npm - @sun-asterisk/sunlint - Versions diffs - 1.3.43 → 1.3.44 - Mend

@sun-asterisk/sunlint 1.3.43 → 1.3.44

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (137) hide show

package/dart_analyzer/lib/rules/common/C040_centralized_validation.dart ADDED Viewed

@@ -0,0 +1,84 @@
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/dart/ast/visitor.dart';
+import 'package:analyzer/source/line_info.dart';
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+/// C040: Centralized Validation
+/// Centralize validation logic
+class C040CentralizedValidationAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'C040';
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+    final visitor = _C040Visitor(
+      filePath: filePath,
+      lineInfo: lineInfo,
+      violations: violations,
+      analyzer: this,
+    );
+    unit.accept(visitor);
+    return violations;
+  }
+}
+class _C040Visitor extends RecursiveAstVisitor<void> {
+  final String filePath;
+  final LineInfo lineInfo;
+  final List<Violation> violations;
+  final C040CentralizedValidationAnalyzer analyzer;
+  _C040Visitor({
+    required this.filePath,
+    required this.lineInfo,
+    required this.violations,
+    required this.analyzer,
+  });
+  final Map<String, int> _validationPatterns = {};
+  @override
+  void visitIfStatement(IfStatement node) {
+    final condition = node.expression.toSource();
+    // Check for common validation patterns
+    final validationPatterns = [
+      RegExp(r'\.isEmpty'),
+      RegExp(r'==\s*null'),
+      RegExp(r'!=\s*null'),
+      RegExp(r'\.length\s*[<>=]'),
+    ];
+    for (final pattern in validationPatterns) {
+      if (pattern.hasMatch(condition)) {
+        final key = pattern.pattern;
+        _validationPatterns[key] = (_validationPatterns[key] ?? 0) + 1;
+        if (_validationPatterns[key] == 3) {
+          violations.add(analyzer.createViolation(
+            filePath: filePath,
+            line: analyzer.getLine(lineInfo, node.offset),
+            column: analyzer.getColumn(lineInfo, node.offset),
+            message: 'Similar validation pattern repeated multiple times - consider centralizing validation logic',
+          ));
+        }
+        break;
+      }
+    }
+    super.visitIfStatement(node);
+  }
+}

package/dart_analyzer/lib/rules/common/C041_no_sensitive_hardcode.dart ADDED Viewed

@@ -0,0 +1,103 @@
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/dart/ast/visitor.dart';
+import 'package:analyzer/source/line_info.dart';
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+/// C041: No Sensitive Hardcode
+/// Avoid hardcoding sensitive information
+class C041NoSensitiveHardcodeAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'C041';
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+    final visitor = _C041Visitor(
+      filePath: filePath,
+      lineInfo: lineInfo,
+      violations: violations,
+      analyzer: this,
+    );
+    unit.accept(visitor);
+    return violations;
+  }
+}
+class _C041Visitor extends RecursiveAstVisitor<void> {
+  final String filePath;
+  final LineInfo lineInfo;
+  final List<Violation> violations;
+  final C041NoSensitiveHardcodeAnalyzer analyzer;
+  _C041Visitor({
+    required this.filePath,
+    required this.lineInfo,
+    required this.violations,
+    required this.analyzer,
+  });
+  // Sensitive variable names
+  static final _sensitiveNamePatterns = [
+    RegExp(r'password', caseSensitive: false),
+    RegExp(r'api[_-]?key', caseSensitive: false),
+    RegExp(r'secret', caseSensitive: false),
+    RegExp(r'token', caseSensitive: false),
+    RegExp(r'credential', caseSensitive: false),
+    RegExp(r'auth[_-]?key', caseSensitive: false),
+    RegExp(r'private[_-]?key', caseSensitive: false),
+  ];
+  // Long strings that look like tokens/keys
+  static final _longTokenPattern = RegExp(r'^[A-Za-z0-9_\-]{32,}$');
+  @override
+  void visitVariableDeclaration(VariableDeclaration node) {
+    final initializer = node.initializer;
+    final varName = node.name.lexeme;
+    if (initializer != null) {
+      // Check if variable name suggests sensitive data
+      for (final pattern in _sensitiveNamePatterns) {
+        if (pattern.hasMatch(varName)) {
+          // Check if it's a string literal (hardcoded value)
+          if (initializer is SimpleStringLiteral) {
+            violations.add(analyzer.createViolation(
+              filePath: filePath,
+              line: analyzer.getLine(lineInfo, node.offset),
+              column: analyzer.getColumn(lineInfo, node.offset),
+              message: 'Variable "$varName" appears to contain hardcoded sensitive data - use environment variables or secure storage',
+            ));
+            break;
+          }
+        }
+      }
+      // Check for long token-like strings
+      if (initializer is SimpleStringLiteral) {
+        final value = initializer.value;
+        if (_longTokenPattern.hasMatch(value)) {
+          violations.add(analyzer.createViolation(
+            filePath: filePath,
+            line: analyzer.getLine(lineInfo, node.offset),
+            column: analyzer.getColumn(lineInfo, node.offset),
+            message: 'Hardcoded string looks like a token or API key - consider using secure storage',
+          ));
+        }
+      }
+    }
+    super.visitVariableDeclaration(node);
+  }
+}

