@vibecheckai/cli 3.4.0 → 3.5.0

package/bin/runners/lib/engines/error-handling-engine.js

@@ -0,0 +1,437 @@
+/**
+ * Error Handling Engine
+ * Detects:
+ * - Missing error handling
+ * - Swallowed errors (empty catch)
+ * - Generic error messages
+ * - Error re-throwing without context
+ * - Missing error boundaries (React)
+ * - Inconsistent error responses (API)
+ * - Missing validation error handling
+ * - Untyped error catches
+ */
+
+const { getAST } = require("./ast-cache");
+const traverse = require("@babel/traverse").default;
+const t = require("@babel/types");
+const { shouldExcludeFile, isTestContext, hasIgnoreDirective } = require("./file-filter");
+
+function snippetForLine(lines, line) {
+  return lines[line - 1] ? lines[line - 1].trim() : "";
+}
+
+/**
+ * Good error handling patterns
+ */
+const GOOD_ERROR_PATTERNS = {
+  logging: [
+    /console\.error/,
+    /logger\.error/,
+    /log\.error/,
+    /Sentry\.captureException/,
+    /captureException/,
+    /reportError/,
+    /trackError/,
+    /Bugsnag/,
+    /Rollbar/,
+  ],
+  rethrowing: [
+    /throw\s+/,
+    /throw\s+new\s+/,
+  ],
+  returning: [
+    /return\s+.*error/i,
+    /return\s+.*Error/,
+    /return\s+{.*error/i,
+  ],
+  handling: [
+    /if\s*\(/,
+    /switch\s*\(/,
+    /instanceof/,
+  ],
+};
+
+/**
+ * Generic error messages that should be more specific
+ */
+const GENERIC_ERROR_MESSAGES = [
+  /['"]something went wrong['"]/i,
+  /['"]an error occurred['"]/i,
+  /['"]error['"]\s*$/i,
+  /['"]unknown error['"]/i,
+  /['"]oops['"]/i,
+  /['"]failed['"]\s*$/i,
+];
+
+/**
+ * Check if catch block has meaningful handling
+ */
+function hasMeaningfulHandling(catchBlock, code) {
+  if (!catchBlock || !t.isBlockStatement(catchBlock)) return false;
+  
+  // Empty catch block
+  if (catchBlock.body.length === 0) return false;
+  
+  const blockCode = code.substring(catchBlock.start, catchBlock.end);
+  
+  // Check for good patterns
+  for (const patterns of Object.values(GOOD_ERROR_PATTERNS)) {
+    if (patterns.some(p => p.test(blockCode))) {
+      return true;
+    }
+  }
+  
+  // Check if has any statements (not just comments)
+  const hasStatements = catchBlock.body.some(stmt => !t.isEmptyStatement(stmt));
+  
+  return hasStatements;
+}
+
+/**
+ * Check if error message is generic
+ */
+function isGenericErrorMessage(message) {
+  return GENERIC_ERROR_MESSAGES.some(p => p.test(message));
+}
+
+/**
+ * Analyze error handling patterns
+ */
+function analyzeErrorHandling(code, filePath) {
+  const findings = [];
+  
+  if (shouldExcludeFile(filePath)) return findings;
+  if (isTestContext(code, filePath)) return findings;
+  if (hasIgnoreDirective(code, "error-handling")) return findings;
+  
+  const ast = getAST(code, filePath);
+  if (!ast) return findings;
+  
+  const lines = code.split("\n");
+  const normalizedPath = filePath.replace(/\\/g, "/");
+  const isAPIRoute = normalizedPath.includes("/api/") || normalizedPath.includes("/routes/");
+  
+  // Track error response patterns
+  const errorResponsePatterns = new Set();
+  
+  traverse(ast, {
+    // Analyze catch blocks
+    CatchClause(path) {
+      const node = path.node;
+      const loc = node.loc?.start;
+      if (!loc) return;
+      
+      const catchBody = node.body;
+      const param = node.param;
+      
+      // Check for empty catch
+      if (!hasMeaningfulHandling(catchBody, code)) {
+        // Check for intentional comment
+        const blockCode = code.substring(catchBody.start, catchBody.end);
+        const hasIntentionalComment = /intentional|expected|ignore|safe|ok/i.test(blockCode);
+        
+        if (!hasIntentionalComment) {
+          findings.push({
+            type: "empty_catch",
+            severity: "WARN",
+            category: "ErrorHandling",
+            file: filePath,
+            line: loc.line,
+            column: loc.column,
+            title: "Empty or minimal catch block",
+            message: "Errors are being swallowed without logging or handling.",
+            codeSnippet: snippetForLine(lines, loc.line),
+            confidence: "high",
+            fixHint: "Log the error or re-throw with context",
+          });
+        }
+      }
+      
+      // Check for untyped catch parameter (TypeScript)
+      if (param && t.isIdentifier(param) && filePath.endsWith(".ts")) {
+        // In TypeScript, catch param is 'unknown' by default in strict mode
+        // but many codebases use 'any' or no annotation
+        const hasTypeAnnotation = param.typeAnnotation;
+        
+        if (!hasTypeAnnotation) {
+          findings.push({
+            type: "untyped_catch",
+            severity: "INFO",
+            category: "ErrorHandling",
+            file: filePath,
+            line: loc.line,
+            column: loc.column,
+            title: "Catch parameter not typed",
+            message: "Consider typing catch parameter as 'unknown' and checking type before use.",
