al-sem 0.0.1

package/src/detectors/d11-modify-without-get.ts

@@ -0,0 +1,129 @@
+import type { CombinedGraph } from "../engine/combined-graph.ts";
+import { beforeAnchor } from "../engine/source-anchor.ts";
+import { compareStrings } from "../engine/uncertainty-util.ts";
+import { roleOf } from "../model/entities.ts";
+import type { DetectorStats, EvidenceStep, Finding } from "../model/finding.ts";
+import type { SemanticModel } from "../model/model.ts";
+import { fingerprintOf } from "../projection/finding-fingerprint.ts";
+import { toConfidence } from "./confidence.ts";
+import type { DetectorContext } from "./detector-context.ts";
+
+/**
+ * Ops that legitimately put a record into a "loaded / initialised" state in memory
+ * — after any of these, a subsequent `Modify` / `Validate` is sound.
+ *   - `Get`, `Find*`, `Next`: SQL load.
+ *   - `Init`: AL's in-memory initialiser for new records, used before Insert.
+ *   - `Insert`: After Insert the row is in memory and current.
+ *   - `Copy`: copies state from another record-var that itself was loaded.
+ */
+const LOAD_OPS: ReadonlySet<string> = new Set([
+	"Get",
+	"FindFirst",
+	"FindLast",
+	"FindSet",
+	"Find",
+	"Next",
+	"Init",
+	"Insert",
+	"Copy",
+]);
+
+/**
+ * Ops that mutate state of the SPECIFIC current record and therefore require it to
+ * have been loaded first. Note `ModifyAll` is intentionally excluded — it operates
+ * on the filtered set, not the current record, and the standard pattern is
+ * `SetRange(…); ModifyAll(field, value)` with no prior Get/Find. Flagging
+ * `ModifyAll` produced ~73% of D11's false positives on real workspaces.
+ */
+const MUTATING_OPS: ReadonlySet<string> = new Set(["Modify", "Validate"]);
+
+/**
+ * D11 — flags Modify/ModifyAll/Validate on a record variable that was never loaded
+ * earlier in the same routine. Suppresses by-var parameter records (the caller is
+ * responsible for loading them).
+ */
+export function detectD11(
+	model: SemanticModel,
+	_graph: CombinedGraph,
+	_ctx: DetectorContext,
+): { findings: Finding[]; stats: DetectorStats } {
+	const findings: Finding[] = [];
+	let candidatesConsidered = 0;
+	let skippedParseIncomplete = 0;
+	let skippedParameter = 0;
+
+	for (const routine of model.routines) {
+		if (roleOf(routine) !== "primary") continue;
+		if (!routine.bodyAvailable) continue;
+		if (routine.parseIncomplete) {
+			skippedParseIncomplete++;
+			continue;
+		}
+		candidatesConsidered++;
+
+		const paramRecordNames = new Set(
+			routine.features.recordVariables
+				.filter((rv) => rv.isParameter)
+				.map((rv) => rv.name.toLowerCase()),
+		);
+
+		for (const op of routine.features.recordOperations) {
+			if (!MUTATING_OPS.has(op.op)) continue;
+			const varKey = op.recordVariableName.toLowerCase();
+			if (paramRecordNames.has(varKey)) {
+				skippedParameter++;
+				continue;
+			}
+			const loadedBefore = routine.features.recordOperations.some(
+				(other) =>
+					LOAD_OPS.has(other.op) &&
+					other.recordVariableName.toLowerCase() === varKey &&
+					beforeAnchor(other.sourceAnchor, op.sourceAnchor),
+			);
+			if (loadedBefore) continue;
+
+			const path: EvidenceStep[] = [
+				{
+					routineId: routine.id,
+					operationId: op.id,
+					sourceAnchor: op.sourceAnchor,
+					note: `${op.op} on ${op.recordVariableName} with no prior Get/Find in this routine`,
+				},
+			];
+			const finding: Finding = {
+				id: `d11/${routine.id}/${op.id}`,
+				rootCauseKey: `d11/${routine.id}/${op.id}`,
+				detector: "d11-modify-without-get",
+				title: "Modify without Get",
+				rootCause: `${routine.name} calls ${op.op} on ${op.recordVariableName} but never loaded it — the record's state may be stale or partial.`,
+				severity: "medium",
+				confidence: toConfidence([], "likely"),
+				primaryLocation: op.sourceAnchor,
+				evidencePath: path,
+				affectedObjects: [routine.objectId],
+				affectedTables: op.tableId !== undefined ? [op.tableId] : [],
+				fixOptions: [
+					{
+						description:
+							"Load the record with Get / FindFirst before mutating, or pass it in as a var parameter from a caller that loaded it.",
+						safety: "high",
+					},
+				],
+				provenance: [{ source: "tree-sitter" }],
+			};
+			finding.fingerprint = fingerprintOf(finding, model);
+			findings.push(finding);
+		}
+	}
+
+	const stats: DetectorStats = {
+		detector: "d11-modify-without-get",
+		candidatesConsidered,
+		findingsEmitted: findings.length,
+		skipped: {
+			parseIncomplete: skippedParseIncomplete > 0 ? skippedParseIncomplete : undefined,
+			other: skippedParameter > 0 ? skippedParameter : undefined,
+		},
+	};
+	return { findings: findings.sort((a, b) => compareStrings(a.id, b.id)), stats };
+}

