@sun-asterisk/sunlint 1.1.7 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.sunlint.json +1 -1
- package/CHANGELOG.md +83 -0
- package/README.md +66 -4
- package/config/presets/all.json +125 -0
- package/config/presets/beginner.json +16 -8
- package/config/presets/ci.json +12 -4
- package/config/presets/maintainability.json +38 -0
- package/config/presets/performance.json +32 -0
- package/config/presets/quality.json +103 -0
- package/config/presets/recommended.json +36 -12
- package/config/presets/security.json +88 -0
- package/config/presets/strict.json +15 -5
- package/config/rules/rules-registry-generated.json +6312 -0
- package/config/rules-summary.json +1941 -0
- package/core/adapters/sunlint-rule-adapter.js +452 -0
- package/core/analysis-orchestrator.js +4 -4
- package/core/config-manager.js +28 -5
- package/core/rule-selection-service.js +52 -55
- package/docs/CONFIGURATION.md +111 -3
- package/docs/LANGUAGE-SPECIFIC-RULES.md +308 -0
- package/docs/README.md +3 -0
- package/docs/STANDARDIZED-CATEGORY-FILTERING.md +156 -0
- package/engines/eslint-engine.js +92 -2
- package/engines/heuristic-engine.js +8 -31
- package/origin-rules/common-en.md +1320 -0
- package/origin-rules/dart-en.md +289 -0
- package/origin-rules/java-en.md +60 -0
- package/origin-rules/kotlin-mobile-en.md +453 -0
- package/origin-rules/reactjs-en.md +102 -0
- package/origin-rules/security-en.md +1055 -0
- package/origin-rules/swift-en.md +449 -0
- package/origin-rules/typescript-en.md +136 -0
- package/package.json +6 -5
- package/scripts/copy-rules.js +86 -0
- package/rules/README.md +0 -252
- package/rules/common/C002_no_duplicate_code/analyzer.js +0 -65
- package/rules/common/C002_no_duplicate_code/config.json +0 -23
- package/rules/common/C003_no_vague_abbreviations/analyzer.js +0 -418
- package/rules/common/C003_no_vague_abbreviations/config.json +0 -35
- package/rules/common/C006_function_naming/analyzer.js +0 -349
- package/rules/common/C006_function_naming/config.json +0 -86
- package/rules/common/C010_limit_block_nesting/analyzer.js +0 -389
- package/rules/common/C013_no_dead_code/analyzer.js +0 -206
- package/rules/common/C014_dependency_injection/analyzer.js +0 -338
- package/rules/common/C017_constructor_logic/analyzer.js +0 -314
- package/rules/common/C019_log_level_usage/analyzer.js +0 -362
- package/rules/common/C019_log_level_usage/config.json +0 -121
- package/rules/common/C029_catch_block_logging/analyzer.js +0 -373
- package/rules/common/C029_catch_block_logging/config.json +0 -59
- package/rules/common/C031_validation_separation/analyzer.js +0 -186
- package/rules/common/C041_no_sensitive_hardcode/analyzer.js +0 -292
- package/rules/common/C042_boolean_name_prefix/analyzer.js +0 -300
- package/rules/common/C043_no_console_or_print/analyzer.js +0 -304
- package/rules/common/C047_no_duplicate_retry_logic/analyzer.js +0 -351
- package/rules/common/C075_explicit_return_types/analyzer.js +0 -103
- package/rules/common/C076_single_test_behavior/analyzer.js +0 -121
- package/rules/docs/C002_no_duplicate_code.md +0 -57
- package/rules/docs/C031_validation_separation.md +0 -72
- package/rules/index.js +0 -149
- package/rules/migration/converter.js +0 -385
- package/rules/migration/mapping.json +0 -164
- package/rules/security/S026_json_schema_validation/analyzer.js +0 -251
- package/rules/security/S026_json_schema_validation/config.json +0 -27
- package/rules/security/S027_no_hardcoded_secrets/analyzer.js +0 -263
- package/rules/security/S027_no_hardcoded_secrets/config.json +0 -29
- package/rules/security/S029_csrf_protection/analyzer.js +0 -264
- package/rules/tests/C002_no_duplicate_code.test.js +0 -50
- package/rules/universal/C010/generic.js +0 -0
- package/rules/universal/C010/tree-sitter-analyzer.js +0 -0
- package/rules/utils/ast-utils.js +0 -191
- package/rules/utils/base-analyzer.js +0 -98
- package/rules/utils/pattern-matchers.js +0 -239
- package/rules/utils/rule-helpers.js +0 -264
- package/rules/utils/severity-constants.js +0 -93
|
@@ -0,0 +1,1941 @@
|
|
|
1
|
+
{
|
|
2
|
+
"metadata": {
|
|
3
|
+
"totalRules": 256,
|
|
4
|
+
"generatedAt": "2025-07-30T08:59:10.122Z",
|
|
5
|
+
"source": "origin-rules"
|
|
6
|
+
},
|
|
7
|
+
"categories": {
|
|
8
|
+
"quality": [
|
|
9
|
+
{
|
|
10
|
+
"id": "C001",
|
|
11
|
+
"name": "Functions should not exceed 50 lines",
|
|
12
|
+
"severity": "major",
|
|
13
|
+
"status": "draft"
|
|
14
|
+
},
|
|
15
|
+
{
|
|
16
|
+
"id": "C002",
|
|
17
|
+
"name": "Avoid code duplication > 10 lines",
|
|
18
|
+
"severity": "major",
|
|
19
|
+
"status": "draft"
|
|
20
|
+
},
|
|
21
|
+
{
|
|
22
|
+
"id": "C003",
|
|
23
|
+
"name": "Use clear variable names; avoid arbitrary abbreviations",
|
|
24
|
+
"severity": "major",
|
|
25
|
+
"status": "activated"
|
|
26
|
+
},
|
|
27
|
+
{
|
|
28
|
+
"id": "C004",
|
|
29
|
+
"name": "No TODOs older than 14 days",
|
|
30
|
+
"severity": "major",
|
|
31
|
+
"status": "draft"
|
|
32
|
+
},
|
|
33
|
+
{
|
|
34
|
+
"id": "C005",
|
|
35
|
+
"name": "Each function should do only one thing",
|
|
36
|
+
"severity": "major",
|
|
37
|
+
"status": "draft"
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
"id": "C006",
|
|
41
|
+
"name": "Function names must be verbs or verb-noun combinations",
|
|
42
|
+
"severity": "major",
|
|
43
|
+
"status": "activated"
|
|
44
|
+
},
|
|
45
|
+
{
|
|
46
|
+
"id": "C007",
|
|
47
|
+
"name": "Avoid comments that just restate the code",
|
|
48
|
+
"severity": "major",
|
|
49
|
+
"status": "draft"
|
|
50
|
+
},
|
|
51
|
+
{
|
|
52
|
+
"id": "C008",
|
|
53
|
+
"name": "Declare variables close to where they are used",
|
|
54
|
+
"severity": "major",
|
|
55
|
+
"status": "draft"
|
|
56
|
+
},
|
|
57
|
+
{
|
|
58
|
+
"id": "C009",
|
|
59
|
+
"name": "Each class should have a single responsibility",
|
|
60
|
+
"severity": "major",
|
|
61
|
+
"status": "draft"
|
|
62
|
+
},
|
|
63
|
+
{
|
|
64
|
+
"id": "C010",
|
|
65
|
+
"name": "Avoid more than 3 levels of nested blocks",
|
|
66
|
+
"severity": "major",
|
|
67
|
+
"status": "draft"
|
|
68
|
+
},
|
|
69
|
+
{
|
|
70
|
+
"id": "C011",
|
|
71
|
+
"name": "Avoid catching generic exceptions (e.g., `catch (Exception)`)",
|
|
72
|
+
"severity": "major",
|
|
73
|
+
"status": "draft"
|
|
74
|
+
},
|
|
75
|
+
{
|
|
76
|
+
"id": "C012",
|
|
77
|
+
"name": "Clearly separate Command and Query",
|
|
78
|
+
"severity": "major",
|
|
79
|
+
"status": "draft"
|
|
80
|
+
},
|
|
81
|
+
{
|
|
82
|
+
"id": "C013",
|
|
83
|
+
"name": "Do not use dead code",
|
|
84
|
+
"severity": "major",
|
|
85
|
+
"status": "activated"
|
|
86
|
+
},
|
|
87
|
+
{
|
|
88
|
+
"id": "C014",
|
|
89
|
+
"name": "Use Dependency Injection instead of directly instantiating dependencies",
|
|
90
|
+
"severity": "major",
|
|
91
|
+
"status": "activated"
|
|
92
|
+
},
|
|
93
|
+
{
|
|
94
|
+
"id": "C015",
|
|
95
|
+
"name": "Use domain language in class/function names",
|
|
96
|
+
"severity": "major",
|
|
97
|
+
"status": "draft"
|
|
98
|
+
},
|
|
99
|
+
{
|
|
100
|
+
"id": "C016",
|
|
101
|
+
"name": "TODOs must have a specific reason",
|
|
102
|
+
"severity": "major",
|
|
103
|
+
"status": "draft"
|
|
104
|
+
},
|
|
105
|
+
{
|
|
106
|
+
"id": "C017",
|
|
107
|
+
"name": "Do not put business logic inside constructors",
|
|
108
|
+
"severity": "major",
|
|
109
|
+
"status": "activated"
|
|
110
|
+
},
|
|
111
|
+
{
|
|
112
|
+
"id": "C018",
|
|
113
|
+
"name": "Do not throw generic errors; always provide detailed messages",
|
|
114
|
+
"severity": "major",
|
|
115
|
+
"status": "activated"
|
|
116
|
+
},
|
|
117
|
+
{
|
|
118
|
+
"id": "C019",
|
|
119
|
+
"name": "Do not use `error` log level for non-critical issues",
|
|
120
|
+
"severity": "major",
|
|
121
|
+
"status": "activated"
|
|
122
|
+
},
|
|
123
|
+
{
|
|
124
|
+
"id": "C020",
|
|
125
|
+
"name": "Do not import unused modules or libraries",
|
|
126
|
+
"severity": "major",
|
|
127
|
+
"status": "draft"