+            codeSnippet: snippetForLine(lines, loc.line),
+            confidence: "low",
+            fixHint: "catch (error: unknown) { if (error instanceof Error) { ... } }",
+          });
+        }
+      }
+      
+      // Check for console.log instead of console.error
+      traverse(catchBody, {
+        CallExpression(innerPath) {
+          const callee = innerPath.node.callee;
+          if (t.isMemberExpression(callee) &&
+              t.isIdentifier(callee.object, { name: "console" }) &&
+              t.isIdentifier(callee.property, { name: "log" })) {
+            
+            const innerLoc = innerPath.node.loc?.start;
+            if (innerLoc) {
+              findings.push({
+                type: "console_log_in_catch",
+                severity: "INFO",
+                category: "ErrorHandling",
+                file: filePath,
+                line: innerLoc.line,
+                column: innerLoc.column,
+                title: "console.log in catch block",
+                message: "Use console.error for error logging to distinguish from regular logs.",
+                codeSnippet: snippetForLine(lines, innerLoc.line),
+                confidence: "med",
+                fixHint: "Change to console.error(error)",
+              });
+            }
+          }
+        },
+        noScope: true,
+      }, path.scope);
+      
+      // Check for error being thrown without additional context
+      traverse(catchBody, {
+        ThrowStatement(innerPath) {
+          const argument = innerPath.node.argument;
+          
+          // Just rethrowing the same error
+          if (t.isIdentifier(argument) && param && t.isIdentifier(param) && 
+              argument.name === param.name) {
+            
+            const innerLoc = innerPath.node.loc?.start;
+            if (innerLoc) {
+              findings.push({
+                type: "rethrow_without_context",
+                severity: "INFO",
+                category: "ErrorHandling",
+                file: filePath,
+                line: innerLoc.line,
+                column: innerLoc.column,
+                title: "Error rethrown without context",
+                message: "Consider wrapping with additional context for better debugging.",
+                codeSnippet: snippetForLine(lines, innerLoc.line),
+                confidence: "low",
+                fixHint: "throw new Error(`Context: ${error.message}`, { cause: error })",
+              });
+            }
+          }
+        },
+        noScope: true,
+      }, path.scope);
+    },
+    
+    // Check for try without catch or finally
+    TryStatement(path) {
+      const node = path.node;
+      const loc = node.loc?.start;
+      if (!loc) return;
+      
+      if (!node.handler && !node.finalizer) {
+        findings.push({
+          type: "try_without_catch",
+          severity: "WARN",
+          category: "ErrorHandling",
+          file: filePath,
+          line: loc.line,
+          column: loc.column,
+          title: "try without catch or finally",
+          message: "try statement has no error handling.",
+          codeSnippet: snippetForLine(lines, loc.line),
+          confidence: "high",
+          fixHint: "Add catch block to handle errors",
+        });
+      }
+    },
+    
+    // Check for generic error messages
+    NewExpression(path) {
+      const node = path.node;
+      const loc = node.loc?.start;
+      if (!loc) return;
+      
+      if (t.isIdentifier(node.callee, { name: "Error" }) ||
+          (t.isIdentifier(node.callee) && node.callee.name.endsWith("Error"))) {
+        
+        const args = node.arguments;
+        if (args.length > 0 && t.isStringLiteral(args[0])) {
+          const message = args[0].value;
+          
+          if (isGenericErrorMessage(message)) {
+            findings.push({
+              type: "generic_error_message",
+              severity: "INFO",
+              category: "ErrorHandling",
+              file: filePath,
+              line: loc.line,
+              column: loc.column,
+              title: "Generic error message",
+              message: `Error message "${message}" is not descriptive. Include specific context.`,
+              codeSnippet: snippetForLine(lines, loc.line),
+              confidence: "med",
+              fixHint: "Include what failed and why: 'Failed to fetch user: invalid ID'",
+            });
+          }
+        }
+      }
+    },
+    
+    // Check API error responses for consistency
+    CallExpression(path) {
+      const node = path.node;
+      const callee = node.callee;
+      const loc = node.loc?.start;
+      if (!loc) return;
+      
+      // Check for NextResponse.json() or res.json() error patterns
+      if (isAPIRoute) {
+        let isErrorResponse = false;
+        let responseShape = null;
+        
+        // NextResponse.json({ error: ... }, { status: 4xx })
+        if (t.isMemberExpression(callee) &&
