@sun-asterisk/sunlint 1.3.0 → 1.3.2

package/rules/common/C024_no_scatter_hardcoded_constants/symbol-based-analyzer.js

@@ -0,0 +1,181 @@
+/**
+ * C024 Symbol-based Analyzer - Advanced Do not scatter hardcoded constants throughout the logic
+ * Purpose: The rule prevents scattering hardcoded constants throughout the logic. Instead, constants should be defined in a single place to improve maintainability and readability.
+ */
+
+const { SyntaxKind } = require('ts-morph');
+
+class C024SymbolBasedAnalyzer {
+  constructor(semanticEngine = null) {
+    this.ruleId = 'C024';
+    this.ruleName = 'Error Scatter hardcoded constants throughout the logic (Symbol-Based)';
+    this.semanticEngine = semanticEngine;
+    this.verbose = false;
+    this.safeStrings = ["UNKNOWN", "N/A"]; // allowlist of special fallback values
+  }
+
+  async initialize(semanticEngine = null) {
+    if (semanticEngine) {
+      this.semanticEngine = semanticEngine;
+    }
+    this.verbose = semanticEngine?.verbose || false;
+
+    if (process.env.SUNLINT_DEBUG) {
+      console.log(`🔧 [C024 Symbol-Based] Analyzer initialized, verbose: ${this.verbose}`);
+    }
+  }
+
+  async analyzeFileBasic(filePath, options = {}) {
+    // This is the main entry point called by the hybrid analyzer
+    return await this.analyzeFileWithSymbols(filePath, options);
+  }
+
+  async analyzeFileWithSymbols(filePath, options = {}) {
+    const violations = [];
+
+    // Enable verbose mode if requested
+    const verbose = options.verbose || this.verbose;
+
+    if (!this.semanticEngine?.project) {
+      if (verbose) {
+        console.warn('[C024 Symbol-Based] No semantic engine available, skipping analysis');
+      }
+      return violations;
+    }
+
+    if (verbose) {
+      console.log(`🔍 [C024 Symbol-Based] Starting analysis for ${filePath}`);
+    }
+
+    try {
+      const sourceFile = this.semanticEngine.project.getSourceFile(filePath);
+      if (!sourceFile) {
+        return violations;
+      }
+
+      // skip constants files
+      if (this.isConstantsFile(filePath)) return violations;
+      // Detect hardcoded constants
+      sourceFile.forEachDescendant((node) => {
+        this.checkLiterals(node, sourceFile, violations);
+        this.checkConstDeclaration(node, sourceFile, violations);
+        this.checkStaticReadonly(node, sourceFile, violations);
+      });
+
+
+      if (verbose) {
+        console.log(`🔍 [C024 Symbol-Based] Total violations found: ${violations.length}`);
+      }
+
+      return violations;
+    } catch (error) {
+      if (verbose) {
+        console.warn(`[C024 Symbol-Based] Analysis failed for ${filePath}:`, error.message);
+      }
+
+      return violations;
+    }
+  }
+
+  // --- push violation object ---
+  pushViolation(violations, node, filePath, text, message) {
+    violations.push({
+      ruleId: this.ruleId,
+      severity: "warning",
+      message: message || `Hardcoded constant found: "${text}"`,
+      source: this.ruleId,
+      file: filePath,
+      line: node.getStartLineNumber(),
+      column: node.getStart() - node.getStartLinePos(),
+      description:
+        "[SYMBOL-BASED] Hardcoded constants should be defined in a single place to improve maintainability.",
+      suggestion: "Define constants in a dedicated file or section",
+      category: "constants",
+    });
+  }
+
+  // --- check literals like "ADMIN", 123, true ---
+  checkLiterals(node, sourceFile, violations) {
+    const kind = node.getKind();
+    if (
+      kind === SyntaxKind.StringLiteral ||
+      kind === SyntaxKind.NumericLiteral ||
+      kind === SyntaxKind.TrueKeyword ||
+      kind === SyntaxKind.FalseKeyword
