@sun-asterisk/sunlint 1.3.43 → 1.3.44

package/dart_analyzer/lib/rules/dart/D017_pubspec_dependencies_review.dart

@@ -0,0 +1,187 @@
+import 'dart:io';
+
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/source/line_info.dart';
+import 'package:path/path.dart' as path;
+
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+
+/// D017: Pubspec Dependencies Should Be Reviewed Regularly
+/// Ensures dependencies in pubspec.yaml are reviewed and updated regularly
+class D017PubspecDependenciesReviewAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'D017';
+
+  // Default maximum months without review
+  static const int _defaultMaxMonths = 4;
+
+  // Track which projects we've already reported on to avoid duplicate warnings
+  static final Set<String> _reportedProjects = {};
+
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+
+    // This rule checks pubspec.yaml/pubspec.lock modification dates
+    final projectRoot = _findProjectRoot(filePath);
+    if (projectRoot == null) {
+      return violations;
+    }
+
+    // Performance optimization: Skip if we've already checked this project
+    // This prevents analyzing every Dart file when we only need to check once
+    if (_reportedProjects.contains(projectRoot)) {
+      return violations;
+    }
+
+    // Get configuration
+    final maxMonths = (rule.config['maxMonthsWithoutReview'] as int?) ?? _defaultMaxMonths;
+    final checkLockFile = (rule.config['checkLockFile'] as bool?) ?? true;
+
+    // Check pubspec.yaml
+    final pubspecPath = path.join(projectRoot, 'pubspec.yaml');
+    final pubspecFile = File(pubspecPath);
+
+    if (!pubspecFile.existsSync()) {
+      // No pubspec.yaml - this is unusual but not our concern here
+      return violations;
+    }
+
+    // Check pubspec.lock if configured
+    final lockFilePath = path.join(projectRoot, 'pubspec.lock');
+    final lockFile = File(lockFilePath);
+
+    DateTime? lastModified;
+    String checkedFile = 'pubspec.yaml';
+    bool usedGit = false;
+
+    if (checkLockFile && lockFile.existsSync()) {
+      // Prefer checking lock file as it reflects actual resolved dependencies
+      checkedFile = 'pubspec.lock';
+      // Try to get last commit date from git first
+      lastModified = _getGitLastModifiedDate(lockFilePath, projectRoot);
+      if (lastModified != null) {
+        usedGit = true;
+      } else {
+        // Fall back to file system timestamp
+        lastModified = lockFile.lastModifiedSync();
+      }
+    } else {
+      // Fall back to pubspec.yaml
+      lastModified = _getGitLastModifiedDate(pubspecPath, projectRoot);
+      if (lastModified != null) {
+        usedGit = true;
+      } else {
+        lastModified = pubspecFile.lastModifiedSync();
+      }
+    }
+
+    // Calculate months since last update
+    final now = DateTime.now();
+    final monthsSinceUpdate = _calculateMonthsDifference(lastModified, now);
+
+    // Mark this project as checked (do this before checking threshold)
+    _reportedProjects.add(projectRoot);
+
+    if (monthsSinceUpdate > maxMonths) {
+      final dateSource = usedGit ? 'git commit' : 'file system';
+      violations.add(createViolation(
+        filePath: pubspecPath,
+        line: 1,
+        column: 1,
+        message:
+            'Dependencies have not been reviewed for $monthsSinceUpdate months '
+            '(last updated: ${_formatDate(lastModified)}). '
+            'Review and update dependencies regularly to ensure security patches and bug fixes are applied. '
+            'Threshold: $maxMonths months. File checked: $checkedFile (source: $dateSource)',
+      ));
+    }
+
+    return violations;
+  }
+
+  /// Find the project root by looking for pubspec.yaml
+  String? _findProjectRoot(String filePath) {
+    var dir = Directory(path.dirname(filePath));
+
+    while (dir.path != dir.parent.path) {
+      final pubspec = File(path.join(dir.path, 'pubspec.yaml'));
+      if (pubspec.existsSync()) {
+        return dir.path;
+      }
+      dir = dir.parent;
+    }
+
+    return null;
+  }
+
+  /// Calculate the difference in months between two dates
+  int _calculateMonthsDifference(DateTime start, DateTime end) {
+    final yearsDiff = end.year - start.year;
+    final monthsDiff = end.month - start.month;
