@sun-asterisk/sunlint 1.2.2 → 1.3.1

package/rules/common/C017_constructor_logic/semantic-analyzer.js

@@ -0,0 +1,340 @@
+/**
+ * C017 Constructor Logic - Semantic Analyzer (Phase 2)
+ * Uses ts-morph for precise symbol-based analysis
+ * Detects complex logic in constructors with high accuracy
+ */
+
+const SemanticRuleBase = require('../../../core/semantic-rule-base');
+const path = require('path');
+
+class C017SemanticAnalyzer extends SemanticRuleBase {
+  constructor(ruleId = 'C017') {
+    super(ruleId);
+    this.ruleName = 'C017 - No Complex Logic in Constructors (Semantic)';
+    this.description = 'Constructors should only handle dependency injection and simple initialization';
+  }
+
+  /**
+   * Analyze a single file using ts-morph semantic analysis
+   * @param {string} filePath - Path to the file to analyze
+   * @param {Object} options - Analysis options
+   */
+  async analyzeFile(filePath, options = {}) {
+    if (!this.semanticEngine) {
+      throw new Error('Semantic engine not initialized');
+    }
+
+    try {
+      // Get file's absolute path
+      const absolutePath = path.resolve(filePath);
+      
+      // Get source file from semantic engine's project
+      const sourceFile = this.semanticEngine.project.getSourceFile(absolutePath);
+      if (!sourceFile) {
+        if (options.verbose) {
+          console.log(`⚠️ [C017-Semantic] Could not load source file: ${filePath}`);
+        }
+        return;
+      }
+
+      // Find all class declarations
+      const classes = sourceFile.getClasses();
+      
+      for (const classDecl of classes) {
+        const constructors = classDecl.getConstructors();
+        
+        for (const constructor of constructors) {
+          await this.analyzeConstructor(constructor, filePath, options);
+        }
+      }
+
+    } catch (error) {
+      if (options.verbose) {
+        console.warn(`⚠️ [C017-Semantic] Error analyzing ${filePath}:`, error.message);
+      }
+    }
+  }
+
+  /**
+   * Analyze a constructor node for complex logic
+   * @param {ts.ConstructorDeclaration} constructor - Constructor node
+   * @param {string} filePath - File path
+   * @param {Object} options - Analysis options
+   */
+  async analyzeConstructor(constructor, filePath, options) {
+    const body = constructor.getBody();
+    if (!body) {
+      // Constructor without body (interface, abstract, etc.)
+      return;
+    }
+
+    const statements = body.getStatements();
+    
+    for (const statement of statements) {
+      const violation = this.analyzeStatement(statement, constructor, filePath);
+      if (violation) {
+        this.addViolation(violation);
+      }
+    }
+  }
+
+  /**
+   * Analyze a statement for complex logic patterns
+   * @param {ts.Statement} statement - Statement node
+   * @param {ts.ConstructorDeclaration} constructor - Parent constructor
+   * @param {string} filePath - File path
+   * @returns {Object|null} Violation object or null
+   */
+  analyzeStatement(statement, constructor, filePath) {
+    const statementKind = statement.getKind();
+    const line = statement.getStartLineNumber();
+    const column = statement.getStart() - statement.getStartLinePos() + 1;
+
+    // Check for complex logic patterns
+    switch (statementKind) {
+      case this.SyntaxKind.IfStatement:
+        return this.createViolation(
+          filePath, line, column,
+          'Conditional logic (if statement) found in constructor',
+          'conditional_logic',
+          statement.getText()
+        );
+
+      case this.SyntaxKind.ForStatement:
+      case this.SyntaxKind.ForInStatement:
+      case this.SyntaxKind.ForOfStatement:
+      case this.SyntaxKind.WhileStatement:
+      case this.SyntaxKind.DoStatement:
+        return this.createViolation(
+          filePath, line, column,
+          'Loop logic found in constructor',
+          'loop_logic',
+          statement.getText()
+        );
+
+      case this.SyntaxKind.SwitchStatement:
+        return this.createViolation(
+          filePath, line, column,
+          'Switch statement found in constructor',
+          'switch_logic',
+          statement.getText()
+        );
+
+      case this.SyntaxKind.TryStatement:
+        return this.createViolation(
+          filePath, line, column,
+          'Exception handling (try/catch) found in constructor',
+          'exception_handling',
+          statement.getText()
+        );
+
+      case this.SyntaxKind.ExpressionStatement:
+        return this.analyzeExpressionStatement(statement, filePath);
+
+      default:
+        return null;
+    }
+  }
+
+  /**
+   * Analyze expression statements for complex patterns
+   * @param {ts.ExpressionStatement} statement - Expression statement
+   * @param {string} filePath - File path
+   * @returns {Object|null} Violation object or null
+   */
+  analyzeExpressionStatement(statement, filePath) {
+    const expression = statement.getExpression();
+    const line = statement.getStartLineNumber();
+    const column = statement.getStart() - statement.getStartLinePos() + 1;
+
+    // Check for async operations
+    if (this.isAsyncOperation(expression)) {
+      return this.createViolation(
+        filePath, line, column,
+        'Asynchronous operation found in constructor',
+        'async_operation',
+        statement.getText()
+      );
+    }
