@sun-asterisk/sunlint 1.3.47 → 1.3.49

package/origin-rules/go-en.md

@@ -0,0 +1,231 @@
+# 📘 Go Specific Coding Rules
+
+### 📘 Rule G001 – Explicitly check ALL errors
+
+- **Objective**: Prevent silent failures and ensure robust error recovery.
+- **Details**:
+    - In Go, errors are values and must be handled explicitly.
+    - Avoid ignoring errors using `_`.
+    - Always handle the error before proceeding.
+- **Applies to**: Go
+- **Tool**: errcheck, golangci-lint
+- **Principle**: CODE_QUALITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: critical
+
+**Good example**:
+```go
+file, err := os.Open("config.json")
+if err != nil {
+    return fmt.Errorf("failed to open config: %w", err)
+}
+defer file.Close()
+```
+
+**Bad example**:
+```go
+file, _ := os.Open("config.json") // Error ignored
+defer file.Close()
+```
+
+### 📘 Rule G002 – Context MUST be the first argument
+
+- **Objective**: Follow Go idiomatic patterns for cancellation and timeouts.
+- **Details**:
+    - `context.Context` should always be the first parameter of a function, typically named `ctx`.
+    - Improving observability and standardizing API signatures.
+- **Applies to**: Go
+- **Tool**: golangci-lint, contextcheck
+- **Principle**: CODE_QUALITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+**Good example**:
+```go
+func (s *Service) FetchUser(ctx context.Context, userID string) (*User, error) {
+    return s.repo.Get(ctx, userID)
+}
+```
+
+**Bad example**:
+```go
+func (s *Service) FetchUser(userID string, ctx context.Context) (*User, error) {
+    return s.repo.Get(ctx, userID)
+}
+```
+
+### 📘 Rule G003 – Consistent Receiver Naming
+
+- **Objective**: Improve readability and consistency across methods.
+- **Details**:
+    - Receiver names should be short (1-2 letters) and consistent across all methods of a type.
+    - Avoid generic names like `this`, `self`, or `me`.
+- **Applies to**: Go
+- **Tool**: golangci-lint, stylecheck
+- **Principle**: CODE_QUALITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: minor
+
+**Good example**:
+```go
+func (r *UserRepository) Get(id string) (*User, error) { ... }
+func (r *UserRepository) List() ([]*User, error) { ... }
+```
+
+**Bad example**:
+```go
+func (this *UserRepository) Get(id string) (*User, error) { ... }
+func (self *UserRepository) List() ([]*User, error) { ... }
+```
+
+### 📘 Rule G004 – No panic() in production business logic
+
+- **Objective**: Prevent application crashes and enable graceful recovery.
+- **Details**:
+    - Avoid using `panic()` for normal error handling.
+    - Reserve `panic()` for unrecoverable errors during initialization.
+- **Applies to**: Go
+- **Tool**: golangci-lint, staticcheck
+- **Principle**: RELIABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: critical
+
+**Good example**:
+```go
+func GetUser(id string) (*User, error) {
+    user, err := db.Find(id)
+    if err != nil {
+        return nil, fmt.Errorf("failed to find user: %w", err)
+    }
+    return user, nil
+}
+```
+
+**Bad example**:
+```go
+func GetUser(id string) *User {
+    user, err := db.Find(id)
+    if err != nil {
+        panic(err) // Crash!
+    }
+    return user
+}
+```
+
+### 📘 Rule G005 – Goroutine Leak Prevention
+
+- **Objective**: Prevent memory exhaustion and zombie processes.
+- **Details**:
+    - Always ensure that a goroutine has a clear termination path.
+    - Use `context.Context` or a close channel to stop goroutines.
+- **Applies to**: Go
+- **Tool**: goleak, golangci-lint
+- **Principle**: PERFORMANCE, RELIABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+**Good example**:
+```go
+func StartWatcher(ctx context.Context, ch chan string) {
+    go func() {
+        for {
+            select {
+            case <-ctx.Done():
+                return
+            case msg, ok := <-ch:
+                if !ok { return }
+                fmt.Println(msg)
+            }
+        }
+    }()
+}
+```
+
+### 📘 Rule G006 – Define interfaces at consumer side
+
+- **Objective**: Promote decoupling and simplify testing.
+- **Details**:
+    - Define interfaces in the package that requires the dependency (consumer side).
+    - Do not define interfaces in the same package where the implementation is defined.
+- **Applies to**: Go
+- **Tool**: Manual Review, Architecture rules
+- **Principle**: MAINTAINABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+**Good example**:
+```go
+// package handler (consumer)
+type AuthProvider interface {
+    Login(user, pass string) (string, error)
+}
+```
+
+### 📘 Rule GN001 – Use Gin binding for validation
+
+- **Objective**: Simplify input handling and ensure consistent validation.
+- **Details**:
+    - Leverage Gin's `ShouldBindJSON` with struct tags for validation.
+    - Avoid manual parsing and validation in handlers.
+- **Applies to**: Go, Gin
+- **Tool**: Gin, validator
+- **Principle**: CODE_QUALITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+**Good example**:
+```go
+type CreateUserRequest struct {
+    Email string `json:"email" binding:"required,email"`
+}
+if err := c.ShouldBindJSON(&req); err != nil {
+    c.JSON(400, gin.H{"error": err.Error()})
+    return
+}
+```
+
+### 📘 Rule GN002 – Abort with status for fatal errors
+
+- **Objective**: Ensure middleware chain is interrupted and consistent response is sent.
+- **Details**:
+    - When a fatal error occurs, use `c.AbortWithStatusJSON` to stop the chain.
+    - Prevents security bypasses in middleware.
+- **Applies to**: Go, Gin
+- **Tool**: Gin
+- **Principle**: SECURITY, CODE_QUALITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+### 📘 Rule GN003 – Implement Graceful Shutdown
+
+- **Objective**: Prevent data loss and ensure clean connection handling.
+- **Details**:
+    - Handle termination signals (`SIGINT`, `SIGTERM`) to allow inflight requests to finish.
+    - Use `http.Server.Shutdown(ctx)` instead of just `r.Run()`.
+- **Applies to**: Go, Gin
+- **Tool**: Go Standard Library, Gin
+- **Principle**: RELIABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+### 📘 Rule GN004 – Logical Route Grouping
+
+- **Objective**: Improve code organization and shared middleware management.
+- **Details**:
+    - Use `RouterGroup` to organize routes logically (e.g., by version or resource).
+    - Apply middleware once to the entire group.
+- **Applies to**: Go, Gin
+- **Tool**: Gin
+- **Principle**: MAINTAINABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major