|
|
128
|
+
},
|
|
129
|
+
{
|
|
130
|
+
"id": "C021",
|
|
131
|
+
"name": "Consistently order import statements",
|
|
132
|
+
"severity": "major",
|
|
133
|
+
"status": "draft"
|
|
134
|
+
},
|
|
135
|
+
{
|
|
136
|
+
"id": "C022",
|
|
137
|
+
"name": "Do not leave unused variables",
|
|
138
|
+
"severity": "major",
|
|
139
|
+
"status": "draft"
|
|
140
|
+
},
|
|
141
|
+
{
|
|
142
|
+
"id": "C023",
|
|
143
|
+
"name": "Do not declare duplicate variable names in the same scope, including nested closures",
|
|
144
|
+
"severity": "major",
|
|
145
|
+
"status": "activated"
|
|
146
|
+
},
|
|
147
|
+
{
|
|
148
|
+
"id": "C024",
|
|
149
|
+
"name": "Do not scatter hardcoded constants throughout the logic",
|
|
150
|
+
"severity": "major",
|
|
151
|
+
"status": "activated"
|
|
152
|
+
},
|
|
153
|
+
{
|
|
154
|
+
"id": "C025",
|
|
155
|
+
"name": "Each file should contain only one main class",
|
|
156
|
+
"severity": "major",
|
|
157
|
+
"status": "draft"
|
|
158
|
+
},
|
|
159
|
+
{
|
|
160
|
+
"id": "C026",
|
|
161
|
+
"name": "Avoid functions with too many parameters (>6)",
|
|
162
|
+
"severity": "major",
|
|
163
|
+
"status": "draft"
|
|
164
|
+
},
|
|
165
|
+
{
|
|
166
|
+
"id": "C027",
|
|
167
|
+
"name": "Each module should have a README.md if it is independent",
|
|
168
|
+
"severity": "major",
|
|
169
|
+
"status": "draft"
|
|
170
|
+
},
|
|
171
|
+
{
|
|
172
|
+
"id": "C028",
|
|
173
|
+
"name": "Use guard clauses instead of nested ifs",
|
|
174
|
+
"severity": "major",
|
|
175
|
+
"status": "draft"
|
|
176
|
+
},
|
|
177
|
+
{
|
|
178
|
+
"id": "C029",
|
|
179
|
+
"name": "All `catch` blocks must log the root cause of the error",
|
|
180
|
+
"severity": "major",
|
|
181
|
+
"status": "activated"
|
|
182
|
+
},
|
|
183
|
+
{
|
|
184
|
+
"id": "C030",
|
|
185
|
+
"name": "Use custom error classes instead of generic system errors",
|
|
186
|
+
"severity": "major",
|
|
187
|
+
"status": "activated"
|
|
188
|
+
},
|
|
189
|
+
{
|
|
190
|
+
"id": "C031",
|
|
191
|
+
"name": "Validation logic must be separated",
|
|
192
|
+
"severity": "major",
|
|
193
|
+
"status": "activated"
|
|
194
|
+
},
|
|
195
|
+
{
|
|
196
|
+
"id": "C032",
|
|
197
|
+
"name": "Do not call external APIs in constructors or static blocks",
|
|
198
|
+
"severity": "major",
|
|
199
|
+
"status": "draft"
|
|
200
|
+
},
|
|
201
|
+
{
|
|
202
|
+
"id": "C033",
|
|
203
|
+
"name": "Separate processing logic and data access in the service layer",
|
|
204
|
+
"severity": "major",
|
|
205
|
+
"status": "activated"
|
|
206
|
+
},
|
|
207
|
+
{
|
|
208
|
+
"id": "C034",
|
|
209
|
+
"name": "Avoid directly accessing global state in domain logic",
|
|
210
|
+
"severity": "major",
|
|
211
|
+
"status": "draft"
|
|
212
|
+
},
|
|
213
|
+
{
|
|
214
|
+
"id": "C035",
|
|
215
|
+
"name": "Log all relevant context when handling errors",
|
|
216
|
+
"severity": "major",
|
|
217
|
+
"status": "activated"
|
|
218
|
+
},
|
|
219
|
+
{
|
|
220
|
+
"id": "C036",
|
|
221
|
+
"name": "Do not throw generic exceptions like `RuntimeException` or `Exception`",
|
|
222
|
+
"severity": "major",
|
|
223
|
+
"status": "draft"
|
|
224
|
+
},
|
|
225
|
+
{
|
|
226
|
+
"id": "C037",
|
|
227
|
+
"name": "API handler functions should return a standardized response object (not raw strings)",
|
|
228
|
+
"severity": "major",
|
|
229
|
+
"status": "draft"
|
|
230
|
+
},
|
|
231
|
+
{
|
|
232
|
+
"id": "C038",
|
|
233
|
+
"name": "Avoid logic that depends on file/module load order",
|
|
234
|
+
"severity": "major",
|
|
235
|
+
"status": "draft"
|
|
236
|
+
},
|
|
237
|
+
{
|
|
238
|
+
"id": "C039",
|
|
239
|
+
"name": "Do not store temporary data in global or static mutable fields",
|
|
240
|
+
"severity": "major",
|
|
241
|
+
"status": "draft"
|
|
242
|
+
},
|
|
243
|
+
{
|
|
244
|
+
"id": "C040",
|
|
245
|
+
"name": "Do not spread validation logic across multiple classes",
|
|
246
|
+
"severity": "major",
|
|
247
|
+
"status": "activated"
|
|
248
|
+
},
|
|
249
|
+
{
|
|
250
|
+
"id": "C042",
|
|
251
|
+
"name": "Boolean variable names should start with `is`, `has`, or `should`",
|
|
252
|
+
"severity": "major",
|
|
253
|
+
"status": "activated"
|
|
254
|
+
},
|
|
255
|
+
{
|
|
256
|
+
"id": "C045",
|
|
257
|
+
"name": "APIs should not return 500 errors for known business errors",
|
|
258
|
+
"severity": "major",
|
|
259
|
+
"status": "draft"
|
|
260
|
+
},
|
|
261
|
+
{
|
|
262
|
+
"id": "C047",
|
|
263
|
+
"name": "Retry logic must not be duplicated in multiple places",
|
|
264
|
+
"severity": "major",
|
|
265
|
+
"status": "activated"
|
|
266
|
+
},
|
|
267
|
+
{
|
|
268
|
+
"id": "C048",
|
|
269
|
+
"name": "Do not bypass architectural layers (controller/service/repository)",
|
|
270
|
+
"severity": "major",
|
|
271
|
+
"status": "activated"
|
|
272
|
+
},
|
|
273
|
+
{
|
|
274
|
+
"id": "C049",
|
|
275
|
+
"name": "Always include a clear default case in switch/case statements",
|
|
276
|
+
"severity": "major",
|
|
277
|
+
"status": "draft"
|
|
278
|
+
},
|
|
279
|
+
{
|
|
280
|
+
"id": "C052",
|
|
281
|
+
"name": "Parsing or data transformation logic must be separated from controllers",
|
|
282
|
+
"severity": "major",
|
|
283
|
+
"status": "activated"
|
|
284
|
+
},
|
|
285
|
+
{
|
|
286
|
+
"id": "C053",
|
|
287
|
+
"name": "Avoid vague function names like \"handle\" or \"process\"",
|
|
288
|
+
"severity": "minor",
|
|
289
|
+
"status": "draft"
|
|
290
|
+
},
|
|
291
|
+
{
|
|
292
|
+
"id": "C058",
|
|
293
|
+
"name": "Enums must have clear display labels",
|
|
294
|
+
"severity": "minor",
|
|
295
|
+
"status": "draft"
|
|
296
|
+
},
|
|
297
|
+
{
|
|
298
|
+
"id": "C059",
|
|
299
|
+
"name": "Do not create abstractions just to group constants",
|
|
300
|
+
"severity": "minor",
|
|
301
|
+
"status": "draft"
|
|
302
|
+
},
|
|
303
|
+
{
|
|
304
|
+
"id": "C060",
|
|
305
|
+
"name": "Do not override superclass methods and ignore critical logic",
|
|
306
|
+
"severity": "major",
|
|
307
|
+
"status": "activated"
|
|
308
|
+
},
|
|
309
|
+
{
|
|
310
|
+
"id": "C061",
|
|
311
|
+
"name": "Write unit tests for business logic",
|
|
312
|
+
"severity": "major",
|
|
313
|
+
"status": "activated"
|
|
314
|
+
},
|
|
315
|
+
{
|
|
316
|
+
"id": "C062",
|
|
317
|
+
"name": "Interfaces or abstractions should not hold state",
|
|
318
|
+
"severity": "major",
|
|
319
|
+
"status": "draft"
|
|
320
|
+
},
|
|
321
|
+
{
|
|
322
|
+
"id": "C063",
|
|
323
|
+
"name": "Do not repeat the same test logic",
|
|
324
|
+
"severity": "minor",
|
|
325
|
+
"status": "draft"
|
|
326
|
+
},
|
|
327
|
+
{
|
|
328
|
+
"id": "C064",
|
|
329
|
+
"name": "Interfaces should expose only necessary behavior",
|
|
330
|
+
"severity": "major",
|
|
331
|
+
"status": "draft"
|
|
332
|
+
},
|
|
333
|
+
{
|
|
334
|
+
"id": "C065",
|
|
335
|
+
"name": "Each test case should verify only one behavior",
|
|
336
|
+
"severity": "major",
|
|
337
|
+
"status": "activated"
|
|
338
|
+
},
|
|
339
|
+
{
|
|
340
|
+
"id": "C066",
|
|
341
|
+
"name": "Test names should reflect what is being tested",
|
|
342
|
+
"severity": "minor",
|
|
343
|
+
"status": "draft"
|
|
344
|
+
},
|
|
345
|
+
{
|
|
346
|
+
"id": "C067",
|
|
347
|
+
"name": "Do not hardcode configuration inside code",
|
|
348
|
+
"severity": "major",
|
|
349
|
+
"status": "activated"
|
|
350
|
+
},
|
|
351
|
+
{
|
|
352
|
+
"id": "C068",
|
|
353
|
+
"name": "Avoid unclear return types in functions",
|
|
354
|
+
"severity": "major",
|
|
355
|
+
"status": "draft"
|
|
356
|
+
},
|
|
357
|
+
{
|
|
358
|
+
"id": "C069",
|
|
359
|
+
"name": "Components should communicate via abstractions",
|
|
360
|
+
"severity": "major",
|
|
361
|
+
"status": "draft"
|
|
362
|
+
},
|
|
363
|
+
{
|
|
364
|
+
"id": "C070",
|
|
365
|
+
"name": "Tests should not rely on real time",
|
|
366
|
+
"severity": "major",
|
|
367
|
+
"status": "activated"
|
|
368
|
+
},
|
|
369
|
+
{
|
|
370
|
+
"id": "C071",
|
|
371
|
+
