  72. package/rules/cfn/cfn.correctness.outputs-have-appropriate-names.rule.yaml +49 -0
  73. package/rules/cfn/cfn.correctness.outputs-have-appropriate-properties.rule.yaml +49 -0
  74. package/rules/cfn/cfn.correctness.outputs-have-required-properties.rule.yaml +49 -0
  75. package/rules/cfn/cfn.correctness.outputs-have-values-of-strings.rule.yaml +49 -0
  76. package/rules/cfn/cfn.correctness.parameter-limit-not-exceeded.rule.yaml +49 -0
  77. package/rules/cfn/cfn.correctness.parameter-name-limit-not-exceeded.rule.yaml +49 -0
  78. package/rules/cfn/cfn.correctness.parameter-value-limit-not-exceeded.rule.yaml +49 -0
  79. package/rules/cfn/cfn.correctness.parameters-have-appropriate-names.rule.yaml +49 -0
  80. package/rules/cfn/cfn.correctness.parameters-have-appropriate-properties.rule.yaml +49 -0
  81. package/rules/cfn/cfn.correctness.parameters-have-appropriate-type.rule.yaml +49 -0
  82. package/rules/cfn/cfn.correctness.property-is-required-based-on-another-properties-value.rule.yaml +49 -0
  83. package/rules/cfn/cfn.correctness.property-is-unwanted-based-on-another-properties-value.rule.yaml +49 -0
  84. package/rules/cfn/cfn.correctness.rds-instance-type-is-compatible-with-the-rds-type.rule.yaml +49 -0
  85. package/rules/cfn/cfn.correctness.recordset-hostedzonename-is-a-superdomain-of-name.rule.yaml +49 -0
  86. package/rules/cfn/cfn.correctness.ref-validation-of-value.rule.yaml +49 -0
  87. package/rules/cfn/cfn.correctness.required-resource-properties-are-missing.rule.yaml +49 -0
  88. package/rules/cfn/cfn.correctness.resource-dependencies-are-not-circular.rule.yaml +49 -0
  89. package/rules/cfn/cfn.correctness.resource-ec2-security-group-ingress-properties.rule.yaml +49 -0
  90. package/rules/cfn/cfn.correctness.resource-elb-properties.rule.yaml +49 -0
  91. package/rules/cfn/cfn.correctness.resource-limit-not-exceeded.rule.yaml +49 -0
  92. package/rules/cfn/cfn.correctness.resource-name-limit-not-exceeded.rule.yaml +49 -0
  93. package/rules/cfn/cfn.correctness.resource-properties-are-invalid.rule.yaml +49 -0
  94. package/rules/cfn/cfn.correctness.resource-schema.rule.yaml +49 -0
  95. package/rules/cfn/cfn.correctness.resource-subnetroutetableassociation-properties.rule.yaml +49 -0
  96. package/rules/cfn/cfn.correctness.resources-have-appropriate-names.rule.yaml +49 -0
  97. package/rules/cfn/cfn.correctness.select-validation-of-parameters.rule.yaml +49 -0
  98. package/rules/cfn/cfn.correctness.snapstart-supports-the-configured-runtime.rule.yaml +49 -0
  99. package/rules/cfn/cfn.correctness.split-validation-of-parameters.rule.yaml +49 -0
  100. package/rules/cfn/cfn.correctness.sub-is-required-if-a-variable-is-used-in-a-string.rule.yaml +49 -0
  101. package/rules/cfn/cfn.correctness.sub-validation-of-parameters.rule.yaml +49 -0
  102. package/rules/cfn/cfn.correctness.template-description-can-only-be-a-string.rule.yaml +49 -0
  103. package/rules/cfn/cfn.correctness.template-description-limit.rule.yaml +49 -0
  104. package/rules/cfn/cfn.correctness.template-size-limit.rule.yaml +49 -0
  105. package/rules/cfn/cfn.correctness.tojsonstring-validation-of-parameters.rule.yaml +49 -0
  106. package/rules/cfn/cfn.correctness.unique-resource-and-parameter-names.rule.yaml +49 -0
  107. package/rules/cfn/cfn.correctness.validate-accesscontrol-are-set-with-ownershipcontrols.rule.yaml +49 -0
  108. package/rules/cfn/cfn.correctness.validate-aws-event-scheduleexpression-format.rule.yaml +49 -0
  109. package/rules/cfn/cfn.correctness.validate-parameters-for-in-a-nested-stack.rule.yaml +49 -0
  110. package/rules/cfn/cfn.correctness.validate-route53-recordsets.rule.yaml +49 -0
  111. package/rules/cfn/cfn.correctness.validate-the-configuration-of-the-metadata-section.rule.yaml +49 -0
  112. package/rules/cfn/cfn.correctness.validates-foreach-functions.rule.yaml +49 -0
  113. package/rules/cfn/cfn.correctness.validation-not-function-configuration.rule.yaml +49 -0
  114. package/rules/cfn/cfn.correctness.validationdomain-is-superdomain-of-domainname.rule.yaml +49 -0
  115. package/rules/cfn/cfn.maintainability.arns-should-use-correctly-placed-pseudo-parameters.rule.yaml +49 -0
  116. package/rules/cfn/cfn.maintainability.availability-zone-parameters-should-not-be-hardcoded.rule.yaml +49 -0
  117. package/rules/cfn/cfn.maintainability.check-iam-resource-policies-syntax.rule.yaml +49 -0
  118. package/rules/cfn/cfn.maintainability.check-if-a-list-that-allows-duplicates-has-any-duplicates.rule.yaml +49 -0
  119. package/rules/cfn/cfn.maintainability.check-if-conditions-are-used.rule.yaml +49 -0
  120. package/rules/cfn/cfn.maintainability.check-if-eol-lambda-function-runtimes-are-used-w2531.rule.yaml +49 -0
  121. package/rules/cfn/cfn.maintainability.check-if-imageid-parameters-have-the-correct-type.rule.yaml +49 -0
  122. package/rules/cfn/cfn.maintainability.check-if-mappings-are-used.rule.yaml +49 -0
  123. package/rules/cfn/cfn.maintainability.check-if-parameters-are-used.rule.yaml +49 -0
  124. package/rules/cfn/cfn.maintainability.check-if-parameters-have-a-valid-value-based-on-an-allowed-pattern.rule.yaml +49 -0
  125. package/rules/cfn/cfn.maintainability.check-if-parameters-have-a-valid-value.rule.yaml +49 -0
  126. package/rules/cfn/cfn.maintainability.check-obsolete-dependson-configuration-for-resources.rule.yaml +49 -0
  127. package/rules/cfn/cfn.maintainability.check-outputs-using-importvalue.rule.yaml +49 -0
  128. package/rules/cfn/cfn.maintainability.check-required-properties-for-lambda-if-the-deployment-package-is-a-zip-file.rule.yaml +49 -0
  129. package/rules/cfn/cfn.maintainability.check-resources-with-auto-expiring-content-have-explicit-retention-period.rule.yaml +49 -0
  130. package/rules/cfn/cfn.maintainability.check-resources-with-updatereplacepolicy-deletionpolicy-have-both.rule.yaml +49 -0
  131. package/rules/cfn/cfn.maintainability.check-stateful-resources-have-a-set-updatereplacepolicy-deletionpolicy.rule.yaml +49 -0
  132. package/rules/cfn/cfn.maintainability.checks-for-legacy-instance-type-generations.rule.yaml +49 -0
  133. package/rules/cfn/cfn.maintainability.findinmap-keys-exist-in-the-map.rule.yaml +49 -0
  134. package/rules/cfn/cfn.maintainability.fn-equals-will-always-return-true-or-false.rule.yaml +49 -0
  135. package/rules/cfn/cfn.maintainability.mapping-attribute-limit.rule.yaml +49 -0
  136. package/rules/cfn/cfn.maintainability.mapping-limit.rule.yaml +49 -0
  137. package/rules/cfn/cfn.maintainability.mapping-name-limit.rule.yaml +49 -0
  138. package/rules/cfn/cfn.maintainability.metadata-interface-parameters-exist.rule.yaml +49 -0
  139. package/rules/cfn/cfn.maintainability.output-description-limit.rule.yaml +49 -0
  140. package/rules/cfn/cfn.maintainability.output-limit.rule.yaml +49 -0
  141. package/rules/cfn/cfn.maintainability.output-name-limit.rule.yaml +49 -0
  142. package/rules/cfn/cfn.maintainability.parameter-limit.rule.yaml +49 -0
  143. package/rules/cfn/cfn.maintainability.parameter-memory-size-attributes-should-have-max-and-min.rule.yaml +49 -0
  144. package/rules/cfn/cfn.maintainability.parameter-name-limit.rule.yaml +49 -0
  145. package/rules/cfn/cfn.maintainability.parameter-value-limit.rule.yaml +49 -0
  146. package/rules/cfn/cfn.maintainability.ref-getatt-to-resource-that-is-available-when-conditions-are-applied.rule.yaml +49 -0
  147. package/rules/cfn/cfn.maintainability.resource-limit.rule.yaml +49 -0
  148. package/rules/cfn/cfn.maintainability.resource-name-limit.rule.yaml +49 -0
  149. package/rules/cfn/cfn.maintainability.sub-isn-t-needed-if-it-doesn-t-have-a-variable-defined.rule.yaml +49 -0
  150. package/rules/cfn/cfn.maintainability.sub-validation-of-parameters-w1019.rule.yaml +49 -0
  151. package/rules/cfn/cfn.maintainability.template-description-limit-i1003.rule.yaml +49 -0
  152. package/rules/cfn/cfn.maintainability.template-size-limit-i1002.rule.yaml +49 -0
  153. package/rules/cfn/cfn.maintainability.use-sub-instead-of-join.rule.yaml +49 -0
  154. package/rules/cfn/cfn.maintainability.validate-that-snapstart-is-configured-for-java11-runtimes.rule.yaml +49 -0
  155. package/rules/cfn/cfn.maintainability.validate-that-snapstart-is-properly-configured.rule.yaml +49 -0
  156. package/rules/cfn/cfn.maintainability.warn-when-properties-are-configured-to-only-work-with-the-package-command.rule.yaml +49 -0
  157. package/rules/cfn/cfn.security.check-dynamic-references-secure-strings-are-in-supported-locations.rule.yaml +53 -0
  158. package/rules/cfn/cfn.security.check-for-noecho-references.rule.yaml +53 -0
  159. package/rules/cfn/cfn.security.check-iam-permission-configuration.rule.yaml +53 -0
  160. package/rules/cfn/cfn.security.check-if-iam-policies-are-properly-configured.rule.yaml +53 -0
  161. package/rules/cfn/cfn.security.check-if-password-properties-are-correctly-configured.rule.yaml +53 -0
  162. package/rules/cfn/cfn.security.controlling-access-to-an-s3-bucket-should-be-done-with-bucket-policies.rule.yaml +53 -0
  163. package/rules/go/go.bug-risk.compound-assignment-misuse.rule.yaml +53 -0
  164. package/rules/go/go.bug-risk.deprecated-redis-methods.rule.yaml +57 -0
  165. package/rules/go/go.bug-risk.etcd-getlogger-misuse.rule.yaml +59 -0
  166. package/rules/go/go.bug-risk.etcd-invalid-compare-operator.rule.yaml +53 -0
  167. package/rules/go/go.bug-risk.gin-loadhtmlglob-ill-formed.rule.yaml +53 -0
  168. package/rules/go/go.bug-risk.gorm-dry-run-enabled.rule.yaml +58 -0
  169. package/rules/go/go.bug-risk.gorm-skip-default-transaction.rule.yaml +57 -0
  170. package/rules/go/go.bug-risk.gorm-updates-zero-values.rule.yaml +55 -0
  171. package/rules/go/go.bug-risk.gorm-where-zero-values.rule.yaml +53 -0
  172. package/rules/go/go.bug-risk.poorly-formed-nilness-guards.rule.yaml +57 -0
  173. package/rules/go/go.bug-risk.redis-incorrect-arg-count.rule.yaml +54 -0
  174. package/rules/go/go.bug-risk.redis-unimplemented-method.rule.yaml +53 -0
  175. package/rules/go/go.bug-risk.reflect-makefunc-usage.rule.yaml +55 -0
  176. package/rules/go/go.correctness.bare-return.rule.yaml +52 -0
  177. package/rules/go/go.correctness.boolean-literal-in-expression.rule.yaml +52 -0
  178. package/rules/go/go.correctness.boolean-simplification.rule.yaml +49 -0
  179. package/rules/go/go.correctness.deferred-func-literal.rule.yaml +52 -0
  180. package/rules/go/go.correctness.duplicate-branch-body.rule.yaml +49 -0
  181. package/rules/go/go.correctness.duplicate-function-arguments.rule.yaml +49 -0
  182. package/rules/go/go.correctness.duplicate-if-else-condition.rule.yaml +54 -0
  183. package/rules/go/go.correctness.duplicate-switch-cases.rule.yaml +48 -0
  184. package/rules/go/go.correctness.flag-pointer-immediate-deref.rule.yaml +49 -0
  185. package/rules/go/go.correctness.hidden-goroutine.rule.yaml +55 -0
  186. package/rules/go/go.correctness.http-nobody-nil.rule.yaml +52 -0
  187. package/rules/go/go.correctness.identical-binary-operands.rule.yaml +48 -0
  188. package/rules/go/go.correctness.impossible-interface-nil-check.rule.yaml +56 -0
  189. package/rules/go/go.correctness.incomplete-nil-check.rule.yaml +49 -0