+    ) {
+      const text = node.getText().replace(/['"`]/g, ""); // strip quotes
+      if (this.isAllowedLiteral(node, text)) return;
+
+      this.pushViolation(
+        violations,
+        node,
+        sourceFile.getFilePath(),
+        node.getText()
+      );
+    }
+  }
+
+  // --- check const declarations outside constants.ts ---
+  checkConstDeclaration(node, sourceFile, violations) {
+    const kind = node.getKind();
+    if (kind === SyntaxKind.VariableDeclaration) {
+      const parentKind = node.getParent()?.getKind();
+      if (
+        parentKind === SyntaxKind.VariableDeclarationList &&
+        node.getParent().getDeclarationKind() === "const"
+      ) {
+        this.pushViolation(
+          violations,
+          node,
+          sourceFile.getFilePath(),
+          node.getName(),
+          `Const declaration "${node.getName()}" should be moved into constants file`
+        );
+      }
+    }
+  }
+
+  // --- check static readonly properties inside classes ---
+  checkStaticReadonly(node, sourceFile, violations) {
+    const kind = node.getKind();
+    if (kind === SyntaxKind.PropertyDeclaration) {
+      const modifiers = node.getModifiers().map((m) => m.getText());
+      if (modifiers.includes("static") && modifiers.includes("readonly")) {
+        this.pushViolation(
+          violations,
+          node,
+          sourceFile.getFilePath(),
+          node.getName(),
+          `Static readonly property "${node.getName()}" should be moved into constants file`
+        );
+      }
+    }
+  }
+
+  // --- helper: allow safe literals ---
+  isAllowedLiteral(node, text) {
+    // skip imports
+    if (node.getParent()?.getKind() === SyntaxKind.ImportDeclaration) {
+      return true;
+    }
+
+    // allow short strings
+    if (typeof text === "string" && text.length <= 1) return true;
+
+    // allow sentinel numbers
+    if (text === "0" || text === "1" || text === "-1") return true;
+
+    // allow known safe strings (like "UNKNOWN")
+    if (this.safeStrings.includes(text)) return true;
+
+    return false;
+  }
+
+  // helper to check if file is a constants file
+  isConstantsFile(filePath) {
+    const lower = filePath.toLowerCase();
+    return lower.endsWith("constants.ts") || lower.includes("/constants/");
+  }
+}
+
+module.exports = C024SymbolBasedAnalyzer;

package/rules/common/C030_use_custom_error_classes/analyzer.js

@@ -0,0 +1,200 @@
+const fs = require('fs');
+const path = require('path');
+
+/**
+ * Rule C030 - Use Custom Error Classes
+ * Enforce using application-specific error classes instead of generic system errors
+ * Examples to flag: throw new Error(), throw new TypeError(), Promise.reject(new Error(...))
+ */
+class C030UseCustomErrorClassesAnalyzer {
+  constructor(options = {}) {
+    this.ruleId = 'C030';
+    this.ruleName = 'Use Custom Error Classes';
+    this.description = 'Use custom error classes instead of generic system errors';
+    this.severity = 'warning';
+    this.verbose = options.verbose || false;
+
+    this.builtinErrorNames = [
+      'Error',
+      'TypeError',
+      'RangeError',
+      'ReferenceError',
+      'SyntaxError',
+      'URIError',
+      'EvalError'
+    ];
+
+    // Precompile regexes for speed
+    const namesGroup = this.builtinErrorNames.join('|');
+    this.patterns = [
+      // throw new Error(...)
+      new RegExp(`\\bthrow\\s+new\\s+(${namesGroup})\\s*\\(`),
+      // throw Error(...)
+      new RegExp(`\\bthrow\\s+(${namesGroup})\\s*\\(`),
+      // Promise.reject(new Error(...))
+      new RegExp(`Promise\\.reject\\s*\\(\\s*new\\s+(${namesGroup})\\s*\\(`),
+      // reject(new Error(...))