package/origin-rules/php-en.md

@@ -0,0 +1,107 @@
+# 📘 PHP/Laravel Specific Coding Rules
+
+### 📘 Rule P001 – Follow PSR-12 Coding Standard
+
+- **Objective**: Maintain consistent code formatting across all PHP projects.
+- **Details**:
+    - Use 4 spaces for indentation.
+    - Class opening braces on new lines.
+    - Method visibility (public/private/protected) must be declared.
+- **Applies to**: PHP
+- **Tool**: PHP_CodeSniffer, Laravel Pint
+- **Principle**: CODE_QUALITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+### 📘 Rule P002 – Skinny Controllers, Fat Models/Services
+
+- **Objective**: Maintain clear separation of concerns and keep controllers easy to read.
+- **Details**:
+    - Controllers should only handle request input and response output.
+    - Business logic should reside in Service classes or Action classes.
+    - Aim for actions under 10 lines of code.
+- **Applies to**: PHP/Laravel
+- **Tool**: Manual Review, Architecture Rules
+- **Principle**: MAINTAINABILITY, SRP
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+### 📘 Rule P003 – Use Eloquent over Raw SQL/Query Builder
+
+- **Objective**: Improve code readability and leverage Laravel's built-in security features.
+- **Details**:
+    - Use Eloquent ORM for most database interactions.
+    - Use Query Builder only for complex performance-critical queries.
+    - Never use raw SQL unless absolutely necessary and properly parameterized.
+- **Applies to**: PHP/Laravel
+- **Tool**: Manual Review
+- **Principle**: CODE_QUALITY, SECURITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+### 📘 Rule P004 – Form Requests for Validation
+
+- **Objective**: Separate validation logic from business logic.
+- **Details**:
+    - Use dediated `FormRequest` classes for request validation.
+    - Avoid calling `$request->validate()` inside controller actions.
+- **Applies to**: PHP/Laravel
+- **Tool**: Manual Review, PHPStan
+- **Principle**: MAINTAINABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+### 📘 Rule P005 – Typed Properties and Return Types
+
+- **Objective**: Increase code reliability and allow static analysis to catch errors.
+- **Details**:
+    - Use type hints for class properties (PHP 7.4+).
+    - Always declare return types for methods, including `void`.
+- **Applies to**: PHP 7.4+
+- **Tool**: PHPStan, Psalm
+- **Principle**: CODE_QUALITY, RELIABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+**Good example**:
+```php
+public function updateStatus(int $id, string $status): void
+{
+    $item = Item::findOrFail($id);
+    $item->status = $status;
+    $item->save();
+}
+```
+
+### 📘 Rule P006 – Prevent N+1 with Eager Loading
+
+- **Objective**: Optimize performance by reducing the number of database queries.
+- **Details**:
+    - Use the `with()` method when accessing associations in a loop.
+- **Applies to**: PHP/Laravel
+- **Tool**: Laravel Telescope, Clockwork, laravel-query-detector
+- **Principle**: PERFORMANCE
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: critical
+
+**Good example**:
+```php
+$posts = Post::with('author')->get();
+foreach ($posts as $post) {
+    echo $post->author->name;
+}
+```
+
+**Bad example**:
+```php
+$posts = Post::all();
+foreach ($posts as $post) {
+    echo $post->author->name; // Trigger new query for each post
+}
+```