  190. package/rules/go/go.correctness.integer-truncation.rule.yaml +51 -0
  191. package/rules/go/go.correctness.interface-any-preferred.rule.yaml +50 -0
  192. package/rules/go/go.correctness.nil-error-returned.rule.yaml +49 -0
  193. package/rules/go/go.correctness.off-by-one-index.rule.yaml +48 -0
  194. package/rules/go/go.correctness.redundant-type-declaration.rule.yaml +51 -0
  195. package/rules/go/go.correctness.signedness-casting.rule.yaml +56 -0
  196. package/rules/go/go.correctness.string-concat-simplify.rule.yaml +52 -0
  197. package/rules/go/go.correctness.suspicious-regex-pattern.rule.yaml +49 -0
  198. package/rules/go/go.correctness.terminal-call-with-defer.rule.yaml +50 -0
  199. package/rules/go/go.correctness.unexported-capital-name.rule.yaml +52 -0
  200. package/rules/go/go.correctness.unnecessary-dereference.rule.yaml +53 -0
  201. package/rules/go/go.correctness.unnecessary-else-return.rule.yaml +52 -0
  202. package/rules/go/go.correctness.unreachable-switch-case.rule.yaml +50 -0
  203. package/rules/go/go.doc.malformed-deprecated-comment.rule.yaml +59 -0
  204. package/rules/go/go.performance.avoid-large-loop-copy.rule.yaml +38 -0
  205. package/rules/go/go.performance.avoid-large-param-copy.rule.yaml +38 -0
  206. package/rules/go/go.performance.avoid-large-range-copy.rule.yaml +37 -0
  207. package/rules/go/go.performance.avoid-string-index-alloc.rule.yaml +38 -0
  208. package/rules/go/go.performance.combine-append-calls.rule.yaml +38 -0
  209. package/rules/go/go.performance.fmt-fprint.rule.yaml +44 -0
  210. package/rules/go/go.performance.iowriter-write-string.rule.yaml +45 -0
  211. package/rules/go/go.performance.non-idiomatic-slice-zeroing.rule.yaml +44 -0
  212. package/rules/go/go.performance.reorder-operands.rule.yaml +44 -0
  213. package/rules/go/go.performance.utf8-decode-rune.rule.yaml +44 -0
  214. package/rules/go/go.security.decompression-bomb.rule.yaml +55 -0
  215. package/rules/go/go.security.http-dir-path-traversal.rule.yaml +55 -0
  216. package/rules/go/go.security.incomplete-hostname-regex.rule.yaml +64 -0
  217. package/rules/go/go.security.insecure-ssl-protocol.rule.yaml +2 -0
  218. package/rules/go/go.security.jwt-without-verification.rule.yaml +2 -0
  219. package/rules/go/go.security.net-http-missing-timeouts.rule.yaml +3 -0
  220. package/rules/go/go.security.pprof-exposed.rule.yaml +2 -0
  221. package/rules/go/go.security.squirrel-unsafe-quoting.rule.yaml +64 -0
  222. package/rules/go/go.security.tainted-value-sink.rule.yaml +59 -0
  223. package/rules/go/go.security.tls-missing-min-version.rule.yaml +2 -0
  224. package/rules/go/go.security.unsafe-defer-close.rule.yaml +55 -0
  225. package/rules/go/go.security.weak-crypto-import.rule.yaml +3 -0
  226. package/rules/go/go.security.weak-file-permission.rule.yaml +56 -0
  227. package/rules/java/java.correctness.annotation-check-always-false.rule.yaml +42 -0
  228. package/rules/java/java.correctness.array-compared-to-non-array.rule.yaml +45 -0
  229. package/rules/java/java.correctness.array-index-bounds.rule.yaml +42 -0
  230. package/rules/java/java.correctness.assert-self-comparison.rule.yaml +46 -0
  231. package/rules/java/java.correctness.assertion-in-production.rule.yaml +49 -0
  232. package/rules/java/java.correctness.bad-short-circuit-null-check.rule.yaml +45 -0
  233. package/rules/java/java.correctness.bitwise-or-never-equal.rule.yaml +42 -0
  234. package/rules/java/java.correctness.boxed-boolean-conditional.rule.yaml +42 -0
  235. package/rules/java/java.correctness.cacheloader-null-return.rule.yaml +42 -0
  236. package/rules/java/java.correctness.case-insensitive-regex-lacks-unicode.rule.yaml +46 -0
  237. package/rules/java/java.correctness.catch-null-pointer.rule.yaml +5 -1
  238. package/rules/java/java.correctness.class-isinstance-on-class.rule.yaml +42 -0
  239. package/rules/java/java.correctness.class-name-collision.rule.yaml +45 -0
  240. package/rules/java/java.correctness.clone-without-super.rule.yaml +45 -0
  241. package/rules/java/java.correctness.closeable-provides-injection.rule.yaml +43 -0
  242. package/rules/java/java.correctness.collection-adds-self.rule.yaml +42 -0
  243. package/rules/java/java.correctness.collection-contains-self.rule.yaml +42 -0
  244. package/rules/java/java.correctness.collection-remove-type-mismatch.rule.yaml +42 -0
  245. package/rules/java/java.correctness.comparator-downcast-sign-flip.rule.yaml +42 -0
  246. package/rules/java/java.correctness.compareto-min-value.rule.yaml +44 -0
  247. package/rules/java/java.correctness.constructor-starts-thread.rule.yaml +45 -0
  248. package/rules/java/java.correctness.default-package-spring-scan.rule.yaml +46 -0
  249. package/rules/java/java.correctness.deprecated-thread-methods.rule.yaml +42 -0
  250. package/rules/java/java.correctness.double-assignment.rule.yaml +42 -0
  251. package/rules/java/java.correctness.double-checked-locking.rule.yaml +42 -0
  252. package/rules/java/java.correctness.duplicate-binary-argument.rule.yaml +45 -0
  253. package/rules/java/java.correctness.duration-with-nanos-misuse.rule.yaml +42 -0
  254. package/rules/java/java.correctness.enum-equals-method.rule.yaml +45 -0
  255. package/rules/java/java.correctness.enum-get-class.rule.yaml +42 -0
  256. package/rules/java/java.correctness.equals-inherits-parent.rule.yaml +45 -0
  257. package/rules/java/java.correctness.equals-null-check.rule.yaml +45 -0
  258. package/rules/java/java.correctness.equals-null.rule.yaml +45 -0
  259. package/rules/java/java.correctness.equals-on-array.rule.yaml +4 -0
  260. package/rules/java/java.correctness.explicit-finalizer-invocation.rule.yaml +45 -0
  261. package/rules/java/java.correctness.for-loop-mismatched-increment.rule.yaml +45 -0
  262. package/rules/java/java.correctness.getter-setter-sync-mismatch.rule.yaml +42 -0
  263. package/rules/java/java.correctness.hashcode-on-array.rule.yaml +42 -0
  264. package/rules/java/java.correctness.hashtable-contains-value.rule.yaml +42 -0
  265. package/rules/java/java.correctness.hasnext-invokes-next.rule.yaml +45 -0
  266. package/rules/java/java.correctness.ignored-inputstream-read.rule.yaml +45 -0
  267. package/rules/java/java.correctness.ignored-inputstream-skip.rule.yaml +45 -0
  268. package/rules/java/java.correctness.illegal-monitor-state-caught.rule.yaml +45 -0
  269. package/rules/java/java.correctness.impossible-toarray-downcast.rule.yaml +45 -0
  270. package/rules/java/java.correctness.incorrect-main-signature.rule.yaml +42 -0
  271. package/rules/java/java.correctness.indexof-reversed-arguments.rule.yaml +42 -0
  272. package/rules/java/java.correctness.instant-unsupported-temporal-unit.rule.yaml +42 -0
  273. package/rules/java/java.correctness.invalid-regex-literal.rule.yaml +45 -0
  274. package/rules/java/java.correctness.invalid-serial-version-uid.rule.yaml +42 -0
  275. package/rules/java/java.correctness.invalid-time-constants.rule.yaml +42 -0
  276. package/rules/java/java.correctness.invalidated-iterator.rule.yaml +42 -0
  277. package/rules/java/java.correctness.iterable-iterator-returns-this.rule.yaml +44 -0
  278. package/rules/java/java.correctness.iterable-path-type.rule.yaml +42 -0
  279. package/rules/java/java.correctness.jump-in-finally.rule.yaml +44 -0
  280. package/rules/java/java.correctness.loop-condition-never-true.rule.yaml +42 -0
  281. package/rules/java/java.correctness.lost-increment-in-assignment.rule.yaml +45 -0
  282. package/rules/java/java.correctness.math-max-min-swapped.rule.yaml +45 -0
  283. package/rules/java/java.correctness.missing-enum-switch-elements.rule.yaml +43 -0
  284. package/rules/java/java.correctness.modulus-multiplication-precedence.rule.yaml +42 -0
  285. package/rules/java/java.correctness.mutable-data-exposed.rule.yaml +42 -0
  286. package/rules/java/java.correctness.mutable-enum-fields.rule.yaml +44 -0
  287. package/rules/java/java.correctness.nan-comparison.rule.yaml +42 -0
  288. package/rules/java/java.correctness.ncopies-argument-order.rule.yaml +42 -0
  289. package/rules/java/java.correctness.noallocation-method-creates-object.rule.yaml +45 -0
  290. package/rules/java/java.correctness.non-final-immutable-fields.rule.yaml +45 -0
  291. package/rules/java/java.correctness.non-null-method-returns-null.rule.yaml +43 -0
  292. package/rules/java/java.correctness.non-terminating-loop.rule.yaml +42 -0
  293. package/rules/java/java.correctness.oddness-check-fails-negative.rule.yaml +45 -0
  294. package/rules/java/java.correctness.optional-get-without-present-check.rule.yaml +44 -0
  295. package/rules/java/java.correctness.optional-null.rule.yaml +42 -0
  296. package/rules/java/java.correctness.overloaded-equals.rule.yaml +45 -0
  297. package/rules/java/java.correctness.parameter-reassignment.rule.yaml +46 -0
  298. package/rules/java/java.correctness.possible-null-access-exception.rule.yaml +42 -0
  299. package/rules/java/java.correctness.possible-null-access.rule.yaml +42 -0
  300. package/rules/java/java.correctness.prepared-statement-in-loop.rule.yaml +52 -0
  301. package/rules/java/java.correctness.prepared-statement-index-zero.rule.yaml +44 -0
  302. package/rules/java/java.correctness.random-coerced-to-zero.rule.yaml +44 -0
  303. package/rules/java/java.correctness.read-resolve-return-type.rule.yaml +42 -0
  304. package/rules/java/java.correctness.readline-without-null-check.rule.yaml +45 -0
  305. package/rules/java/java.correctness.result-set-index-zero.rule.yaml +44 -0
  306. package/rules/java/java.correctness.runfinalizers-on-exit.rule.yaml +45 -0
  307. package/rules/java/java.correctness.runnable-run-direct.rule.yaml +45 -0
  308. package/rules/java/java.correctness.self-assignment.rule.yaml +45 -0
  309. package/rules/java/java.correctness.serializable-superclass.rule.yaml +42 -0
  310. package/rules/java/java.correctness.serialization-method-signature.rule.yaml +42 -0
  311. package/rules/java/java.correctness.servlet-mutable-fields.rule.yaml +45 -0
  312. package/rules/java/java.correctness.shift-out-of-range.rule.yaml +44 -0
  313. package/rules/java/java.correctness.static-date-field.rule.yaml +42 -0
  314. package/rules/java/java.correctness.stream-reuse.rule.yaml +42 -0
  315. package/rules/java/java.correctness.string-format-arg-mismatch.rule.yaml +45 -0
  316. package/rules/java/java.correctness.stringbuilder-char-ctor.rule.yaml +42 -0
  317. package/rules/java/java.correctness.switch-statement-labels.rule.yaml +44 -0
  318. package/rules/java/java.correctness.sync-boxed-primitive.rule.yaml +45 -0
  319. package/rules/java/java.correctness.sync-on-get-class.rule.yaml +42 -0
  320. package/rules/java/java.correctness.sync-on-lock-primitive.rule.yaml +45 -0
  321. package/rules/java/java.correctness.sync-on-mutable-ref.rule.yaml +42 -0
  322. package/rules/java/java.correctness.sync-on-nullable-field.rule.yaml +42 -0
  323. package/rules/java/java.correctness.sync-on-public-field.rule.yaml +42 -0
  324. package/rules/java/java.correctness.sync-on-string-literal.rule.yaml +2 -0
  325. package/rules/java/java.correctness.system-exit.rule.yaml +43 -0