+      new RegExp(`\\breject\\s*\\(\\s*new\\s+(${namesGroup})\\s*\\(`),
+      // Throwing string literals (single, double quotes)
+      /\bthrow\s+['"][^'"]*['"]/,
+      // Throwing template literals
+      /\bthrow\s+`[^`]*`/,
+      // Throwing numbers
+      /\bthrow\s+\d+/,
+      // Throwing variables (simple identifiers) - remove $ anchor to allow comments
+      /\bthrow\s+[a-zA-Z_$][a-zA-Z0-9_$]*(?:\s*;|\s*\/\/|\s*$)/
+    ];
+  }
+
+  async analyze(files, language, config = {}) {
+    const violations = [];
+
+    for (const filePath of files) {
+      try {
+        // Handle both file paths and direct content
+        let content;
+        if (typeof filePath === 'string' && fs.existsSync(filePath)) {
+          content = fs.readFileSync(filePath, 'utf8');
+        } else if (typeof filePath === 'object' && filePath.content) {
+          // Handle test cases with direct content
+          content = filePath.content;
+          filePath = filePath.path || 'test.js';
+        } else {
+          if (this.verbose) {
+            console.warn(`C030: Skipping invalid file path: ${filePath}`);
+          }
+          continue;
+        }
+        
+        const fileViolations = await this.analyzeFile(filePath, content, language, config);
+        violations.push(...fileViolations);
+      } catch (error) {
+        if (this.verbose) {
+          console.warn(`C030 analysis error for ${path.basename(filePath)}: ${error.message}`);
+        }
+      }
+    }
+
+    return violations;
+  }
+
+  async analyzeFile(filePath, content, language, config = {}) {
+    const violations = [];
+
+    // Only target JS/TS for now
+    if (!this.isJsLike(filePath)) {
+      return violations;
+    }
+
+    const lines = content.split('\n');
+
+    for (let i = 0; i < lines.length; i++) {
+      const line = lines[i];
+      const trimmed = line.trim();
+
+      // Skip comments-only lines quickly
+      if (this.isCommentOnly(trimmed)) {
+        continue;
+      }
+
+      for (const pattern of this.patterns) {
+        const match = trimmed.match(pattern);
+        if (match) {
+          const column = line.indexOf(match[0]) + 1;
+          const builtInName = this.extractBuiltinName(match);
+          const violationType = this.getViolationType(pattern, trimmed);
+
+          const suggestion = this.getSuggestion(builtInName, violationType);
+
+          violations.push({
+            ruleId: this.ruleId,
+            file: filePath,
+            line: i + 1,
+            column: Math.max(column, 1),
+            message: this.getMessage(violationType),
+            severity: this.severity,
+            code: trimmed,
+            type: violationType,
+            suggestion
+          });
+
+          // Avoid double-reporting same line on multiple patterns
+          break;
+        }
+      }
+    }
+
+    return violations;
+  }
+
+  isJsLike(filePath) {
+    return /\.(js|jsx|ts|tsx|mjs|cjs)$/.test(filePath);
+  }
+
+  isCommentOnly(trimmedLine) {
+    return trimmedLine.startsWith('//') || trimmedLine.startsWith('/*') || trimmedLine === '';
+  }
+
+  extractBuiltinName(regexMatch) {
+    if (!regexMatch || regexMatch.length < 2) return null;
+    const candidate = regexMatch[1];
+    return this.builtinErrorNames.includes(candidate) ? candidate : null;
+  }
+
+  getViolationType(pattern, line) {
+    if (pattern.source.includes('new\\s+(')) {
+      return 'generic_system_error_constructor';
+    } else if (pattern.source.includes('\\s+(') && pattern.source.includes('\\(')) {
+      return 'generic_system_error_call';
+    } else if (pattern.source.includes('Promise\\.reject')) {
+      return 'promise_reject_generic_error';
+    } else if (pattern.source.includes('reject\\s*\\(')) {
+      return 'reject_generic_error';
+    } else if (pattern.source.includes('`[^`]*`')) {
+      return 'throw_template_literal';
+    } else if (pattern.source.includes("['\"")) {
+      return 'throw_string_literal';
+    } else if (pattern.source.includes('\\d+')) {