"name": "Test class names should reflect the corresponding module",
|
|
372
|
+
"severity": "minor",
|
|
373
|
+
"status": "draft"
|
|
374
|
+
},
|
|
375
|
+
{
|
|
376
|
+
"id": "C072",
|
|
377
|
+
"name": "Each test should assert only one behavior",
|
|
378
|
+
"severity": "major",
|
|
379
|
+
"status": "activated"
|
|
380
|
+
},
|
|
381
|
+
{
|
|
382
|
+
"id": "C073",
|
|
383
|
+
"name": "All required configurations must be validated at startup",
|
|
384
|
+
"severity": "major",
|
|
385
|
+
"status": "activated"
|
|
386
|
+
},
|
|
387
|
+
{
|
|
388
|
+
"id": "C074",
|
|
389
|
+
"name": "Avoid magic numbers/values in code",
|
|
390
|
+
"severity": "major",
|
|
391
|
+
"status": "draft"
|
|
392
|
+
},
|
|
393
|
+
{
|
|
394
|
+
"id": "C075",
|
|
395
|
+
"name": "All functions must explicitly declare return types",
|
|
396
|
+
"severity": "major",
|
|
397
|
+
"status": "activated"
|
|
398
|
+
},
|
|
399
|
+
{
|
|
400
|
+
"id": "C076",
|
|
401
|
+
"name": "All public functions must declare explicit types for arguments",
|
|
402
|
+
"severity": "major",
|
|
403
|
+
"status": "activated"
|
|
404
|
+
},
|
|
405
|
+
{
|
|
406
|
+
"id": "D001",
|
|
407
|
+
"name": "Keep parameter names consistent when overriding methods",
|
|
408
|
+
"severity": "major",
|
|
409
|
+
"status": "activated"
|
|
410
|
+
},
|
|
411
|
+
{
|
|
412
|
+
"id": "D002",
|
|
413
|
+
"name": "Avoid using single cascade (..) operators",
|
|
414
|
+
"severity": "major",
|
|
415
|
+
"status": "activated"
|
|
416
|
+
},
|
|
417
|
+
{
|
|
418
|
+
"id": "D004",
|
|
419
|
+
"name": "Use standard `package:` imports",
|
|
420
|
+
"severity": "major",
|
|
421
|
+
"status": "activated"
|
|
422
|
+
},
|
|
423
|
+
{
|
|
424
|
+
"id": "D005",
|
|
425
|
+
"name": "Always declare function return types",
|
|
426
|
+
"severity": "major",
|
|
427
|
+
"status": "activated"
|
|
428
|
+
},
|
|
429
|
+
{
|
|
430
|
+
"id": "D006",
|
|
431
|
+
"name": "Do not override `==` and `hashCode` in mutable classes",
|
|
432
|
+
"severity": "critical",
|
|
433
|
+
"status": "activated"
|
|
434
|
+
},
|
|
435
|
+
{
|
|
436
|
+
"id": "D009",
|
|
437
|
+
"name": "Do not use throw or control flow in `finally`",
|
|
438
|
+
"severity": "critical",
|
|
439
|
+
"status": "activated"
|
|
440
|
+
},
|
|
441
|
+
{
|
|
442
|
+
"id": "D010",
|
|
443
|
+
"name": "Handle all cases when using `switch` with enums or enum-like classes",
|
|
444
|
+
"severity": "major",
|
|
445
|
+
"status": "activated"
|
|
446
|
+
},
|
|
447
|
+
{
|
|
448
|
+
"id": "D014",
|
|
449
|
+
"name": "Use conditional assignment `??=` instead of `if-null-then-assign`",
|
|
450
|
+
"severity": "major",
|
|
451
|
+
"status": "activated"
|
|
452
|
+
},
|
|
453
|
+
{
|
|
454
|
+
"id": "D015",
|
|
455
|
+
"name": "Use `final`, `const` for immutable variables",
|
|
456
|
+
"severity": "major",
|
|
457
|
+
"status": "activated"
|
|
458
|
+
},
|
|
459
|
+
{
|
|
460
|
+
"id": "D016",
|
|
461
|
+
"name": "Use explicit definitions for function types in parameters",
|
|
462
|
+
"severity": "major",
|
|
463
|
+
"status": "activated"
|
|
464
|
+
},
|
|
465
|
+
{
|
|
466
|
+
"id": "D017",
|
|
467
|
+
"name": "Ensure simple and correct Regex syntax",
|
|
468
|
+
"severity": "major",
|
|
469
|
+
"status": "activated"
|
|
470
|
+
},
|
|
471
|
+
{
|
|
472
|
+
"id": "D018",
|
|
473
|
+
"name": "Use `rethrow` instead of `throw` when re-throwing errors",
|
|
474
|
+
"severity": "major",
|
|
475
|
+
"status": "activated"
|
|
476
|
+
},
|
|
477
|
+
{
|
|
478
|
+
"id": "D019",
|
|
479
|
+
"name": "Use `isEmpty` / `isNotEmpty` for String, Iterable and Map",
|
|
480
|
+
"severity": "major",
|
|
481
|
+
"status": "activated"
|
|
482
|
+
},
|
|
483
|
+
{
|
|
484
|
+
"id": "D021",
|
|
485
|
+
"name": "Use `BuildContext` synchronously",
|
|
486
|
+
"severity": "critical",
|
|
487
|
+
"status": "activated"
|
|
488
|
+
},
|
|
489
|
+
{
|
|
490
|
+
"id": "D022",
|
|
491
|
+
"name": "Place `child:` at the end when constructing widgets",
|
|
492
|
+
"severity": "major",
|
|
493
|
+
"status": "activated"
|
|
494
|
+
},
|
|
495
|
+
{
|
|
496
|
+
"id": "J001",
|
|
497
|
+
"name": "Use Null Object or Optional instead of repetitive null checks",
|
|
498
|
+
"severity": "major",
|
|
499
|
+
"status": "activated"
|
|
500
|
+
},
|
|
501
|
+
{
|
|
502
|
+
"id": "J002",
|
|
503
|
+
"name": "Do not use `null` as a default value unless absolutely necessary",
|
|
504
|
+
"severity": "major",
|
|
505
|
+
"status": "activated"
|
|
506
|
+
},
|
|
507
|
+
{
|
|
508
|
+
"id": "J003",
|
|
509
|
+
"name": "Every enum must provide a clear toString or description when used in UI/logs",
|
|
510
|
+
"severity": "major",
|
|
511
|
+
"status": "activated"
|
|
512
|
+
},
|
|
513
|
+
{
|
|
514
|
+
"id": "J004",
|
|
515
|
+
"name": "Avoid creating enums/classes just to wrap fixed constants",
|
|
516
|
+
"severity": "major",
|
|
517
|
+
"status": "activated"
|
|
518
|
+
},
|
|
519
|
+
{
|
|
520
|
+
"id": "J005",
|
|
521
|
+
"name": "Always use `final` or `const` for variables that do not change",
|
|
522
|
+
"severity": "major",
|
|
523
|
+
"status": "activated"
|
|
524
|
+
},
|
|
525
|
+
{
|
|
526
|
+
"id": "J006",
|
|
527
|
+
"name": "Do not override methods without calling `super` when required",
|
|
528
|
+
"severity": "major",
|
|
529
|
+
"status": "activated"
|
|
530
|
+
},
|
|
531
|
+
{
|
|
532
|
+
"id": "K001",
|
|
533
|
+
"name": "Use Named Arguments when functions have more than 3 parameters",
|
|
534
|
+
"severity": "major",
|
|
535
|
+
"status": "activated"
|
|
536
|
+
},
|
|
537
|
+
{
|
|
538
|
+
"id": "K002",
|
|
539
|
+
"name": "Limit function complexity (Cyclomatic Complexity)",
|
|
540
|
+
"severity": "critical",
|
|
541
|
+
"status": "activated"
|
|
542
|
+
},
|
|
543
|
+
{
|
|
544
|
+
"id": "K003",
|
|
545
|
+
"name": "Avoid overly complex conditions",
|
|
546
|
+
"severity": "critical",
|
|
547
|
+
"status": "activated"
|
|
548
|
+
},
|
|
549
|
+
{
|
|
550
|
+
"id": "K004",
|
|
551
|
+
"name": "Avoid nesting code more than 4 levels deep in functions",
|
|
552
|
+
"severity": "critical",
|
|
553
|
+
"status": "activated"
|
|
554
|
+
},
|
|
555
|
+
{
|
|
556
|
+
"id": "K005",
|
|
557
|
+
"name": "Do not use `GlobalScope`",
|
|
558
|
+
"severity": "critical",
|
|
559
|
+
"status": "activated"
|
|
560
|
+
},
|
|
561
|
+
{
|
|
562
|
+
"id": "K010",
|
|
563
|
+
"name": "Do not check/cast exceptions in `catch` blocks",
|
|
564
|
+
"severity": "major",
|
|
565
|
+
"status": "activated"
|
|
566
|
+
},
|
|
567
|
+
{
|
|
568
|
+
"id": "K011",
|
|
569
|
+
"name": "Use `class` instead of `object` when extending `Throwable`",
|
|
570
|
+
"severity": "major",
|
|
571
|
+
"status": "activated"
|
|
572
|
+
},
|
|
573
|
+
{
|
|
574
|
+
"id": "K012",
|
|
575
|
+
"name": "Do not `return` or `throw` in `finally`",
|
|
576
|
+
"severity": "critical",
|
|
577
|
+
"status": "activated"
|
|
578
|
+
},
|
|
579
|
+
{
|
|
580
|
+
"id": "K013",
|
|
581
|
+
"name": "Do not wrap and rethrow the same exception type",
|
|
582
|
+
"severity": "major",
|
|
583
|
+
"status": "activated"
|
|
584
|
+
},
|
|
585
|
+
{
|
|
586
|
+
"id": "K016",
|
|
587
|
+
"name": "Do not use `else` in `when` with `enum` or `sealed` classes",
|
|
588
|
+
"severity": "major",
|
|
589
|
+
"status": "activated"
|
|
590
|
+
},
|
|
591
|
+
{
|
|
592
|
+
"id": "K018",
|
|
593
|
+
"name": "Do not ignore function return values",
|
|
594
|
+
"severity": "major",
|
|
595
|
+
"status": "activated"
|
|
596
|
+
},
|
|
597
|
+
{
|
|
598
|
+
"id": "K019",
|
|
599
|
+
"name": "Avoid using not-null assertion (!!) to get values from Map",
|
|
600
|
+
"severity": "major",
|
|
601
|
+
"status": "activated"
|
|
602
|
+
},
|
|
603
|
+
{
|
|
604
|
+
"id": "K020",
|
|
605
|
+
"name": "Do not call `toString()` on nullable objects",
|
|
606
|
+
"severity": "major",
|
|
607
|
+
"status": "activated"
|
|
608
|
+
},
|
|
609
|
+
{
|
|
610
|
+
"id": "K021",
|
|
611
|
+
"name": "Avoid unreachable catch blocks",