package/dart_analyzer/lib/rules/common/C042_boolean_name_prefix.dart ADDED Viewed

@@ -0,0 +1,105 @@
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/dart/ast/visitor.dart';
+import 'package:analyzer/source/line_info.dart';
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+/// C042: Boolean Name Prefix
+/// Boolean variables should use is/has/can/should prefix
+class C042BooleanNamePrefixAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'C042';
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+    final visitor = _C042Visitor(
+      filePath: filePath,
+      lineInfo: lineInfo,
+      violations: violations,
+      analyzer: this,
+    );
+    unit.accept(visitor);
+    return violations;
+  }
+}
+class _C042Visitor extends RecursiveAstVisitor<void> {
+  final String filePath;
+  final LineInfo lineInfo;
+  final List<Violation> violations;
+  final C042BooleanNamePrefixAnalyzer analyzer;
+  _C042Visitor({
+    required this.filePath,
+    required this.lineInfo,
+    required this.violations,
+    required this.analyzer,
+  });
+  static const _booleanPrefixes = ['is', 'has', 'can', 'should', 'will', 'did', 'does', 'was', 'are'];
+  @override
+  void visitVariableDeclarationList(VariableDeclarationList node) {
+    // Check if type annotation is 'bool'
+    final typeAnnotation = node.type;
+    bool isBoolType = false;
+    if (typeAnnotation is NamedType) {
+      final typeName = typeAnnotation.name2.lexeme;
+      isBoolType = typeName == 'bool';
+    }
+    if (isBoolType) {
+      for (final variable in node.variables) {
+        final name = variable.name.lexeme;
+        final lowerName = name.toLowerCase();
+        final hasValidPrefix = _booleanPrefixes.any((prefix) => lowerName.startsWith(prefix));
+        if (!hasValidPrefix && !name.startsWith('_')) {
+          violations.add(analyzer.createViolation(
+            filePath: filePath,
+            line: analyzer.getLine(lineInfo, variable.offset),
+            column: analyzer.getColumn(lineInfo, variable.offset),
+            message: 'Boolean variable "$name" should start with a prefix like is, has, can, should',
+          ));
+        }
+      }
+    }
+    super.visitVariableDeclarationList(node);
+  }
+  @override
+  void visitVariableDeclaration(VariableDeclaration node) {
+    // Also check if initializer is a boolean literal
+    final initializer = node.initializer;
+    if (initializer is BooleanLiteral) {
+      final name = node.name.lexeme;
+      final lowerName = name.toLowerCase();
+      final hasValidPrefix = _booleanPrefixes.any((prefix) => lowerName.startsWith(prefix));
+      if (!hasValidPrefix && !name.startsWith('_')) {
+        violations.add(analyzer.createViolation(
+          filePath: filePath,
+          line: analyzer.getLine(lineInfo, node.offset),
+          column: analyzer.getColumn(lineInfo, node.offset),
+          message: 'Boolean variable "$name" should start with a prefix like is, has, can, should',
+        ));
+      }
+    }
+    super.visitVariableDeclaration(node);
+  }
+}

package/dart_analyzer/lib/rules/common/C043_no_console_or_print.dart ADDED Viewed

