npm - @critiq/rules - Versions diffs - 0.3.0 → 0.4.0 - Mend

@critiq/rules 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (735) hide show

package/rules/java/java.quality.type-name-uppercase.rule.yaml ADDED Viewed

@@ -0,0 +1,41 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: java.quality.type-name-uppercase
+  title: Type names must begin with an uppercase letter
+  summary: Class, interface, and enum names should start with an uppercase letter per Java naming conventions.
+  rationale: Following the standard Java naming convention (PascalCase for types) improves readability and consistency across the codebase.
+  detection:
+    kind: pattern
+  aliases:
+    - JAVA-C1001
+  tags:
+    - quality
+    - java
+    - naming-convention
+    - rules-catalog
+  stability: experimental
+  appliesTo: block
+scope:
+  languages:
+    - java
+  paths:
+    include:
+      - "**/*.java"
+match:
+  fact:
+    kind: java.quality.type-name-uppercase
+    bind: issue
+emit:
+  finding:
+    category: quality.naming-convention
+    severity: low
+    confidence: 0.90
+    tags:
+      - quality
+      - java
+  message:
+    title: Rename type to start with uppercase letter
+    summary: "`${captures.issue.text}` declares a type whose name starts with a lowercase letter."
+  remediation:
+    summary: Rename the type to use PascalCase (e.g., `MyClass` instead of `myClass`).

package/rules/java/java.testing.setup-teardown-annotation.rule.yaml ADDED Viewed

@@ -0,0 +1,36 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: java.testing.setup-teardown-annotation
+  title: setUp/tearDown methods must be properly annotated
+  summary: JUnit 3-style setUp/tearDown methods are silently ignored in JUnit 4/5 without @Before/@After or @BeforeEach/@AfterEach annotations.
+  rationale: Methods named setUp or tearDown that lack the correct JUnit 4/5 annotations will not be invoked during test execution, leading to silent test failures or incorrect test state.
+  tags:
+    - correctness
+    - testing
+    - java
+    - rules-catalog
+  stability: experimental
+  appliesTo: block
+  aliases:
+    - JAVA-E1028
+scope:
+  languages:
+    - java
+match:
+  fact:
+    kind: java.testing.setup-teardown-annotation
+    bind: issue
+emit:
+  finding:
+    category: correctness.testing
+    severity: high
+    confidence: 0.95
+    tags:
+      - testing
+      - java
+  message:
+    title: setUp/tearDown method lacks JUnit annotation
+    summary: "`${captures.issue.text}` is not annotated with `@Before`/`@BeforeEach` or `@After`/`@AfterEach`. In JUnit 4/5 this method will be silently ignored."
+  remediation:
+    summary: Add `@Before` (JUnit 4) or `@BeforeEach` (JUnit 5) to `setUp`, and `@After` or `@AfterEach` to `tearDown`.

package/rules/java/java.testing.setup-without-super.rule.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: java.testing.setup-without-super
+  title: setUp method does not call super.setUp
+  summary: "JUnit 3 `setUp()` methods in test classes that extend `TestCase` must call `super.setUp()` for base class initialization."
+  rationale: "When a test class overrides `setUp()` from a superclass (including `TestCase`), the overridden method should call `super.setUp()` to preserve the base class initialization behavior. Failing to do so can leave test infrastructure uninitialized, leading to subtle failures or resource leaks."
+  detection:
+    kind: pattern
+  aliases:
+    - JAVA-S0337
+  tags:
+    - correctness
+    - testing
+    - java
+    - rules-catalog
+  stability: experimental
+  appliesTo: block
+scope:
+  languages:
+    - java
+  paths:
+    include:
+      - "**/*Test.java"
+      - "**/*Tests.java"
+      - "**/src/test/**/*.java"
+match:
+  fact:
+    kind: java.testing.setup-without-super
+    bind: issue
+emit:
+  finding:
+    category: correctness.testing
+    severity: high
+    confidence: 0.90
+    tags:
+      - testing
+      - java
+  message:
+    title: setUp method missing super.setUp() call
+    summary: "`${captures.issue.text}` overrides setUp() but does not call `super.setUp()`. Add `super.setUp()` as the first statement."
+  remediation:
+    summary: "Add `super.setUp();` as the first statement in `setUp()` to ensure base class initialization."