|
|
612
|
+
"severity": "major",
|
|
613
|
+
"status": "activated"
|
|
614
|
+
},
|
|
615
|
+
{
|
|
616
|
+
"id": "K022",
|
|
617
|
+
"name": "Avoid unsafe casting",
|
|
618
|
+
"severity": "major",
|
|
619
|
+
"status": "activated"
|
|
620
|
+
},
|
|
621
|
+
{
|
|
622
|
+
"id": "K023",
|
|
623
|
+
"name": "Do not use properties before declaration",
|
|
624
|
+
"severity": "major",
|
|
625
|
+
"status": "activated"
|
|
626
|
+
},
|
|
627
|
+
{
|
|
628
|
+
"id": "K024",
|
|
629
|
+
"name": "Ensure proper modifier order",
|
|
630
|
+
"severity": "major",
|
|
631
|
+
"status": "activated"
|
|
632
|
+
},
|
|
633
|
+
{
|
|
634
|
+
"id": "K025",
|
|
635
|
+
"name": "Ensure proper parameter order in Composable functions",
|
|
636
|
+
"severity": "major",
|
|
637
|
+
"status": "activated"
|
|
638
|
+
},
|
|
639
|
+
{
|
|
640
|
+
"id": "K026",
|
|
641
|
+
"name": "Each component should serve a single purpose",
|
|
642
|
+
"severity": "major",
|
|
643
|
+
"status": "activated"
|
|
644
|
+
},
|
|
645
|
+
{
|
|
646
|
+
"id": "K027",
|
|
647
|
+
"name": "Composables returning Unit should use PascalCase and be nouns",
|
|
648
|
+
"severity": "major",
|
|
649
|
+
"status": "activated"
|
|
650
|
+
},
|
|
651
|
+
{
|
|
652
|
+
"id": "K028",
|
|
653
|
+
"name": "`@Composable` factory functions that return values should use camelCase",
|
|
654
|
+
"severity": "major",
|
|
655
|
+
"status": "activated"
|
|
656
|
+
},
|
|
657
|
+
{
|
|
658
|
+
"id": "K029",
|
|
659
|
+
"name": "Prefer Stateless `@Composable` functions",
|
|
660
|
+
"severity": "major",
|
|
661
|
+
"status": "activated"
|
|
662
|
+
},
|
|
663
|
+
{
|
|
664
|
+
"id": "K030",
|
|
665
|
+
"name": "Enhance extensibility by declaring state using interfaces",
|
|
666
|
+
"severity": "major",
|
|
667
|
+
"status": "activated"
|
|
668
|
+
},
|
|
669
|
+
{
|
|
670
|
+
"id": "K031",
|
|
671
|
+
"name": "Create different components instead of multiple style classes",
|
|
672
|
+
"severity": "major",
|
|
673
|
+
"status": "activated"
|
|
674
|
+
},
|
|
675
|
+
{
|
|
676
|
+
"id": "K033",
|
|
677
|
+
"name": "Don't pass `MutableState<T>` to `@Composable`",
|
|
678
|
+
"severity": "critical",
|
|
679
|
+
"status": "activated"
|
|
680
|
+
},
|
|
681
|
+
{
|
|
682
|
+
"id": "K034",
|
|
683
|
+
"name": "Prefer `Slot` parameters for extensibility",
|
|
684
|
+
"severity": "major",
|
|
685
|
+
"status": "activated"
|
|
686
|
+
},
|
|
687
|
+
{
|
|
688
|
+
"id": "R001",
|
|
689
|
+
"name": "Components must be idempotent",
|
|
690
|
+
"severity": "major",
|
|
691
|
+
"status": "activated"
|
|
692
|
+
},
|
|
693
|
+
{
|
|
694
|
+
"id": "R003",
|
|
695
|
+
"name": "Props and state are immutable",
|
|
696
|
+
"severity": "major",
|
|
697
|
+
"status": "activated"
|
|
698
|
+
},
|
|
699
|
+
{
|
|
700
|
+
"id": "R004",
|
|
701
|
+
"name": "Return values and arguments to Hooks are immutable",
|
|
702
|
+
"severity": "major",
|
|
703
|
+
"status": "activated"
|
|
704
|
+
},
|
|
705
|
+
{
|
|
706
|
+
"id": "R005",
|
|
707
|
+
"name": "Values are immutable after being passed to JSX",
|
|
708
|
+
"severity": "major",
|
|
709
|
+
"status": "activated"
|
|
710
|
+
},
|
|
711
|
+
{
|
|
712
|
+
"id": "R006",
|
|
713
|
+
"name": "Never call component functions directly",
|
|
714
|
+
"severity": "major",
|
|
715
|
+
"status": "activated"
|
|
716
|
+
},
|
|
717
|
+
{
|
|
718
|
+
"id": "R007",
|
|
719
|
+
"name": "Never pass hooks as regular values",
|
|
720
|
+
"severity": "major",
|
|
721
|
+
"status": "activated"
|
|
722
|
+
},
|
|
723
|
+
{
|
|
724
|
+
"id": "R008",
|
|
725
|
+
"name": "Only call Hooks at the top level",
|
|
726
|
+
"severity": "major",
|
|
727
|
+
"status": "activated"
|
|
728
|
+
},
|
|
729
|
+
{
|
|
730
|
+
"id": "R009",
|
|
731
|
+
"name": "Only call Hooks from React functions",
|
|
732
|
+
"severity": "major",
|
|
733
|
+
"status": "activated"
|
|
734
|
+
},
|
|
735
|
+
{
|
|
736
|
+
"id": "SW001",
|
|
737
|
+
"name": "Use Swift's observe property instead of legacy KVO",
|
|
738
|
+
"severity": "major",
|
|
739
|
+
"status": "activated"
|
|
740
|
+
},
|
|
741
|
+
{
|
|
742
|
+
"id": "SW002",
|
|
743
|
+
"name": "Delegate Protocols must be class-only",
|
|
744
|
+
"severity": "major",
|
|
745
|
+
"status": "activated"
|
|
746
|
+
},
|
|
747
|
+
{
|
|
748
|
+
"id": "SW003",
|
|
749
|
+
"name": "Do not directly instantiate system protocols",
|
|
750
|
+
"severity": "major",
|
|
751
|
+
"status": "activated"
|
|
752
|
+
},
|
|
753
|
+
{
|
|
754
|
+
"id": "SW005",
|
|
755
|
+
"name": "Use `enum` for types with only static members",
|
|
756
|
+
"severity": "major",
|
|
757
|
+
"status": "activated"
|
|
758
|
+
},
|
|
759
|
+
{
|
|
760
|
+
"id": "SW007",
|
|
761
|
+
"name": "Avoid direct instantiation of system types",
|
|
762
|
+
"severity": "major",
|
|
763
|
+
"status": "activated"
|
|
764
|
+
},
|
|
765
|
+
{
|
|
766
|
+
"id": "SW008",
|
|
767
|
+
"name": "Do not use optionals for Boolean values",
|
|
768
|
+
"severity": "critical",
|
|
769
|
+
"status": "activated"
|
|
770
|
+
},
|
|
771
|
+
{
|
|
772
|
+
"id": "SW009",
|
|
773
|
+
"name": "Prefer `.isEmpty` over `.count == 0`",
|
|
774
|
+
"severity": "major",
|
|
775
|
+
"status": "activated"
|
|
776
|
+
},
|
|
777
|
+
{
|
|
778
|
+
"id": "SW010",
|
|
779
|
+
"name": "Prefer `isEmpty` over comparing to `\"\"`",
|
|
780
|
+
"severity": "major",
|
|
781
|
+
"status": "activated"
|
|
782
|
+
},
|
|
783
|
+
{
|
|
784
|
+
"id": "SW011",
|
|
785
|
+
"name": "Do not use `.init()` unnecessarily",
|
|
786
|
+
"severity": "major",
|
|
787
|
+
"status": "activated"
|
|
788
|
+
},
|
|
789
|
+
{
|
|
790
|
+
"id": "SW012",
|
|
791
|
+
"name": "Always provide a clear message when using `fatalError`",
|
|
792
|
+
"severity": "major",
|
|
793
|
+
"status": "activated"
|
|
794
|
+
},
|
|
795
|
+
{
|
|
796
|
+
"id": "SW013",
|
|
797
|
+
"name": "Prefer `for-where` over `if` inside loops",
|
|
798
|
+
"severity": "major",
|
|
799
|
+
"status": "activated"
|
|
800
|
+
},
|
|
801
|
+
{
|
|
802
|
+
"id": "SW017",
|
|
803
|
+
"name": "Limit function parameters to less than 6",
|
|
804
|
+
"severity": "major",
|
|
805
|
+
"status": "activated"
|
|
806
|
+
},
|
|
807
|
+
{
|
|
808
|
+
"id": "SW018",
|
|
809
|
+
"name": "Do not use tuples with too many elements",
|
|
810
|
+
"severity": "major",
|
|
811
|
+
"status": "activated"
|
|
812
|
+
},
|
|
813
|
+
{
|
|
814
|
+
"id": "SW019",
|
|
815
|
+
"name": "Use Swift initializers instead of Objective-C style",
|
|
816
|
+
"severity": "major",
|
|
817
|
+
"status": "activated"
|
|
818
|
+
},
|
|
819
|
+
{
|
|
820
|
+
"id": "SW020",
|
|
821
|
+
"name": "Data types should be nested at most 1 level",
|
|
822
|
+
"severity": "major",
|
|
823
|
+
"status": "activated"
|
|
824
|
+
},
|
|
825
|
+
{
|
|
826
|
+
"id": "SW021",
|
|
827
|
+
"name": "Do not use access modifiers with extensions",
|
|
828
|
+
"severity": "critical",
|
|
829
|
+
"status": "activated"
|
|
830
|
+
},
|
|
831
|
+
{
|
|
832
|
+
"id": "SW022",
|
|
833
|
+
"name": "Call `super` in lifecycle methods",
|
|
834
|
+
"severity": "major",
|
|
835
|
+
"status": "activated"
|
|
836
|
+
},
|
|
837
|
+
{
|
|
838
|
+
"id": "SW023",
|
|
839
|
+
"name": "Do not use `override` in extensions",
|
|
840
|
+
"severity": "critical",
|
|
841
|
+
"status": "activated"
|
|
842
|
+
},
|
|
843
|
+
{
|
|
844
|
+
"id": "SW024",
|
|
845
|
+
"name": "Prefer `private` over `fileprivate`",
|
|
846
|
+
"severity": "major",
|
|
847
|
+
"status": "activated"
|
|
848
|
+
},
|
|
849
|
+
{
|
|
850
|
+
"id": "SW025",
|
|
851
|
+
"name": "Do not declare Unit Test functions as `private`",
|
|
852
|
+
"severity": "critical",
|
|
853
|
+
"status": "activated"
|
|
854
|
+
},
|
|
855
|
+
{
|
|
856
|
+
"id": "SW026",
|
|
857
|
+
"name": "Do not call `super` in specific methods",
|
|
858
|
+
"severity": "major",
|
|
859
|
+
"status": "activated"
|
|
860
|
+
},
|
|
861
|
+
{
|
|
862
|
+
"id": "SW028",
|
|
863
|
+