+
+    // Check for complex method calls
+    if (this.isComplexMethodCall(expression)) {
+      return this.createViolation(
+        filePath, line, column,
+        'Complex method call found in constructor',
+        'complex_method_call',
+        statement.getText()
+      );
+    }
+
+    // Allow simple assignments and DI setup
+    if (this.isSimpleAssignment(expression) || this.isConfigurationSetup(expression)) {
+      return null;
+    }
+
+    return null;
+  }
+
+  /**
+   * Check if expression is an async operation
+   * @param {ts.Expression} expression - Expression node
+   * @returns {boolean} True if async operation
+   */
+  isAsyncOperation(expression) {
+    const text = expression.getText();
+    
+    // Await expressions
+    if (expression.getKind() === this.SyntaxKind.AwaitExpression) {
+      return true;
+    }
+
+    // Promise chains
+    if (text.includes('.then(') || text.includes('.catch(') || text.includes('.finally(')) {
+      return true;
+    }
+
+    return false;
+  }
+
+  /**
+   * Check if expression is a complex method call
+   * @param {ts.Expression} expression - Expression node
+   * @returns {boolean} True if complex method call
+   */
+  isComplexMethodCall(expression) {
+    if (expression.getKind() !== this.SyntaxKind.CallExpression) {
+      return false;
+    }
+
+    const callExpr = expression;
+    const methodName = this.getMethodName(callExpr);
+
+    // Allow certain initialization methods
+    const allowedMethods = [
+      'makeObservable', 'makeAutoObservable', // MobX
+      'bind', 'bindAll', // Method binding
+      'Object.assign', 'Object.create', // Object utilities
+      'Array.from', 'Array.of', // Array utilities
+    ];
+
+    if (allowedMethods.some(method => methodName.includes(method))) {
+      return false;
+    }
+
+    // Check for chained calls (more than 2 levels = complex)
+    const chainLength = this.getChainLength(callExpr);
+    return chainLength > 2;
+  }
+
+  /**
+   * Check if expression is a simple assignment
+   * @param {ts.Expression} expression - Expression node
+   * @returns {boolean} True if simple assignment
+   */
+  isSimpleAssignment(expression) {
+    if (expression.getKind() !== this.SyntaxKind.BinaryExpression) {
+      return false;
+    }
+
+    const binaryExpr = expression;
+    const operator = binaryExpr.getOperatorToken();
+    
+    return operator.getKind() === this.SyntaxKind.EqualsToken;
+  }
+
+  /**
+   * Check if expression is configuration setup
+   * @param {ts.Expression} expression - Expression node
+   * @returns {boolean} True if configuration setup
+   */
+  isConfigurationSetup(expression) {
+    const text = expression.getText();
+    
+    // Configuration patterns
+    const configPatterns = [
+      /new\s+\w+Client\s*\(/,  // AWS clients, HTTP clients
+      /new\s+\w+\s*\(\s*\{/,   // Configuration objects
+      /\.getInstance\s*\(/,     // Singleton patterns
+      /\.create\s*\(/,         // Factory patterns
+    ];
+
+    return configPatterns.some(pattern => pattern.test(text));
+  }
+
+  /**
+   * Get method name from call expression
+   * @param {ts.CallExpression} callExpr - Call expression
+   * @returns {string} Method name
+   */
+  getMethodName(callExpr) {
+    const expression = callExpr.getExpression();
+    
+    if (expression.getKind() === this.SyntaxKind.PropertyAccessExpression) {
+      return expression.getName();
+    }
+    
+    if (expression.getKind() === this.SyntaxKind.Identifier) {
+      return expression.getText();
+    }
+    
+    return expression.getText();
+  }
+
+  /**
+   * Get chain length of method calls
+   * @param {ts.CallExpression} callExpr - Call expression
+   * @returns {number} Chain length
+   */
+  getChainLength(callExpr) {
+    let current = callExpr.getExpression();
+    let length = 1;
+    
+    while (current.getKind() === this.SyntaxKind.PropertyAccessExpression) {
+      const propAccess = current;
+      current = propAccess.getExpression();
+      length++;
+    }
+    
+    return length;
+  }
+
+  /**
+   * Create a violation object
+   * @param {string} filePath - File path
+   * @param {number} line - Line number
+   * @param {number} column - Column number
+   * @param {string} message - Violation message
+   * @param {string} type - Violation type
+   * @param {string} code - Code snippet
+   * @returns {Object} Violation object
+   */
+  createViolation(filePath, line, column, message, type, code) {
+    return {
+      ruleId: this.ruleId,
+      file: filePath,
+      line: line,
+      column: column,
+      message: `Constructor contains complex logic: ${message}. Move to initialization methods`,
+      severity: 'warning',
+      code: code.trim(),
+      type: type,
+      confidence: 95, // High confidence with semantic analysis
+      analysisMethod: 'semantic',
+      suggestion: 'Move complex logic to separate initialization methods or lifecycle hooks'
+    };
+  }
+
+  /**
+   * Get SyntaxKind enum from ts-morph
+   * @returns {Object} SyntaxKind enum
+   */
+  get SyntaxKind() {
+    if (!this.semanticEngine) {
+      throw new Error('Semantic engine not initialized');
+    }
+    return this.semanticEngine.project.getTypeChecker().compilerObject.SyntaxKind || 
+           require('typescript').SyntaxKind;
+  }
+}
+
+module.exports = C017SemanticAnalyzer;