+    final totalMonths = (yearsDiff * 12) + monthsDiff;
+
+    // If we're past the same day in the month, count it as a full month
+    // Otherwise, don't count the current partial month
+    if (end.day >= start.day) {
+      return totalMonths;
+    } else {
+      return totalMonths - 1;
+    }
+  }
+
+  /// Format date for display
+  String _formatDate(DateTime date) {
+    return '${date.year}-${date.month.toString().padLeft(2, '0')}-${date.day.toString().padLeft(2, '0')}';
+  }
+
+  /// Get last modified date from git commit history
+  /// Returns null if git is not available or command fails
+  DateTime? _getGitLastModifiedDate(String filePath, String projectRoot) {
+    try {
+      // Use git log to get the last commit date for this file
+      // %ci = committer date in ISO 8601 format
+      final result = Process.runSync(
+        'git',
+        ['log', '-1', '--format=%ci', '--', filePath],
+        workingDirectory: projectRoot,
+        runInShell: true,
+      );
+
+      if (result.exitCode == 0) {
+        final output = (result.stdout as String).trim();
+        if (output.isNotEmpty) {
+          // Parse git date format: "2024-01-15 10:30:45 +0700"
+          // We only need the date part
+          final datePart = output.split(' ')[0]; // "2024-01-15"
+          final timePart = output.split(' ')[1]; // "10:30:45"
+          
+          final dateComponents = datePart.split('-');
+          final timeComponents = timePart.split(':');
+          
+          if (dateComponents.length == 3 && timeComponents.length == 3) {
+            return DateTime(
+              int.parse(dateComponents[0]), // year
+              int.parse(dateComponents[1]), // month
+              int.parse(dateComponents[2]), // day
+              int.parse(timeComponents[0]), // hour
+              int.parse(timeComponents[1]), // minute
+              int.parse(timeComponents[2]), // second
+            );
+          }
+        }
+      }
+    } catch (e) {
+      // Git command failed or not available, will fall back to file system
+    }
+
+    return null;
+  }
+}

package/dart_analyzer/lib/rules/dart/D018_remove_commented_code.dart

@@ -0,0 +1,196 @@
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/source/line_info.dart';
+import 'package:analyzer/dart/ast/token.dart';
+
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+
+/// D018: Remove Commented-Out Code
+/// Remove commented-out code instead of leaving it in source. Use version control to track history.
+class D018RemoveCommentedCodeAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'D018';
+
+  // Default minimum lines of consecutive commented code to flag
+  static const int _defaultMinLines = 2;
+
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+
+    // Get config values
+    final minLines = (rule.config['minLines'] as int?) ?? _defaultMinLines;
+    final ignoreDocComments = (rule.config['ignoreDocComments'] as bool?) ?? true;
+
+    // Analyze comments from tokens
+    _analyzeComments(
+      unit: unit,
+      filePath: filePath,
+      lineInfo: lineInfo,
+      violations: violations,
+      minLines: minLines,
+      ignoreDocComments: ignoreDocComments,
+    );
+
+    return violations;
+  }
+
+  void _analyzeComments({
+    required CompilationUnit unit,
+    required String filePath,
+    required LineInfo lineInfo,
+    required List<Violation> violations,
+    required int minLines,
+    required bool ignoreDocComments,
+  }) {
+    final Token? firstToken = unit.beginToken;
+    if (firstToken == null) return;
+
+    // Process all tokens to find comments
+    Token? token = firstToken;
+    while (token != null) {
+      // Check preceding comments
+      Token? comment = token.precedingComments;
+      List<Token> commentBlock = [];
+
+      while (comment != null) {
+        // Skip doc comments if configured
+        if (ignoreDocComments && _isDocComment(comment)) {
+          comment = comment.next;
+          continue;
+        }
+
+        // Add all consecutive comments to the block
+        commentBlock.add(comment);
+        comment = comment.next;
+      }
+
+      // Analyze the comment block for code patterns
+      if (commentBlock.isNotEmpty) {
+        _analyzeCommentBlock(
+          violations: violations,
+          filePath: filePath,