"name": "Prefer shorthand syntax `[T]` over `Array<T>`",
|
|
864
|
+
"severity": "critical",
|
|
865
|
+
"status": "activated"
|
|
866
|
+
},
|
|
867
|
+
{
|
|
868
|
+
"id": "SW029",
|
|
869
|
+
"name": "Warn for unused closure parameters",
|
|
870
|
+
"severity": "major",
|
|
871
|
+
"status": "activated"
|
|
872
|
+
},
|
|
873
|
+
{
|
|
874
|
+
"id": "SW030",
|
|
875
|
+
"name": "Avoid using `enumerated()` when index is not needed",
|
|
876
|
+
"severity": "major",
|
|
877
|
+
"status": "activated"
|
|
878
|
+
},
|
|
879
|
+
{
|
|
880
|
+
"id": "SW031",
|
|
881
|
+
"name": "Do not use optional binding just to call a function or property",
|
|
882
|
+
"severity": "critical",
|
|
883
|
+
"status": "activated"
|
|
884
|
+
},
|
|
885
|
+
{
|
|
886
|
+
"id": "SW032",
|
|
887
|
+
"name": "Do not use `@IBInspectable` with unsupported types and constants",
|
|
888
|
+
"severity": "major",
|
|
889
|
+
"status": "activated"
|
|
890
|
+
},
|
|
891
|
+
{
|
|
892
|
+
"id": "SW033",
|
|
893
|
+
"name": "Parameters must be vertically aligned when calling functions",
|
|
894
|
+
"severity": "major",
|
|
895
|
+
"status": "activated"
|
|
896
|
+
},
|
|
897
|
+
{
|
|
898
|
+
"id": "SW034",
|
|
899
|
+
"name": "Use `-> Void` instead of `-> ()` for function types",
|
|
900
|
+
"severity": "major",
|
|
901
|
+
"status": "activated"
|
|
902
|
+
},
|
|
903
|
+
{
|
|
904
|
+
"id": "T002",
|
|
905
|
+
"name": "Interface names should start with 'I'",
|
|
906
|
+
"severity": "major",
|
|
907
|
+
"status": "activated"
|
|
908
|
+
},
|
|
909
|
+
{
|
|
910
|
+
"id": "T003",
|
|
911
|
+
"name": "Avoid using @ts-ignore without a clear justification",
|
|
912
|
+
"severity": "major",
|
|
913
|
+
"status": "activated"
|
|
914
|
+
},
|
|
915
|
+
{
|
|
916
|
+
"id": "T004",
|
|
917
|
+
"name": "Disallow declaring empty types like `type X = {}`",
|
|
918
|
+
"severity": "major",
|
|
919
|
+
"status": "activated"
|
|
920
|
+
},
|
|
921
|
+
{
|
|
922
|
+
"id": "T007",
|
|
923
|
+
"name": "Avoid declaring functions inside constructors or class bodies",
|
|
924
|
+
"severity": "major",
|
|
925
|
+
"status": "activated"
|
|
926
|
+
},
|
|
927
|
+
{
|
|
928
|
+
"id": "T010",
|
|
929
|
+
"name": "Avoid deeply nested union or tuple types",
|
|
930
|
+
"severity": "major",
|
|
931
|
+
"status": "activated"
|
|
932
|
+
},
|
|
933
|
+
{
|
|
934
|
+
"id": "T015",
|
|
935
|
+
"name": "Do not use `instanceof` to distinguish behavior when interfaces are available",
|
|
936
|
+
"severity": "major",
|
|
937
|
+
"status": "draft"
|
|
938
|
+
},
|
|
939
|
+
{
|
|
940
|
+
"id": "T016",
|
|
941
|
+
"name": "Use strict type checking",
|
|
942
|
+
"severity": "critical",
|
|
943
|
+
"status": "activated"
|
|
944
|
+
},
|
|
945
|
+
{
|
|
946
|
+
"id": "T017",
|
|
947
|
+
"name": "Use async/await instead of Promises",
|
|
948
|
+
"severity": "major",
|
|
949
|
+
"status": "activated"
|
|
950
|
+
},
|
|
951
|
+
{
|
|
952
|
+
"id": "T018",
|
|
953
|
+
"name": "Use proper error handling",
|
|
954
|
+
"severity": "major",
|
|
955
|
+
"status": "activated"
|
|
956
|
+
},
|
|
957
|
+
{
|
|
958
|
+
"id": "T019",
|
|
959
|
+
"name": "Do not assign to this arbitrarily",
|
|
960
|
+
"severity": "major",
|
|
961
|
+
"status": "activated"
|
|
962
|
+
},
|
|
963
|
+
{
|
|
964
|
+
"id": "T020",
|
|
965
|
+
"name": "Avoid export default for multi-responsibility modules",
|
|
966
|
+
"severity": "major",
|
|
967
|
+
"status": "activated"
|
|
968
|
+
},
|
|
969
|
+
{
|
|
970
|
+
"id": "T021",
|
|
971
|
+
"name": "Limit deeply nested generics",
|
|
972
|
+
"severity": "major",
|
|
973
|
+
"status": "activated"
|
|
974
|
+
}
|
|
975
|
+
],
|
|
976
|
+
"security": [
|
|
977
|
+
{
|
|
978
|
+
"id": "C041",
|
|
979
|
+
"name": "Do not hardcode or push sensitive information (token, API key, secret, URL) into the repo",
|
|
980
|
+
"severity": "major",
|
|
981
|
+
"status": "activated"
|
|
982
|
+
},
|
|
983
|
+
{
|
|
984
|
+
"id": "D003",
|
|
985
|
+
"name": "Avoid calling methods/accessing properties on dynamic types",
|
|
986
|
+
"severity": "critical",
|
|
987
|
+
"status": "activated"
|
|
988
|
+
},
|
|
989
|
+
{
|
|
990
|
+
"id": "D011",
|
|
991
|
+
"name": "Avoid importing `.dart` files from `lib/src` of other packages",
|
|
992
|
+
"severity": "major",
|
|
993
|
+
"status": "activated"
|
|
994
|
+
},
|
|
995
|
+
{
|
|
996
|
+
"id": "D012",
|
|
997
|
+
"name": "Avoid passing null to closure parameters",
|
|
998
|
+
"severity": "major",
|
|
999
|
+
"status": "activated"
|
|
1000
|
+
},
|
|
1001
|
+
{
|
|
1002
|
+
"id": "D020",
|
|
1003
|
+
"name": "Ensure valid URLs in `pubspec.yaml`",
|
|
1004
|
+
"severity": "major",
|
|
1005
|
+
"status": "activated"
|
|
1006
|
+
},
|
|
1007
|
+
{
|
|
1008
|
+
"id": "D023",
|
|
1009
|
+
"name": "Prefer using `contains` for `List` and `String`",
|
|
1010
|
+
"severity": "major",
|
|
1011
|
+
"status": "activated"
|
|
1012
|
+
},
|
|
1013
|
+
{
|
|
1014
|
+
"id": "D024",
|
|
1015
|
+
"name": "Use `??` to convert `null` to `bool`",
|
|
1016
|
+
"severity": "major",
|
|
1017
|
+
"status": "activated"
|
|
1018
|
+
},
|
|
1019
|
+
{
|
|
1020
|
+
"id": "K032",
|
|
1021
|
+
"name": "Don't use `null` as default for nullable parameters",
|
|
1022
|
+
"severity": "major",
|
|
1023
|
+
"status": "activated"
|
|
1024
|
+
},
|
|
1025
|
+
{
|
|
1026
|
+
"id": "S001",
|
|
1027
|
+
"name": "Fail securely when access control errors occur",
|
|
1028
|
+
"severity": "critical",
|
|
1029
|
+
"status": "activated"
|
|
1030
|
+
},
|
|
1031
|
+
{
|
|
1032
|
+
"id": "S002",
|
|
1033
|
+
"name": "Avoid IDOR vulnerabilities in CRUD operations",
|
|
1034
|
+
"severity": "critical",
|
|
1035
|
+
"status": "activated"
|
|
1036
|
+
},
|
|
1037
|
+
{
|
|
1038
|
+
"id": "S003",
|
|
1039
|
+
"name": "URL redirects must be within an allow list",
|
|
1040
|
+
"severity": "major",
|
|
1041
|
+
"status": "activated"
|
|
1042
|
+
},
|
|
1043
|
+
{
|
|
1044
|
+
"id": "S004",
|
|
1045
|
+
"name": "Do not log login credentials, payment information, and unencrypted tokens",
|
|
1046
|
+
"severity": "major",
|
|
1047
|
+
"status": "activated"
|
|
1048
|
+
},
|
|
1049
|
+
{
|
|
1050
|
+
"id": "S005",
|
|
1051
|
+
"name": "Do not use Origin header for authentication or access control",
|
|
1052
|
+
"severity": "major",
|
|
1053
|
+
"status": "activated"
|
|
1054
|
+
},
|
|
1055
|
+
{
|
|
1056
|
+
"id": "S006",
|
|
1057
|
+
"name": "Do not send recovery or activation codes in plaintext",
|
|
1058
|
+
"severity": "major",
|
|
1059
|
+
"status": "activated"
|
|
1060
|
+
},
|
|
1061
|
+
{
|
|
1062
|
+
"id": "S007",
|
|
1063
|
+
"name": "Do not store OTP codes in plaintext",
|
|
1064
|
+
"severity": "major",
|
|
1065
|
+
"status": "activated"
|
|
1066
|
+
},
|
|
1067
|
+
{
|
|
1068
|
+
"id": "S008",
|
|
1069
|
+
"name": "Encryption algorithms and parameters must support flexible configuration and upgrades (crypto agility)",
|
|
1070
|
+
"severity": "major",
|
|
1071
|
+
"status": "activated"
|
|
1072
|
+
},
|
|
1073
|
+
{
|
|
1074
|
+
"id": "S009",
|
|
1075
|
+
"name": "Do not use insecure encryption modes, padding, or cryptographic algorithms",
|
|
1076
|
+
"severity": "major",
|
|
1077
|
+
"status": "activated"
|
|
1078
|
+
},
|
|
1079
|
+
{
|
|
1080
|
+
"id": "S010",
|
|
1081
|
+
"name": "Must use cryptographically secure random number generators (CSPRNG) for security purposes",
|
|
1082
|
+
"severity": "major",
|
|
1083
|
+
"status": "activated"
|
|
1084
|
+
},
|
|
1085
|
+
{
|
|
1086
|
+
"id": "S011",
|
|
1087
|
+
"name": "GUIDs used for security purposes must be generated according to UUID v4 standard with CSPRNG",
|
|
1088
|
+
"severity": "major",
|
|
1089
|
+
"status": "activated"
|
|
1090
|
+
},
|
|
1091
|
+
{
|
|
1092
|
+
"id": "S012",
|
|
1093
|
+
"name": "Protect secrets and encrypt sensitive data",
|
|
1094
|
+
"severity": "major",
|
|
1095
|
+
"status": "activated"
|
|
1096
|
+
},
|
|
1097
|
+
{
|
|
1098
|
+
"id": "S013",