  326. package/rules/java/java.correctness.thread-sleep-with-lock.rule.yaml +45 -0
  327. package/rules/java/java.correctness.thread-static-misuse.rule.yaml +42 -0
  328. package/rules/java/java.correctness.threadgroup-deprecated-methods.rule.yaml +43 -0
  329. package/rules/java/java.correctness.throw-null.rule.yaml +42 -0
  330. package/rules/java/java.correctness.timezone-invalid-id.rule.yaml +42 -0
  331. package/rules/java/java.correctness.two-lock-wait.rule.yaml +45 -0
  332. package/rules/java/java.correctness.unconditional-recursion.rule.yaml +42 -0
  333. package/rules/java/java.correctness.unescaped-whitespace.rule.yaml +42 -0
  334. package/rules/java/java.correctness.unimplementable-interface.rule.yaml +42 -0
  335. package/rules/java/java.correctness.unsafe-collection-downcast.rule.yaml +42 -0
  336. package/rules/java/java.correctness.unsafe-getresource.rule.yaml +45 -0
  337. package/rules/java/java.correctness.unsupported-jdk-api.rule.yaml +46 -0
  338. package/rules/java/java.correctness.unsupported-method-call.rule.yaml +42 -0
  339. package/rules/java/java.correctness.unsync-static-lazy-init.rule.yaml +42 -0
  340. package/rules/java/java.correctness.unsynchronized-wait-notify.rule.yaml +45 -0
  341. package/rules/java/java.correctness.unterminated-assertion-chain.rule.yaml +39 -0
  342. package/rules/java/java.correctness.volatile-array-elements.rule.yaml +45 -0
  343. package/rules/java/java.correctness.volatile-increment-non-atomic.rule.yaml +45 -0
  344. package/rules/java/java.correctness.wait-notify-on-thread.rule.yaml +45 -0
  345. package/rules/java/java.correctness.wait-on-condition.rule.yaml +45 -0
  346. package/rules/java/java.correctness.week-year-in-date-pattern.rule.yaml +44 -0
  347. package/rules/java/java.correctness.zoneid-invalid-timezone.rule.yaml +42 -0
  348. package/rules/java/java.doc.empty-javadoc-tag.rule.yaml +41 -0
  349. package/rules/java/java.doc.malformed-javadoc-comment.rule.yaml +41 -0
  350. package/rules/java/java.doc.parameter-tag-no-description.rule.yaml +41 -0
  351. package/rules/java/java.doc.unmatched-parameter-tag.rule.yaml +41 -0
  352. package/rules/java/java.performance.boxed-boolean-constructor.rule.yaml +43 -0
  353. package/rules/java/java.performance.boxed-double-constructor.rule.yaml +43 -0
  354. package/rules/java/java.performance.boxed-integer-constructor.rule.yaml +43 -0
  355. package/rules/java/java.performance.empty-string-constructor.rule.yaml +44 -0
  356. package/rules/java/java.performance.expensive-method-on-ui-thread.rule.yaml +50 -0
  357. package/rules/java/java.performance.explicit-gc.rule.yaml +43 -0
  358. package/rules/java/java.performance.inefficient-string-constructor.rule.yaml +44 -0
  359. package/rules/java/java.performance.keyset-instead-of-entryset.rule.yaml +49 -0
  360. package/rules/java/java.performance.non-zero-to-array.rule.yaml +49 -0
  361. package/rules/java/java.performance.pattern-compile-in-loop.rule.yaml +49 -0
  362. package/rules/java/java.performance.removeall-to-clear.rule.yaml +49 -0
  363. package/rules/java/java.performance.replaceall-instead-of-replace.rule.yaml +49 -0
  364. package/rules/java/java.performance.single-char-string-indexof.rule.yaml +49 -0
  365. package/rules/java/java.performance.string-concat-in-loop.rule.yaml +49 -0
  366. package/rules/java/java.performance.string-to-string.rule.yaml +43 -0
  367. package/rules/java/java.performance.thread-as-runnable.rule.yaml +44 -0
  368. package/rules/java/java.performance.url-in-collection.rule.yaml +44 -0
  369. package/rules/java/java.quality.c-style-array-declaration.rule.yaml +41 -0
  370. package/rules/java/java.quality.multiple-variables-same-line.rule.yaml +41 -0
  371. package/rules/java/java.quality.type-name-uppercase.rule.yaml +41 -0
  372. package/rules/java/java.testing.setup-teardown-annotation.rule.yaml +36 -0
  373. package/rules/java/java.testing.setup-without-super.rule.yaml +43 -0
  374. package/rules/java/java.testing.teardown-without-super.rule.yaml +43 -0
  375. package/rules/java/java.testing.wrong-assertion-argument-order.rule.yaml +43 -0
  376. package/rules/php/php.correctness.abstract-method-outside-abstract-class.rule.yaml +39 -0
  377. package/rules/php/php.correctness.abstract-method-with-body.rule.yaml +38 -0
  378. package/rules/php/php.correctness.assign-to-non-lvalue.rule.yaml +38 -0
  379. package/rules/php/php.correctness.attribute-on-class-constant.rule.yaml +38 -0
  380. package/rules/php/php.correctness.attribute-on-closure.rule.yaml +38 -0
  381. package/rules/php/php.correctness.attribute-on-function.rule.yaml +38 -0
  382. package/rules/php/php.correctness.attribute-on-property.rule.yaml +40 -0
  383. package/rules/php/php.correctness.break-continue-outside-loop.rule.yaml +38 -0
  384. package/rules/php/php.correctness.case-insensitive-define.rule.yaml +38 -0
  385. package/rules/php/php.correctness.class-implements-non-interface.rule.yaml +38 -0
  386. package/rules/php/php.correctness.default-parameter-not-last.rule.yaml +38 -0
  387. package/rules/php/php.correctness.deprecated-filter-constant.rule.yaml +38 -0
  388. package/rules/php/php.correctness.deprecated-libxml-entity-loader.rule.yaml +38 -0
  389. package/rules/php/php.correctness.deprecated-unset-cast.rule.yaml +38 -0
  390. package/rules/php/php.correctness.duplicate-array-key.rule.yaml +2 -0
  391. package/rules/php/php.correctness.duplicate-declaration.rule.yaml +38 -0
  392. package/rules/php/php.correctness.duplicate-union-type.rule.yaml +38 -0
  393. package/rules/php/php.correctness.echo-invalid-value.rule.yaml +38 -0
  394. package/rules/php/php.correctness.empty-array-literal-slot.rule.yaml +38 -0
  395. package/rules/php/php.correctness.empty-bracket-array-access.rule.yaml +38 -0
  396. package/rules/php/php.correctness.empty-code-block.rule.yaml +38 -0
  397. package/rules/php/php.correctness.empty-function-body.rule.yaml +38 -0
  398. package/rules/php/php.correctness.error-suppression-operator.rule.yaml +2 -0
  399. package/rules/php/php.correctness.function-comparison.rule.yaml +38 -0
  400. package/rules/php/php.correctness.inaccessible-property.rule.yaml +49 -0
  401. package/rules/php/php.correctness.incomplete-arrow-function.rule.yaml +38 -0
  402. package/rules/php/php.correctness.inconsistent-printf-params.rule.yaml +50 -0
  403. package/rules/php/php.correctness.instanceof-invalid-type.rule.yaml +40 -0
  404. package/rules/php/php.correctness.instantiate-abstract-class.rule.yaml +38 -0
  405. package/rules/php/php.correctness.interface-extends-non-interface.rule.yaml +38 -0
  406. package/rules/php/php.correctness.interface-implements-keyword.rule.yaml +38 -0
  407. package/rules/php/php.correctness.invalid-arrow-function-typehint.rule.yaml +38 -0
  408. package/rules/php/php.correctness.invalid-attribute-class.rule.yaml +49 -0
  409. package/rules/php/php.correctness.invalid-closure-return-typehint.rule.yaml +38 -0
  410. package/rules/php/php.correctness.invalid-constructor-promotion.rule.yaml +38 -0
  411. package/rules/php/php.correctness.invalid-cookie-options.rule.yaml +38 -0
  412. package/rules/php/php.correctness.invalid-dynamic-constant-fetch.rule.yaml +38 -0
  413. package/rules/php/php.correctness.invalid-extends-target.rule.yaml +38 -0
  414. package/rules/php/php.correctness.invalid-increment-operand.rule.yaml +38 -0
  415. package/rules/php/php.correctness.invalid-isset-argument.rule.yaml +38 -0
  416. package/rules/php/php.correctness.invalid-regex-literal.rule.yaml +36 -0
  417. package/rules/php/php.correctness.invalid-return-typehint.rule.yaml +38 -0
  418. package/rules/php/php.correctness.invalid-static-method.rule.yaml +40 -0
  419. package/rules/php/php.correctness.invalid-string-interpolation-type.rule.yaml +38 -0
  420. package/rules/php/php.correctness.invalid-type-cast.rule.yaml +38 -0
  421. package/rules/php/php.correctness.invalid-use-keyword.rule.yaml +48 -0
  422. package/rules/php/php.correctness.missing-member-visibility.rule.yaml +38 -0
  423. package/rules/php/php.correctness.missing-return-statement.rule.yaml +38 -0
  424. package/rules/php/php.correctness.named-arg-before-positional.rule.yaml +38 -0
  425. package/rules/php/php.correctness.nested-function-declaration.rule.yaml +38 -0
  426. package/rules/php/php.correctness.nested-switch.rule.yaml +38 -0
  427. package/rules/php/php.correctness.nullable-mixed-type.rule.yaml +38 -0
  428. package/rules/php/php.correctness.nullsafe-returned-by-reference.rule.yaml +3 -0
  429. package/rules/php/php.correctness.print-invalid-value.rule.yaml +38 -0
  430. package/rules/php/php.correctness.psr-class-constant-naming.rule.yaml +38 -0
  431. package/rules/php/php.correctness.psr-method-camel-case.rule.yaml +38 -0
  432. package/rules/php/php.correctness.redundant-final-method.rule.yaml +38 -0
  433. package/rules/php/php.correctness.redundant-string-cast-concat.rule.yaml +38 -0
  434. package/rules/php/php.correctness.self-assignment.rule.yaml +38 -0
  435. package/rules/php/php.correctness.switch-multiple-default.rule.yaml +2 -0
  436. package/rules/php/php.correctness.throw-as-expression.rule.yaml +38 -0
  437. package/rules/php/php.correctness.throw-non-exception.rule.yaml +38 -0
  438. package/rules/php/php.correctness.todo-fixme-marker.rule.yaml +36 -0
  439. package/rules/php/php.correctness.trait-as-attribute.rule.yaml +38 -0
  440. package/rules/php/php.correctness.trait-class-constant.rule.yaml +38 -0
  441. package/rules/php/php.correctness.undefined-constant-reference.rule.yaml +38 -0
  442. package/rules/php/php.correctness.undefined-function.rule.yaml +40 -0
  443. package/rules/php/php.correctness.undefined-method.rule.yaml +40 -0
  444. package/rules/php/php.correctness.undefined-property.rule.yaml +51 -0
  445. package/rules/php/php.correctness.undefined-static-property.rule.yaml +41 -0
  446. package/rules/php/php.correctness.undefined-variable.rule.yaml +48 -0
  447. package/rules/php/php.correctness.uninitialized-typed-property.rule.yaml +38 -0
  448. package/rules/php/php.correctness.unknown-magic-method.rule.yaml +38 -0
  449. package/rules/php/php.correctness.unreachable-after-return.rule.yaml +2 -0
  450. package/rules/php/php.correctness.unused-closure-use-variable.rule.yaml +38 -0
  451. package/rules/php/php.correctness.unused-constructor-parameter.rule.yaml +38 -0
  452. package/rules/php/php.correctness.unused-import.rule.yaml +38 -0
  453. package/rules/php/php.correctness.useless-post-increment.rule.yaml +38 -0
  454. package/rules/php/php.correctness.useless-unset.rule.yaml +38 -0
  455. package/rules/php/php.correctness.void-match-arm.rule.yaml +38 -0
  456. package/rules/php/php.performance.expensive-loop-condition.rule.yaml +38 -0
  457. package/rules/php/php.security.debug-function-exposure.rule.yaml +2 -0
  458. package/rules/php/php.security.insecure-session-id-generation.rule.yaml +2 -0
  459. package/rules/php/php.security.insecure-session-or-cookie-config.rule.yaml +3 -0
  460. package/rules/php/php.security.no-dynamic-eval.rule.yaml +2 -0