+          lineInfo: lineInfo,
+          commentBlock: commentBlock,
+          minLines: minLines,
+        );
+      }
+
+      if (token.type == TokenType.EOF) break;
+      token = token.next;
+    }
+  }
+
+  void _analyzeCommentBlock({
+    required List<Violation> violations,
+    required String filePath,
+    required LineInfo lineInfo,
+    required List<Token> commentBlock,
+    required int minLines,
+  }) {
+    if (commentBlock.isEmpty) return;
+
+    // Count how many comments look like code
+    int codeCommentCount = 0;
+    for (final comment in commentBlock) {
+      if (_looksLikeCommentedCode(comment)) {
+        codeCommentCount++;
+      }
+    }
+
+    // If majority of comments (>70%) look like code, flag the whole block
+    if (codeCommentCount >= minLines && 
+        codeCommentCount >= (commentBlock.length * 0.7).ceil()) {
+      _addViolation(
+        violations: violations,
+        filePath: filePath,
+        lineInfo: lineInfo,
+        commentBlock: commentBlock,
+      );
+    }
+  }
+
+  bool _isDocComment(Token comment) {
+    final text = comment.lexeme;
+    return text.startsWith('///') || text.startsWith('/**');
+  }
+
+  bool _looksLikeCommentedCode(Token comment) {
+    final text = comment.lexeme.trim();
+    
+    // Remove comment markers
+    String content = text;
+    if (content.startsWith('//')) {
+      content = content.substring(2).trim();
+    } else if (content.startsWith('/*')) {
+      content = content.substring(2);
+      if (content.endsWith('*/')) {
+        content = content.substring(0, content.length - 2);
+      }
+      content = content.trim();
+    }
+
+    // Empty or very short comments are likely not code
+    if (content.length < 3) return false;
+
+    // Patterns that suggest commented code
+    final codePatterns = [
+      // Dart/Flutter specific
+      RegExp(r'\b(var|final|const|late|void|int|String|bool|double|List|Map|Set|Future|Stream|Widget)\b'),
+      RegExp(r'\b(if|else|for|while|switch|case|break|continue|return|throw|try|catch|finally)\b'),
+      RegExp(r'\b(class|extends|implements|mixin|with|abstract|interface)\b'),
+      RegExp(r'\b(import|export|part|library|show|hide|as)\b'),
+      RegExp(r'\b(async|await|yield|sync)\b'),
+      RegExp(r'\b(this|super|static|override|factory|operator)\b'),
+      RegExp(r'\b(get|set|enum|typedef)\b'),
+      
+      // Common code structures
+      RegExp(r'^[a-zA-Z_]\w*\s*\(.*\)\s*[{;]?$'), // function calls/declarations
+      RegExp(r'^[a-zA-Z_]\w*\s*='), // assignments
+      RegExp(r'[{}\[\]()]'), // brackets
+      RegExp(r';$'), // ends with semicolon
+      RegExp(r'=>'), // arrow functions
+      RegExp(r'\?\?|\?\.|\?|\!'), // null safety operators
+      RegExp(r'[+\-*/%&|^]?='), // compound assignments
+      RegExp(r'<.*>'), // generics
+      RegExp(r'@\w+'), // annotations
+      RegExp(r'\.\.'), // cascade operator
+    ];
+
+    // Check if the content matches any code pattern
+    for (final pattern in codePatterns) {
+      if (pattern.hasMatch(content)) {
+        return true;
+      }
+    }
+
+    return false;
+  }
+
+  void _addViolation({
+    required List<Violation> violations,
+    required String filePath,
+    required LineInfo lineInfo,
+    required List<Token> commentBlock,
+  }) {
+    if (commentBlock.isEmpty) return;
+
+    final firstComment = commentBlock.first;
+    final line = getLine(lineInfo, firstComment.offset);
+    final column = getColumn(lineInfo, firstComment.offset);
+    final count = commentBlock.length;
+
+    violations.add(createViolation(
+      filePath: filePath,
+      line: line,
+      column: column,
+      message: 'Found $count line${count > 1 ? 's' : ''} of commented-out code. Remove it and use version control instead.',
+    ));
+  }
+}

package/dart_analyzer/lib/rules/dart/D019_avoid_single_child_multi_child_widget.dart

@@ -0,0 +1,161 @@
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/dart/ast/visitor.dart';
+import 'package:analyzer/source/line_info.dart';
+
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+
+/// D019: Avoid Single Child in Multi-Child Widget
+/// Multi-child widgets (Column, Row, Wrap, etc.) should not have only a single child
+class D019AvoidSingleChildMultiChildWidgetAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'D019';