package/rules/common/C029_catch_block_logging/analyzer.js

@@ -8,30 +8,42 @@ const fs = require('fs');
 const path = require('path');
 
 class C029Analyzer {
-  constructor() {
+  constructor(options = {}) {
     this.ruleId = 'C029';
     this.ruleName = 'Enhanced Catch Block Error Logging';
     this.description = 'Mọi catch block phải log nguyên nhân lỗi đầy đủ và bảo toàn context (Smart Pipeline 3-stage analysis)';
+    this.verbose = options.verbose || false;
     
     // Load Smart Pipeline as primary analyzer
     this.smartPipeline = null;
     
     try {
       this.smartPipeline = require('./analyzer-smart-pipeline.js');
-      console.log('🎯 C029: Smart Pipeline loaded (3-stage: Regex → AST → Data Flow)');
+      if (this.verbose) {
+        console.log('[DEBUG] 🎯 C029: Smart Pipeline loaded (3-stage: Regex → AST → Data Flow)');
+      }
     } catch (error) {
-      console.warn('⚠️ C029: Smart Pipeline failed, using fallback:', error.message);
+      if (this.verbose) {
+        console.warn('[DEBUG] ⚠️ C029: Smart Pipeline failed, using fallback:', error.message);
+      }
       this.smartPipeline = null;
     }
   }
 