package/origin-rules/python-en.md

@@ -0,0 +1,113 @@
+# 📘 Python Specific Coding Rules
+
+### 📘 Rule PY001 – Adhere to PEP 8 Style Guide
+
+- **Objective**: Maintain a consistent and readable codebase following Python's official standards.
+- **Details**:
+    - Use 4 spaces per indentation level.
+    - Limit line length to 79 characters.
+    - Use `snake_case` for functions/variables and `PascalCase` for classes.
+- **Applies to**: Python
+- **Tool**: ruff, flake8, black
+- **Principle**: CODE_QUALITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+### 📘 Rule PY002 – Mandatory Type Hinting
+
+- **Objective**: Improve code clarity, enable better IDE support, and catch type-related bugs early.
+- **Details**:
+    - Use type annotations for all function parameters and return types.
+    - Use `typing` module for complex types (List, Dict, Optional).
+- **Applies to**: Python 3.6+
+- **Tool**: mypy, Pyright
+- **Principle**: CODE_QUALITY, RELIABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+**Good example**:
+```python
+def get_user_name(user_id: int) -> str:
+    return db.fetch_name(user_id)
+```
+
+**Bad example**:
+```python
+def get_user_name(user_id):
+    return db.fetch_name(user_id)
+```
+
+### 📘 Rule PY003 – Explicit Error Handling
+
+- **Objective**: Prevent catching unexpected errors and ensure specific failure handling.
+- **Details**:
+    - Never use bare `except:` blocks.
+    - Always catch specific exceptions (e.g., `ValueError`, `KeyError`).
+- **Applies to**: Python
+- **Tool**: pylint, ruff
+- **Principle**: RELIABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: critical
+
+### 📘 Rule PY004 – Use logging instead of print
+
+- **Objective**: Better event tracking, filtering, and production observability.
+- **Details**:
+    - Use the `logging` module for any non-ephemeral messaging.
+    - Choose appropriate levels: `DEBUG`, `INFO`, `WARNING`, `ERROR`, `CRITICAL`.
+- **Applies to**: Python
+- **Tool**: Manual Review, ruff
+- **Principle**: MAINTAINABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+### 📘 Rule PY005 – Context Managers for Resource Handling
+
+- **Objective**: Ensure resources like files and network connections are closed properly.
+- **Details**:
+    - Use the `with` statement for resource management.
+- **Applies to**: Python
+- **Tool**: pylint, ruff
+- **Principle**: RELIABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+**Good example**:
+```python
+with open("data.txt", "r") as f:
+    content = f.read()
+```
+
+### 📘 Rule PY006 – Avoid Mutable Default Arguments
+
+- **Objective**: Prevent unexpected state sharing between function calls.
+- **Details**:
+    - Never use list or dict as a default value in function signature.
+    - Use `None` as default and initialize inside the function.
+- **Applies to**: Python
+- **Tool**: pylint, ruff
+- **Principle**: RELIABILITY
+- **Version**: 1.0
+- **Status**: activated
+- **Severity**: major
+
+**Good example**:
+```python
+def add_item(item, items=None):
+    if items is None:
+        items = []
+    items.append(item)
+    return items
+```
+
+**Bad example**:
+```python
+def add_item(item, items=[]): # items is shared across calls!
+    items.append(item)
+    return items
+```