+
+  // Multi-child widgets that should have multiple children
+  static const List<String> _multiChildWidgets = [
+    'Column',
+    'Row',
+    'Wrap',
+    'Stack',
+    'Flex',
+    'ListView',
+    'GridView',
+    'CustomScrollView',
+  ];
+
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+
+    final visitor = _D019Visitor(
+      filePath: filePath,
+      lineInfo: lineInfo,
+      violations: violations,
+      analyzer: this,
+    );
+
+    unit.accept(visitor);
+
+    return violations;
+  }
+}
+
+class _D019Visitor extends RecursiveAstVisitor<void> {
+  final String filePath;
+  final LineInfo lineInfo;
+  final List<Violation> violations;
+  final D019AvoidSingleChildMultiChildWidgetAnalyzer analyzer;
+
+  _D019Visitor({
+    required this.filePath,
+    required this.lineInfo,
+    required this.violations,
+    required this.analyzer,
+  });
+
+  @override
+  void visitInstanceCreationExpression(InstanceCreationExpression node) {
+    final typeName = node.constructorName.type.toSource();
+    
+    // Check if this is a multi-child widget
+    final isMultiChildWidget = D019AvoidSingleChildMultiChildWidgetAnalyzer._multiChildWidgets
+        .any((widget) => typeName == widget || typeName.startsWith('$widget.'));
+    
+    if (isMultiChildWidget) {
+      _checkChildrenCountFromInstance(node, typeName);
+    }
+    
+    super.visitInstanceCreationExpression(node);
+  }
+
+  @override
+  void visitMethodInvocation(MethodInvocation node) {
+    // In parsed AST (without resolution), widget constructors like Column()
+    // are represented as MethodInvocation instead of InstanceCreationExpression
+    // We need to handle both cases to work with getParsedUnit()
+    
+    final methodName = node.methodName.name;
+    
+    // Handle direct widget constructor calls (no target, starts with uppercase)
+    if (node.target == null && methodName.isNotEmpty) {
+      final isMultiChildWidget = D019AvoidSingleChildMultiChildWidgetAnalyzer._multiChildWidgets
+          .contains(methodName);
+      
+      if (isMultiChildWidget) {
+        _checkChildrenCountFromInvocation(node, methodName);
+      }
+    }
+    
+    super.visitMethodInvocation(node);
+  }
+
+  void _checkChildrenCountFromInstance(InstanceCreationExpression node, String typeName) {
+    final arguments = node.argumentList.arguments;
+    
+    for (final arg in arguments) {
+      if (arg is NamedExpression) {
+        final paramName = arg.name.label.name;
+        
+        // Check for 'children' or 'slivers' parameter
+        if (paramName == 'children' || paramName == 'slivers') {
+          final expression = arg.expression;
+          
+          // Check if it's a list literal
+          if (expression is ListLiteral) {
+            final elementCount = expression.elements.length;
+            
+            if (elementCount == 1) {
+              // Get the base widget name (remove constructor suffix if any)
+              final baseWidgetName = typeName.split('.').first;
+              final paramType = paramName == 'slivers' ? 'sliver' : 'child';
+              
+              violations.add(analyzer.createViolation(
+                filePath: filePath,
+                line: analyzer.getLine(lineInfo, node.offset),
+                column: analyzer.getColumn(lineInfo, node.offset),
+                message: '$baseWidgetName has only one $paramType. Consider using a single-child widget like Container, SizedBox, or Padding instead.',
+              ));
+            }
+          }
+        }
+      }
+    }
+  }
+
+  void _checkChildrenCountFromInvocation(MethodInvocation node, String widgetName) {
+    final arguments = node.argumentList.arguments;
+    
+    for (final arg in arguments) {
+      if (arg is NamedExpression) {
+        final paramName = arg.name.label.name;
+        
+        // Check for 'children' or 'slivers' parameter
+        if (paramName == 'children' || paramName == 'slivers') {
+          final expression = arg.expression;
+          
+          // Check if it's a list literal
+          if (expression is ListLiteral) {
+            final elementCount = expression.elements.length;
+            
+            if (elementCount == 1) {