+      return 'throw_number';
+    } else if (pattern.source.includes('[a-zA-Z_$]')) {
+      return 'throw_variable';
+    }
+    return 'generic_system_error_usage';
+  }
+
+  getMessage(violationType) {
+    const messages = {
+      'generic_system_error_constructor': 'Use custom error classes instead of generic system error constructors',
+      'generic_system_error_call': 'Use custom error classes instead of generic system error calls',
+      'promise_reject_generic_error': 'Use custom error classes instead of rejecting with generic errors',
+      'reject_generic_error': 'Use custom error classes instead of rejecting with generic errors',
+      'throw_string_literal': 'Use custom error classes instead of throwing string literals',
+      'throw_template_literal': 'Use custom error classes instead of throwing template literals',
+      'throw_number': 'Use custom error classes instead of throwing numbers',
+      'throw_variable': 'Use custom error classes instead of throwing variables',
+      'generic_system_error_usage': 'Use custom error classes instead of generic system errors'
+    };
+    return messages[violationType] || messages['generic_system_error_usage'];
+  }
+
+  getSuggestion(builtInName, violationType) {
+    if (builtInName) {
+      return `Define and throw a custom error class (e.g., DomainError extends Error) instead of ${builtInName}`;
+    }
+    
+    const suggestions = {
+      'throw_string_literal': 'Define and throw a custom error class (e.g., DomainError extends Error) instead of throwing string literals',
+      'throw_template_literal': 'Define and throw a custom error class (e.g., DomainError extends Error) instead of throwing template literals',
+      'throw_number': 'Define and throw a custom error class (e.g., DomainError extends Error) instead of throwing numbers',
+      'throw_variable': 'Define and throw a custom error class (e.g., DomainError extends Error) instead of throwing variables',
+      'promise_reject_generic_error': 'Define and throw a custom error class (e.g., DomainError extends Error) instead of rejecting with generic errors',
+      'reject_generic_error': 'Define and throw a custom error class (e.g., DomainError extends Error) instead of rejecting with generic errors'
+    };
+    
+    return suggestions[violationType] || 'Define and throw a custom error class (e.g., DomainError extends Error)';
+  }
+}
+
+module.exports = new C030UseCustomErrorClassesAnalyzer();
+
+

package/rules/common/C033_separate_service_repository/README.md

@@ -0,0 +1,78 @@
+# C033: Separate Service and Repository Logic
+
+## Rule Description
+
+Enforces proper separation between Service and Repository layers in your application architecture:
+
+- **Services** should contain business logic and use repositories for data access
+- **Repositories** should contain only data access logic, no business rules
+
+## Architecture
+
+This rule uses a **hybrid analysis approach**:
+
+1. **Primary: Symbol-based Analysis** (using ts-morph)
+   - AST parsing and symbol resolution
+   - Accurate detection of database operations
+   - Excludes queue/job operations automatically
+
+2. **Fallback: Regex-based Analysis**
+   - Pattern matching for when symbol analysis fails
+   - Handles edge cases and complex code structures
+
+## Files Structure
+
+```
+C033_separate_service_repository/
+├── analyzer.js              # Main hybrid orchestrator
+├── symbol-based-analyzer.js # Primary AST-based analysis
+├── regex-based-analyzer.js  # Fallback pattern matching
+├── config.json             # Rule configuration
+└── README.md               # This documentation
+```
+
+## What this rule detects
+
+### Violations in Service files:
+- Direct database calls (`repository.createQueryBuilder()`, `dataSource.createQueryBuilder()`)
+- Direct ORM operations (`entity.save()`, `entity.find()`)
+- SQL queries embedded in service methods
+- **Excludes**: Queue/job operations (`job.remove()`, `job.isFailed()`, etc.)