   async analyze(files, language, options = {}) {
+    // Store verbose option for this analysis
+    this.verbose = options.verbose || this.verbose || false;
+    
     // Use Smart Pipeline as primary choice
     if (this.smartPipeline) {
-      console.log('🎯 C029: Using Smart Pipeline (3-stage analysis)...');
+      if (this.verbose) {
+        console.log('[DEBUG] 🎯 C029: Using Smart Pipeline (3-stage analysis)...');
+      }
       return await this.smartPipeline.analyze(files, language, options);
     } else {
-      console.log('🔍 C029: Using fallback regex analysis...');
+      if (this.verbose) {
+        console.log('[DEBUG] 🔍 C029: Using fallback regex analysis...');
+      }
       return await this.analyzeWithRegex(files, language, options);
     }
   }

package/rules/common/C033_separate_service_repository/README.md

@@ -0,0 +1,78 @@
+# C033: Separate Service and Repository Logic
+
+## Rule Description
+
+Enforces proper separation between Service and Repository layers in your application architecture:
+
+- **Services** should contain business logic and use repositories for data access
+- **Repositories** should contain only data access logic, no business rules
+
+## Architecture
+
+This rule uses a **hybrid analysis approach**:
+
+1. **Primary: Symbol-based Analysis** (using ts-morph)
+   - AST parsing and symbol resolution
+   - Accurate detection of database operations
+   - Excludes queue/job operations automatically
+
+2. **Fallback: Regex-based Analysis**
+   - Pattern matching for when symbol analysis fails
+   - Handles edge cases and complex code structures
+
+## Files Structure
+
+```
+C033_separate_service_repository/
+├── analyzer.js              # Main hybrid orchestrator
+├── symbol-based-analyzer.js # Primary AST-based analysis
+├── regex-based-analyzer.js  # Fallback pattern matching
+├── config.json             # Rule configuration
+└── README.md               # This documentation
+```
+
+## What this rule detects
+
+### Violations in Service files:
+- Direct database calls (`repository.createQueryBuilder()`, `dataSource.createQueryBuilder()`)
+- Direct ORM operations (`entity.save()`, `entity.find()`)
+- SQL queries embedded in service methods
+- **Excludes**: Queue/job operations (`job.remove()`, `job.isFailed()`, etc.)
+
+### Violations in Repository files:
+- Complex business logic (filtering, calculations, validations)
+- Business rules and workflows
+- Complex conditional logic for data processing
+
+## Examples
+
+See test cases in the standard test fixtures location:
+
+- **Violations**: `examples/rule-test-fixtures/rules/C033_separate_service_repository/violations/test-cases.js`
+- **Clean code**: `examples/rule-test-fixtures/rules/C033_separate_service_repository/clean/good-examples.js`
+
+## Usage
+
+```bash
+# Test violations
+node cli.js --rule=C033 --input=examples/rule-test-fixtures/rules/C033_separate_service_repository/violations --engine=heuristic
+
+# Test clean code
+node cli.js --rule=C033 --input=examples/rule-test-fixtures/rules/C033_separate_service_repository/clean --engine=heuristic
+```
+
+## Technical Implementation
+
+- **Primary Analysis**: Semantic analysis using ts-morph for AST traversal
+- **Fallback**: Regex pattern matching for environments without ts-morph
+- **Engine**: Heuristic engine (registered in enhanced-rules-registry.js)
+- **File Detection**: Classifies files as Service/Repository based on naming patterns
+
+## Philosophy
+
+This rule enforces the Repository Pattern and Domain-Driven Design principles:
+
+1. **Separation of Concerns**: Business logic in Services, data access in Repositories
+2. **Testability**: Each layer can be tested independently
+3. **Maintainability**: Changes to business rules don't affect data access code
+4. **Flexibility**: Data storage can be changed without affecting business logic

