@sun-asterisk/sunlint 1.3.16 → 1.3.18

package/rules/common/C047_no_duplicate_retry_logic/analyzer.js

@@ -47,7 +47,9 @@ class C047Analyzer {
 
   async analyze(files, language, options = {}) {
     const violations = [];
+    this.retryPatterns = []; // ✅ Reset once for entire analysis, not per file
     
+    // Phase 1: Collect all retry patterns from all files
     for (const filePath of files) {
       if (options.verbose) {
         console.log(`🔍 Running C047 analysis on ${require('path').basename(filePath)}`);
@@ -55,41 +57,65 @@ class C047Analyzer {
       
       try {
         const content = require('fs').readFileSync(filePath, 'utf8');
-        this.retryPatterns = []; // Reset for each file
-        const fileViolations = this.analyzeFile(content, filePath);
-        violations.push(...fileViolations);
+        this.collectRetryPatterns(content, filePath);
       } catch (error) {
         console.warn(`⚠️ Failed to analyze ${filePath}: ${error.message}`);
       }
     }
     
+    // ✅ Safety check: If no valid retry patterns found, return empty (no violations)
+    if (this.retryPatterns.length === 0) {
+      if (options.verbose) {
+        console.log('🔍 [C047] No retry patterns found - skipping');
+      }
+      return violations;
+    }
+    
+    if (options.verbose) {
+      console.log(`🔍 [C047] Found ${this.retryPatterns.length} retry patterns:`);
+      this.retryPatterns.forEach((p, i) => {
+        console.log(`  [${i}] ${p.filePath}:${p.line} - type: ${p.type}`);
+      });
+    }
+    
+    // Phase 2: Detect duplicates across all collected patterns
+    const duplicateGroups = this.enhancedDuplicateDetection();
+    
+    // ✅ Safety check: If no duplicate groups found, return empty (no violations)
+    if (duplicateGroups.length === 0) {
+      return violations;
+    }
+    
+    // Phase 3: Generate violations for each file
+    for (const filePath of files) {
+      try {
+        const fileViolations = this.generateViolationsForFile(duplicateGroups, filePath);
+        violations.push(...fileViolations);
+      } catch (error) {
+        console.warn(`⚠️ Failed to generate violations for ${filePath}: ${error.message}`);
+      }
+    }
+    
     return violations;
   }
-
-  analyzeFile(content, filePath) {
-    const violations = [];
+  
+  collectRetryPatterns(content, filePath) {
     const lines = content.split('\n');
-    
-    // Find all retry patterns in the file
     this.findRetryPatterns(lines, filePath);
     
     // Add architectural context to patterns
     this.retryPatterns.forEach(pattern => {
-      if (!pattern.context) {
-        const contextLines = lines.slice(Math.max(0, pattern.line - 10), pattern.line + 10);
+      if (!pattern.context && pattern.filePath === filePath) {
+        const lineIndex = pattern.line - 1;
+        const contextLines = lines.slice(Math.max(0, lineIndex - 10), lineIndex + 10);
         const contextContent = contextLines.join('\n');
         pattern.context = this.analyzeArchitecturalContext(filePath, contextContent);
       }
     });
-    
-    // Enhanced duplicate detection with architectural intelligence
-    const duplicateGroups = this.enhancedDuplicateDetection();
-    
-    // Generate violations with architectural context
-    const enhancedViolations = this.generateEnhancedViolations(duplicateGroups, filePath);
-    violations.push(...enhancedViolations);
-    
-    return violations;
+  }
+  
+  generateViolationsForFile(duplicateGroups, filePath) {
+    return this.generateEnhancedViolations(duplicateGroups, filePath);
   }
   
   findRetryPatterns(lines, filePath) {
@@ -114,7 +140,8 @@ class C047Analyzer {
           this.retryPatterns.push({
             ...pattern,
             line: i + 1,
-            column: line.indexOf(line.trim()) + 1
+            column: line.indexOf(line.trim()) + 1,
+            filePath: filePath  // ✅ Store file path with pattern
           });
         }
       }
@@ -132,12 +159,26 @@ class C047Analyzer {
           continue;
         }
         