  461. package/rules/php/php.security.unsafe-include-with-user-input.rule.yaml +2 -0
  462. package/rules/php/php.security.unsafe-new-static.rule.yaml +44 -0
  463. package/rules/php/php.security.weak-cipher.rule.yaml +2 -0
  464. package/rules/php/php.security.xml-external-entity.rule.yaml +2 -0
  465. package/rules/python/py.correctness.assert-outside-test.rule.yaml +49 -0
  466. package/rules/python/py.correctness.global-statement.rule.yaml +51 -0
  467. package/rules/python/py.correctness.redefined-builtin.rule.yaml +51 -0
  468. package/rules/python/py.correctness.super-with-arguments.rule.yaml +51 -0
  469. package/rules/python/py.correctness.unnecessary-comprehension.rule.yaml +51 -0
  470. package/rules/python/py.correctness.useless-return.rule.yaml +51 -0
  471. package/rules/python/py.security.command-execution-with-request-input.rule.yaml +56 -0
  472. package/rules/python/py.security.ftp-usage.rule.yaml +51 -0
  473. package/rules/python/py.security.hardcoded-credentials.rule.yaml +51 -0
  474. package/rules/python/py.security.hardcoded-temp-directory.rule.yaml +51 -0
  475. package/rules/python/py.security.insecure-cipher-mode.rule.yaml +51 -0
  476. package/rules/python/py.security.insecure-cipher.rule.yaml +51 -0
  477. package/rules/python/py.security.insecure-crypto-import.rule.yaml +51 -0
  478. package/rules/python/py.security.insecure-http-transport.rule.yaml +56 -0
  479. package/rules/python/py.security.insecure-ssl-version.rule.yaml +53 -0
  480. package/rules/python/py.security.insecure-urllib-method.rule.yaml +51 -0
  481. package/rules/python/py.security.insecure-xml-parser.rule.yaml +53 -0
  482. package/rules/python/py.security.mako-insecure-templates.rule.yaml +53 -0
  483. package/rules/python/py.security.path-traversal-user-input.rule.yaml +51 -0
  484. package/rules/python/py.security.request-path-file-read.rule.yaml +56 -0
  485. package/rules/python/py.security.sensitive-logging.rule.yaml +51 -0
  486. package/rules/python/py.security.sql-interpolation.rule.yaml +56 -0
  487. package/rules/python/py.security.ssh-host-key-validation.rule.yaml +53 -0
  488. package/rules/python/py.security.telnet-usage.rule.yaml +51 -0
  489. package/rules/python/py.security.tls-verification-disabled.rule.yaml +56 -0
  490. package/rules/python/py.security.unsafe-deserialization.rule.yaml +56 -0
  491. package/rules/python/py.security.weak-crypto-key.rule.yaml +51 -0
  492. package/rules/python/py.security.weak-hash-algorithm.rule.yaml +57 -0
  493. package/rules/python/py.security.wildcard-subprocess-injection.rule.yaml +53 -0
  494. package/rules/python/py.security.xmlrpc-import.rule.yaml +53 -0
  495. package/rules/ruby/ruby.bug-risk.action-mailer-base-subclass.rule.yaml +53 -0
  496. package/rules/ruby/ruby.bug-risk.active-job-base-subclass.rule.yaml +53 -0
  497. package/rules/ruby/ruby.bug-risk.active-record-alias.rule.yaml +53 -0
  498. package/rules/ruby/ruby.bug-risk.active-record-base-subclass.rule.yaml +53 -0
  499. package/rules/ruby/ruby.bug-risk.active-record-method-override.rule.yaml +55 -0
  500. package/rules/ruby/ruby.bug-risk.active-support-alias.rule.yaml +52 -0
  501. package/rules/ruby/ruby.bug-risk.all-each-to-find-each.rule.yaml +55 -0
  502. package/rules/ruby/ruby.bug-risk.allow-blank-with-delegate.rule.yaml +52 -0
  503. package/rules/ruby/ruby.bug-risk.alter-queries-combine.rule.yaml +54 -0
  504. package/rules/ruby/ruby.bug-risk.ambiguous-block-association.rule.yaml +49 -0
  505. package/rules/ruby/ruby.bug-risk.ambiguous-operator-argument.rule.yaml +48 -0
  506. package/rules/ruby/ruby.bug-risk.ambiguous-regexp-literal.rule.yaml +49 -0
  507. package/rules/ruby/ruby.bug-risk.argument-overwritten-before-use.rule.yaml +51 -0
  508. package/rules/ruby/ruby.bug-risk.assert-not-usage.rule.yaml +51 -0
  509. package/rules/ruby/ruby.bug-risk.assignment-in-condition.rule.yaml +42 -0
  510. package/rules/ruby/ruby.bug-risk.bad-date-usage.rule.yaml +55 -0
  511. package/rules/ruby/ruby.bug-risk.bad-magic-comment-order.rule.yaml +50 -0
  512. package/rules/ruby/ruby.bug-risk.bad-operand-order.rule.yaml +46 -0
  513. package/rules/ruby/ruby.bug-risk.bad-rescue-ordering.rule.yaml +50 -0
  514. package/rules/ruby/ruby.bug-risk.branches-without-body.rule.yaml +49 -0
  515. package/rules/ruby/ruby.bug-risk.callback-order.rule.yaml +52 -0
  516. package/rules/ruby/ruby.bug-risk.callback-override.rule.yaml +53 -0
  517. package/rules/ruby/ruby.bug-risk.circular-argument-reference.rule.yaml +44 -0
  518. package/rules/ruby/ruby.bug-risk.class-name-should-be-string.rule.yaml +52 -0
  519. package/rules/ruby/ruby.bug-risk.console-output-instead-of-logger.rule.yaml +53 -0
  520. package/rules/ruby/ruby.bug-risk.constant-in-block.rule.yaml +52 -0
  521. package/rules/ruby/ruby.bug-risk.controller-base-subclass.rule.yaml +54 -0
  522. package/rules/ruby/ruby.bug-risk.dependent-option-cascade.rule.yaml +53 -0
  523. package/rules/ruby/ruby.bug-risk.deprecated-belongs-to-required.rule.yaml +54 -0
  524. package/rules/ruby/ruby.bug-risk.deprecated-big-decimal-new.rule.yaml +44 -0
  525. package/rules/ruby/ruby.bug-risk.deprecated-class-methods.rule.yaml +45 -0
  526. package/rules/ruby/ruby.bug-risk.deprecated-filter-methods.rule.yaml +54 -0
  527. package/rules/ruby/ruby.bug-risk.deprecated-find-by-dynamic.rule.yaml +55 -0
  528. package/rules/ruby/ruby.bug-risk.deprecated-http-status-symbols.rule.yaml +52 -0
  529. package/rules/ruby/ruby.bug-risk.deprecated-openssl-api.rule.yaml +42 -0
  530. package/rules/ruby/ruby.bug-risk.deprecated-uri-escape.rule.yaml +42 -0
  531. package/rules/ruby/ruby.bug-risk.deprecated-uri-regexp.rule.yaml +42 -0
  532. package/rules/ruby/ruby.bug-risk.disjunctive-assignment-in-constructor.rule.yaml +46 -0
  533. package/rules/ruby/ruby.bug-risk.division-by-zero.rule.yaml +42 -0
  534. package/rules/ruby/ruby.bug-risk.duplicate-case-conditions.rule.yaml +49 -0
  535. package/rules/ruby/ruby.bug-risk.duplicate-constant-assignment.rule.yaml +47 -0
  536. package/rules/ruby/ruby.bug-risk.duplicate-elsif-block.rule.yaml +51 -0
  537. package/rules/ruby/ruby.bug-risk.duplicate-hash-keys.rule.yaml +42 -0
  538. package/rules/ruby/ruby.bug-risk.duplicate-method-definitions.rule.yaml +49 -0
  539. package/rules/ruby/ruby.bug-risk.each-with-object-immutable-arg.rule.yaml +51 -0
  540. package/rules/ruby/ruby.bug-risk.else-followed-by-expression.rule.yaml +50 -0
  541. package/rules/ruby/ruby.bug-risk.else-without-rescue.rule.yaml +51 -0
  542. package/rules/ruby/ruby.bug-risk.empty-ensure-block.rule.yaml +49 -0
  543. package/rules/ruby/ruby.bug-risk.empty-expression.rule.yaml +48 -0
  544. package/rules/ruby/ruby.bug-risk.empty-interpolation.rule.yaml +49 -0
  545. package/rules/ruby/ruby.bug-risk.end-in-method.rule.yaml +49 -0
  546. package/rules/ruby/ruby.bug-risk.enum-array-syntax.rule.yaml +54 -0
  547. package/rules/ruby/ruby.bug-risk.enum-duplicate-values.rule.yaml +53 -0
  548. package/rules/ruby/ruby.bug-risk.equal-instead-of-equal.rule.yaml +50 -0
  549. package/rules/ruby/ruby.bug-risk.error-inherits-exception.rule.yaml +42 -0
  550. package/rules/ruby/ruby.bug-risk.exception-class-overwritten.rule.yaml +42 -0
  551. package/rules/ruby/ruby.bug-risk.exit-in-app-code.rule.yaml +53 -0
  552. package/rules/ruby/ruby.bug-risk.flip-flop-operator.rule.yaml +49 -0
  553. package/rules/ruby/ruby.bug-risk.git-in-gemspec.rule.yaml +48 -0
  554. package/rules/ruby/ruby.bug-risk.grouped-parentheses-in-call.rule.yaml +51 -0
  555. package/rules/ruby/ruby.bug-risk.has-and-belongs-to-many.rule.yaml +52 -0
  556. package/rules/ruby/ruby.bug-risk.helper-instance-variables.rule.yaml +52 -0
  557. package/rules/ruby/ruby.bug-risk.heredoc-method-order.rule.yaml +51 -0
  558. package/rules/ruby/ruby.bug-risk.http-methods-without-params.rule.yaml +54 -0
  559. package/rules/ruby/ruby.bug-risk.identical-binary-operands.rule.yaml +53 -0
  560. package/rules/ruby/ruby.bug-risk.ignored-column-accessed.rule.yaml +50 -0
  561. package/rules/ruby/ruby.bug-risk.inconsistent-request-referrer.rule.yaml +50 -0
  562. package/rules/ruby/ruby.bug-risk.inconsistent-safe-navigation-try.rule.yaml +51 -0
  563. package/rules/ruby/ruby.bug-risk.inconsistent-safe-navigation.rule.yaml +51 -0
  564. package/rules/ruby/ruby.bug-risk.incorrect-pluralization.rule.yaml +51 -0
  565. package/rules/ruby/ruby.bug-risk.ineffective-access-modifier.rule.yaml +50 -0
  566. package/rules/ruby/ruby.bug-risk.interpolation-in-single-quote.rule.yaml +50 -0
  567. package/rules/ruby/ruby.bug-risk.invalid-integer-times.rule.yaml +52 -0
  568. package/rules/ruby/ruby.bug-risk.invalid-percent-string-literal.rule.yaml +51 -0
  569. package/rules/ruby/ruby.bug-risk.invalid-percent-symbol-array.rule.yaml +51 -0
  570. package/rules/ruby/ruby.bug-risk.invalid-rails-env-predicate.rule.yaml +51 -0
  571. package/rules/ruby/ruby.bug-risk.invalid-rescue-type.rule.yaml +51 -0
  572. package/rules/ruby/ruby.bug-risk.io-select-single-arg.rule.yaml +48 -0
  573. package/rules/ruby/ruby.bug-risk.irreversible-migration.rule.yaml +57 -0
  574. package/rules/ruby/ruby.bug-risk.missing-inverse-of.rule.yaml +53 -0
  575. package/rules/ruby/ruby.bug-risk.mixed-regex-captures.rule.yaml +51 -0
  576. package/rules/ruby/ruby.bug-risk.multiple-rescues-for-same-exception.rule.yaml +49 -0
  577. package/rules/ruby/ruby.bug-risk.non-local-exit-from-iterator.rule.yaml +51 -0
  578. package/rules/ruby/ruby.bug-risk.non-null-column-without-default.rule.yaml +51 -0
  579. package/rules/ruby/ruby.bug-risk.non-preferred-assert-falseness.rule.yaml +50 -0
  580. package/rules/ruby/ruby.bug-risk.old-style-validation-macro.rule.yaml +49 -0
  581. package/rules/ruby/ruby.bug-risk.outer-variable-shadowed.rule.yaml +47 -0
  582. package/rules/ruby/ruby.bug-risk.plain-method-instead-of-proc.rule.yaml +48 -0
  583. package/rules/ruby/ruby.bug-risk.predicate-method-without-parentheses.rule.yaml +51 -0
  584. package/rules/ruby/ruby.bug-risk.rails-env-equality.rule.yaml +53 -0
  585. package/rules/ruby/ruby.bug-risk.rails-root-join.rule.yaml +53 -0
  586. package/rules/ruby/ruby.bug-risk.rake-task-missing-environment.rule.yaml +46 -0
  587. package/rules/ruby/ruby.bug-risk.raw-sql-without-squish.rule.yaml +42 -0
  588. package/rules/ruby/ruby.bug-risk.redundant-allow-nil.rule.yaml +52 -0
  589. package/rules/ruby/ruby.bug-risk.redundant-foreign-key.rule.yaml +50 -0
  590. package/rules/ruby/ruby.bug-risk.redundant-with-options-receiver.rule.yaml +52 -0
  591. package/rules/ruby/ruby.bug-risk.regex-literal-in-condition.rule.yaml +51 -0
  592. package/rules/ruby/ruby.bug-risk.relative-date-as-constant.rule.yaml +51 -0
  593. package/rules/ruby/ruby.bug-risk.renamed-column-accessed.rule.yaml +50 -0
  594. package/rules/ruby/ruby.bug-risk.rescue-exception.rule.yaml +42 -0
  595. package/rules/ruby/ruby.bug-risk.return-in-ensure.rule.yaml +49 -0
  596. package/rules/ruby/ruby.bug-risk.routes-match-single-verb.rule.yaml +51 -0
  597. package/rules/ruby/ruby.bug-risk.safe-navigation-with-blank.rule.yaml +50 -0
  598. package/rules/ruby/ruby.bug-risk.safe-navigation-with-empty.rule.yaml +52 -0