package/rules/common/C033_separate_service_repository/analyzer.js

@@ -0,0 +1,160 @@
+/**
+ * C033 Main Analyzer - Symbol-based with minimal regex fallback
+ * Primary: Symbol-based analysis (95% cases)
+ * Fallback: Regex-based only when symbol analysis completely fails
+ */
+
+const C033SymbolBasedAnalyzer = require('./symbol-based-analyzer');
+const C033RegexBasedAnalyzer = require('./regex-based-analyzer');
+
+class C033Analyzer {
+  constructor(semanticEngine = null) {
+    this.ruleId = 'C033';
+    this.ruleName = 'Separate Service and Repository Logic';
+    this.description = 'Tách logic xử lý và truy vấn dữ liệu trong service layer - Repository chỉ chứa CRUD, Service chứa business logic';
+    this.semanticEngine = semanticEngine;
+    this.verbose = false;
+    
+    // Initialize analyzers
+    this.symbolBasedAnalyzer = new C033SymbolBasedAnalyzer(semanticEngine);
+    this.regexBasedAnalyzer = new C033RegexBasedAnalyzer(semanticEngine);
+    
+    // Configuration
+    this.config = {
+      useSymbolBased: true,      // Primary approach
+      fallbackToRegex: true,     // Only when symbol fails completely
+      symbolBasedOnly: false     // Can be set to true for pure mode
+    };
+  }
+
+  /**
+   * Initialize with semantic engine
+   */
+  async initialize(semanticEngine = null) {
+    if (semanticEngine) {
+      this.semanticEngine = semanticEngine;
+    }
+    this.verbose = semanticEngine?.verbose || false;
+    
+    // Initialize both analyzers
+    await this.symbolBasedAnalyzer.initialize(semanticEngine);
+    await this.regexBasedAnalyzer.initialize(semanticEngine);
+    
+    if (this.verbose) {
+      console.log(`[DEBUG] 🔧 C033: Analyzer initialized - Symbol-based: ✅, Regex fallback: ${this.config.fallbackToRegex ? '✅' : '❌'}`);
+    }
+  }
+
+  async analyze(files, language, options = {}) {
+    const violations = [];
+    let symbolCount = 0;
+    let regexCount = 0;
+    
+    for (const filePath of files) {
+      try {
+        const fileViolations = await this.analyzeFile(filePath, options);
+        violations.push(...fileViolations);
+        
+        // Count strategy usage
+        const strategy = fileViolations[0]?.analysisStrategy;
+        if (strategy === 'symbol-based') symbolCount++;
+        else if (strategy === 'regex-fallback') regexCount++;
+        
+      } catch (error) {
+        if (this.verbose) {
+          console.warn(`[C033] Analysis failed for ${filePath}:`, error.message);
+        }
+      }
+    }
+    
+    // Summary of strategy usage
+    if (this.verbose && (symbolCount > 0 || regexCount > 0)) {
+      console.log(`📊 [C033-SUMMARY] Analysis strategy usage:`);
+      console.log(`   🧠 Symbol-based: ${symbolCount} files`);
+      console.log(`   🔄 Regex-fallback: ${regexCount} files`);
+      console.log(`   📈 Coverage: ${symbolCount}/${symbolCount + regexCount} files used primary strategy`);
+    }
+    
+    return violations;
+  }
+
+  async analyzeFile(filePath, options = {}) {
+    // 1. Try Symbol-based analysis first (primary)
+    if (this.config.useSymbolBased && this.semanticEngine?.project) {
+      try {
+        const sourceFile = this.semanticEngine.project.getSourceFileByFilePath(filePath);
+        if (sourceFile) {
+          const violations = await this.symbolBasedAnalyzer.analyzeFileWithSymbols(filePath, options);
+          
+          if (this.verbose) {
+            console.log(`🧠 [C033-SYMBOL] ${filePath}: Found ${violations.length} violations`);
+          }
+          
+          return violations.map(v => ({ ...v, analysisStrategy: 'symbol-based' }));
+        } else {
+          if (this.verbose) {
+            console.log(`⚠️  [C033-SYMBOL] ${filePath}: Source file not found in ts-morph project, falling back to regex`);
+          }
+        }
+      } catch (error) {
+        if (this.verbose) {
+          console.warn(`❌ [C033-SYMBOL] ${filePath}: Symbol analysis failed, falling back to regex:`, error.message);
+        }
+      }
+    } else {
+      if (this.verbose) {
+        const reason = !this.config.useSymbolBased ? 'Symbol-based disabled' : 'No semantic engine';
+        console.log(`⚠️  [C033] ${filePath}: Skipping symbol analysis (${reason}), using regex`);
+      }
+    }
+
+    // 2. Fallback to Regex-based analysis (only if symbol fails or unavailable)
+    if (this.config.fallbackToRegex && !this.config.symbolBasedOnly) {
+      try {
+        const violations = await this.regexBasedAnalyzer.analyzeFileBasic(filePath, options);
+        
+        if (this.verbose) {
+          console.log(`🔄 [C033-REGEX] ${filePath}: Found ${violations.length} violations`);
+        }
+        
+        return violations.map(v => ({ ...v, analysisStrategy: 'regex-fallback' }));
+      } catch (error) {
+        if (this.verbose) {
+          console.warn(`❌ [C033-REGEX] ${filePath}: Regex fallback also failed:`, error.message);
+        }
+      }
+    }
+    
+    return [];
+  }
+
+  // Legacy compatibility methods
+  async analyzeWithSemantics(filePath, options = {}) {
+    return await this.analyzeFile(filePath, options);
+  }
+
+  async analyzeFileBasic(filePath, options = {}) {
+    // Force regex-based for legacy compatibility
+    const violations = await this.regexBasedAnalyzer.analyzeFileBasic(filePath, options);
+    return violations.map(v => ({ ...v, analysisStrategy: 'regex-legacy' }));
+  }
+
+  // Configuration methods
+  enableSymbolBasedOnly() {
+    this.config.symbolBasedOnly = true;
+    this.config.fallbackToRegex = false;
+    if (this.verbose) {
+      console.log(`[C033] Switched to symbol-based only mode`);
+    }
+  }
+
+  enableHybridMode() {
+    this.config.symbolBasedOnly = false;
+    this.config.fallbackToRegex = true;
+    if (this.verbose) {
+      console.log(`[C033] Switched to hybrid mode (symbol-based + regex fallback)`);
+    }
+  }
+}
+
+module.exports = C033Analyzer;

