@sun-asterisk/sunlint 1.2.0 → 1.2.2

package/rules/common/C019_log_level_usage/analyzer.js

@@ -0,0 +1,362 @@
+const fs = require('fs');
+const path = require('path');
+const ts = require('typescript');
+const { PatternMatcher } = require('../../utils/pattern-matchers');
+const { RuleHelper } = require('../../utils/rule-helpers');
+
+class C019Analyzer {
+  constructor() {
+    this.ruleId = 'C019';
+    this.ruleName = 'Log Level Usage';
+    this.description = 'Không sử dụng log mức error cho lỗi không nghiêm trọng';
+    this.aiAnalyzer = null;
+  }
+
+  async analyze(files, language, config) {
+    const violations = [];
+
+    // Initialize AI analyzer if enabled
+    if (config.ai && config.ai.enabled) {
+      this.aiAnalyzer = new AIAnalyzer(config.ai);
+      console.log('🤖 AI analysis enabled for C019');
+    }
+
+    for (const filePath of files) {
+      try {
+        const fileContent = fs.readFileSync(filePath, 'utf8');
+        const fileViolations = await this.analyzeFile(filePath, fileContent, language, config);
+        violations.push(...fileViolations);
+      } catch (error) {
+        console.error(`Error analyzing file ${filePath}:`, error.message);
+      }
+    }
+
+    return violations;
+  }
+
+  async analyzeFile(filePath, content, language, config) {
+    let violations = [];
+    
+    // Try AI analysis first if enabled
+    if (this.aiAnalyzer) {
+      try {
+        console.log(`🤖 Running AI analysis on ${path.basename(filePath)}`);
+        const aiViolations = await this.aiAnalyzer.analyzeWithAI(filePath, content, {
+          name: this.ruleName,
+          description: this.description,
+          ruleId: this.ruleId
+        });
+        
+        if (aiViolations && aiViolations.length > 0) {
+          console.log(`🎯 AI found ${aiViolations.length} violations`);
+          return aiViolations;
+        }
+      } catch (error) {
+        console.warn('🤖 AI analysis failed, falling back to pattern analysis:', error.message);
+      }
+    }
+
+    // Fallback to pattern-based analysis
+    if (config.verbose) {
+      console.log(`🔍 Running pattern analysis on ${path.basename(filePath)}`);
+    }
+    switch (language) {
+      case 'typescript':
+      case 'javascript':
+        return this.analyzeTypeScript(filePath, content, config);
+      case 'dart':
+        return this.analyzeDart(filePath, content, config);
+      case 'kotlin':
+        return this.analyzeKotlin(filePath, content, config);
+      default:
+        return [];
+    }
+  }
+
+  async analyzeTypeScript(filePath, content, config) {
+    const violations = [];
+    const lines = content.split('\n');
+
+    // Parse TypeScript/JavaScript code
+    const sourceFile = ts.createSourceFile(
+      filePath,
+      content,
+      ts.ScriptTarget.Latest,
+      true
+    );
+
+    const visit = (node) => {
+      // Look for method calls that might be logging
+      if (ts.isCallExpression(node)) {
+        const callText = node.getText(sourceFile);
+        
+        // Check if this is an error-level log call
+        const isErrorLog = this.isErrorLogCall(callText);
+        
+        if (isErrorLog) {
+          const line = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
+          const column = sourceFile.getLineAndCharacterOfPosition(node.getStart()).character + 1;
+          const lineText = lines[line - 1]?.trim() || '';
+          
+          // Analyze the log message for inappropriate error usage
+          const logMessage = this.extractLogMessage(node, sourceFile);
+          const analysis = this.analyzeLogMessage(logMessage, callText);
+          
+          if (analysis.isViolation) {
+            violations.push({
+              ruleId: this.ruleId,
+              file: filePath,
+              line,
+              column,
+              message: analysis.reason,
+              severity: analysis.severity || 'warning',
+              code: lineText,
+              type: analysis.type,
+              confidence: analysis.confidence || 0.8,
+              suggestion: analysis.suggestion
+            });
+          }
+        }
+      }
+      
+      ts.forEachChild(node, visit);
+    };
+
+    visit(sourceFile);
+    return violations;
+  }
+
+  async analyzeDart(filePath, content, config) {
+    const violations = [];
+    const lines = content.split('\n');
+
+    // Pattern-based analysis for Dart
+    const errorLogPatterns = [
+      /log\.error\(/g,
+      /logger\.error\(/g,
+      /Logger\.error\(/g,
+      /print\(.*error.*\)/gi,
+      /_logger\.error\(/g
+    ];
+
+    lines.forEach((line, index) => {
+      const lineNumber = index + 1;
+      const trimmedLine = line.trim();
+
+      errorLogPatterns.forEach(pattern => {
+        const matches = trimmedLine.match(pattern);
+        if (matches) {
+          const analysis = this.analyzeLogMessage(trimmedLine, trimmedLine);
+          
+          if (analysis.isViolation) {
+            violations.push({
+              ruleId: this.ruleId,