  599. package/rules/ruby/ruby.bug-risk.self-assignment.rule.yaml +52 -0
  600. package/rules/ruby/ruby.bug-risk.skip-filter-conditional.rule.yaml +55 -0
  601. package/rules/ruby/ruby.bug-risk.suppressed-exceptions.rule.yaml +49 -0
  602. package/rules/ruby/ruby.bug-risk.symbol-boolean-name.rule.yaml +44 -0
  603. package/rules/ruby/ruby.bug-risk.table-without-timestamps.rule.yaml +53 -0
  604. package/rules/ruby/ruby.bug-risk.time-without-zone.rule.yaml +51 -0
  605. package/rules/ruby/ruby.bug-risk.to-json-without-argument.rule.yaml +51 -0
  606. package/rules/ruby/ruby.bug-risk.trailing-comma-attribute.rule.yaml +50 -0
  607. package/rules/ruby/ruby.bug-risk.undefined-action-filter.rule.yaml +53 -0
  608. package/rules/ruby/ruby.bug-risk.unintended-string-concatenation.rule.yaml +51 -0
  609. package/rules/ruby/ruby.bug-risk.unnecessary-require.rule.yaml +51 -0
  610. package/rules/ruby/ruby.bug-risk.unnecessary-splat.rule.yaml +50 -0
  611. package/rules/ruby/ruby.bug-risk.unqualified-constant.rule.yaml +51 -0
  612. package/rules/ruby/ruby.bug-risk.unreachable-code.rule.yaml +49 -0
  613. package/rules/ruby/ruby.bug-risk.unreachable-loop.rule.yaml +51 -0
  614. package/rules/ruby/ruby.bug-risk.unsafe-number-conversion.rule.yaml +51 -0
  615. package/rules/ruby/ruby.bug-risk.unsafe-safe-navigation-chain.rule.yaml +50 -0
  616. package/rules/ruby/ruby.bug-risk.unused-method-arguments.rule.yaml +51 -0
  617. package/rules/ruby/ruby.bug-risk.use-blank-simplify.rule.yaml +49 -0
  618. package/rules/ruby/ruby.bug-risk.use-delegate.rule.yaml +50 -0
  619. package/rules/ruby/ruby.bug-risk.use-presence-over-explicit-check.rule.yaml +49 -0
  620. package/rules/ruby/ruby.bug-risk.use-present-to-simplify-conditional.rule.yaml +48 -0
  621. package/rules/ruby/ruby.bug-risk.use-square-brackets-for-attributes.rule.yaml +50 -0
  622. package/rules/ruby/ruby.bug-risk.useless-access-modifier.rule.yaml +49 -0
  623. package/rules/ruby/ruby.bug-risk.useless-comparison.rule.yaml +50 -0
  624. package/rules/ruby/ruby.bug-risk.useless-setter-call.rule.yaml +49 -0
  625. package/rules/ruby/ruby.bug-risk.when-branch-without-body.rule.yaml +49 -0
  626. package/rules/ruby/ruby.bug-risk.where-first-over-find-by.rule.yaml +54 -0
  627. package/rules/ruby/ruby.bug-risk.with-index-value-unused.rule.yaml +50 -0
  628. package/rules/ruby/ruby.bug-risk.with-object-value-unused.rule.yaml +50 -0
  629. package/rules/ruby/ruby.performance.efficient-hash-search.rule.yaml +42 -0
  630. package/rules/ruby/ruby.performance.enumerable-index-by.rule.yaml +51 -0
  631. package/rules/ruby/ruby.performance.enumerable-index-with.rule.yaml +52 -0
  632. package/rules/ruby/ruby.performance.merge-single-key.rule.yaml +42 -0
  633. package/rules/ruby/ruby.performance.no-static-size-computation.rule.yaml +43 -0
  634. package/rules/ruby/ruby.performance.prefer-delete-prefix.rule.yaml +53 -0
  635. package/rules/ruby/ruby.performance.prefer-delete-suffix.rule.yaml +53 -0
  636. package/rules/ruby/ruby.performance.prefer-flat-map.rule.yaml +41 -0
  637. package/rules/ruby/ruby.performance.prefer-struct-over-openstruct.rule.yaml +42 -0
  638. package/rules/ruby/ruby.performance.range-cover-over-include.rule.yaml +43 -0
  639. package/rules/ruby/ruby.performance.regex-match-over-match.rule.yaml +42 -0
  640. package/rules/ruby/ruby.performance.yield-over-block-call.rule.yaml +41 -0
  641. package/rules/ruby/ruby.security.debugger-call.rule.yaml +53 -0
  642. package/rules/ruby/ruby.security.dynamic-code-execution.rule.yaml +54 -0
  643. package/rules/ruby/ruby.security.insecure-json-load.rule.yaml +53 -0
  644. package/rules/ruby/ruby.security.io-shell-command.rule.yaml +50 -0
  645. package/rules/ruby/ruby.security.kernel-open.rule.yaml +53 -0
  646. package/rules/ruby/ruby.security.plaintext-password-in-callback.rule.yaml +46 -0
  647. package/rules/ruby/ruby.security.rails-http-digest-auth.rule.yaml +51 -0
  648. package/rules/ruby/ruby.security.rails-link-to-blank-without-noopener.rule.yaml +48 -0
  649. package/rules/ruby/ruby.security.rails-output-unsafe.rule.yaml +47 -0
  650. package/rules/ruby/ruby.security.rails-render-inline.rule.yaml +55 -0
  651. package/rules/ruby/ruby.security.rails-skip-validation.rule.yaml +51 -0
  652. package/rules/rust/rust.correctness.empty-range-expression.rule.yaml +49 -0
  653. package/rules/rust/rust.correctness.erasing-operation.rule.yaml +49 -0
  654. package/rules/rust/rust.correctness.forget-drop-on-copy-type.rule.yaml +50 -0
  655. package/rules/rust/rust.correctness.forget-drop-on-non-drop-type.rule.yaml +50 -0
  656. package/rules/rust/rust.correctness.forget-drop-on-reference.rule.yaml +49 -0
  657. package/rules/rust/rust.correctness.hash-unit-value.rule.yaml +49 -0
  658. package/rules/rust/rust.correctness.identical-binary-operands.rule.yaml +49 -0
  659. package/rules/rust/rust.correctness.ignored-future-value.rule.yaml +53 -0
  660. package/rules/rust/rust.correctness.invalid-regex-literal.rule.yaml +49 -0
  661. package/rules/rust/rust.correctness.iter-next-in-for-loop.rule.yaml +49 -0
  662. package/rules/rust/rust.correctness.mistyped-suffix.rule.yaml +50 -0
  663. package/rules/rust/rust.correctness.nan-comparison.rule.yaml +49 -0
  664. package/rules/rust/rust.correctness.non-binding-let-on-lock.rule.yaml +50 -0
  665. package/rules/rust/rust.correctness.non-octal-permissions.rule.yaml +60 -0
  666. package/rules/rust/rust.correctness.print-in-display-impl.rule.yaml +48 -0
  667. package/rules/rust/rust.correctness.self-not-self-type.rule.yaml +49 -0
  668. package/rules/rust/rust.correctness.step-by-zero.rule.yaml +48 -0
  669. package/rules/rust/rust.correctness.syntax-error.rule.yaml +49 -0
  670. package/rules/rust/rust.correctness.transmute-float-char-to-ref-or-ptr.rule.yaml +48 -0
  671. package/rules/rust/rust.correctness.transmute-int-lit-to-raw-ptr.rule.yaml +48 -0
  672. package/rules/rust/rust.correctness.transmute-int-to-fn-ptr.rule.yaml +48 -0
  673. package/rules/rust/rust.correctness.transmute-integer-to-bool.rule.yaml +49 -0
  674. package/rules/rust/rust.correctness.transmute-integer-to-char.rule.yaml +48 -0
  675. package/rules/rust/rust.correctness.transmute-integer-to-nonzero.rule.yaml +48 -0
  676. package/rules/rust/rust.correctness.transmute-number-to-slice-or-array.rule.yaml +48 -0
  677. package/rules/rust/rust.correctness.transmute-ptr-to-ptr.rule.yaml +49 -0
  678. package/rules/rust/rust.correctness.transmute-ptr-to-ref.rule.yaml +49 -0
  679. package/rules/rust/rust.correctness.transmute-ref-to-ptr.rule.yaml +49 -0
  680. package/rules/rust/rust.correctness.transmute-t-to-ptr-ref.rule.yaml +49 -0
  681. package/rules/rust/rust.correctness.transmute-tuple-to-slice-or-array.rule.yaml +48 -0
  682. package/rules/rust/rust.correctness.unhandled-io-result.rule.yaml +49 -0
  683. package/rules/rust/rust.correctness.unit-argument.rule.yaml +50 -0
  684. package/rules/rust/rust.correctness.unit-comparison.rule.yaml +49 -0
  685. package/rules/rust/rust.performance.single-char-string-literal-pattern.rule.yaml +51 -0
  686. package/rules/rust/rust.quality.approximate-floating-constant.rule.yaml +51 -0
  687. package/rules/rust/rust.quality.builtin-type-shadow.rule.yaml +49 -0
  688. package/rules/rust/rust.quality.clone-on-double-reference.rule.yaml +50 -0
  689. package/rules/rust/rust.quality.crate-in-macro-definition.rule.yaml +50 -0
  690. package/rules/rust/rust.quality.deprecated-function-use.rule.yaml +52 -0
  691. package/rules/rust/rust.quality.env-string-literal.rule.yaml +50 -0
  692. package/rules/rust/rust.quality.explicit-self-assignment.rule.yaml +49 -0
  693. package/rules/rust/rust.quality.fn-ptr-null-comparison.rule.yaml +49 -0
  694. package/rules/rust/rust.quality.fn-ptr-to-non-pointer-cast.rule.yaml +50 -0
  695. package/rules/rust/rust.quality.inaccurate-duration-calculation.rule.yaml +50 -0
  696. package/rules/rust/rust.quality.isize-usize-overflow.rule.yaml +50 -0
  697. package/rules/rust/rust.quality.iter-count-instead-of-len.rule.yaml +49 -0
  698. package/rules/rust/rust.quality.iter-nth-instead-of-get.rule.yaml +50 -0
  699. package/rules/rust/rust.quality.map-followed-by-count.rule.yaml +50 -0
  700. package/rules/rust/rust.quality.non-owned-rc-pointer-into-vec.rule.yaml +50 -0
  701. package/rules/rust/rust.quality.non-utf8-literal-in-from-utf8-unchecked.rule.yaml +54 -0
  702. package/rules/rust/rust.quality.option-env-unwrap.rule.yaml +50 -0
  703. package/rules/rust/rust.quality.ordered-iteration-on-unordered.rule.yaml +52 -0
  704. package/rules/rust/rust.quality.possible-missing-comma-in-array.rule.yaml +49 -0
  705. package/rules/rust/rust.quality.potentially-incomplete-ascii-range.rule.yaml +49 -0
  706. package/rules/rust/rust.quality.redundant-mem-replace-with-default.rule.yaml +48 -0
  707. package/rules/rust/rust.quality.redundant-mem-replace-with-none.rule.yaml +48 -0
  708. package/rules/rust/rust.quality.redundant-mem-replace-with-zero.rule.yaml +48 -0
  709. package/rules/rust/rust.quality.replace-same-pattern-and-replacement.rule.yaml +49 -0
  710. package/rules/rust/rust.quality.size-of-val-on-reference.rule.yaml +49 -0
  711. package/rules/rust/rust.quality.unused-enumerate-or-zip-items.rule.yaml +50 -0
  712. package/rules/rust/rust.security.actix-namedfile-path-traversal.rule.yaml +61 -0
  713. package/rules/rust/rust.security.bind-all-interfaces.rule.yaml +2 -0
  714. package/rules/rust/rust.security.const-to-mut-ptr.rule.yaml +61 -0
  715. package/rules/rust/rust.security.differently-sized-slice-conversion.rule.yaml +61 -0
  716. package/rules/rust/rust.security.global-write-permission.rule.yaml +61 -0
  717. package/rules/rust/rust.security.insecure-temp-file.rule.yaml +2 -0
  718. package/rules/rust/rust.security.invisible-unicode.rule.yaml +60 -0
  719. package/rules/rust/rust.security.manual-error-type-id.rule.yaml +59 -0
  720. package/rules/rust/rust.security.missing-regex-anchor.rule.yaml +61 -0
  721. package/rules/rust/rust.security.misused-bitwise-xor.rule.yaml +54 -0
  722. package/rules/rust/rust.security.open-redirect.rule.yaml +64 -0
  723. package/rules/rust/rust.security.potentially-vulnerable-regex.rule.yaml +61 -0
  724. package/rules/rust/rust.security.raw-slice-to-ptr.rule.yaml +60 -0
  725. package/rules/rust/rust.security.unsafe-remove-dir-all.rule.yaml +62 -0
  726. package/rules/rust/rust.security.weak-crypto-import.rule.yaml +2 -0
  727. package/rules/rust/rust.security.weak-rsa-key-size.rule.yaml +2 -0
  728. package/rules/rust/rust.testing.ignore-without-ticket-reference.rule.yaml +13 -7
  729. package/rules/rust/rust.testing.thread-sleep-in-unit-test.rule.yaml +6 -6
  730. package/rules/shared/security.no-command-execution-with-request-input.rule.yaml +3 -0
  731. package/rules/shared/security.no-sensitive-data-in-logs-and-telemetry.rule.yaml +2 -0
  732. package/rules/shared/security.no-sql-interpolation.rule.yaml +2 -0
  733. package/rules/shared/security.permissive-file-permissions.rule.yaml +2 -0
  734. package/rules/shared/security.weak-hash-algorithm.rule.yaml +2 -0
  735. package/rules/sql/sql.correctness.undefined-reference.rule.yaml +37 -0