+
+### Violations in Repository files:
+- Complex business logic (filtering, calculations, validations)
+- Business rules and workflows
+- Complex conditional logic for data processing
+
+## Examples
+
+See test cases in the standard test fixtures location:
+
+- **Violations**: `examples/rule-test-fixtures/rules/C033_separate_service_repository/violations/test-cases.js`
+- **Clean code**: `examples/rule-test-fixtures/rules/C033_separate_service_repository/clean/good-examples.js`
+
+## Usage
+
+```bash
+# Test violations
+node cli.js --rule=C033 --input=examples/rule-test-fixtures/rules/C033_separate_service_repository/violations --engine=heuristic
+
+# Test clean code
+node cli.js --rule=C033 --input=examples/rule-test-fixtures/rules/C033_separate_service_repository/clean --engine=heuristic
+```
+
+## Technical Implementation
+
+- **Primary Analysis**: Semantic analysis using ts-morph for AST traversal
+- **Fallback**: Regex pattern matching for environments without ts-morph
+- **Engine**: Heuristic engine (registered in enhanced-rules-registry.js)
+- **File Detection**: Classifies files as Service/Repository based on naming patterns
+
+## Philosophy
+
+This rule enforces the Repository Pattern and Domain-Driven Design principles:
+
+1. **Separation of Concerns**: Business logic in Services, data access in Repositories
+2. **Testability**: Each layer can be tested independently
+3. **Maintainability**: Changes to business rules don't affect data access code
+4. **Flexibility**: Data storage can be changed without affecting business logic

package/rules/common/C033_separate_service_repository/analyzer.js

@@ -0,0 +1,160 @@
+/**
+ * C033 Main Analyzer - Symbol-based with minimal regex fallback
+ * Primary: Symbol-based analysis (95% cases)
+ * Fallback: Regex-based only when symbol analysis completely fails
+ */
+
+const C033SymbolBasedAnalyzer = require('./symbol-based-analyzer');
+const C033RegexBasedAnalyzer = require('./regex-based-analyzer');
+
+class C033Analyzer {
+  constructor(semanticEngine = null) {
+    this.ruleId = 'C033';
+    this.ruleName = 'Separate Service and Repository Logic';
+    this.description = 'Tách logic xử lý và truy vấn dữ liệu trong service layer - Repository chỉ chứa CRUD, Service chứa business logic';
+    this.semanticEngine = semanticEngine;
+    this.verbose = false;
+    
+    // Initialize analyzers
+    this.symbolBasedAnalyzer = new C033SymbolBasedAnalyzer(semanticEngine);
+    this.regexBasedAnalyzer = new C033RegexBasedAnalyzer(semanticEngine);
+    
+    // Configuration
+    this.config = {
+      useSymbolBased: true,      // Primary approach
+      fallbackToRegex: true,     // Only when symbol fails completely
+      symbolBasedOnly: false     // Can be set to true for pure mode
+    };
+  }
+
+  /**
+   * Initialize with semantic engine
+   */
+  async initialize(semanticEngine = null) {
+    if (semanticEngine) {
+      this.semanticEngine = semanticEngine;
+    }
+    this.verbose = semanticEngine?.verbose || false;
+    
+    // Initialize both analyzers
+    await this.symbolBasedAnalyzer.initialize(semanticEngine);
+    await this.regexBasedAnalyzer.initialize(semanticEngine);
+    
+    if (this.verbose) {
+      console.log(`[DEBUG] 🔧 C033: Analyzer initialized - Symbol-based: ✅, Regex fallback: ${this.config.fallbackToRegex ? '✅' : '❌'}`);
+    }
+  }
+
+  async analyze(files, language, options = {}) {
+    const violations = [];
+    let symbolCount = 0;
+    let regexCount = 0;
+    
+    for (const filePath of files) {
+      try {
+        const fileViolations = await this.analyzeFile(filePath, options);
+        violations.push(...fileViolations);
+        
+        // Count strategy usage
+        const strategy = fileViolations[0]?.analysisStrategy;
+        if (strategy === 'symbol-based') symbolCount++;
+        else if (strategy === 'regex-fallback') regexCount++;
+        
+      } catch (error) {
+        if (this.verbose) {
+          console.warn(`[C033] Analysis failed for ${filePath}:`, error.message);
+        }
+      }
+    }
+    
+    // Summary of strategy usage
+    if (this.verbose && (symbolCount > 0 || regexCount > 0)) {
+      console.log(`📊 [C033-SUMMARY] Analysis strategy usage:`);
+      console.log(`   🧠 Symbol-based: ${symbolCount} files`);