+              file: filePath,
+              line: lineNumber,
+              column: line.indexOf(matches[0]) + 1,
+              message: analysis.reason,
+              severity: analysis.severity || 'warning',
+              code: trimmedLine,
+              type: analysis.type,
+              confidence: analysis.confidence || 0.7,
+              suggestion: analysis.suggestion
+            });
+          }
+        }
+      });
+    });
+
+    return violations;
+  }
+
+  async analyzeKotlin(filePath, content, config) {
+    const violations = [];
+    const lines = content.split('\n');
+
+    // Pattern-based analysis for Kotlin
+    const errorLogPatterns = [
+      /Log\.e\(/g,
+      /logger\.error\(/g,
+      /log\.error\(/g,
+      /Timber\.e\(/g
+    ];
+
+    lines.forEach((line, index) => {
+      const lineNumber = index + 1;
+      const trimmedLine = line.trim();
+
+      errorLogPatterns.forEach(pattern => {
+        const matches = trimmedLine.match(pattern);
+        if (matches) {
+          const analysis = this.analyzeLogMessage(trimmedLine, trimmedLine);
+          
+          if (analysis.isViolation) {
+            violations.push({
+              ruleId: this.ruleId,
+              file: filePath,
+              line: lineNumber,
+              column: line.indexOf(matches[0]) + 1,
+              message: analysis.reason,
+              severity: analysis.severity || 'warning',
+              code: trimmedLine,
+              type: analysis.type,
+              confidence: analysis.confidence || 0.7,
+              suggestion: analysis.suggestion
+            });
+          }
+        }
+      });
+    });
+
+    return violations;
+  }
+
+  isErrorLogCall(callText) {
+    const errorLogPatterns = [
+      'console.error(',
+      'logger.error(',
+      'log.error(',
+      '.error(',
+      'Logger.error(',
+      'winston.error(',
+      'bunyan.error('
+    ];
+
+    return errorLogPatterns.some(pattern => callText.includes(pattern));
+  }
+
+  extractLogMessage(callNode, sourceFile) {
+    // Try to extract the log message from the call expression
+    if (callNode.arguments && callNode.arguments.length > 0) {
+      const firstArg = callNode.arguments[0];
+      if (ts.isStringLiteral(firstArg) || ts.isTemplateExpression(firstArg)) {
+        return firstArg.getText(sourceFile).replace(/['"`]/g, '');
+      }
+    }
+    return '';
+  }
+
+  analyzeLogMessage(message, fullCall) {
+    const config = {
+      errorKeywords: [
+        'not found', 'invalid', 'unauthorized', 'forbidden',
+        'validation failed', 'bad request', 'cache miss',
+        'retry', 'fallback', 'user error', 'input error',
+        'validation', 'invalid input', 'missing parameter'
+      ],
+      legitimateErrorKeywords: [
+        'exception', 'crash', 'fatal', 'critical', 'emergency',
+        'database', 'connection', 'timeout', 'security breach',
+        'system error', 'memory', 'disk space', 'internal server error',
+        'unhandled exception', 'stack overflow'
+      ]
+    };
+
+    const lowerMessage = message.toLowerCase();
+    const lowerCall = fullCall.toLowerCase();
+
+    // Skip if this is in a catch block (legitimate error logging)
+    const isCatchBlockContext = this.isCatchBlockContext(fullCall);
+    if (isCatchBlockContext) {
+      return { isViolation: false };
+    }
+
+    // Check for legitimate error usage
+    const hasLegitimateError = config.legitimateErrorKeywords.some(keyword =>
+      lowerMessage.includes(keyword) || lowerCall.includes(keyword)
+    );
+
+    if (hasLegitimateError) {
+      return { isViolation: false };
+    }
+
+    // Check for inappropriate error usage
+    const hasInappropriateError = config.errorKeywords.some(keyword =>
+      lowerMessage.includes(keyword)
+    );
+
+    if (hasInappropriateError) {
+      return {
+        isViolation: true,
+        reason: 'Error log level used for non-critical issue - should use warn/info level',
+        severity: 'warning',
+        type: 'inappropriate_error_level',
+        confidence: 0.9,
+        suggestion: 'Consider using logger.warn() or logger.info() instead'
+      };
+    }
+
+    // Validation patterns
+    if (lowerMessage.includes('validation') || lowerMessage.includes('invalid')) {
+      return {
+        isViolation: true,
+        reason: 'Validation errors should typically use warn level',
+        severity: 'warning',
+        type: 'validation_error_level',
+        confidence: 0.85,
+        suggestion: 'Use logger.warn() for validation failures'
+      };
+    }
+
+    // User input patterns
+    if (lowerMessage.includes('user') && (lowerMessage.includes('input') || lowerMessage.includes('request'))) {
+      return {
+        isViolation: true,
+        reason: 'User input errors should not use error level',
+        severity: 'warning',
+        type: 'user_input_error_level',
+        confidence: 0.8,
+        suggestion: 'Use logger.warn() or logger.info() for user input issues'
+      };
+    }