package/rules/java/java.testing.teardown-without-super.rule.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: java.testing.teardown-without-super
+  title: tearDown method does not call super.tearDown
+  summary: "JUnit 3 `tearDown()` methods in test classes extending `TestCase` should call `super.tearDown()` for base class cleanup."
+  rationale: "When a test class overrides `tearDown()` from a superclass (including `TestCase`), the overridden method should call `super.tearDown()` to preserve the base class cleanup behavior. Failing to do so can leave test resources unclosed, leading to resource leaks or test pollution."
+  detection:
+    kind: pattern
+  aliases:
+    - JAVA-S0338
+  tags:
+    - correctness
+    - testing
+    - java
+    - rules-catalog
+  stability: experimental
+  appliesTo: block
+scope:
+  languages:
+    - java
+  paths:
+    include:
+      - "**/*Test.java"
+      - "**/*Tests.java"
+      - "**/src/test/**/*.java"
+match:
+  fact:
+    kind: java.testing.teardown-without-super
+    bind: issue
+emit:
+  finding:
+    category: correctness.testing
+    severity: high
+    confidence: 0.90
+    tags:
+      - testing
+      - java
+  message:
+    title: tearDown method missing super.tearDown() call
+    summary: "`${captures.issue.text}` overrides tearDown() but does not call `super.tearDown()`. Add `super.tearDown()` as the last statement."
+  remediation:
+    summary: "Add `super.tearDown();` as the last statement in `tearDown()` to ensure base class cleanup."

package/rules/java/java.testing.wrong-assertion-argument-order.rule.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: java.testing.wrong-assertion-argument-order
+  title: Wrong argument order in test assertions
+  summary: Test assertions should use the pattern `assertEquals(expected, actual)` where the first argument is the expected value (typically a literal) and the second is the actual value (typically an expression).
+  rationale: Swapping expected and actual arguments produces misleading failure messages that show the wrong values, making debugging slower.
+  detection:
+    kind: pattern
+  aliases:
+    - JAVA-C1002
+  tags:
+    - testing
+    - java
+    - assertions
+    - rules-catalog
+  stability: experimental
+  appliesTo: block
+scope:
+  languages:
+    - java
+  paths:
+    include:
+      - "**/*Test.java"
+      - "**/src/test/**"
+      - "**/tests/**"
+match:
+  fact:
+    kind: java.testing.wrong-assertion-argument-order
+    bind: issue
+emit:
+  finding:
+    category: testing.assertions
+    severity: high
+    confidence: 0.70
+    tags:
+      - testing
+      - java
+  message:
+    title: Swap arguments in assertion call
+    summary: "`${captures.issue.text}` has the expected and actual arguments swapped. The expected value should come first."
+  remediation:
+    summary: Pass the expected value as the first argument and the actual value as the second (e.g., `assertEquals(expected, actual)`).

package/rules/php/php.correctness.abstract-method-outside-abstract-class.rule.yaml CHANGED Viewed

@@ -4,6 +4,9 @@ metadata:
   id: php.correctness.abstract-method-outside-abstract-class
   title: Keep abstract methods inside abstract classes
   summary: Only abstract classes may declare abstract methods.
+  aliases:
+    - PHP-E1115
+    - PHP-W1030
   rationale: Abstract methods in concrete classes cannot be implemented correctly and will fail at compile time.
   tags:
     - correctness

package/rules/php/php.correctness.abstract-method-with-body.rule.yaml ADDED Viewed