package/rules/common/C033_separate_service_repository/config.json

@@ -0,0 +1,50 @@
+{
+  "id": "C033_separate_service_repository",
+  "name": "C033_separate_service_repository",
+  "category": "architecture",
+  "description": "C033 - Tách logic xử lý và truy vấn dữ liệu trong service layer",
+  "severity": "warning",
+  "enabled": true,
+  "semantic": {
+    "enabled": true,
+    "priority": "high",
+    "fallback": "heuristic"
+  },
+  "patterns": {
+    "include": [
+      "**/*.js",
+      "**/*.ts",
+      "**/*.jsx",
+      "**/*.tsx"
+    ],
+    "exclude": [
+      "**/*.test.*",
+      "**/*.spec.*",
+      "**/*.mock.*",
+      "**/test/**",
+      "**/tests/**",
+      "**/spec/**"
+    ]
+  },
+  "options": {
+    "strictMode": false,
+    "allowedDbMethods": [],
+    "repositoryPatterns": [
+      "*Repository*",
+      "*Repo*",
+      "*DAO*",
+      "*Store*"
+    ],
+    "servicePatterns": [
+      "*Service*",
+      "*UseCase*",
+      "*Handler*",
+      "*Manager*"
+    ],
+    "complexityThreshold": {
+      "methodLength": 200,
+      "cyclomaticComplexity": 5,
+      "nestedDepth": 3
+    }
+  }
+}