+      console.log(`   🔄 Regex-fallback: ${regexCount} files`);
+      console.log(`   📈 Coverage: ${symbolCount}/${symbolCount + regexCount} files used primary strategy`);
+    }
+    
+    return violations;
+  }
+
+  async analyzeFile(filePath, options = {}) {
+    // 1. Try Symbol-based analysis first (primary)
+    if (this.config.useSymbolBased && this.semanticEngine?.project) {
+      try {
+        const sourceFile = this.semanticEngine.project.getSourceFileByFilePath(filePath);
+        if (sourceFile) {
+          const violations = await this.symbolBasedAnalyzer.analyzeFileWithSymbols(filePath, options);
+          
+          if (this.verbose) {
+            console.log(`🧠 [C033-SYMBOL] ${filePath}: Found ${violations.length} violations`);
+          }
+          
+          return violations.map(v => ({ ...v, analysisStrategy: 'symbol-based' }));
+        } else {
+          if (this.verbose) {
+            console.log(`⚠️  [C033-SYMBOL] ${filePath}: Source file not found in ts-morph project, falling back to regex`);
+          }
+        }
+      } catch (error) {
+        if (this.verbose) {
+          console.warn(`❌ [C033-SYMBOL] ${filePath}: Symbol analysis failed, falling back to regex:`, error.message);
+        }
+      }
+    } else {
+      if (this.verbose) {
+        const reason = !this.config.useSymbolBased ? 'Symbol-based disabled' : 'No semantic engine';
+        console.log(`⚠️  [C033] ${filePath}: Skipping symbol analysis (${reason}), using regex`);
+      }
+    }
+
+    // 2. Fallback to Regex-based analysis (only if symbol fails or unavailable)
+    if (this.config.fallbackToRegex && !this.config.symbolBasedOnly) {
+      try {
+        const violations = await this.regexBasedAnalyzer.analyzeFileBasic(filePath, options);
+        
+        if (this.verbose) {
+          console.log(`🔄 [C033-REGEX] ${filePath}: Found ${violations.length} violations`);
+        }
+        
+        return violations.map(v => ({ ...v, analysisStrategy: 'regex-fallback' }));
+      } catch (error) {
+        if (this.verbose) {
+          console.warn(`❌ [C033-REGEX] ${filePath}: Regex fallback also failed:`, error.message);
+        }
+      }
+    }
+    
+    return [];
+  }
+
+  // Legacy compatibility methods
+  async analyzeWithSemantics(filePath, options = {}) {
+    return await this.analyzeFile(filePath, options);
+  }
+
+  async analyzeFileBasic(filePath, options = {}) {
+    // Force regex-based for legacy compatibility
+    const violations = await this.regexBasedAnalyzer.analyzeFileBasic(filePath, options);
+    return violations.map(v => ({ ...v, analysisStrategy: 'regex-legacy' }));
+  }
+
+  // Configuration methods
+  enableSymbolBasedOnly() {
+    this.config.symbolBasedOnly = true;
+    this.config.fallbackToRegex = false;
+    if (this.verbose) {
+      console.log(`[C033] Switched to symbol-based only mode`);
+    }
+  }
+
+  enableHybridMode() {
+    this.config.symbolBasedOnly = false;
+    this.config.fallbackToRegex = true;
+    if (this.verbose) {
+      console.log(`[C033] Switched to hybrid mode (symbol-based + regex fallback)`);
+    }
+  }
+}
+
+module.exports = C033Analyzer;

package/rules/common/C033_separate_service_repository/config.json

@@ -0,0 +1,50 @@
+{
+  "id": "C033_separate_service_repository",
+  "name": "C033_separate_service_repository",
+  "category": "architecture",
+  "description": "C033 - Tách logic xử lý và truy vấn dữ liệu trong service layer",
+  "severity": "warning",
+  "enabled": true,
+  "semantic": {
+    "enabled": true,
+    "priority": "high",
+    "fallback": "heuristic"
+  },
+  "patterns": {
+    "include": [
+      "**/*.js",
+      "**/*.ts",
+      "**/*.jsx",
+      "**/*.tsx"
+    ],
+    "exclude": [
+      "**/*.test.*",
+      "**/*.spec.*",
+      "**/*.mock.*",
+      "**/test/**",
+      "**/tests/**",
+      "**/spec/**"
+    ]
+  },
+  "options": {
+    "strictMode": false,
+    "allowedDbMethods": [],
+    "repositoryPatterns": [
+      "*Repository*",
+      "*Repo*",
+      "*DAO*",
+      "*Store*"
+    ],
+    "servicePatterns": [
+      "*Service*",
+      "*UseCase*",
+      "*Handler*",
+      "*Manager*"
+    ],
+    "complexityThreshold": {
+      "methodLength": 200,
+      "cyclomaticComplexity": 5,
+      "nestedDepth": 3
+    }
+  }
+}