+            t.isIdentifier(callee.object, { name: "NextResponse" }) &&
+            t.isIdentifier(callee.property, { name: "json" })) {
+          
+          if (node.arguments.length >= 2) {
+            const options = node.arguments[1];
+            if (t.isObjectExpression(options)) {
+              const statusProp = options.properties.find(p => 
+                t.isObjectProperty(p) && 
+                t.isIdentifier(p.key, { name: "status" }) &&
+                t.isNumericLiteral(p.value)
+              );
+              
+              if (statusProp && statusProp.value.value >= 400) {
+                isErrorResponse = true;
+                
+                // Get response shape
+                const body = node.arguments[0];
+                if (t.isObjectExpression(body)) {
+                  responseShape = body.properties
+                    .filter(p => t.isObjectProperty(p) && t.isIdentifier(p.key))
+                    .map(p => p.key.name)
+                    .sort()
+                    .join(",");
+                }
+              }
+            }
+          }
+        }
+        
+        // res.status(4xx).json({ error: ... })
+        if (t.isMemberExpression(callee) &&
+            t.isIdentifier(callee.property, { name: "json" }) &&
+            t.isCallExpression(callee.object)) {
+          
+          const statusCall = callee.object;
+          if (t.isMemberExpression(statusCall.callee) &&
+              t.isIdentifier(statusCall.callee.property, { name: "status" }) &&
+              statusCall.arguments.length > 0 &&
+              t.isNumericLiteral(statusCall.arguments[0]) &&
+              statusCall.arguments[0].value >= 400) {
+            
+            isErrorResponse = true;
+            
+            // Get response shape
+            const body = node.arguments[0];
+            if (t.isObjectExpression(body)) {
+              responseShape = body.properties
+                .filter(p => t.isObjectProperty(p) && t.isIdentifier(p.key))
+                .map(p => p.key.name)
+                .sort()
+                .join(",");
+            }
+          }
+        }
+        
+        if (isErrorResponse && responseShape) {
+          errorResponsePatterns.add(responseShape);
+        }
+      }
+    },
+    
+    // Check for missing .catch() on promises
+    MemberExpression(path) {
+      const node = path.node;
+      const loc = node.loc?.start;
+      if (!loc) return;
+      
+      // Check for .then() without .catch()
+      if (t.isIdentifier(node.property, { name: "then" })) {
+        const parent = path.parentPath;
+        
+        if (parent.isCallExpression() && parent.node.callee === node) {
+          // Check if there's a .catch() after
+          const grandparent = parent.parentPath;
+          
+          if (!grandparent.isMemberExpression() || 
+              !t.isIdentifier(grandparent.node.property, { name: "catch" })) {
+            
+            // Check if the .then() callback handles errors
+            const thenArgs = parent.node.arguments;
+            const hasErrorHandler = thenArgs.length >= 2; // Second arg is error handler
+            
+            if (!hasErrorHandler) {
+              // Check if result is returned or awaited (will propagate)
+              const returnParent = parent.findParent(p => p.isReturnStatement());
+              const awaitParent = parent.findParent(p => p.isAwaitExpression());
+              
+              if (!returnParent && !awaitParent) {
+                findings.push({
+                  type: "then_without_catch",
+                  severity: "INFO",
+                  category: "ErrorHandling",
+                  file: filePath,
+                  line: loc.line,
+                  column: loc.column,
+                  title: ".then() without .catch()",
+                  message: "Promise may have unhandled rejections.",
+                  codeSnippet: snippetForLine(lines, loc.line),
+                  confidence: "low",
+                  fixHint: "Add .catch() or use async/await with try/catch",
+                });
+              }
+            }
+          }
+        }
+      }
+    },
+  });
+  
+  // Check for inconsistent error response patterns
+  if (isAPIRoute && errorResponsePatterns.size > 1) {
+    findings.push({
+      type: "inconsistent_error_response",
+      severity: "INFO",
+      category: "ErrorHandling",
+      file: filePath,
+      line: 1,
+      column: 0,
+      title: "Inconsistent error response shapes",
+      message: `Found ${errorResponsePatterns.size} different error response shapes. Standardize error format.`,
+      codeSnippet: "",
+      confidence: "low",
+      fixHint: "Use consistent shape: { error: { message, code, details? } }",
+    });
+  }
+  
+  return findings;
+}
+
+module.exports = {
+  analyzeErrorHandling,
+  hasMeaningfulHandling,
+  isGenericErrorMessage,
+  GOOD_ERROR_PATTERNS,
+  GENERIC_ERROR_MESSAGES,
+};