npm - @sun-asterisk/sunlint - Versions diffs - 1.3.1 → 1.3.2 - Mend

@sun-asterisk/sunlint 1.3.1 → 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/rules/common/C019_log_level_usage/analyzer.js CHANGED Viewed

@@ -1,37 +1,125 @@
-const fs = require('fs');
-const path = require('path');
-const ts = require('typescript');
-const { PatternMatcher } = require('../../utils/pattern-matchers');
-const { RuleHelper } = require('../../utils/rule-helpers');
+const C019SystemLogAnalyzer = require('./system-log-analyzer.js');
+const C019PatternAnalyzer = require('./pattern-analyzer.js');
 class C019Analyzer {
-  constructor() {
+  constructor(semanticEngine = null) {
     this.ruleId = 'C019';
     this.ruleName = 'Log Level Usage';
-    this.description = 'Không sử dụng log mức error cho lỗi không nghiêm trọng';
+    this.description = 'Comprehensive logging analysis: levels, patterns, performance, and system requirements';
+    this.semanticEngine = semanticEngine;
+    this.verbose = false;
+    // Initialize analyzers - consolidated architecture
+    this.systemAnalyzer = new C019SystemLogAnalyzer(semanticEngine);
+    this.patternAnalyzer = new C019PatternAnalyzer();
     this.aiAnalyzer = null;
   }
-  async analyze(files, language, config) {
-    const violations = [];
+  async initialize(semanticEngine = null) {
+    if (semanticEngine) {
+      this.semanticEngine = semanticEngine;
+    }
+    this.verbose = semanticEngine?.verbose || false;
+    await this.systemAnalyzer.initialize(semanticEngine);
+    await this.patternAnalyzer.initialize({ verbose: this.verbose });
+  }
+  async analyzeFileBasic(filePath, options = {}) {
+    const allViolations = [];
+    try {
+      // Run comprehensive system-level analysis (Primary - AST)
+      if (this.semanticEngine?.isSymbolEngineReady?.() && this.semanticEngine.project) {
+        if (this.verbose) {
+          console.log(`[DEBUG] 🎯 C019: Using comprehensive system-level analysis for ${filePath.split('/').pop()}`);
+        }
+        try {
+          const systemViolations = await this.systemAnalyzer.analyzeFileBasic(filePath, options);
+          allViolations.push(...systemViolations);
+          if (this.verbose) {
+            console.log(`[DEBUG] 🎯 C019: System analysis found ${systemViolations.length} violations`);
+          }
+        } catch (systemError) {
+          if (this.verbose) {
+            console.warn(`[DEBUG] ⚠️ C019: System analysis failed: ${systemError.message}`);
+          }
+        }
+        if (allViolations.length > 0) {
+          return this.deduplicateViolations(allViolations);
+        }
+      }
+      // Fall back to pattern-based analysis (Secondary - Regex)
+      if (this.verbose) {
+        console.log(`[DEBUG] 🔄 C019: Running pattern-based analysis for ${filePath.split('/').pop()}`);
+      }
+      const patternViolations = await this.patternAnalyzer.analyzeFileBasic(filePath, options);
+      allViolations.push(...patternViolations);
+      if (this.verbose) {
+        console.log(`[DEBUG] 🔄 C019: Pattern analysis found ${patternViolations.length} violations`);
+      }
+      return this.deduplicateViolations(allViolations);
+    } catch (error) {
+      if (this.verbose) {
+        console.error(`[DEBUG] ❌ C019: Analysis failed: ${error.message}`);
+      }
+      throw new Error(`C019 analysis failed: ${error.message}`);
+    }
+  }
+  deduplicateViolations(violations) {
+    // Remove duplicates based on file, line, and type
+    const seen = new Set();
+    return violations.filter(violation => {
+      const key = `${violation.filePath}:${violation.line}:${violation.type}`;
+      if (seen.has(key)) return false;
+      seen.add(key);
+      return true;
+    });
+  }
+  async analyzeFiles(files, options = {}) {
+    const allViolations = [];
+    for (const filePath of files) {
+      try {
+        const violations = await this.analyzeFileBasic(filePath, options);
+        allViolations.push(...violations);
+      } catch (error) {
+        console.warn(`C019: Skipping ${filePath}: ${error.message}`);
+      }
+    }
+    return allViolations;
+  }
+  // Legacy method for backward compatibility
+  async analyze(files, language, config = {}) {
     // Initialize AI analyzer if enabled
     if (config.ai && config.ai.enabled) {
       this.aiAnalyzer = new AIAnalyzer(config.ai);
       console.log('🤖 AI analysis enabled for C019');
     }
+    const allViolations = [];
     for (const filePath of files) {
       try {
-        const fileContent = fs.readFileSync(filePath, 'utf8');
+        const fileContent = require('fs').readFileSync(filePath, 'utf8');
         const fileViolations = await this.analyzeFile(filePath, fileContent, language, config);