  736. package/rules/sql/sql.style.ambiguous-distinct.rule.yaml +37 -0
  737. package/rules/sql/sql.style.column-expression-without-alias.rule.yaml +37 -0
  738. package/rules/sql/sql.style.distinct-with-parenthesis.rule.yaml +37 -0
  739. package/rules/sql/sql.style.duplicate-table-aliases.rule.yaml +37 -0
  740. package/rules/sql/sql.style.implicit-column-alias.rule.yaml +37 -0
  741. package/rules/sql/sql.style.implicit-table-alias.rule.yaml +37 -0
  742. package/rules/sql/sql.style.inconsistent-capitalization.rule.yaml +37 -0
  743. package/rules/sql/sql.style.inconsistent-keyword-case.rule.yaml +37 -0
  744. package/rules/sql/sql.style.keyword-as-identifier.rule.yaml +37 -0
  745. package/rules/sql/sql.style.trailing-select-comma.rule.yaml +37 -0
  746. package/rules/sql/sql.style.unqualified-references.rule.yaml +37 -0
  747. package/rules/sql/sql.style.unused-table-alias.rule.yaml +37 -0
  748. package/rules/typescript/ts.angularjs.inject-function-assignments-only.rule.yaml +36 -0
  749. package/rules/typescript/ts.angularjs.no-controller.rule.yaml +36 -0
  750. package/rules/typescript/ts.angularjs.no-deprecated-cookie-store.rule.yaml +36 -0
  751. package/rules/typescript/ts.angularjs.no-deprecated-directive-replace.rule.yaml +36 -0
  752. package/rules/typescript/ts.angularjs.no-deprecated-http-success-error.rule.yaml +36 -0
  753. package/rules/typescript/ts.angularjs.no-jquery-wrapping-angular-element.rule.yaml +36 -0
  754. package/rules/typescript/ts.angularjs.prefer-angular-for-each.rule.yaml +36 -0
  755. package/rules/typescript/ts.angularjs.prefer-angular-is-string.rule.yaml +36 -0
  756. package/rules/typescript/ts.correctness.array-callback-missing-return.rule.yaml +2 -0
  757. package/rules/typescript/ts.correctness.array-sort-without-compare.rule.yaml +5 -3
  758. package/rules/typescript/ts.correctness.assignment-in-condition.rule.yaml +4 -2
  759. package/rules/typescript/ts.correctness.assignment-to-exports.rule.yaml +38 -0
  760. package/rules/typescript/ts.correctness.assignment-to-import-binding.rule.yaml +2 -0
  761. package/rules/typescript/ts.correctness.async-promise-executor.rule.yaml +2 -0
  762. package/rules/typescript/ts.correctness.blocking-call-in-async-flow.rule.yaml +14 -3
  763. package/rules/typescript/ts.correctness.callback-missing-error-handling.rule.yaml +38 -0
  764. package/rules/typescript/ts.correctness.callback-not-error-first.rule.yaml +38 -0
  765. package/rules/typescript/ts.correctness.compound-assignment-with-await.rule.yaml +37 -0
  766. package/rules/typescript/ts.correctness.confusing-multiline-expression.rule.yaml +37 -0
  767. package/rules/typescript/ts.correctness.constructor-return-value.rule.yaml +37 -0
  768. package/rules/typescript/ts.correctness.control-flow-in-finally.rule.yaml +2 -0
  769. package/rules/typescript/ts.correctness.declaration-in-nested-block.rule.yaml +39 -0
  770. package/rules/typescript/ts.correctness.delete-on-variable.rule.yaml +37 -0
  771. package/rules/typescript/ts.correctness.deprecated-api-usage.rule.yaml +39 -0
  772. package/rules/typescript/ts.correctness.duplicate-class-member.rule.yaml +37 -0
  773. package/rules/typescript/ts.correctness.duplicate-export.rule.yaml +37 -0
  774. package/rules/typescript/ts.correctness.duplicate-function-parameter.rule.yaml +2 -0
  775. package/rules/typescript/ts.correctness.duplicate-if-else-condition.rule.yaml +2 -0
  776. package/rules/typescript/ts.correctness.duplicate-import-source.rule.yaml +2 -0
  777. package/rules/typescript/ts.correctness.duplicate-object-key.rule.yaml +2 -0
  778. package/rules/typescript/ts.correctness.duplicate-switch-case.rule.yaml +2 -0
  779. package/rules/typescript/ts.correctness.empty-block-statement.rule.yaml +2 -0
  780. package/rules/typescript/ts.correctness.empty-destructuring-pattern.rule.yaml +37 -0
  781. package/rules/typescript/ts.correctness.extraneous-import.rule.yaml +38 -0
  782. package/rules/typescript/ts.correctness.flawed-string-comparison.rule.yaml +38 -0
  783. package/rules/typescript/ts.correctness.global-object-called-as-function.rule.yaml +38 -0
  784. package/rules/typescript/ts.correctness.identical-comparison-operands.rule.yaml +2 -0
  785. package/rules/typescript/ts.correctness.implicit-undefined-return.rule.yaml +2 -0
  786. package/rules/typescript/ts.correctness.infinite-loop.rule.yaml +16 -7
  787. package/rules/typescript/ts.correctness.invalid-async-await-call.rule.yaml +37 -0
  788. package/rules/typescript/ts.correctness.invalid-shebang.rule.yaml +37 -0
  789. package/rules/typescript/ts.correctness.invalid-typeof-comparison.rule.yaml +2 -0
  790. package/rules/typescript/ts.correctness.invalid-variable-usage.rule.yaml +37 -0
  791. package/rules/typescript/ts.correctness.missing-async-on-promise-method.rule.yaml +2 -0
  792. package/rules/typescript/ts.correctness.missing-super-call.rule.yaml +2 -0
  793. package/rules/typescript/ts.correctness.missing-timeout-on-external-call.rule.yaml +13 -6
  794. package/rules/typescript/ts.correctness.missing-type-annotation.rule.yaml +37 -0
  795. package/rules/typescript/ts.correctness.namespace-import-unexported-name.rule.yaml +37 -0
  796. package/rules/typescript/ts.correctness.negative-zero-comparison.rule.yaml +37 -0
  797. package/rules/typescript/ts.correctness.new-expression-with-require.rule.yaml +39 -0
  798. package/rules/typescript/ts.correctness.new-symbol-instance.rule.yaml +38 -0
  799. package/rules/typescript/ts.correctness.no-confusing-label-in-switch.rule.yaml +39 -0
  800. package/rules/typescript/ts.correctness.no-href-with-nuxt-link.rule.yaml +39 -0
  801. package/rules/typescript/ts.correctness.no-ts-suppress-directive.rule.yaml +36 -0
  802. package/rules/typescript/ts.correctness.non-existent-assignment-operators.rule.yaml +38 -0
  803. package/rules/typescript/ts.correctness.off-by-one-loop-boundary.rule.yaml +2 -0
  804. package/rules/typescript/ts.correctness.parse-int-on-number-literal.rule.yaml +38 -0
  805. package/rules/typescript/ts.correctness.prefer-as-const-over-literal-type.rule.yaml +37 -0
  806. package/rules/typescript/ts.correctness.prefer-includes-over-indexof.rule.yaml +37 -0
  807. package/rules/typescript/ts.correctness.prefer-nullish-coalescing.rule.yaml +37 -0
  808. package/rules/typescript/ts.correctness.private-member-should-be-readonly.rule.yaml +37 -0
  809. package/rules/typescript/ts.correctness.promise-reject-non-error.rule.yaml +2 -0
  810. package/rules/typescript/ts.correctness.prototype-builtin-called-directly.rule.yaml +38 -0
  811. package/rules/typescript/ts.correctness.reassign-catch-binding.rule.yaml +2 -0
  812. package/rules/typescript/ts.correctness.reassign-class-member.rule.yaml +37 -0
  813. package/rules/typescript/ts.correctness.reassign-const-binding.rule.yaml +37 -0
  814. package/rules/typescript/ts.correctness.reassign-function-declaration.rule.yaml +38 -0
  815. package/rules/typescript/ts.correctness.regexp-constructor-invalid-pattern.rule.yaml +38 -0
  816. package/rules/typescript/ts.correctness.regexp-empty-character-class.rule.yaml +38 -0
  817. package/rules/typescript/ts.correctness.regexp-multicodepoint-character-class.rule.yaml +37 -0
  818. package/rules/typescript/ts.correctness.regexp-pattern-unusual-control-character.rule.yaml +2 -0
  819. package/rules/typescript/ts.correctness.regexp-useless-backreference.rule.yaml +37 -0
  820. package/rules/typescript/ts.correctness.require-outside-import.rule.yaml +37 -0
  821. package/rules/typescript/ts.correctness.restricted-global-variable.rule.yaml +37 -0
  822. package/rules/typescript/ts.correctness.restricted-object-property.rule.yaml +37 -0
  823. package/rules/typescript/ts.correctness.self-assignment.rule.yaml +2 -0
  824. package/rules/typescript/ts.correctness.setter-return-value.rule.yaml +37 -0
  825. package/rules/typescript/ts.correctness.simplify-boolean-return.rule.yaml +38 -0
  826. package/rules/typescript/ts.correctness.sparse-array-literal.rule.yaml +38 -0
  827. package/rules/typescript/ts.correctness.switch-case-fallthrough.rule.yaml +37 -0
  828. package/rules/typescript/ts.correctness.template-placeholder-in-string.rule.yaml +37 -0
  829. package/rules/typescript/ts.correctness.this-before-super.rule.yaml +3 -0
  830. package/rules/typescript/ts.correctness.this-outside-class.rule.yaml +37 -0
  831. package/rules/typescript/ts.correctness.undeclared-variable.rule.yaml +38 -0
  832. package/rules/typescript/ts.correctness.unhandled-async-error.rule.yaml +7 -1
  833. package/rules/typescript/ts.correctness.unnecessary-return-await.rule.yaml +2 -0
  834. package/rules/typescript/ts.correctness.unresolved-import.rule.yaml +37 -0
  835. package/rules/typescript/ts.correctness.unsafe-negation-in-relational.rule.yaml +38 -0
  836. package/rules/typescript/ts.correctness.unused-expression.rule.yaml +37 -0
  837. package/rules/typescript/ts.correctness.unused-variable.rule.yaml +37 -0
  838. package/rules/typescript/ts.correctness.use-number-is-nan.rule.yaml +2 -0
  839. package/rules/typescript/ts.correctness.used-before-definition.rule.yaml +38 -0
  840. package/rules/typescript/ts.correctness.var-declaration.rule.yaml +38 -0
  841. package/rules/typescript/ts.next.no-document-import-outside-custom-document.rule.yaml +39 -0
  842. package/rules/typescript/ts.next.no-head-import-in-custom-document.rule.yaml +39 -0
  843. package/rules/typescript/ts.performance.no-await-in-loop.rule.yaml +6 -6
  844. package/rules/typescript/ts.performance.no-json-parse-stringify-clone.rule.yaml +8 -0
  845. package/rules/typescript/ts.performance.sequential-async-calls.rule.yaml +16 -7
  846. package/rules/typescript/ts.quality.no-banned-type.rule.yaml +36 -0
  847. package/rules/typescript/ts.quality.no-empty-function.rule.yaml +1 -1
  848. package/rules/typescript/ts.quality.no-side-effect-in-pure-callback.rule.yaml +36 -0
  849. package/rules/typescript/ts.quality.swallowed-error.rule.yaml +6 -3
  850. package/rules/typescript/ts.react.no-deprecated-is-mounted.rule.yaml +36 -0
  851. package/rules/typescript/ts.react.no-deprecated-react-dom-root-api.rule.yaml +24 -2
  852. package/rules/typescript/ts.react.no-direct-state-mutation.rule.yaml +2 -0
  853. package/rules/typescript/ts.react.no-duplicate-jsx-attributes.rule.yaml +2 -0
  854. package/rules/typescript/ts.react.no-hooks-rule-violation.rule.yaml +38 -0
  855. package/rules/typescript/ts.react.no-invalid-markup-characters.rule.yaml +36 -0
  856. package/rules/typescript/ts.react.no-lifecycle-method-typo.rule.yaml +36 -0
  857. package/rules/typescript/ts.react.no-render-invalid-return-type.rule.yaml +36 -0
  858. package/rules/typescript/ts.react.no-set-state-in-component-did-mount.rule.yaml +2 -0
  859. package/rules/typescript/ts.react.no-set-state-in-component-did-update.rule.yaml +2 -0
  860. package/rules/typescript/ts.react.no-set-state-in-component-will-update.rule.yaml +36 -0
  861. package/rules/typescript/ts.react.no-should-component-update.rule.yaml +36 -0
  862. package/rules/typescript/ts.react.no-target-blank-without-rel.rule.yaml +2 -0