|
|
1099
|
+
"name": "Always use TLS for all connections",
|
|
1100
|
+
"severity": "major",
|
|
1101
|
+
"status": "activated"
|
|
1102
|
+
},
|
|
1103
|
+
{
|
|
1104
|
+
"id": "S014",
|
|
1105
|
+
"name": "Only use TLS 1.2 or 1.3",
|
|
1106
|
+
"severity": "major",
|
|
1107
|
+
"status": "activated"
|
|
1108
|
+
},
|
|
1109
|
+
{
|
|
1110
|
+
"id": "S015",
|
|
1111
|
+
"name": "Only accept trusted TLS certificates and eliminate weak ciphers",
|
|
1112
|
+
"severity": "major",
|
|
1113
|
+
"status": "activated"
|
|
1114
|
+
},
|
|
1115
|
+
{
|
|
1116
|
+
"id": "S016",
|
|
1117
|
+
"name": "Do not pass sensitive data via query string",
|
|
1118
|
+
"severity": "major",
|
|
1119
|
+
"status": "activated"
|
|
1120
|
+
},
|
|
1121
|
+
{
|
|
1122
|
+
"id": "S017",
|
|
1123
|
+
"name": "Always use parameterized queries",
|
|
1124
|
+
"severity": "critical",
|
|
1125
|
+
"status": "activated"
|
|
1126
|
+
},
|
|
1127
|
+
{
|
|
1128
|
+
"id": "S018",
|
|
1129
|
+
"name": "Prefer Allow List for Input Validation",
|
|
1130
|
+
"severity": "major",
|
|
1131
|
+
"status": "activated"
|
|
1132
|
+
},
|
|
1133
|
+
{
|
|
1134
|
+
"id": "S019",
|
|
1135
|
+
"name": "Sanitize input before sending emails to prevent SMTP Injection",
|
|
1136
|
+
"severity": "major",
|
|
1137
|
+
"status": "activated"
|
|
1138
|
+
},
|
|
1139
|
+
{
|
|
1140
|
+
"id": "S020",
|
|
1141
|
+
"name": "Avoid using `eval()` or executing dynamic code",
|
|
1142
|
+
"severity": "major",
|
|
1143
|
+
"status": "activated"
|
|
1144
|
+
},
|
|
1145
|
+
{
|
|
1146
|
+
"id": "S021",
|
|
1147
|
+
"name": "Sanitize user-generated Markdown, CSS, and XSL content",
|
|
1148
|
+
"severity": "major",
|
|
1149
|
+
"status": "activated"
|
|
1150
|
+
},
|
|
1151
|
+
{
|
|
1152
|
+
"id": "S022",
|
|
1153
|
+
"name": "Escape data properly based on output context",
|
|
1154
|
+
"severity": "major",
|
|
1155
|
+
"status": "activated"
|
|
1156
|
+
},
|
|
1157
|
+
{
|
|
1158
|
+
"id": "S023",
|
|
1159
|
+
"name": "Prevent JSON Injection and JSON eval attacks",
|
|
1160
|
+
"severity": "major",
|
|
1161
|
+
"status": "activated"
|
|
1162
|
+
},
|
|
1163
|
+
{
|
|
1164
|
+
"id": "S024",
|
|
1165
|
+
"name": "Protect against XPath Injection and XML External Entity (XXE)",
|
|
1166
|
+
"severity": "major",
|
|
1167
|
+
"status": "draft"
|
|
1168
|
+
},
|
|
1169
|
+
{
|
|
1170
|
+
"id": "S025",
|
|
1171
|
+
"name": "Always validate client-side data on the server",
|
|
1172
|
+
"severity": "major",
|
|
1173
|
+
"status": "activated"
|
|
1174
|
+
},
|
|
1175
|
+
{
|
|
1176
|
+
"id": "S026",
|
|
1177
|
+
"name": "Apply JSON Schema Validation to input data",
|
|
1178
|
+
"severity": "major",
|
|
1179
|
+
"status": "activated"
|
|
1180
|
+
},
|
|
1181
|
+
{
|
|
1182
|
+
"id": "S027",
|
|
1183
|
+
"name": "Never expose secrets in source code or Git",
|
|
1184
|
+
"severity": "major",
|
|
1185
|
+
"status": "activated"
|
|
1186
|
+
},
|
|
1187
|
+
{
|
|
1188
|
+
"id": "S028",
|
|
1189
|
+
"name": "Limit upload file size and number of files per user",
|
|
1190
|
+
"severity": "major",
|
|
1191
|
+
"status": "activated"
|
|
1192
|
+
},
|
|
1193
|
+
{
|
|
1194
|
+
"id": "S029",
|
|
1195
|
+
"name": "Apply CSRF protection for authentication-related features",
|
|
1196
|
+
"severity": "major",
|
|
1197
|
+
"status": "activated"
|
|
1198
|
+
},
|
|
1199
|
+
{
|
|
1200
|
+
"id": "S030",
|
|
1201
|
+
"name": "Disable directory browsing and protect sensitive metadata files",
|
|
1202
|
+
"severity": "major",
|
|
1203
|
+
"status": "activated"
|
|
1204
|
+
},
|
|
1205
|
+
{
|
|
1206
|
+
"id": "S031",
|
|
1207
|
+
"name": "Set the Secure flag on session cookies for HTTPS protection",
|
|
1208
|
+
"severity": "major",
|
|
1209
|
+
"status": "activated"
|
|
1210
|
+
},
|
|
1211
|
+
{
|
|
1212
|
+
"id": "S032",
|
|
1213
|
+
"name": "Enable HttpOnly attribute for Session Cookies to prevent JavaScript access",
|
|
1214
|
+
"severity": "major",
|
|
1215
|
+
"status": "activated"
|
|
1216
|
+
},
|
|
1217
|
+
{
|
|
1218
|
+
"id": "S033",
|
|
1219
|
+
"name": "Set SameSite attribute for Session Cookies to reduce CSRF risk",
|
|
1220
|
+
"severity": "major",
|
|
1221
|
+
"status": "activated"
|
|
1222
|
+
},
|
|
1223
|
+
{
|
|
1224
|
+
"id": "S034",
|
|
1225
|
+
"name": "Use `__Host-` prefix for Session Cookies to prevent subdomain sharing",
|
|
1226
|
+
"severity": "major",
|
|
1227
|
+
"status": "activated"
|
|
1228
|
+
},
|
|
1229
|
+
{
|
|
1230
|
+
"id": "S035",
|
|
1231
|
+
"name": "Set the `Path` attribute for Session Cookies to limit access scope",
|
|
1232
|
+
"severity": "major",
|
|
1233
|
+
"status": "activated"
|
|
1234
|
+
},
|
|
1235
|
+
{
|
|
1236
|
+
"id": "S036",
|
|
1237
|
+
"name": "Prevent LFI and RFI using path validation and allow-lists",
|
|
1238
|
+
"severity": "major",
|
|
1239
|
+
"status": "activated"
|
|
1240
|
+
},
|
|
1241
|
+
{
|
|
1242
|
+
"id": "S037",
|
|
1243
|
+
"name": "Set anti-cache headers to prevent sensitive data leakage",
|
|
1244
|
+
"severity": "major",
|
|
1245
|
+
"status": "activated"
|
|
1246
|
+
},
|
|
1247
|
+
{
|
|
1248
|
+
"id": "S038",
|
|
1249
|
+
"name": "Hide system version information in HTTP Headers",
|
|
1250
|
+
"severity": "major",
|
|
1251
|
+
"status": "draft"
|
|
1252
|
+
},
|
|
1253
|
+
{
|
|
1254
|
+
"id": "S039",
|
|
1255
|
+
"name": "Never transmit Session Tokens via URL parameters",
|
|
1256
|
+
"severity": "major",
|
|
1257
|
+
"status": "activated"
|
|
1258
|
+
},
|
|
1259
|
+
{
|
|
1260
|
+
"id": "S040",
|
|
1261
|
+
"name": "Regenerate Session Token after login to prevent Session Fixation",
|
|
1262
|
+
"severity": "major",
|
|
1263
|
+
"status": "activated"
|
|
1264
|
+
},
|
|
1265
|
+
{
|
|
1266
|
+
"id": "S041",
|
|
1267
|
+
"name": "Session Tokens must be invalidated after logout or expiration",
|
|
1268
|
+
"severity": "major",
|
|
1269
|
+
"status": "activated"
|
|
1270
|
+
},
|
|
1271
|
+
{
|
|
1272
|
+
"id": "S042",
|
|
1273
|
+
"name": "Require re-authentication for long-lived sessions or sensitive actions",
|
|
1274
|
+
"severity": "major",
|
|
1275
|
+
"status": "activated"
|
|
1276
|
+
},
|
|
1277
|
+
{
|
|
1278
|
+
"id": "S043",
|
|
1279
|
+
"name": "Password changes must invalidate all other login sessions",
|
|
1280
|
+
"severity": "major",
|
|
1281
|
+
"status": "activated"
|
|
1282
|
+
},
|
|
1283
|
+
{
|
|
1284
|
+
"id": "S044",
|
|
1285
|
+
"name": "Require re-authentication before modifying critical information",
|
|
1286
|
+
"severity": "major",
|
|
1287
|
+
"status": "activated"
|
|
1288
|
+
},
|
|
1289
|
+
{
|
|
1290
|
+
"id": "S045",
|
|
1291
|
+
"name": "Implement brute-force protection for login",
|
|
1292
|
+
"severity": "major",
|
|
1293
|
+
"status": "activated"
|
|
1294
|
+
},
|
|
1295
|
+
{
|
|
1296
|
+
"id": "S046",
|
|
1297
|
+
"name": "Notify users of critical account changes",
|
|
1298
|
+
"severity": "major",
|
|
1299
|
+
"status": "activated"
|
|
1300
|
+
},
|
|
1301
|
+
{
|
|
1302
|
+
"id": "S047",
|
|
1303
|
+
"name": "Secure temporary passwords and activation codes",
|
|
1304
|
+
"severity": "major",
|
|
1305
|
+
"status": "activated"
|
|
1306
|
+
},
|
|
1307
|
+
{
|
|
1308
|
+
"id": "S048",
|
|
1309
|
+
"name": "Do not expose current password during reset flow",
|
|
1310
|
+
"severity": "major",
|
|
1311
|
+
"status": "activated"
|
|
1312
|
+
},
|
|
1313
|
+
{
|
|
1314
|
+
"id": "S049",
|
|
1315
|
+
"name": "Authentication codes must expire quickly",
|
|
1316
|
+
"severity": "major",
|
|
1317
|
+
"status": "activated"
|
|
1318
|
+
},
|
|
1319
|
+
{
|
|
1320
|
+
"id": "S050",
|
|
1321
|
+
"name": "Session tokens must have minimum 64-bit entropy and use secure algorithms",
|
|
1322
|
+
"severity": "major",
|
|
1323
|
+
"status": "activated"
|
|
1324
|
+
},
|
|
1325
|
+
{
|
|
1326
|
+
"id": "S051",
|
|
1327
|
+
"name": "Support 12–64 character passwords; reject >128 characters",
|
|
1328
|
+
"severity": "major",
|
|
1329
|
+