+              final paramType = paramName == 'slivers' ? 'sliver' : 'child';
+              
+              violations.add(analyzer.createViolation(
+                filePath: filePath,
+                line: analyzer.getLine(lineInfo, node.offset),
+                column: analyzer.getColumn(lineInfo, node.offset),
+                message: '$widgetName has only one $paramType. Consider using a single-child widget like Container, SizedBox, or Padding instead.',
+              ));
+            }
+          }
+        }
+      }
+    }
+  }
+}

package/dart_analyzer/lib/rules/dart/D020_limit_if_else_branches.dart

@@ -0,0 +1,125 @@
+import 'package:analyzer/dart/ast/ast.dart';
+import 'package:analyzer/dart/ast/visitor.dart';
+import 'package:analyzer/source/line_info.dart';
+
+import '../../models/rule.dart';
+import '../../models/violation.dart';
+import '../base_analyzer.dart';
+
+/// D020: Limit If/Else Branches
+/// Limit the number of if/else branches to improve readability and maintainability
+class D020LimitIfElseBranchesAnalyzer extends BaseAnalyzer {
+  @override
+  String get ruleId => 'D020';
+
+  // Default maximum number of if/else branches
+  static const int _defaultMaxBranches = 3;
+
+  @override
+  List<Violation> analyze({
+    required CompilationUnit unit,
+    required String filePath,
+    required Rule rule,
+    required LineInfo lineInfo,
+  }) {
+    final violations = <Violation>[];
+
+    // Get maxBranches from rule config, default to 3
+    final maxBranches = (rule.config['maxBranches'] as int?) ?? _defaultMaxBranches;
+
+    final visitor = _D020Visitor(
+      filePath: filePath,
+      lineInfo: lineInfo,
+      violations: violations,
+      analyzer: this,
+      maxBranches: maxBranches,
+    );
+
+    unit.accept(visitor);
+
+    return violations;
+  }
+}
+
+class _D020Visitor extends RecursiveAstVisitor<void> {
+  final String filePath;
+  final LineInfo lineInfo;
+  final List<Violation> violations;
+  final D020LimitIfElseBranchesAnalyzer analyzer;
+  final int maxBranches;
+  
+  // Track if statements that are part of else-if chains to avoid duplicate reporting
+  final Set<int> _processedIfStatements = {};
+
+  _D020Visitor({
+    required this.filePath,
+    required this.lineInfo,
+    required this.violations,
+    required this.analyzer,
+    required this.maxBranches,
+  });
+
+  @override
+  void visitIfStatement(IfStatement node) {
+    // Skip if this if statement is already processed as part of an else-if chain
+    if (_processedIfStatements.contains(node.offset)) {
+      super.visitIfStatement(node);
+      return;
+    }
+    
+    // Mark this if and all its else-if statements as processed
+    _markChainAsProcessed(node);
+    
+    final branchCount = _countBranches(node);
+    
+    if (branchCount > maxBranches) {
+      violations.add(analyzer.createViolation(
+        filePath: filePath,
+        line: analyzer.getLine(lineInfo, node.offset),
+        column: analyzer.getColumn(lineInfo, node.offset),
+        message: 'This if/else chain has $branchCount branches, exceeding the limit of $maxBranches. Consider using switch statement, polymorphism, or a lookup table instead.',
+      ));
+    }
+    
+    super.visitIfStatement(node);
+  }
+  
+  /// Mark all if statements in this else-if chain as processed
+  void _markChainAsProcessed(IfStatement node) {
+    _processedIfStatements.add(node.offset);
+    
+    Statement? current = node.elseStatement;
+    while (current != null) {
+      if (current is IfStatement) {
+        _processedIfStatements.add(current.offset);
+        current = current.elseStatement;
+      } else {
+        break;
+      }
+    }
+  }
+
+  /// Count the number of branches in an if/else chain
+  /// Example:
+  /// if (a) { } -> 1 branch
+  /// if (a) { } else { } -> 2 branches
+  /// if (a) { } else if (b) { } else { } -> 3 branches
+  int _countBranches(IfStatement node) {
+    int count = 1; // Count the initial if
+    
+    Statement? current = node.elseStatement;
+    while (current != null) {
+      count++;
+      
+      // Check if this is an else-if
+      if (current is IfStatement) {
+        current = current.elseStatement;
+      } else {
+        // This is a final else, stop counting
+        break;
+      }
+    }
+    
+    return count;
+  }
+}