  863. package/rules/typescript/ts.react.no-this-state-in-set-state.rule.yaml +38 -0
  864. package/rules/typescript/ts.react.no-unnecessary-fragment.rule.yaml +36 -0
  865. package/rules/typescript/ts.runtime.no-process-exit.rule.yaml +3 -0
  866. package/rules/typescript/ts.runtime.process-exit-control-flow.rule.yaml +46 -0
  867. package/rules/typescript/ts.security.dangerous-insert-html.rule.yaml +5 -0
  868. package/rules/typescript/ts.security.express-insecure-listen.rule.yaml +52 -0
  869. package/rules/typescript/ts.security.express-nosql-injection.rule.yaml +16 -11
  870. package/rules/typescript/ts.security.express-static-dotfiles-allow.rule.yaml +5 -0
  871. package/rules/typescript/ts.security.iframe-missing-sandbox-attribute.rule.yaml +18 -6
  872. package/rules/typescript/ts.security.import-using-user-input.rule.yaml +62 -10
  873. package/rules/typescript/ts.security.insecure-auth-cookie-flags.rule.yaml +12 -4
  874. package/rules/typescript/ts.security.missing-request-timeout-or-retry.rule.yaml +8 -6
  875. package/rules/typescript/ts.security.no-assign-mutable-export.rule.yaml +2 -0
  876. package/rules/typescript/ts.security.no-dynamic-execution.rule.yaml +3 -3
  877. package/rules/typescript/ts.security.no-javascript-url.rule.yaml +42 -8
  878. package/rules/typescript/ts.security.no-native-prototype-extension.rule.yaml +13 -1
  879. package/rules/typescript/ts.security.non-literal-fs-filename.rule.yaml +13 -1
  880. package/rules/typescript/ts.security.observable-timing-discrepancy.rule.yaml +3 -3
  881. package/rules/typescript/ts.security.open-redirect.rule.yaml +6 -0
  882. package/rules/typescript/ts.security.path-join-user-input.rule.yaml +50 -0
  883. package/rules/typescript/ts.security.sensitive-data-written-to-file.rule.yaml +16 -6
  884. package/rules/typescript/ts.security.ssrf.rule.yaml +1 -0
  885. package/rules/typescript/ts.security.unsafe-dirname-path-concat.rule.yaml +3 -0
  886. package/rules/typescript/ts.security.unsanitized-http-response.rule.yaml +14 -3
  887. package/rules/typescript/ts.security.user-controlled-regexp.rule.yaml +52 -0
  888. package/rules/typescript/ts.testing.no-flaky-timer-test.rule.yaml +7 -7
  889. package/rules/typescript/ts.testing.no-legacy-test-waiter.rule.yaml +36 -0
  890. package/rules/typescript/ts.testing.no-network-call-in-unit-test.rule.yaml +7 -1
  891. package/rules/typescript/ts.testing.no-skipped-test-without-ticket.rule.yaml +3 -3
  892. package/rules/typescript/ts.testing.useless-assertion.rule.yaml +37 -0
  893. package/rules/typescript/ts.vue.emits-validator-return-boolean.rule.yaml +36 -0
  894. package/rules/typescript/ts.vue.no-browser-globals-in-created.rule.yaml +39 -0
  895. package/rules/typescript/ts.vue.no-computed-missing-dependency.rule.yaml +36 -0
  896. package/rules/typescript/ts.vue.no-computed-mutation.rule.yaml +36 -0
  897. package/rules/typescript/ts.vue.no-data-object-declaration.rule.yaml +36 -0
  898. package/rules/typescript/ts.vue.no-deprecated-keycodes-config.rule.yaml +36 -0
  899. package/rules/typescript/ts.vue.no-deprecated-listeners.rule.yaml +36 -0
  900. package/rules/typescript/ts.vue.no-deprecated-model-option.rule.yaml +36 -0
  901. package/rules/typescript/ts.vue.no-deprecated-scoped-slots.rule.yaml +36 -0
  902. package/rules/typescript/ts.vue.no-keycode-modifiers.rule.yaml +36 -0
  903. package/rules/typescript/ts.vue.no-reserved-key-overwrite.rule.yaml +36 -0
  904. package/rules/typescript/ts.vue.no-server-env-in-client-hooks.rule.yaml +39 -0
  905. package/rules/typescript/ts.vue.no-slot-property-access.rule.yaml +36 -0
  906. package/rules/typescript/ts.vue.prefer-prop-type-constructor.rule.yaml +36 -0
  907. package/rules/typescript/ts.vue.require-transition-conditional.rule.yaml +36 -0
package/rules/java/java.correctness.sync-on-nullable-field.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.sync-on-nullable-field
5
+ title: Possibly null fields synchronized on
6
+ summary: Synchronizing on a field that may be null will throw NullPointerException at runtime.
7
+ rationale: The field has no initializer and is used as a synchronization lock. If the field is null when synchronized is reached, a NullPointerException is thrown.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: stable
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1060
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.sync-on-nullable-field
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.concurrency
33
+ severity: critical
34
+ confidence: 0.65
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Synchronizing on a nullable field
40
+ summary: The field used as a lock may be null, causing NullPointerException at runtime.
41
+ remediation:
42
+ summary: Initialize the lock field at declaration, or guard with Objects.requireNonNull() before synchronizing.
package/rules/java/java.correctness.sync-on-public-field.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.sync-on-public-field
5
+ title: Public fields synchronized on
6
+ summary: Synchronizing on a public field allows external code to interfere with synchronization.
7
+ rationale: A public field used as a lock is visible to all code, which can synchronize on the same object and cause deadlock or interfere with locking contracts.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: stable
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1061
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.sync-on-public-field
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.concurrency
33
+ severity: high
34
+ confidence: 0.70
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Synchronizing on a public field
40
+ summary: External code can synchronize on the same public lock, potentially causing deadlock or interference.
41
+ remediation:
42
+ summary: Use a private lock object for internal synchronization.
package/rules/java/java.correctness.sync-on-string-literal.rule.yaml CHANGED
@@ -5,6 +5,8 @@ metadata:
5
5
  title: Do not synchronize on string literals
6
6
  summary: String literals are interned and shared across the JVM.
7
7
  rationale: Synchronizing on interned strings can cause unexpected deadlocks.
8
+ aliases:
9
+ - JAVA-E1081
8
10
  tags:
9
11
  - correctness
10
12
  - java
package/rules/java/java.correctness.system-exit.rule.yaml ADDED
@@ -0,0 +1,43 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.system-exit
5
+ title: "System.exit() should only be invoked within application entry points"
6
+ summary: "Calling `System.exit()` outside of `main()` or framework entry points makes code hard to test and may terminate the JVM unexpectedly."
7
+ rationale: "`System.exit()` terminates the JVM immediately. When called from libraries, utility methods, or non-entry-point code it prevents cleanup, makes unit testing impossible (tests exit prematurely), and couples callers to a specific runtime behavior. Consider throwing a meaningful exception or returning a status code instead."
8
+ aliases:
9
+ - JAVA-S0060
10
+ tags:
11
+ - correctness
12
+ - java
13
+ - control-flow
14
+ - rules-catalog
15
+ stability: stable
16
+ appliesTo: block
17
+ scope:
18
+ languages:
19
+ - java
20
+ paths:
21
+ include:
22
+ - "**/*.java"
23
+ exclude:
24
+ - "**/src/test/**"
25
+ - "**/tests/**"
26
+ - "**/*Test.java"
27
+ match:
28
+ fact:
29
+ kind: java.correctness.system-exit
30
+ bind: issue
31
+ emit:
32
+ finding:
33
+ category: correctness.control-flow
34
+ severity: high
35
+ confidence: 0.60
36
+ tags:
37
+ - correctness
38
+ - java
39
+ message:
40
+ title: "Unexpected System.exit() call in `${captures.issue.text}`"
41
+ summary: "`${captures.issue.text}` terminates the JVM. Prefer throwing an exception or returning a status code."
42
+ remediation:
43
+ summary: "Replace `System.exit()` with a thrown exception or a meaningful return value to allow callers to handle the error gracefully."
package/rules/java/java.correctness.thread-sleep-with-lock.rule.yaml ADDED
@@ -0,0 +1,45 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.thread-sleep-with-lock
5
+ title: Thread.sleep() should not be called while a lock is held
6
+ summary: Calling Thread.sleep() inside a synchronized block keeps the lock held, causing contention or deadlocks.
7
+ rationale: Thread.sleep() does not release the monitor lock. If called inside synchronized, other threads are blocked for the full sleep duration. Use wait(timeout) instead, which releases the lock.
8
+ detection:
9
+ kind: pattern
10
+ aliases:
11
+ - JAVA-E0410
12
+ tags:
13
+ - correctness
14
+ - java
15
+ - concurrency
16
+ - rules-catalog
17
+ stability: experimental
18
+ appliesTo: block
19
+ scope:
20
+ languages:
21
+ - java
22
+ paths:
23
+ include:
24
+ - "**/*.java"
25
+ exclude:
26
+ - "**/src/test/**"
27
+ - "**/tests/**"
28
+ - "**/*Test.java"
29
+ match:
30
+ fact:
31
+ kind: java.correctness.thread-sleep-with-lock
32
+ bind: issue
33
+ emit:
34
+ finding:
35
+ category: correctness.concurrency
36
+ severity: critical
37
+ confidence: 0.70
38
+ tags:
39
+ - correctness
40
+ - java
41
+ message:
42
+ title: Thread.sleep() inside synchronized block
43
+ summary: Calling Thread.sleep() while holding a lock blocks all other threads waiting for the same monitor.
44
+ remediation:
45
+ summary: Replace Thread.sleep() inside synchronized blocks with wait(timeout). If waiting outside synchronized is acceptable, move the sleep call outside the block.
package/rules/java/java.correctness.thread-static-misuse.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.thread-static-misuse
5
+ title: Thread instance calling static Thread methods
6
+ summary: Calling static Thread methods like sleep(), yield(), or interrupted() on a Thread instance is misleading because they operate on the current thread, not the instance.
7
+ rationale: Thread.sleep(), Thread.yield(), and Thread.interrupted() are static methods that always act on the current thread. Calling them on a Thread instance suggests they affect that instance, which is incorrect.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: stable
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1062
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.thread-static-misuse
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.general
33
+ severity: critical
34
+ confidence: 0.95
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Static Thread method called on instance
40
+ summary: The static method operates on the current thread, not the instance it appears to be called on.
41
+ remediation:
42
+ summary: Call `Thread.sleep(...)` directly instead of calling through a Thread instance.
package/rules/java/java.correctness.threadgroup-deprecated-methods.rule.yaml ADDED
@@ -0,0 +1,43 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.threadgroup-deprecated-methods
5
+ title: Avoid using deprecated ThreadGroup methods
6
+ summary: ThreadGroup.stop(), .suspend(), .resume(), .destroy(), and related methods are deprecated and unsafe.
7
+ rationale: ThreadGroup methods can cause deadlocks, resource leaks, and data races. Use java.util.concurrent alternatives.