"status": "activated"
|
|
1330
|
+
},
|
|
1331
|
+
{
|
|
1332
|
+
"id": "S052",
|
|
1333
|
+
"name": "OTPs must have at least 20-bit entropy",
|
|
1334
|
+
"severity": "major",
|
|
1335
|
+
"status": "activated"
|
|
1336
|
+
},
|
|
1337
|
+
{
|
|
1338
|
+
"id": "S053",
|
|
1339
|
+
"name": "Only use secure OTP algorithms like HOTP/TOTP",
|
|
1340
|
+
"severity": "major",
|
|
1341
|
+
"status": "activated"
|
|
1342
|
+
},
|
|
1343
|
+
{
|
|
1344
|
+
"id": "S054",
|
|
1345
|
+
"name": "Avoid using default accounts like \"admin\", \"root\", \"sa\"",
|
|
1346
|
+
"severity": "major",
|
|
1347
|
+
"status": "activated"
|
|
1348
|
+
},
|
|
1349
|
+
{
|
|
1350
|
+
"id": "S055",
|
|
1351
|
+
"name": "Validate input Content-Type in REST services",
|
|
1352
|
+
"severity": "major",
|
|
1353
|
+
"status": "activated"
|
|
1354
|
+
},
|
|
1355
|
+
{
|
|
1356
|
+
"id": "S056",
|
|
1357
|
+
"name": "Protect against Log Injection attacks",
|
|
1358
|
+
"severity": "major",
|
|
1359
|
+
"status": "activated"
|
|
1360
|
+
},
|
|
1361
|
+
{
|
|
1362
|
+
"id": "S057",
|
|
1363
|
+
"name": "Use synchronized time and UTC in logs",
|
|
1364
|
+
"severity": "major",
|
|
1365
|
+
"status": "activated"
|
|
1366
|
+
},
|
|
1367
|
+
{
|
|
1368
|
+
"id": "S058",
|
|
1369
|
+
"name": "Protect applications from SSRF attacks",
|
|
1370
|
+
"severity": "major",
|
|
1371
|
+
"status": "activated"
|
|
1372
|
+
},
|
|
1373
|
+
{
|
|
1374
|
+
"id": "S059",
|
|
1375
|
+
"name": "Configure Allow List for server-side outbound requests",
|
|
1376
|
+
"severity": "major",
|
|
1377
|
+
"status": "activated"
|
|
1378
|
+
},
|
|
1379
|
+
{
|
|
1380
|
+
"id": "SW014",
|
|
1381
|
+
"name": "Avoid `as!` (force cast)",
|
|
1382
|
+
"severity": "critical",
|
|
1383
|
+
"status": "activated"
|
|
1384
|
+
},
|
|
1385
|
+
{
|
|
1386
|
+
"id": "SW015",
|
|
1387
|
+
"name": "Avoid `try!` (force try)",
|
|
1388
|
+
"severity": "critical",
|
|
1389
|
+
"status": "activated"
|
|
1390
|
+
},
|
|
1391
|
+
{
|
|
1392
|
+
"id": "SW016",
|
|
1393
|
+
"name": "Avoid using `!` (force unwrap)",
|
|
1394
|
+
"severity": "critical",
|
|
1395
|
+
"status": "activated"
|
|
1396
|
+
}
|
|
1397
|
+
],
|
|
1398
|
+
"performance": [
|
|
1399
|
+
{
|
|
1400
|
+
"id": "C043",
|
|
1401
|
+
"name": "Do not use `print` or `console.log` in production code",
|
|
1402
|
+
"severity": "major",
|
|
1403
|
+
"status": "activated"
|
|
1404
|
+
},
|
|
1405
|
+
{
|
|
1406
|
+
"id": "C044",
|
|
1407
|
+
"name": "Avoid reimplementing functions that already exist in standard libraries or helper utilities",
|
|
1408
|
+
"severity": "major",
|
|
1409
|
+
"status": "draft"
|
|
1410
|
+
},
|
|
1411
|
+
{
|
|
1412
|
+
"id": "C046",
|
|
1413
|
+
"name": "Avoid complex and lengthy regular expressions in core logic",
|
|
1414
|
+
"severity": "major",
|
|
1415
|
+
"status": "draft"
|
|
1416
|
+
},
|
|
1417
|
+
{
|
|
1418
|
+
"id": "C050",
|
|
1419
|
+
"name": "Do not call APIs in loops without batching or throttling",
|
|
1420
|
+
"severity": "major",
|
|
1421
|
+
"status": "draft"
|
|
1422
|
+
},
|
|
1423
|
+
{
|
|
1424
|
+
"id": "C051",
|
|
1425
|
+
"name": "Do not use `sleep`, `wait`, or `delay` in business logic",
|
|
1426
|
+
"severity": "major",
|
|
1427
|
+
"status": "draft"
|
|
1428
|
+
},
|
|
1429
|
+
{
|
|
1430
|
+
"id": "C054",
|
|
1431
|
+
"name": "Do not process large datasets without pagination or lazy loading",
|
|
1432
|
+
"severity": "major",
|
|
1433
|
+
"status": "draft"
|
|
1434
|
+
},
|
|
1435
|
+
{
|
|
1436
|
+
"id": "C055",
|
|
1437
|
+
"name": "Cache results of expensive functions if reused",
|
|
1438
|
+
"severity": "major",
|
|
1439
|
+
"status": "draft"
|
|
1440
|
+
},
|
|
1441
|
+
{
|
|
1442
|
+
"id": "C056",
|
|
1443
|
+
"name": "Do not process large datasets without logging or resource monitoring",
|
|
1444
|
+
"severity": "major",
|
|
1445
|
+
"status": "activated"
|
|
1446
|
+
},
|
|
1447
|
+
{
|
|
1448
|
+
"id": "C057",
|
|
1449
|
+
"name": "Use optimal data structures instead of arrays for frequent lookups",
|
|
1450
|
+
"severity": "major",
|
|
1451
|
+
"status": "draft"
|
|
1452
|
+
},
|
|
1453
|
+
{
|
|
1454
|
+
"id": "D007",
|
|
1455
|
+
"name": "Do not pass default values when calling functions",
|
|
1456
|
+
"severity": "major",
|
|
1457
|
+
"status": "activated"
|
|
1458
|
+
},
|
|
1459
|
+
{
|
|
1460
|
+
"id": "D008",
|
|
1461
|
+
"name": "Avoid slow async functions in `dart:io`",
|
|
1462
|
+
"severity": "major",
|
|
1463
|
+
"status": "activated"
|
|
1464
|
+
},
|
|
1465
|
+
{
|
|
1466
|
+
"id": "D013",
|
|
1467
|
+
"name": "Use adjacent strings or interpolation to create strings",
|
|
1468
|
+
"severity": "major",
|
|
1469
|
+
"status": "activated"
|
|
1470
|
+
},
|
|
1471
|
+
{
|
|
1472
|
+
"id": "D025",
|
|
1473
|
+
"name": "Include `Key` in Widget constructors",
|
|
1474
|
+
"severity": "major",
|
|
1475
|
+
"status": "activated"
|
|
1476
|
+
},
|
|
1477
|
+
{
|
|
1478
|
+
"id": "K006",
|
|
1479
|
+
"name": "Avoid using `suspend` when not necessary",
|
|
1480
|
+
"severity": "major",
|
|
1481
|
+
"status": "activated"
|
|
1482
|
+
},
|
|
1483
|
+
{
|
|
1484
|
+
"id": "K007",
|
|
1485
|
+
"name": "Use `delay()` instead of `sleep()` in coroutines",
|
|
1486
|
+
"severity": "critical",
|
|
1487
|
+
"status": "activated"
|
|
1488
|
+
},
|
|
1489
|
+
{
|
|
1490
|
+
"id": "K008",
|
|
1491
|
+
"name": "Do not swallow `CancellationException` in coroutines",
|
|
1492
|
+
"severity": "major",
|
|
1493
|
+
"status": "activated"
|
|
1494
|
+
},
|
|
1495
|
+
{
|
|
1496
|
+
"id": "K009",
|
|
1497
|
+
"name": "Do not use `suspend` for functions returning `Flow`",
|
|
1498
|
+
"severity": "critical",
|
|
1499
|
+
"status": "activated"
|
|
1500
|
+
},
|
|
1501
|
+
{
|
|
1502
|
+
"id": "K014",
|
|
1503
|
+
"name": "Use `ArrayPrimitive` instead of `Array<Primitive>`",
|
|
1504
|
+
"severity": "major",
|
|
1505
|
+
"status": "activated"
|
|
1506
|
+
},
|
|
1507
|
+
{
|
|
1508
|
+
"id": "K015",
|
|
1509
|
+
"name": "Use `for` instead of `forEach` on ranges",
|
|
1510
|
+
"severity": "major",
|
|
1511
|
+
"status": "activated"
|
|
1512
|
+
},
|
|
1513
|
+
{
|
|
1514
|
+
"id": "K017",
|
|
1515
|
+
"name": "Do not directly call Garbage Collector (GC)",
|
|
1516
|
+
"severity": "critical",
|
|
1517
|
+
"status": "activated"
|
|
1518
|
+
},
|
|
1519
|
+
{
|
|
1520
|
+
"id": "R002",
|
|
1521
|
+
"name": "Side effects must run outside of render",
|
|
1522
|
+
"severity": "major",
|
|
1523
|
+
"status": "activated"
|
|
1524
|
+
},
|
|
1525
|
+
{
|
|
1526
|
+
"id": "SW004",
|
|
1527
|
+
"name": "Prefer `.contains` for certain filtering operations",
|
|
1528
|
+
"severity": "major",
|
|
1529
|
+
"status": "activated"
|
|
1530
|
+
},
|
|
1531
|
+
{
|
|
1532
|
+
"id": "SW006",
|
|
1533
|
+
"name": "Always dispose NotificationCenter observers",
|
|
1534
|
+
"severity": "major",
|
|
1535
|
+
"status": "activated"
|
|
1536
|
+
},
|
|
1537
|
+
{
|
|
1538
|
+
"id": "SW027",
|
|
1539
|
+
"name": "Prefer `.min()` or `.max()` over `sorted().first/last`",
|
|
1540
|
+
"severity": "critical",
|
|
1541
|
+
"status": "activated"
|
|
1542
|
+
},
|
|
1543
|
+
{
|
|
1544
|
+
"id": "SW035",
|
|
1545
|
+
"name": "Delegates must be marked as `weak`",
|
|
1546
|
+
"severity": "major",
|
|
1547
|
+
"status": "activated"
|
|
1548
|
+
}
|
|
1549
|
+
]
|
|
1550
|
+
},
|
|
1551
|
+
"principles": {
|
|
1552
|
+
"CODE_QUALITY": [
|
|
1553
|
+
"C001",
|
|
1554
|
+
"C002",
|
|
1555
|
+
"C003",
|
|
1556
|
+
"C004",
|
|
1557
|
+
"C005",
|
|
1558
|
+
"C006",
|
|
1559
|
+
"C007",
|
|
1560
|
+
"C008",
|
|
1561
|
+
"C009",
|
|
1562
|
+
"C010",
|
|
1563
|
+
"C011",
|
|
1564
|
+
"C012",
|
|
1565
|
+
"C013",
|
|
1566
|
+
"C014",
|
|
1567
|
+
"C015",
|
|
1568
|
+
"C016",
|
|
1569
|
+
"C017",
|
|
1570
|
+
"C018",
|
|
1571
|
+
"C019",
|
|
1572
|
+
"C020",
|
|
1573
|
+
"C021",
|
|
1574
|
+
"C022",
|
|
1575
|
+
"C023",
|
|
1576
|
+
"C024",
|
|
1577
|
+
"C025",
|
|
1578
|
+
"C026",