-        violations.push(...fileViolations);
+        allViolations.push(...fileViolations);
       } catch (error) {
         console.error(`Error analyzing file ${filePath}:`, error.message);
       }
     }
-    return violations;
+    return allViolations;
   }
   async analyzeFile(filePath, content, language, config) {
@@ -40,7 +128,7 @@ class C019Analyzer {
     // Try AI analysis first if enabled
     if (this.aiAnalyzer) {
       try {
-        console.log(`🤖 Running AI analysis on ${path.basename(filePath)}`);
+        console.log(`🤖 Running AI analysis on ${require('path').basename(filePath)}`);
         const aiViolations = await this.aiAnalyzer.analyzeWithAI(filePath, content, {
           name: this.ruleName,
           description: this.description,
@@ -48,315 +136,20 @@ class C019Analyzer {
         });
         if (aiViolations && aiViolations.length > 0) {
-          console.log(`🎯 AI found ${aiViolations.length} violations`);
-          return aiViolations;
+          violations.push(...aiViolations);
+          return violations;
         }
       } catch (error) {
-        console.warn('🤖 AI analysis failed, falling back to pattern analysis:', error.message);
+        console.warn(`AI analysis failed for ${filePath}, falling back to heuristic analysis`);
       }
     }
-    // Fallback to pattern-based analysis
-    if (config.verbose) {
-      console.log(`🔍 Running pattern analysis on ${path.basename(filePath)}`);
-    }
-    switch (language) {
-      case 'typescript':
-      case 'javascript':
-        return this.analyzeTypeScript(filePath, content, config);
-      case 'dart':
-        return this.analyzeDart(filePath, content, config);
-      case 'kotlin':
-        return this.analyzeKotlin(filePath, content, config);
-      default:
-        return [];
-    }
-  }
-  async analyzeTypeScript(filePath, content, config) {
-    const violations = [];
-    const lines = content.split('\n');
-    // Parse TypeScript/JavaScript code
-    const sourceFile = ts.createSourceFile(
-      filePath,
-      content,
-      ts.ScriptTarget.Latest,
-      true
-    );
-    const visit = (node) => {
-      // Look for method calls that might be logging
-      if (ts.isCallExpression(node)) {
-        const callText = node.getText(sourceFile);
-        // Check if this is an error-level log call
-        const isErrorLog = this.isErrorLogCall(callText);
-        if (isErrorLog) {
-          const line = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
-          const column = sourceFile.getLineAndCharacterOfPosition(node.getStart()).character + 1;
-          const lineText = lines[line - 1]?.trim() || '';
-          // Analyze the log message for inappropriate error usage
-          const logMessage = this.extractLogMessage(node, sourceFile);
-          const analysis = this.analyzeLogMessage(logMessage, callText);
-          if (analysis.isViolation) {
-            violations.push({
-              ruleId: this.ruleId,
-              file: filePath,
-              line,
-              column,
-              message: analysis.reason,
-              severity: analysis.severity || 'warning',
-              code: lineText,
-              type: analysis.type,
-              confidence: analysis.confidence || 0.8,
-              suggestion: analysis.suggestion
-            });
-          }
-        }
-      }
-      ts.forEachChild(node, visit);
-    };
-    visit(sourceFile);
-    return violations;
-  }
-  async analyzeDart(filePath, content, config) {
-    const violations = [];
-    const lines = content.split('\n');
-    // Pattern-based analysis for Dart
-    const errorLogPatterns = [
-      /log\.error\(/g,
-      /logger\.error\(/g,
-      /Logger\.error\(/g,
-      /print\(.*error.*\)/gi,
-      /_logger\.error\(/g
-    ];
-    lines.forEach((line, index) => {
-      const lineNumber = index + 1;
-      const trimmedLine = line.trim();
-      errorLogPatterns.forEach(pattern => {
-        const matches = trimmedLine.match(pattern);
-        if (matches) {
-          const analysis = this.analyzeLogMessage(trimmedLine, trimmedLine);
-          if (analysis.isViolation) {
-            violations.push({
-              ruleId: this.ruleId,
-              file: filePath,
-              line: lineNumber,
-              column: line.indexOf(matches[0]) + 1,
-              message: analysis.reason,
-              severity: analysis.severity || 'warning',
-              code: trimmedLine,
-              type: analysis.type,
-              confidence: analysis.confidence || 0.7,
-              suggestion: analysis.suggestion
-            });
-          }
-        }
-      });
-    });
-    return violations;
-  }
-  async analyzeKotlin(filePath, content, config) {