8
+ aliases:
9
+ - JAVA-E1108
10
+ tags:
11
+ - correctness
12
+ - java
13
+ - concurrency
14
+ - rules-catalog
15
+ stability: experimental
16
+ appliesTo: block
17
+ scope:
18
+ languages:
19
+ - java
20
+ paths:
21
+ include:
22
+ - "**/*.java"
23
+ exclude:
24
+ - "**/src/test/**"
25
+ - "**/tests/**"
26
+ - "**/*Test.java"
27
+ match:
28
+ fact:
29
+ kind: java.correctness.threadgroup-deprecated-methods
30
+ bind: issue
31
+ emit:
32
+ finding:
33
+ category: correctness.concurrency
34
+ severity: high
35
+ confidence: 0.95
36
+ tags:
37
+ - correctness
38
+ - java
39
+ message:
40
+ title: Deprecated ThreadGroup method call
41
+ summary: "The ThreadGroup method stop(), suspend(), resume(), destroy(), or a related deprecated method should not be used."
42
+ remediation:
43
+ summary: Replace ThreadGroup usage with java.util.concurrent executors and thread pools (ExecutorService, ThreadPoolExecutor). Avoid managing thread groups directly.
package/rules/java/java.correctness.throw-null.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.throw-null
5
+ title: "Avoid throwing null"
6
+ summary: "`throw null;` throws a `NullPointerException` at the throw site instead of communicating intent. Throw a proper exception instance."
7
+ rationale: "Java allows `throw null;` because the JVM specification requires the operand to be a reference type, and null is a valid reference. However, this throws a `NullPointerException` rather than the intended exception type, making debugging harder and obscuring developer intent. Always throw a meaningful exception type."
8
+ aliases:
9
+ - JAVA-E1097
10
+ tags:
11
+ - correctness
12
+ - java
13
+ - rules-catalog
14
+ stability: stable
15
+ appliesTo: block
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.throw-null
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.exceptions
33
+ severity: critical
34
+ confidence: 0.95
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: "throw null will produce NullPointerException in `${captures.issue.text}`"
40
+ summary: "`throw null;` throws a NullPointerException instead of a meaningful exception. Replace with a proper exception type."
41
+ remediation:
42
+ summary: 'Replace `throw null;` with `throw new AppropriateException("message");` using a meaningful exception type.'
package/rules/java/java.correctness.timezone-invalid-id.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.timezone-invalid-id
5
+ title: "TimeZone.getTimeZone() should be passed correct timezone IDs"
6
+ summary: "`TimeZone.getTimeZone()` silently returns GMT for unrecognized IDs instead of throwing. Hardcoded strings should be valid timezone IDs."
7
+ rationale: "Unlike `ZoneId.of()`, `TimeZone.getTimeZone()` does not throw for invalid IDs — it silently returns GMT. This makes it easy to miss typos in timezone strings. Always validate timezone IDs or use `TimeZone.getAvailableIDs()` to check."
8
+ aliases:
9
+ - JAVA-E1093
10
+ tags:
11
+ - correctness
12
+ - java
13
+ - rules-catalog
14
+ stability: experimental
15
+ appliesTo: block
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.timezone-invalid-id
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.api-misuse
33
+ severity: high
34
+ confidence: 0.40
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: "TimeZone.getTimeZone() is called with a hardcoded string in `${captures.issue.text}`"
40
+ summary: "Unrecognized timezone IDs silently return GMT. Verify the ID is valid or use `ZoneId.of()` which throws on invalid input."
41
+ remediation:
42
+ summary: "Use `TimeZone.getAvailableIDs()` to check if the ID is valid, or use `ZoneId.of()` with a valid IANA timezone ID."
package/rules/java/java.correctness.two-lock-wait.rule.yaml ADDED
@@ -0,0 +1,45 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.two-lock-wait
5
+ title: wait() called while holding two locks
6
+ summary: Calling `wait()` while holding multiple locks can cause confusing monitor state and hard-to-diagnose deadlocks.
7
+ rationale: When `wait()` is called inside nested synchronized blocks, it releases only the lock associated with the object being waited on, keeping the outer lock held. The thread resumes with both locks re-acquired, increasing deadlock risk and making the locking protocol harder to reason about.
8
+ detection:
9
+ kind: pattern
10
+ aliases:
11
+ - JAVA-E0139
12
+ tags:
13
+ - correctness
14
+ - java
15
+ - concurrency
16
+ - rules-catalog
17
+ stability: stable
18
+ appliesTo: block
19
+ scope:
20
+ languages:
21
+ - java
22
+ paths:
23
+ include:
24
+ - "**/*.java"
25
+ exclude:
26
+ - "**/src/test/**"
27
+ - "**/tests/**"
28
+ - "**/*Test.java"
29
+ match:
30
+ fact:
31
+ kind: java.correctness.two-lock-wait
32
+ bind: issue
33
+ emit:
34
+ finding:
35
+ category: correctness.concurrency
36
+ severity: high
37
+ confidence: 0.85
38
+ tags:
39
+ - correctness
40
+ - java
41
+ message:
42
+ title: wait() called while holding two locks
43
+ summary: "`${captures.issue.text}` calls `wait()` inside nested synchronized blocks. Only the lock on the waited object is released; the outer lock remains held."
44
+ remediation:
45
+ summary: "Restructure to hold only one lock when calling `wait()`, or use `java.util.concurrent` primitives like `ReentrantLock` and `Condition`."
package/rules/java/java.correctness.unconditional-recursion.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.unconditional-recursion
5
+ title: Unconditional recursive call in method body
6
+ summary: A method calls itself without a conditional guard, causing infinite recursion.
7
+ rationale: Unconditional self-recursion will always execute, leading to a StackOverflowError at runtime.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: stable
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1017
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.unconditional-recursion
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.recursion
33
+ severity: critical
34
+ confidence: 0.7
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: "Method `${captures.issue.text}` recursively calls itself unconditionally"
40
+ summary: A method recursively calls itself without an if/while/for guard, which will always cause infinite recursion at runtime.
41
+ remediation:
42
+ summary: Add a base-case guard (if/while/for condition) before the recursive call.
package/rules/java/java.correctness.unescaped-whitespace.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.unescaped-whitespace
5
+ title: Whitespace escape sequences should be properly escaped in regex patterns
6
+ summary: Whitespace escape sequences like \n, \t, \r, \f, \b in Pattern.compile or String.matches arguments should be double-escaped (\\n, \\t, etc.) to be interpreted as regex escapes rather than Java string escapes.
7
+ rationale: In Java string literals, \n, \t, \r, \f, and \b are interpreted as actual whitespace characters. When these are passed to regex methods, the regex engine receives the literal character, not the expected escape sequence. Double-escaped sequences (\\n, \\t) pass the regex engine the intended escape.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: experimental
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1029
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.unescaped-whitespace
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.types
33
+ severity: critical
34
+ confidence: 0.95
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Unescaped whitespace escape sequence in regex pattern
40
+ summary: The regex pattern contains a single-escaped whitespace character (\n, \t, \r, \f, or \b) that will be interpreted as a Java string escape rather than a regex escape. Use double escaping (\\\\n, \\\\t, etc.) for regex escape sequences.
41
+ remediation:
42
+ summary: Replace single-escaped whitespace sequences with double-escaped versions. For example, `\n` becomes `\\n` in a regex pattern string.
package/rules/java/java.correctness.unimplementable-interface.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.unimplementable-interface
5
+ title: Interface method clashes with Object method
6
+ summary: An interface declares a method that clashes with a final or differently-typed method in Object, making the interface impossible to implement correctly.
7
+ rationale: Certain Object methods (wait, notify, notifyAll, getClass) are final and cannot be overridden. Others (toString, clone, equals, hashCode, finalize) have specific contract requirements. Declaring them with wrong signatures in an interface creates a contract that can never be satisfied by any implementation.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: experimental
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1041
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.unimplementable-interface
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.typing
33
+ severity: high
34
+ confidence: 0.9
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Interface method clashes with Object method
40
+ summary: "`${captures.issue.text}` in an interface clashes with a method inherited from Object and cannot be implemented correctly."
41
+ remediation:
42
+ summary: Rename the method or change its signature so it does not conflict with Object's final or contract-restricted methods.
package/rules/java/java.correctness.unsafe-collection-downcast.rule.yaml ADDED
@@ -0,0 +1,42 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.unsafe-collection-downcast
5
+ title: Unsafe collection downcast to concrete type
6
+ summary: Casting a collection interface reference to a concrete implementation type without an instanceof check may cause ClassCastException at runtime.
7
+ rationale: Downcasting a collection-typed variable (List, Set, Map, etc.) to a concrete implementation without a prior instanceof check is unsafe. If the runtime type does not match, a ClassCastException is thrown. Always guard downcasts with an instanceof check.
8
+ tags:
9
+ - correctness
10
+ - java
11
+ - rules-catalog
12
+ stability: experimental
13
+ appliesTo: block
14
+ aliases:
15
+ - JAVA-E1037
16
+ scope:
17
+ languages:
18
+ - java
19
+ paths:
20
+ include:
21
+ - "**/*.java"
22
+ exclude:
23
+ - "**/src/test/**"
24
+ - "**/tests/**"
25
+ - "**/*Test.java"
26
+ match:
27
+ fact:
28
+ kind: java.correctness.unsafe-collection-downcast
29
+ bind: issue
30
+ emit:
31
+ finding:
32
+ category: correctness.typing
33
+ severity: high
34
+ confidence: 0.85
35
+ tags:
36
+ - correctness
37
+ - java
38
+ message:
39
+ title: Unsafe collection downcast
40
+ summary: "`${captures.issue.text}` downcasts a collection without an instanceof guard, risking ClassCastException."
41
+ remediation:
42
+ summary: Add an instanceof check before the cast, or use the interface type throughout.
package/rules/java/java.correctness.unsafe-getresource.rule.yaml ADDED
@@ -0,0 +1,45 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.unsafe-getresource
5
+ title: Unsafe usage of getResource with relative path
6
+ summary: Using `getClass().getResource()` with a relative path may fail in subclasses.
7
+ rationale: "`getResource()` on a Class instance resolves relative to that class's package. Use absolute paths or `ClassLoader.getResource()`."
8
+ detection:
9
+ kind: pattern
10
+ aliases:
11
+ - JAVA-E0029
12
+ tags:
13
+ - correctness
14
+ - java
15
+ - resource-loading
16
+ - rules-catalog
17
+ stability: stable
18
+ appliesTo: block
19
+ scope:
20
+ languages:
21
+ - java
22
+ paths:
23
+ include:
24
+ - "**/*.java"
25
+ exclude:
26
+ - "**/src/test/**"
27
+ - "**/tests/**"
28
+ - "**/*Test.java"
29
+ match:
30
+ fact:
31
+ kind: java.correctness.unsafe-getresource
32
+ bind: issue
33
+ emit:
34
+ finding:
35
+ category: correctness.resource-loading
36
+ severity: medium
37
+ confidence: 0.85
38
+ tags:
39
+ - correctness
40
+ - java
41
+ message:
42
+ title: Unsafe relative getResource call
43
+ summary: "`${captures.issue.text}` uses a relative path with getResource. This may fail when called on a subclass."
44
+ remediation:
45
+ summary: Prefer absolute path starting with `/` or use `Thread.currentThread().getContextClassLoader().getResource()`.
package/rules/java/java.correctness.unsupported-jdk-api.rule.yaml ADDED
@@ -0,0 +1,46 @@
1
+ apiVersion: critiq.dev/v1alpha1
2
+ kind: Rule
3
+ metadata:
4
+ id: java.correctness.unsupported-jdk-api
5
+ title: Unsupported JDK-internal APIs should not be used
6
+ summary: Importing or using sun.* or com.sun.* internal APIs introduces portability issues and risks breakage across JDK versions.
7
+ rationale: Internal JDK APIs (sun.*, com.sun.* packages) are undocumented, unsupported, and may change or be removed without notice. Java 9 introduced module system restrictions that prevent access to many of these APIs. Use public replacement APIs instead.
8
+ references:
9
+ - kind: cwe
10
+ id: CWE-1104
11
+ title: Use of Unmaintained Third-Party Components
12
+ tags:
13
+ - correctness
14
+ - java
15
+ - rules-catalog
16
+ stability: experimental
17
+ appliesTo: block
18
+ aliases:
19
+ - JAVA-E1030
20
+ scope:
21
+ languages:
22
+ - java
23
+ paths:
24
+ include:
25
+ - "**/*.java"
26
+ exclude:
27
+ - "**/src/test/**"
28
+ - "**/tests/**"
29
+ - "**/*Test.java"
30
+ match:
31
+ fact:
32
+ kind: java.correctness.unsupported-jdk-api
33
+ bind: issue
34
+ emit:
35
+ finding:
36
+ category: correctness.portability
37
+ severity: high
38
+ confidence: 0.90
39
+ tags:
40
+ - correctness
41
+ - java
42
+ message:
43
+ title: Use of internal JDK API
44
+ summary: The code imports or references an unsupported internal JDK API (`sun.*` or `com.sun.*`). These are not part of the public Java specification and may break across JDK versions.
45
+ remediation:
46
+ summary: Replace the internal API call with the public equivalent. For example, use `java.util.Base64` instead of `sun.misc.BASE64Encoder`.