+        // Skip if it's just a data field assignment (not retry logic)
+        // e.g., "retryAttempt: payment.retryCount || 0" in logging context
+        if (line.includes(':') && !line.includes('const') && !line.includes('let') && !line.includes('var')) {
+          // This is likely an object property, not a variable declaration
+          continue;
+        }
+        
+        // Skip if it's part of error logging object (common false positive)
+        if (contextText.includes('logger.error') || contextText.includes('console.error') || 
+            contextText.includes('log.error') || line.includes('error:') || line.includes('message:')) {
+          continue;
+        }
+        
         const pattern = this.extractRetryPattern(lines, i, 'variable');
         if (pattern) {
           this.retryPatterns.push({
             ...pattern,
             line: i + 1,
-            column: line.indexOf(line.trim()) + 1
+            column: line.indexOf(line.trim()) + 1,
+            filePath: filePath  // ✅ Store file path with pattern
           });
         }
       }
@@ -159,7 +200,8 @@ class C047Analyzer {
           this.retryPatterns.push({
             ...pattern,
             line: i + 1,
-            column: line.indexOf(line.trim()) + 1
+            column: line.indexOf(line.trim()) + 1,
+            filePath: filePath  // ✅ Store file path with pattern
           });
         }
       }
@@ -205,10 +247,20 @@ class C047Analyzer {
       return false;
     }
     
+    // ✅ Skip object properties (data fields) - not variable declarations
+    // Pattern: "propertyName: value," or "propertyName: value }" 
+    const trimmed = line.trim();
+    if (/^\w+\s*:\s*.+[,}]?\s*$/.test(trimmed) && 
+        !trimmed.startsWith('const') && 
+        !trimmed.startsWith('let') && 
+        !trimmed.startsWith('var')) {
+      return false;
+    }
+    
     // Check for variable declarations with retry-related names that involve logic
     const declarationPatterns = [
-      /(?:const|let|var)\s+.*(?:retry|attempt|tries|maxretries|maxattempts)/,
-      /(?:retry|attempt|tries|maxretries|maxattempts)\s*[:=]/
+      /(?:const|let|var)\s+.*(?:retry|attempt|tries|maxretries|maxattempts)/
+      // ✅ Removed the object property pattern that causes false positives
     ];
     
     // Only consider it a retry pattern if it has logical complexity
@@ -560,25 +612,29 @@ class C047Analyzer {
     };
   }
 
-  generateEnhancedViolations(duplicateGroups, filePath) {
+  generateEnhancedViolations(duplicateGroups, currentFilePath) {
     const violations = [];
     
     duplicateGroups.forEach(group => {
-      const firstPattern = group.patterns[0];
-      
-      violations.push({
-        file: filePath,
-        line: firstPattern.line,
-        column: firstPattern.column || 1,
-        message: `${group.legitimacy.reason} (${group.patterns.length} similar patterns found). Consider using a centralized retry utility.`,
-        severity: group.legitimacy.severity || 'warning',
-        ruleId: this.ruleId,
-        type: 'duplicate_retry_logic',
-        duplicateCount: group.patterns.length,
-        architecturalContext: {
-          layers: [...new Set(group.patterns.map(p => p.context?.layer))],
-          purposes: [...new Set(group.patterns.map(p => p.context?.purpose))],
-          confidence: group.legitimacy.confidence
+      // Create violations for each pattern in the group
+      group.patterns.forEach(pattern => {
+        // Only create violation for patterns in the current file being analyzed
+        if (pattern.filePath === currentFilePath) {
+          violations.push({
+            file: pattern.filePath || currentFilePath,
+            line: pattern.line,
+            column: pattern.column || 1,
+            message: `${group.legitimacy.reason} (${group.patterns.length} similar patterns found). Consider using a centralized retry utility.`,
+            severity: group.legitimacy.severity || 'warning',
+            ruleId: this.ruleId,
+            type: 'duplicate_retry_logic',
+            duplicateCount: group.patterns.length,
+            architecturalContext: {
+              layers: [...new Set(group.patterns.map(p => p.context?.layer))],
+              purposes: [...new Set(group.patterns.map(p => p.context?.purpose))],
+              confidence: group.legitimacy.confidence
+            }
+          });
         }
       });
     });

package/rules/common/C047_no_duplicate_retry_logic/symbol-analyzer-enhanced.js

@@ -600,6 +600,21 @@ class C047SymbolAnalyzerEnhanced {
         if (!catchClause) continue;
         
         const catchBlock = catchClause.getBlock();
+        const catchText = catchBlock.getText().toLowerCase();
+        
+        // ✅ STRICT VALIDATION: Must have retry indicators (maxRetries, attempts, delay, backoff)
+        const hasRetryIndicators = /(?:maxretries|maxattempts|attempt|retry|backoff|delay|timeout)/i.test(catchText);
+        if (!hasRetryIndicators) {
+          // Skip try-catch without retry logic (e.g., just logging errors)
+          continue;
+        }
+        
+        // ✅ Skip logging-only catch blocks (common false positive)
+        const isLoggingOnly = /(?:logger\.|console\.|log\.)(?:error|warn|info)/i.test(catchText) &&
+                             !hasRetryIndicators;
+        if (isLoggingOnly) {
+          continue;
+        }
         