-    const violations = [];
-    const lines = content.split('\n');
-    // Pattern-based analysis for Kotlin
-    const errorLogPatterns = [
-      /Log\.e\(/g,
-      /logger\.error\(/g,
-      /log\.error\(/g,
-      /Timber\.e\(/g
-    ];
-    lines.forEach((line, index) => {
-      const lineNumber = index + 1;
-      const trimmedLine = line.trim();
-      errorLogPatterns.forEach(pattern => {
-        const matches = trimmedLine.match(pattern);
-        if (matches) {
-          const analysis = this.analyzeLogMessage(trimmedLine, trimmedLine);
-          if (analysis.isViolation) {
-            violations.push({
-              ruleId: this.ruleId,
-              file: filePath,
-              line: lineNumber,
-              column: line.indexOf(matches[0]) + 1,
-              message: analysis.reason,
-              severity: analysis.severity || 'warning',
-              code: trimmedLine,
-              type: analysis.type,
-              confidence: analysis.confidence || 0.7,
-              suggestion: analysis.suggestion
-            });
-          }
-        }
-      });
-    });
-    return violations;
-  }
-  isErrorLogCall(callText) {
-    const errorLogPatterns = [
-      'console.error(',
-      'logger.error(',
-      'log.error(',
-      '.error(',
-      'Logger.error(',
-      'winston.error(',
-      'bunyan.error('
-    ];
-    return errorLogPatterns.some(pattern => callText.includes(pattern));
-  }
-  extractLogMessage(callNode, sourceFile) {
-    // Try to extract the log message from the call expression
-    if (callNode.arguments && callNode.arguments.length > 0) {
-      const firstArg = callNode.arguments[0];
-      if (ts.isStringLiteral(firstArg) || ts.isTemplateExpression(firstArg)) {
-        return firstArg.getText(sourceFile).replace(/['"`]/g, '');
-      }
-    }
-    return '';
-  }
-  analyzeLogMessage(message, fullCall) {
-    const config = {
-      errorKeywords: [
-        'not found', 'invalid', 'unauthorized', 'forbidden',
-        'validation failed', 'bad request', 'cache miss',
-        'retry', 'fallback', 'user error', 'input error',
-        'validation', 'invalid input', 'missing parameter'
-      ],
-      legitimateErrorKeywords: [
-        'exception', 'crash', 'fatal', 'critical', 'emergency',
-        'database', 'connection', 'timeout', 'security breach',
-        'system error', 'memory', 'disk space', 'internal server error',
-        'unhandled exception', 'stack overflow'
-      ]
-    };
-    const lowerMessage = message.toLowerCase();
-    const lowerCall = fullCall.toLowerCase();
-    // Skip if this is in a catch block (legitimate error logging)
-    const isCatchBlockContext = this.isCatchBlockContext(fullCall);
-    if (isCatchBlockContext) {
-      return { isViolation: false };
-    }
-    // Check for legitimate error usage
-    const hasLegitimateError = config.legitimateErrorKeywords.some(keyword =>
-      lowerMessage.includes(keyword) || lowerCall.includes(keyword)
-    );
-    if (hasLegitimateError) {
-      return { isViolation: false };
-    }
-    // Check for inappropriate error usage
-    const hasInappropriateError = config.errorKeywords.some(keyword =>
-      lowerMessage.includes(keyword)
-    );
-    if (hasInappropriateError) {
-      return {
-        isViolation: true,
-        reason: 'Error log level used for non-critical issue - should use warn/info level',
-        severity: 'warning',
-        type: 'inappropriate_error_level',
-        confidence: 0.9,
-        suggestion: 'Consider using logger.warn() or logger.info() instead'
-      };
-    }
-    // Validation patterns
-    if (lowerMessage.includes('validation') || lowerMessage.includes('invalid')) {
-      return {
-        isViolation: true,
-        reason: 'Validation errors should typically use warn level',
-        severity: 'warning',
-        type: 'validation_error_level',
-        confidence: 0.85,
-        suggestion: 'Use logger.warn() for validation failures'
-      };
-    }
-    // User input patterns
-    if (lowerMessage.includes('user') && (lowerMessage.includes('input') || lowerMessage.includes('request'))) {
-      return {
-        isViolation: true,
-        reason: 'User input errors should not use error level',
-        severity: 'warning',
-        type: 'user_input_error_level',
-        confidence: 0.8,
-        suggestion: 'Use logger.warn() or logger.info() for user input issues'
-      };
-    }
-    // Authorization patterns
-    if (lowerMessage.includes('unauthorized') || lowerMessage.includes('forbidden')) {
-      return {
-        isViolation: true,
-        reason: 'Authorization failures are typically business logic, not system errors',
-        severity: 'info',