@@ -0,0 +1,101 @@
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/dart/ast/visitor.dart';
+import 'package:analyzer/source/line_info.dart';
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+/// C043: No Console Or Print
+/// Avoid using console.log or print statements in production code
+class C043NoConsoleOrPrintAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'C043';
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+    final visitor = _C043Visitor(
+      filePath: filePath,
+      lineInfo: lineInfo,
+      violations: violations,
+      analyzer: this,
+    );
+    unit.accept(visitor);
+    return violations;
+  }
+}
+class _C043Visitor extends RecursiveAstVisitor<void> {
+  final String filePath;
+  final LineInfo lineInfo;
+  final List<Violation> violations;
+  final C043NoConsoleOrPrintAnalyzer analyzer;
+  _C043Visitor({
+    required this.filePath,
+    required this.lineInfo,
+    required this.violations,
+    required this.analyzer,
+  });
+  bool _isInDebugModeBlock = false;
+  @override
+  void visitIfStatement(IfStatement node) {
+    // Check if the condition is kDebugMode
+    final condition = node.expression;
+    final isDebugModeCheck = _isDebugModeCondition(condition);
+    if (isDebugModeCheck) {
+      _isInDebugModeBlock = true;
+      node.thenStatement.accept(this);
+      _isInDebugModeBlock = false;
+      // Visit else part normally if it exists
+      node.elseStatement?.accept(this);
+    } else {
+      super.visitIfStatement(node);
+    }
+  }
+  bool _isDebugModeCondition(Expression condition) {
+    // Check for direct kDebugMode identifier
+    if (condition is SimpleIdentifier && condition.name == 'kDebugMode') {
+      return true;
+    }
+    // Check for expressions containing kDebugMode (e.g., kDebugMode && something)
+    final conditionString = condition.toString();
+    return conditionString.contains('kDebugMode');
+  }
+  @override
+  void visitMethodInvocation(MethodInvocation node) {
+    final isTest =
+        filePath.contains('_test.dart') || filePath.contains('/test/');
+    final name = node.methodName.name;
+    if (!isTest &&
+        !_isInDebugModeBlock &&
+        (name == 'print' || name == 'debugPrint')) {
+      violations.add(analyzer.createViolation(
+        filePath: filePath,
+        line: analyzer.getLine(lineInfo, node.offset),
+        column: analyzer.getColumn(lineInfo, node.offset),
+        message:
+            'Avoid using $name() in production code - use a proper logger instead or use inside kDebugMode check',
+      ));
+    }
+    super.visitMethodInvocation(node);
+  }
+}

package/dart_analyzer/lib/rules/common/C047_no_duplicate_retry_logic.dart ADDED Viewed

@@ -0,0 +1,94 @@
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/dart/ast/visitor.dart';
+import 'package:analyzer/source/line_info.dart';
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+/// C047: No Duplicate Retry Logic
+/// Centralize retry logic instead of duplicating it
+class C047NoDuplicateRetryLogicAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'C047';
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+    final visitor = _C047Visitor(
+      filePath: filePath,
+      lineInfo: lineInfo,
+      violations: violations,
+      analyzer: this,
+    );
+    unit.accept(visitor);
+    return violations;
+  }
+}
+class _C047Visitor extends RecursiveAstVisitor<void> {
+  final String filePath;
+  final LineInfo lineInfo;
+  final List<Violation> violations;
+  final C047NoDuplicateRetryLogicAnalyzer analyzer;
+  _C047Visitor({
+    required this.filePath,
+    required this.lineInfo,
+    required this.violations,
+    required this.analyzer,
+  });
+  int _retryPatternCount = 0;
+  @override
+  void visitForStatement(ForStatement node) {
+    final source = node.toSource();
+    // Check for retry patterns
+    if (source.contains('retry') || source.contains('attempt') ||
+        source.contains('maxRetries') || source.contains('maxAttempts')) {
+      _retryPatternCount++;
+      if (_retryPatternCount > 1) {
+        violations.add(analyzer.createViolation(
+          filePath: filePath,
+          line: analyzer.getLine(lineInfo, node.offset),
+          column: analyzer.getColumn(lineInfo, node.offset),
+          message: 'Multiple retry logic implementations detected - consider centralizing retry logic',
+        ));
+      }
+    }
+    super.visitForStatement(node);
+  }
+  @override
+  void visitWhileStatement(WhileStatement node) {
+    final source = node.toSource();
+    if (source.contains('retry') || source.contains('attempt')) {
+      _retryPatternCount++;
+      if (_retryPatternCount > 1) {
+        violations.add(analyzer.createViolation(
+          filePath: filePath,
+          line: analyzer.getLine(lineInfo, node.offset),
+          column: analyzer.getColumn(lineInfo, node.offset),
+          message: 'Multiple retry logic implementations detected - consider centralizing retry logic',
+        ));
+      }
+    }
+    super.visitWhileStatement(node);
+  }
+}

package/dart_analyzer/lib/rules/common/C048_no_bypass_architectural_layers.dart ADDED Viewed