         // Look for retry calls in catch block
         const callExpressions = catchBlock.getDescendantsOfKind(require('ts-morph').SyntaxKind.CallExpression);
@@ -615,8 +630,8 @@ class C047SymbolAnalyzerEnhanced {
             );
           }
           
-          // Pattern 2: Direct API retry
-          if (this.isApiCall(callText)) {
+          // Pattern 2: Direct API retry (ONLY if has retry indicators)
+          if (this.isApiCall(callText) && hasRetryIndicators) {
             return this.createRetryPattern(
               functionName, filePath, 'exception_api_retry',
               func.getStartLineNumber(), 'try-catch with API re-call'

package/rules/common/C067_no_hardcoded_config/analyzer.js

@@ -1,15 +1,16 @@
 // rules/common/C067_no_hardcoded_config/analyzer.js
-const C067SymbolBasedAnalyzer = require('./symbol-based-analyzer.js');
+const C067SymbolBasedAnalyzer = require("./symbol-based-analyzer.js");
 
 class C067Analyzer {
   constructor(semanticEngine = null) {
-    this.ruleId = 'C067';
-    this.ruleName = 'No Hardcoded Configuration';
-    this.description = 'Improve configurability, reduce risk when changing environments, and make configuration management flexible and maintainable.';
+    this.ruleId = "C067";
+    this.ruleName = "Do not hardcode configuration inside code";
+    this.description =
+      "Improve configurability, reduce risk when changing environments, and make configuration management flexible and maintainable. Avoid hardcoding API URLs, credentials, timeouts, retry intervals, batch sizes, and feature flags.";
     this.semanticEngine = semanticEngine;
     this.verbose = false;
-    
-    // Use symbol-based only for accuracy
+
+    // Use symbol-based analyzer with ts-morph for accurate AST analysis
     this.symbolAnalyzer = new C067SymbolBasedAnalyzer(semanticEngine);
   }
 
@@ -24,12 +25,12 @@ class C067Analyzer {
   // Main analyze method required by heuristic engine
   async analyze(files, language, options = {}) {
     const violations = [];
-    
+
     for (const filePath of files) {
       if (options.verbose) {
-        console.log(`[DEBUG] 🎯 C067: Analyzing ${filePath.split('/').pop()}`);
+        console.log(`[DEBUG] 🎯 C067: Analyzing ${filePath.split("/").pop()}`);
       }
-      
+
       try {
         const fileViolations = await this.analyzeFileBasic(filePath, options);
         violations.push(...fileViolations);
@@ -37,7 +38,7 @@ class C067Analyzer {
         console.warn(`C067: Skipping ${filePath}: ${error.message}`);
       }
     }
-    
+
     return violations;
   }
 
@@ -46,11 +47,11 @@ class C067Analyzer {
       // Try semantic engine first, fallback to standalone ts-morph
       if (this.semanticEngine?.isSymbolEngineReady?.() && this.semanticEngine.project) {
         if (this.verbose) {
-          console.log(`[DEBUG] 🎯 C067: Using semantic engine for ${filePath.split('/').pop()}`);
+          console.log(`[DEBUG] 🎯 C067: Using semantic engine for ${filePath.split("/").pop()}`);
         }
-        
+
         const violations = await this.symbolAnalyzer.analyzeFileBasic(filePath, options);
-        
+
         if (this.verbose) {
           console.log(`[DEBUG] 🎯 C067: Symbol-based analysis found ${violations.length} violations`);
         }
@@ -59,11 +60,11 @@ class C067Analyzer {
       } else {
         // Fallback to standalone analysis
         if (this.verbose) {
-          console.log(`[DEBUG] 🎯 C067: Using standalone analysis for ${filePath.split('/').pop()}`);
+          console.log(`[DEBUG] 🎯 C067: Using standalone analysis for ${filePath.split("/").pop()}`);
         }
-        
+
         const violations = await this.symbolAnalyzer.analyzeFileStandalone(filePath, options);
-        
+
         if (this.verbose) {
           console.log(`[DEBUG] 🎯 C067: Standalone analysis found ${violations.length} violations`);
         }