@@ -0,0 +1,38 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: php.correctness.abstract-method-with-body
+  title: Abstract methods must not have a body
+  summary: Abstract methods must not have a body
+  rationale: Abstract methods must not have a body
+  aliases:
+    - PHP-E1118
+  tags:
+    - correctness
+    - php
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - php
+  paths:
+    include:
+      - "**/*.php"
+match:
+  fact:
+    kind: php.correctness.abstract-method-with-body
+    bind: issue
+emit:
+  finding:
+    category: correctness.language
+    severity: critical
+    confidence: 0.9
+    tags:
+      - correctness
+      - php
+  message:
+    title: Abstract methods must not have a body
+    summary: "`${captures.issue.text}` matches php.correctness.abstract-method-with-body."
+  remediation:
+    summary: Abstract methods must not have a body

package/rules/php/php.correctness.assign-to-non-lvalue.rule.yaml ADDED Viewed

@@ -0,0 +1,38 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: php.correctness.assign-to-non-lvalue
+  title: Assignment target must be an lvalue
+  summary: Assignment target must be an lvalue
+  rationale: Assignment target must be an lvalue
+  aliases:
+    - PHP-W1032
+  tags:
+    - correctness
+    - php
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - php
+  paths:
+    include:
+      - "**/*.php"
+match:
+  fact:
+    kind: php.correctness.assign-to-non-lvalue
+    bind: issue
+emit:
+  finding:
+    category: correctness.language
+    severity: critical
+    confidence: 0.9
+    tags:
+      - correctness
+      - php
+  message:
+    title: Assignment target must be an lvalue
+    summary: "`${captures.issue.text}` matches php.correctness.assign-to-non-lvalue."
+  remediation:
+    summary: Assignment target must be an lvalue

package/rules/php/php.correctness.attribute-on-class-constant.rule.yaml ADDED Viewed

@@ -0,0 +1,38 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: php.correctness.attribute-on-class-constant
+  title: Attributes cannot target class constants
+  summary: Attributes cannot target class constants
+  rationale: Attributes cannot target class constants
+  aliases:
+    - PHP-W1005
+  tags:
+    - correctness
+    - php
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - php
+  paths:
+    include:
+      - "**/*.php"
+match:
+  fact:
+    kind: php.correctness.attribute-on-class-constant
+    bind: issue
+emit:
+  finding:
+    category: correctness.language
+    severity: critical
+    confidence: 0.9
+    tags:
+      - correctness
+      - php
+  message:
+    title: Attributes cannot target class constants
+    summary: "`${captures.issue.text}` matches php.correctness.attribute-on-class-constant."
+  remediation:
+    summary: Attributes cannot target class constants

package/rules/php/php.correctness.attribute-on-closure.rule.yaml ADDED Viewed

@@ -0,0 +1,38 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: php.correctness.attribute-on-closure
+  title: Attributes are not valid on closures
+  summary: Attributes are not valid on closures
+  rationale: Attributes are not valid on closures
+  aliases:
+    - PHP-W1021
+  tags:
+    - correctness
+    - php
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - php
+  paths:
+    include:
+      - "**/*.php"
+match:
+  fact:
+    kind: php.correctness.attribute-on-closure
+    bind: issue
+emit:
+  finding:
+    category: correctness.language
+    severity: high
+    confidence: 0.9
+    tags:
+      - correctness
+      - php
+  message:
+    title: Attributes are not valid on closures
+    summary: "`${captures.issue.text}` matches php.correctness.attribute-on-closure."
+  remediation:
+    summary: Attributes are not valid on closures

package/rules/php/php.correctness.attribute-on-function.rule.yaml ADDED Viewed

@@ -0,0 +1,38 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: php.correctness.attribute-on-function
+  title: Attributes are not valid on functions
+  summary: Attributes are not valid on functions
+  rationale: Attributes are not valid on functions
+  aliases:
+    - PHP-W1022
+  tags:
+    - correctness
+    - php
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - php
+  paths:
+    include:
+      - "**/*.php"
+match:
+  fact:
+    kind: php.correctness.attribute-on-function
+    bind: issue
+emit:
+  finding:
+    category: correctness.language
+    severity: high
+    confidence: 0.9
+    tags:
+      - correctness
+      - php
+  message:
+    title: Attributes are not valid on functions
+    summary: "`${captures.issue.text}` matches php.correctness.attribute-on-function."
+  remediation:
+    summary: Attributes are not valid on functions