@@ -0,0 +1,132 @@
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/dart/ast/visitor.dart';
+import 'package:analyzer/source/line_info.dart';
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+/// C048: No Bypass Architectural Layers
+/// Respect architectural layer boundaries
+class C048NoBypassArchitecturalLayersAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'C048';
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+    final visitor = _C048Visitor(
+      filePath: filePath,
+      lineInfo: lineInfo,
+      violations: violations,
+      analyzer: this,
+      unit: unit,
+    );
+    unit.accept(visitor);
+    return violations;
+  }
+}
+class _C048Visitor extends RecursiveAstVisitor<void> {
+  final String filePath;
+  final LineInfo lineInfo;
+  final List<Violation> violations;
+  final C048NoBypassArchitecturalLayersAnalyzer analyzer;
+  final CompilationUnit unit;
+  _C048Visitor({
+    required this.filePath,
+    required this.lineInfo,
+    required this.violations,
+    required this.analyzer,
+    required this.unit,
+  });
+  /// Detect layer from class names in the file
+  String? _detectLayerFromClasses() {
+    for (final declaration in unit.declarations) {
+      if (declaration is ClassDeclaration) {
+        final className = declaration.name.lexeme.toLowerCase();
+        // Presentation layer patterns
+        if (className.contains('screen') || className.contains('page') ||
+            className.contains('widget') || className.contains('view') ||
+            className.contains('controller') || className.contains('presenter')) {
+          return 'presentation';
+        }
+        // Domain layer patterns
+        if (className.contains('usecase') || className.contains('interactor')) {
+          return 'domain';
+        }
+        // Data layer patterns
+        if (className.endsWith('repository') || className.contains('datasource') ||
+            className.endsWith('api') || className.contains('dao')) {
+          return 'data';
+        }
+      }
+    }
+    return null;
+  }
+  @override
+  void visitImportDirective(ImportDirective node) {
+    final uri = node.uri.stringValue ?? '';
+    // Detect layer from file path or class names
+    final classLayer = _detectLayerFromClasses();
+    final isPresentation = filePath.contains('/presentation/') ||
+                          filePath.contains('/ui/') ||
+                          filePath.contains('/view/') ||
+                          classLayer == 'presentation';
+    final isDomain = filePath.contains('/domain/') || classLayer == 'domain';
+    // Import targets data layer
+    final importTargetsData = uri.contains('/data/') ||
+                             uri.contains('/repositories/') ||
+                             uri.contains('/repository/') ||
+                             uri.contains('/database/') ||
+                             uri.contains('/datasources/') ||
+                             uri.contains('/datasource/') ||
+                             uri.contains('_repository_impl') ||
+                             uri.contains('_api.');
+    // Import targets presentation layer
+    final importTargetsPresentation = uri.contains('/presentation/') ||
+                                      uri.contains('/ui/') ||
+                                      uri.contains('/view/') ||
+                                      uri.contains('_screen') ||
+                                      uri.contains('_page') ||
+                                      uri.contains('_widget');
+    // Presentation importing data layer
+    if (isPresentation && importTargetsData) {
+      violations.add(analyzer.createViolation(
+        filePath: filePath,
+        line: analyzer.getLine(lineInfo, node.offset),
+        column: analyzer.getColumn(lineInfo, node.offset),
+        message: 'Presentation layer should not directly import data layer - use domain layer instead',
+      ));
+    }
+    // Domain importing presentation layer
+    if (isDomain && importTargetsPresentation) {
+      violations.add(analyzer.createViolation(
+        filePath: filePath,
+        line: analyzer.getLine(lineInfo, node.offset),
+        column: analyzer.getColumn(lineInfo, node.offset),
+        message: 'Domain layer should not import presentation layer',
+      ));
+    }
+    super.visitImportDirective(node);
+  }
+}