-        type: 'auth_error_level',
-        confidence: 0.7,
-        suggestion: 'Consider logger.warn() for authorization failures'
-      };
-    }
-    // Generic error call without clear context
-    if (message === '' || message.length < 10) {
-      // Don't flag if it's clearly a system error with error object concatenation
-      if (fullCall.includes('+ error') || fullCall.includes('${error}') ||
-          fullCall.includes('+ e') || fullCall.includes('${e}') ||
-          fullCall.includes('error:') || fullCall.includes('failed:')) {
-        return { isViolation: false };
-      }
-      return {
-        isViolation: true,
-        reason: 'Generic error log without specific message - might be inappropriate',
-        severity: 'info',
-        type: 'generic_error_level',
-        confidence: 0.6,
-        suggestion: 'Add specific error message and verify if error level is appropriate'
-      };
-    }
-    return { isViolation: false };
-  }
-  isCatchBlockContext(callText) {
-    // Simple heuristic: if the call contains error/e parameters common in catch blocks
-    const catchPatterns = [
-      'console.error(error)',
-      'console.error(e)',
-      'logger.error(error)',
-      'logger.error(e)',
-      'console.error("', // followed by message and error
-      'logger.error("'
-    ];
-    return catchPatterns.some(pattern => callText.includes(pattern));
+    // Use the new analyzer architecture
+    const heuristicViolations = await this.analyzeFileBasic(filePath, config);
+    violations.push(...heuristicViolations);
+    return violations;
   }
 }
-module.exports = new C019Analyzer();
+module.exports = C019Analyzer;

package/rules/common/C019_log_level_usage/pattern-analyzer.js ADDED Viewed

@@ -0,0 +1,88 @@
+// Pattern-based fallback analyzer for C019
+const fs = require('fs');
+class C019PatternAnalyzer {
+  constructor() {
+    this.verbose = false;
+    // Configuration for pattern matching
+    this.config = {
+      // Patterns that suggest inappropriate ERROR usage
+      inappropriateErrorPatterns: [
+        // Business logic rejections
+        'validation.*(?:failed|error)', 'invalid.*(?:input|parameter|format)',
+        'user.*(?:not.*found|unauthorized|forbidden)', 'permission.*denied',
+        'authentication.*(?:failed|invalid)', 'authorization.*failed',
+        // Client-side errors
+        'bad.*request', 'missing.*(?:parameter|field)', 'invalid.*request',
+        'malformed.*(?:json|xml|payload)', 'unsupported.*(?:format|type)',
+        // Recoverable operations
+        'retry.*(?:attempt|failed)', 'fallback.*(?:triggered|used)',
+        'cache.*(?:miss|expired)', 'rate.*limit.*exceeded',
+        // Expected business flows
+        'user.*not.*found', 'resource.*not.*found', 'item.*not.*available',
+        'quota.*exceeded', 'limit.*reached', 'threshold.*exceeded'
+      ]
+    };
+  }
+  async initialize(options = {}) {
+    this.verbose = options.verbose || false;
+  }
+  async analyzeFileBasic(filePath, options = {}) {
+    const violations = [];
+    try {
+      const content = fs.readFileSync(filePath, 'utf8');
+      const lines = content.split('\n');
+      if (this.verbose) {
+        console.log(`[DEBUG] 🔍 C019: Pattern-based analysis of ${filePath.split('/').pop()}`);
+      }
+      for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        const lineNumber = i + 1;
+        // Simple pattern matching for error logs
+        const errorLogMatch = line.match(/(console|logger|log|winston|bunyan)\.error\(/i);
+        if (errorLogMatch) {
+          // Check for inappropriate patterns in the line
+          const hasInappropriatePattern = this.config.inappropriateErrorPatterns.some(pattern =>
+            new RegExp(pattern, 'i').test(line)
+          );
+          if (hasInappropriatePattern) {
+            violations.push({
+              ruleId: 'C019',
+              message: 'Log level "error" may be inappropriate for this context. Consider using "warn" or "info".',
+              filePath: filePath,
+              line: lineNumber,
+              column: errorLogMatch.index + 1,
+              severity: 'warning',
+              category: 'logging',
+              confidence: 0.5,
+              suggestion: 'Review the error context and use appropriate log level (warn/info for expected errors)'
+            });
+          }
+        }
+      }
+      if (this.verbose) {
+        console.log(`[DEBUG] 🔍 C019: Pattern analysis found ${violations.length} violations`);
+      }
+    } catch (error) {
+      if (this.verbose) {
+        console.error(`[DEBUG] ❌ C019: Pattern analysis error: ${error.message}`);
+      }
+    }
+    return violations;
+  }
+}
+module.exports = C019PatternAnalyzer;