+
+    // Authorization patterns
+    if (lowerMessage.includes('unauthorized') || lowerMessage.includes('forbidden')) {
+      return {
+        isViolation: true,
+        reason: 'Authorization failures are typically business logic, not system errors',
+        severity: 'info',
+        type: 'auth_error_level',
+        confidence: 0.7,
+        suggestion: 'Consider logger.warn() for authorization failures'
+      };
+    }
+
+    // Generic error call without clear context
+    if (message === '' || message.length < 10) {
+      // Don't flag if it's clearly a system error with error object concatenation
+      if (fullCall.includes('+ error') || fullCall.includes('${error}') || 
+          fullCall.includes('+ e') || fullCall.includes('${e}') ||
+          fullCall.includes('error:') || fullCall.includes('failed:')) {
+        return { isViolation: false };
+      }
+      
+      return {
+        isViolation: true,
+        reason: 'Generic error log without specific message - might be inappropriate',
+        severity: 'info',
+        type: 'generic_error_level',
+        confidence: 0.6,
+        suggestion: 'Add specific error message and verify if error level is appropriate'
+      };
+    }
+
+    return { isViolation: false };
+  }
+
+  isCatchBlockContext(callText) {
+    // Simple heuristic: if the call contains error/e parameters common in catch blocks
+    const catchPatterns = [
+      'console.error(error)',
+      'console.error(e)',
+      'logger.error(error)',
+      'logger.error(e)',
+      'console.error("', // followed by message and error
+      'logger.error("'
+    ];
+    
+    return catchPatterns.some(pattern => callText.includes(pattern));
+  }
+}
+
+module.exports = new C019Analyzer();

package/rules/common/C019_log_level_usage/config.json

@@ -0,0 +1,121 @@
+{
+  "ruleId": "C019",
+  "name": "Log Level Usage",
+  "description": "Không sử dụng log mức error cho lỗi không nghiêm trọng",
+  "category": "logging",
+  "severity": "warning",
+  "languages": ["typescript", "dart", "kotlin"],
+  "version": "1.0.0",
+  "status": "stable",
+  "tags": ["logging", "error-handling", "severity"],
+  "config": {
+    "errorKeywords": [
+      "not found",
+      "invalid",
+      "unauthorized", 
+      "forbidden",
+      "validation failed",
+      "bad request",
+      "cache miss",
+      "retry",
+      "fallback",
+      "user error",
+      "input error",
+      "validation",
+      "invalid input",
+      "missing parameter"
+    ],
+    "legitimateErrorKeywords": [
+      "exception",
+      "crash",
+      "fatal",
+      "critical",
+      "emergency",
+      "database",
+      "connection",
+      "timeout",
+      "security breach",
+      "system error",
+      "memory",
+      "disk space",
+      "internal server error",
+      "unhandled exception",
+      "stack overflow"
+    ],
+    "languageSpecific": {
+      "typescript": {
+        "loggerPatterns": [
+          "console.error(",
+          "logger.error(",
+          "log.error(",
+          ".error(",
+          "Logger.error(",
+          "winston.error(",
+          "bunyan.error("
+        ]
+      },
+      "dart": {
+        "loggerPatterns": [
+          "log.error(",
+          "logger.error(",
+          "Logger.error(",
+          "_logger.error(",
+          "print("
+        ]
+      },
+      "kotlin": {
+        "loggerPatterns": [
+          "Log.e(",
+          "logger.error(",
+          "log.error(",
+          "Timber.e("
+        ]
+      }
+    }
+  },
+  "examples": {
+    "violations": [
+      {
+        "language": "typescript",
+        "code": "logger.error('User not found');",
+        "reason": "User not found is a business logic issue, not a system error"
+      },
+      {
+        "language": "typescript", 
+        "code": "console.error('Invalid input provided');",
+        "reason": "Input validation should use warn level"
+      },
+      {
+        "language": "dart",
+        "code": "logger.error('Validation failed for user input');",
+        "reason": "Validation failures are expected business logic"
+      }
+    ],
+    "valid": [
+      {
+        "language": "typescript",
+        "code": "logger.error('Database connection failed');",
+        "reason": "Database issues are legitimate system errors"
+      },
+      {
+        "language": "typescript",
+        "code": "logger.warn('User not found');",
+        "reason": "Appropriate warning level for business logic"
+      },
+      {
+        "language": "dart",
+        "code": "logger.error('Unhandled exception in payment processing');",
+        "reason": "Unhandled exceptions are legitimate errors"
+      }
+    ]
+  },
+  "fixes": {
+    "autoFixable": false,
+    "suggestions": [
+      "Use logger.warn() for business logic issues",
+      "Use logger.info() for informational messages",
+      "Reserve logger.error() for system-level problems",
+      "Add specific error context to help determine appropriate level"
+    ]
+  }
+}