package/rules/php/php.correctness.attribute-on-property.rule.yaml ADDED Viewed

@@ -0,0 +1,40 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: php.correctness.attribute-on-property
+  title: Attribute class cannot be used with property
+  summary: An attribute that does not target properties should not be applied to a property declaration.
+  aliases:
+    - PHP-W1035
+  rationale: PHP 8.0+ attributes declare their allowed targets via the #[Attribute] attribute. Using an attribute on a property when it does not specify TARGET_PROPERTY (or TARGET_ALL) will be ignored or may produce unexpected behavior at runtime.
+  detection:
+    kind: pattern
+  tags:
+    - correctness
+    - php
+    - rules-catalog
+  stability: experimental
+  appliesTo: block
+scope:
+  languages:
+    - php
+  paths:
+    include:
+      - "**/*.php"
+match:
+  fact:
+    kind: php.correctness.attribute-on-property
+    bind: issue
+emit:
+  finding:
+    category: correctness.language
+    severity: high
+    confidence: 0.75
+    tags:
+      - correctness
+      - php
+  message:
+    title: Attribute ${captures.issue.text} cannot be applied to a property
+    summary: "${captures.issue.text} targets an attribute class that does not allow TARGET_PROPERTY."
+  remediation:
+    summary: Ensure the attribute class declares TARGET_PROPERTY in its #[Attribute] definition, or remove the attribute from the property.

package/rules/php/php.correctness.break-continue-outside-loop.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.break-continue-outside-loop
   title: Use break and continue only inside loops or switch
   summary: "break and continue outside a loop or switch block are invalid control flow."
+  aliases:
+    - PHP-W1027
   rationale: Misplaced break or continue statements usually indicate unfinished refactors or copy-paste errors.
   tags:
     - correctness

package/rules/php/php.correctness.case-insensitive-define.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.case-insensitive-define
   title: Avoid case-insensitive define calls
   summary: The third argument to define() for case-insensitive constants is deprecated.
+  aliases:
+    - PHP-W1083
   rationale: Case-insensitive constants behave inconsistently across PHP versions and should be replaced with normal constants.
   tags:
     - correctness

package/rules/php/php.correctness.class-implements-non-interface.rule.yaml ADDED Viewed

@@ -0,0 +1,38 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: php.correctness.class-implements-non-interface
+  title: Classes can only implement interfaces
+  summary: Classes can only implement interfaces
+  rationale: Classes can only implement interfaces
+  aliases:
+    - PHP-W1008
+  tags:
+    - correctness
+    - php
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - php
+  paths:
+    include:
+      - "**/*.php"
+match:
+  fact:
+    kind: php.correctness.class-implements-non-interface
+    bind: issue
+emit:
+  finding:
+    category: correctness.language
+    severity: critical
+    confidence: 0.9
+    tags:
+      - correctness
+      - php
+  message:
+    title: Classes can only implement interfaces
+    summary: "`${captures.issue.text}` matches php.correctness.class-implements-non-interface."
+  remediation:
+    summary: Classes can only implement interfaces

package/rules/php/php.correctness.default-parameter-not-last.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.default-parameter-not-last
   title: Place default parameters last
   summary: Parameters with default values must appear after required parameters.
+  aliases:
+    - PHP-W1079
   rationale: Misordered defaults are invalid PHP and break callers that rely on positional arguments.
   tags:
     - correctness

package/rules/php/php.correctness.deprecated-filter-constant.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.deprecated-filter-constant
   title: Replace deprecated filter constants
   summary: Several FILTER_* constants are deprecated and should not be used in new code.
+  aliases:
+    - PHP-W1084
   rationale: Deprecated filter constants may be removed and can silently change sanitization behavior across PHP versions.
   tags:
     - correctness

package/rules/php/php.correctness.deprecated-libxml-entity-loader.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.deprecated-libxml-entity-loader
   title: Remove deprecated libxml_disable_entity_loader calls
   summary: libxml_disable_entity_loader() is deprecated and no longer needed on supported PHP versions.
+  aliases:
+    - PHP-W1086
   rationale: The helper is deprecated and can give a false sense of protection compared to modern libxml defaults.
   tags:
     - correctness