|
|
1579
|
+
"C027",
|
|
1580
|
+
"C028",
|
|
1581
|
+
"C029",
|
|
1582
|
+
"C030",
|
|
1583
|
+
"C031",
|
|
1584
|
+
"C032",
|
|
1585
|
+
"C033",
|
|
1586
|
+
"C034",
|
|
1587
|
+
"C035",
|
|
1588
|
+
"C036",
|
|
1589
|
+
"C037",
|
|
1590
|
+
"C038",
|
|
1591
|
+
"C039",
|
|
1592
|
+
"C040",
|
|
1593
|
+
"C042",
|
|
1594
|
+
"C043",
|
|
1595
|
+
"C044",
|
|
1596
|
+
"C045",
|
|
1597
|
+
"C046",
|
|
1598
|
+
"C047",
|
|
1599
|
+
"C049",
|
|
1600
|
+
"C050",
|
|
1601
|
+
"C051",
|
|
1602
|
+
"C052",
|
|
1603
|
+
"C053",
|
|
1604
|
+
"C055",
|
|
1605
|
+
"C058",
|
|
1606
|
+
"C059",
|
|
1607
|
+
"C060",
|
|
1608
|
+
"C061",
|
|
1609
|
+
"C062",
|
|
1610
|
+
"C063",
|
|
1611
|
+
"C064",
|
|
1612
|
+
"C065",
|
|
1613
|
+
"C066",
|
|
1614
|
+
"C067",
|
|
1615
|
+
"C068",
|
|
1616
|
+
"C069",
|
|
1617
|
+
"C070",
|
|
1618
|
+
"C071",
|
|
1619
|
+
"C072",
|
|
1620
|
+
"C073",
|
|
1621
|
+
"C074",
|
|
1622
|
+
"C075",
|
|
1623
|
+
"C076",
|
|
1624
|
+
"D001",
|
|
1625
|
+
"D002",
|
|
1626
|
+
"D003",
|
|
1627
|
+
"D004",
|
|
1628
|
+
"D005",
|
|
1629
|
+
"D006",
|
|
1630
|
+
"D007",
|
|
1631
|
+
"D008",
|
|
1632
|
+
"D009",
|
|
1633
|
+
"D010",
|
|
1634
|
+
"D011",
|
|
1635
|
+
"D012",
|
|
1636
|
+
"D013",
|
|
1637
|
+
"D014",
|
|
1638
|
+
"D015",
|
|
1639
|
+
"D016",
|
|
1640
|
+
"D017",
|
|
1641
|
+
"D018",
|
|
1642
|
+
"D019",
|
|
1643
|
+
"D021",
|
|
1644
|
+
"D022",
|
|
1645
|
+
"D023",
|
|
1646
|
+
"D024",
|
|
1647
|
+
"D025",
|
|
1648
|
+
"J001",
|
|
1649
|
+
"J002",
|
|
1650
|
+
"J003",
|
|
1651
|
+
"J004",
|
|
1652
|
+
"J005",
|
|
1653
|
+
"J006",
|
|
1654
|
+
"K001",
|
|
1655
|
+
"K002",
|
|
1656
|
+
"K003",
|
|
1657
|
+
"K004",
|
|
1658
|
+
"K005",
|
|
1659
|
+
"K006",
|
|
1660
|
+
"K007",
|
|
1661
|
+
"K008",
|
|
1662
|
+
"K009",
|
|
1663
|
+
"K010",
|
|
1664
|
+
"K011",
|
|
1665
|
+
"K012",
|
|
1666
|
+
"K013",
|
|
1667
|
+
"K016",
|
|
1668
|
+
"K017",
|
|
1669
|
+
"K018",
|
|
1670
|
+
"K019",
|
|
1671
|
+
"K020",
|
|
1672
|
+
"K021",
|
|
1673
|
+
"K022",
|
|
1674
|
+
"K023",
|
|
1675
|
+
"K024",
|
|
1676
|
+
"K025",
|
|
1677
|
+
"K026",
|
|
1678
|
+
"K027",
|
|
1679
|
+
"K028",
|
|
1680
|
+
"K029",
|
|
1681
|
+
"K030",
|
|
1682
|
+
"K031",
|
|
1683
|
+
"K032",
|
|
1684
|
+
"K033",
|
|
1685
|
+
"K034",
|
|
1686
|
+
"R001",
|
|
1687
|
+
"R003",
|
|
1688
|
+
"R004",
|
|
1689
|
+
"R005",
|
|
1690
|
+
"R006",
|
|
1691
|
+
"S001",
|
|
1692
|
+
"S002",
|
|
1693
|
+
"S004",
|
|
1694
|
+
"S005",
|
|
1695
|
+
"S006",
|
|
1696
|
+
"S007",
|
|
1697
|
+
"S008",
|
|
1698
|
+
"S009",
|
|
1699
|
+
"S010",
|
|
1700
|
+
"S011",
|
|
1701
|
+
"S013",
|
|
1702
|
+
"S014",
|
|
1703
|
+
"S017",
|
|
1704
|
+
"S021",
|
|
1705
|
+
"S022",
|
|
1706
|
+
"S023",
|
|
1707
|
+
"S025",
|
|
1708
|
+
"S026",
|
|
1709
|
+
"S027",
|
|
1710
|
+
"S028",
|
|
1711
|
+
"S029",
|
|
1712
|
+
"S030",
|
|
1713
|
+
"S033",
|
|
1714
|
+
"S034",
|
|
1715
|
+
"S035",
|
|
1716
|
+
"S036",
|
|
1717
|
+
"S041",
|
|
1718
|
+
"S042",
|
|
1719
|
+
"S043",
|
|
1720
|
+
"S044",
|
|
1721
|
+
"S045",
|
|
1722
|
+
"S046",
|
|
1723
|
+
"S047",
|
|
1724
|
+
"S049",
|
|
1725
|
+
"S050",
|
|
1726
|
+
"S051",
|
|
1727
|
+
"S052",
|
|
1728
|
+
"S053",
|
|
1729
|
+
"S054",
|
|
1730
|
+
"S056",
|
|
1731
|
+
"S057",
|
|
1732
|
+
"SW001",
|
|
1733
|
+
"SW002",
|
|
1734
|
+
"SW003",
|
|
1735
|
+
"SW004",
|
|
1736
|
+
"SW005",
|
|
1737
|
+
"SW007",
|
|
1738
|
+
"SW008",
|
|
1739
|
+
"SW009",
|
|
1740
|
+
"SW010",
|
|
1741
|
+
"SW011",
|
|
1742
|
+
"SW012",
|
|
1743
|
+
"SW013",
|
|
1744
|
+
"SW014",
|
|
1745
|
+
"SW015",
|
|
1746
|
+
"SW017",
|
|
1747
|
+
"SW018",
|
|
1748
|
+
"SW019",
|
|
1749
|
+
"SW020",
|
|
1750
|
+
"SW021",
|
|
1751
|
+
"SW022",
|
|
1752
|
+
"SW023",
|
|
1753
|
+
"SW024",
|
|
1754
|
+
"SW026",
|
|
1755
|
+
"SW028",
|
|
1756
|
+
"SW029",
|
|
1757
|
+
"SW030",
|
|
1758
|
+
"SW031",
|
|
1759
|
+
"SW032",
|
|
1760
|
+
"SW033",
|
|
1761
|
+
"SW034",
|
|
1762
|
+
"SW035",
|
|
1763
|
+
"T002",
|
|
1764
|
+
"T003",
|
|
1765
|
+
"T004",
|
|
1766
|
+
"T007",
|
|
1767
|
+
"T010",
|
|
1768
|
+
"T015",
|
|
1769
|
+
"T016",
|
|
1770
|
+
"T017",
|
|
1771
|
+
"T018",
|
|
1772
|
+
"T019",
|
|
1773
|
+
"T020",
|
|
1774
|
+
"T021"
|
|
1775
|
+
],
|
|
1776
|
+
"DESIGN_PATTERNS": [
|
|
1777
|
+
"C009",
|
|
1778
|
+
"C010",
|
|
1779
|
+
"C034",
|
|
1780
|
+
"C048",
|
|
1781
|
+
"C052",
|
|
1782
|
+
"C062",
|
|
1783
|
+
"C064",
|
|
1784
|
+
"C069",
|
|
1785
|
+
"K026",
|
|
1786
|
+
"K033",
|
|
1787
|
+
"R002",
|
|
1788
|
+
"R006",
|
|
1789
|
+
"R007",
|
|
1790
|
+
"R008",
|
|
1791
|
+
"R009"
|
|
1792
|
+
],
|
|
1793
|
+
"TESTABILITY": [
|
|
1794
|
+
"C017",
|
|
1795
|
+
"C031",
|
|
1796
|
+
"C061",
|
|
1797
|
+
"C063",
|
|
1798
|
+
"C065",
|
|
1799
|
+
"C066",
|
|
1800
|
+
"C069",
|
|
1801
|
+
"C070",
|
|
1802
|
+
"C072",
|
|
1803
|
+
"SW025"
|
|
1804
|
+
],
|
|
1805
|
+
"RELIABILITY": [
|
|
1806
|
+
"C017",
|
|
1807
|
+
"C056"
|
|
1808
|
+
],
|
|
1809
|
+
"INTEGRATION": [
|
|
1810
|
+
"C017"
|
|
1811
|
+
],
|
|
1812
|
+
"MAINTAINABILITY": [
|
|
1813
|
+
"C024",
|
|
1814
|
+
"C031",
|
|
1815
|
+
"C048",
|
|
1816
|
+
"C052",
|
|
1817
|
+
"C059",
|
|
1818
|
+
"C061",
|
|
1819
|
+
"C063",
|
|
1820
|
+
"C067",
|
|
1821
|
+
"C071",
|
|
1822
|
+
"C074",
|
|
1823
|
+
"C076",
|
|
1824
|
+
"D014",
|
|
1825
|
+
"K002",
|
|
1826
|
+
"K003",
|
|
1827
|
+
"S008",
|
|
1828
|
+
"SW021"
|
|
1829
|
+
],
|
|
1830
|
+
"SECURITY": [
|
|
1831
|
+
"C041",
|
|
1832
|
+
"D003",
|
|
1833
|
+
"D011",
|
|
1834
|
+
"D012",
|
|
1835
|
+
"D020",
|
|
1836
|
+
"D023",
|
|
1837
|
+
"D024",
|
|
1838
|
+
"K032",
|
|
1839
|
+
"S001",
|
|
1840
|
+
"S002",
|
|
1841
|
+
"S003",
|
|
1842
|
+
"S004",
|
|
1843
|
+
"S005",
|
|
1844
|
+
"S006",
|
|
1845
|
+
"S007",
|
|
1846
|
+
"S008",
|
|
1847
|
+
"S009",
|
|
1848
|
+
"S010",
|
|
1849
|
+
"S011",
|
|
1850
|
+
"S012",
|
|
1851
|
+
"S013",
|
|
1852
|
+
"S014",
|
|
1853
|
+
"S015",
|
|
1854
|
+
"S016",
|
|
1855
|
+
"S017",
|
|
1856
|
+
"S018",
|
|
1857
|
+
"S019",
|
|
1858
|
+
"S020",
|
|
1859
|
+
"S021",
|
|
1860
|
+
"S022",
|
|
1861
|
+
"S023",
|
|
1862
|
+
"S024",
|
|
1863
|
+
"S025",
|
|
1864
|
+
"S026",
|
|
1865
|
+
"S027",
|
|
1866
|
+
"S028",
|
|
1867
|
+
"S029",
|
|
1868
|
+
"S030",
|
|
1869
|
+
"S031",
|
|
1870
|
+
"S032",
|
|
1871
|
+
"S033",
|
|
1872
|
+
"S034",
|
|
1873
|
+
"S035",
|
|
1874
|
+
"S036",
|
|
1875
|
+
"S037",
|
|
1876
|
+
"S038",
|
|
1877
|
+
"S039",
|
|
1878
|
+
"S040",
|
|
1879
|
+
"S041",
|
|
1880
|
+
"S042",
|
|
1881
|
+
"S043",
|
|
1882
|
+
"S044",
|
|
1883
|
+
"S045",
|
|
1884
|
+
"S046",
|
|
1885
|
+
"S047",
|
|
1886
|
+
"S048",
|
|
1887
|
+
"S049",
|
|
1888
|
+
"S050",
|
|
1889
|
+
"S051",
|
|
1890
|
+
"S052",
|
|
1891
|
+
"S053",
|
|
1892
|
+
"S054",
|
|
1893
|
+
"S055",
|
|
1894
|
+
"S056",
|
|
1895
|
+
"S057",
|
|
1896
|
+
"S058",
|
|
1897
|
+
"S059",
|
|
1898
|
+
"SW014",
|
|
1899
|
+
"SW015",
|
|
1900
|
+
"SW016"
|
|
1901
|
+
],
|
|
1902
|
+
"PERFORMANCE": [
|
|
1903
|
+
"C043",
|
|
1904
|
+
"C044",
|
|
1905
|
+
"C046",
|
|
1906
|
+
"C050",
|
|
1907
|
+
"C051",
|
|
1908
|
+
"C054",
|
|
1909
|
+
"C055",
|
|
1910
|
+
"C056",
|
|
1911
|
+
"C057",
|
|
1912
|
+
"D007",
|
|
1913
|
+
"D008",
|
|
1914
|
+
"D013",
|
|
1915
|
+
"D025",
|
|
1916
|
+
"K006",
|
|
1917
|
+
"K007",
|
|
1918
|
+
"K008",
|
|
1919
|
+
"K009",
|
|
1920
|
+
"K014",
|
|
1921
|
+
"K015",
|
|
1922
|
+
"K017",
|
|
1923
|
+
"R002",
|
|
1924
|
+
"SW004",
|
|
1925
|
+
"SW006",
|
|
1926
|
+
"SW027",
|
|
1927
|
+
"SW035"
|
|
1928
|
+
],
|
|
1929
|
+
"USABILITY": [
|
|
1930
|
+
"D025"
|
|
1931
|
+
]
|
|
1932
|
+
},
|
|
1933
|
+
"presets": {
|
|
1934
|
+
"recommended": "Balanced rules for production use",
|
|
1935
|
+
"security": "Security-focused rules (S* series)",
|
|
1936
|
+
"quality": "Code quality rules (C* series)",
|
|
1937
|
+
"beginner": "Essential rules for new teams",
|
|
1938
|
+
"strict": "All activated rules",
|
|
1939
|
+
"performance": "Performance-focused rules"
|
|
1940
|
+
}
|
|
1941
|
+
}
|