package/rules/php/php.correctness.deprecated-unset-cast.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.deprecated-unset-cast
   title: Remove deprecated (unset) casts
   summary: "The `(unset)` cast is deprecated and should not be used in modern PHP code."
+  aliases:
+    - PHP-W1003
   rationale: Deprecated casts break on newer PHP versions and hide intent compared to explicit unset calls.
   tags:
     - correctness

package/rules/php/php.correctness.duplicate-array-key.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.duplicate-array-key
   title: Avoid duplicate keys in array literals
   summary: Repeated keys in an array literal overwrite earlier entries.
+  aliases:
+    - PHP-W1000
   rationale: Silent key replacement hides bugs and can invalidate intended configuration values.
   tags:
     - correctness

package/rules/php/php.correctness.duplicate-declaration.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.duplicate-declaration
   title: Remove duplicate declarations
   summary: Functions, classes, traits, and interfaces must be declared only once per file.
+  aliases:
+    - PHP-W1007
   rationale: Duplicate declarations cause fatal errors and usually indicate incomplete refactors or copy-paste mistakes.
   tags:
     - correctness

package/rules/php/php.correctness.duplicate-union-type.rule.yaml ADDED Viewed

@@ -0,0 +1,38 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: php.correctness.duplicate-union-type
+  title: Avoid duplicate types in union declarations
+  summary: Avoid duplicate types in union declarations
+  rationale: Avoid duplicate types in union declarations
+  aliases:
+    - PHP-T1005
+  tags:
+    - correctness
+    - php
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - php
+  paths:
+    include:
+      - "**/*.php"
+match:
+  fact:
+    kind: php.correctness.duplicate-union-type
+    bind: issue
+emit:
+  finding:
+    category: correctness.language
+    severity: critical
+    confidence: 0.9
+    tags:
+      - correctness
+      - php
+  message:
+    title: Avoid duplicate types in union declarations
+    summary: "`${captures.issue.text}` matches php.correctness.duplicate-union-type."
+  remediation:
+    summary: Avoid duplicate types in union declarations

package/rules/php/php.correctness.echo-invalid-value.rule.yaml ADDED Viewed

@@ -0,0 +1,38 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: php.correctness.echo-invalid-value
+  title: Do not echo non-string values
+  summary: echo should only be called with string-convertible scalar values. Objects, arrays, and arrays using array() syntax cannot be meaningfully converted to strings by echo and may produce warnings.
+  aliases:
+    - PHP-W1041
+  rationale: Using echo with non-scalar values like objects or arrays produces unexpected output or warnings. Objects must implement __toString() for meaningful output; arrays always produce "Array" which is almost never the intent.
+  tags:
+    - correctness
+    - php
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - php
+  paths:
+    include:
+      - "**/*.php"
+match:
+  fact:
+    kind: php.correctness.echo-invalid-value
+    bind: issue
+emit:
+  finding:
+    category: correctness.language
+    severity: critical
+    confidence: 0.85
+    tags:
+      - correctness
+      - php
+  message:
+    title: echo called with non-string value
+    summary: "`${captures.issue.text}` passes a non-scalar value to echo, which may produce a warning or unexpected output."
+  remediation:
+    summary: Convert the value to a string before echoing, or use var_dump / print_r for debugging output. For arrays, iterate and echo each element individually.

package/rules/php/php.correctness.empty-array-literal-slot.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.empty-array-literal-slot
   title: Remove empty slots from array literals
   summary: Array literals with consecutive commas define empty slots that are easy to miss during review.
+  aliases:
+    - PHP-W1001
   rationale: Empty array slots usually indicate typos or incomplete edits and can produce unexpected sparse arrays.
   tags:
     - correctness

package/rules/php/php.correctness.empty-bracket-array-access.rule.yaml CHANGED Viewed

@@ -4,6 +4,8 @@ metadata:
   id: php.correctness.empty-bracket-array-access
   title: Avoid empty bracket array reads
   summary: "Reading from an array with `$value[]` appends null and returns the new element."
+  aliases:
+    - PHP-W1002
   rationale: Empty bracket reads are rarely intentional and usually indicate a mistaken append or missing index.
   tags:
     - correctness