package/src/detectors/d12-dead-integration-event.ts

@@ -0,0 +1,81 @@
+import type { CombinedGraph } from "../engine/combined-graph.ts";
+import { compareStrings } from "../engine/uncertainty-util.ts";
+import { roleOf } from "../model/entities.ts";
+import type { DetectorStats, Finding } from "../model/finding.ts";
+import type { SemanticModel } from "../model/model.ts";
+import { fingerprintOf } from "../projection/finding-fingerprint.ts";
+import { toConfidence } from "./confidence.ts";
+import type { DetectorContext } from "./detector-context.ts";
+
+/**
+ * D12 — IntegrationEvent published from primary-app code with zero subscribers anywhere
+ * in the workspace + dependency closure → info finding. Helps identify dead extensibility
+ * surfaces.
+ */
+export function detectD12(
+	model: SemanticModel,
+	_graph: CombinedGraph,
+	ctx: DetectorContext,
+): { findings: Finding[]; stats: DetectorStats } {
+	const findings: Finding[] = [];
+	const { routineById } = ctx;
+	const subsByEvent = new Map<string, number>();
+	for (const edge of model.eventGraph.edges) {
+		subsByEvent.set(edge.eventId, (subsByEvent.get(edge.eventId) ?? 0) + 1);
+	}
+
+	let candidatesConsidered = 0;
+	let skippedOther = 0;
+	for (const ev of model.eventGraph.events) {
+		if (ev.eventKind !== "integration") continue;
+		const pubRoutineId = ev.publisherRoutineId;
+		if (pubRoutineId === undefined) continue;
+		const pubRoutine = routineById.get(pubRoutineId);
+		if (pubRoutine === undefined) continue;
+		if (roleOf(pubRoutine) !== "primary") continue;
+		candidatesConsidered++;
+		if ((subsByEvent.get(ev.id) ?? 0) > 0) {
+			skippedOther++;
+			continue;
+		}
+
+		const finding: Finding = {
+			id: `d12/${ev.id}`,
+			rootCauseKey: `d12/${ev.id}`,
+			detector: "d12-dead-integration-event",
+			title: "Integration event has no subscribers",
+			rootCause: `${pubRoutine.name} publishes an integration event that no subscriber across this workspace or its dependencies handles — the extensibility point is dead.`,
+			severity: "info",
+			confidence: toConfidence([], "likely"),
+			primaryLocation: pubRoutine.sourceAnchor,
+			evidencePath: [
+				{
+					routineId: pubRoutine.id,
+					sourceAnchor: pubRoutine.sourceAnchor,
+					note: `publishes ${pubRoutine.name}`,
+				},
+			],
+			affectedObjects: [pubRoutine.objectId],
+			affectedTables: [],
+			fixOptions: [
+				{
+					description:
+						"Either remove the event if it has no real extensibility purpose, or document why it exists for future subscribers.",
+					safety: "medium",
+				},
+			],
+			provenance: [{ source: "tree-sitter" }],
+		};
+		finding.fingerprint = fingerprintOf(finding, model);
+		findings.push(finding);
+	}
+	return {
+		findings: findings.sort((a, b) => compareStrings(a.id, b.id)),
+		stats: {
+			detector: "d12-dead-integration-event",
+			candidatesConsidered,
+			findingsEmitted: findings.length,
+			skipped: { other: skippedOther > 0 ? skippedOther : undefined },
+		},
+	};
+}

package/src/detectors/d13-cross-app-internal-call.ts

@@ -0,0 +1,105 @@
+import { parseRoutineAttributes } from "../engine/attribute-parser.ts";
+import type { CombinedGraph } from "../engine/combined-graph.ts";
+import { compareStrings } from "../engine/uncertainty-util.ts";
+import { roleOf } from "../model/entities.ts";
+import type { DetectorStats, Finding } from "../model/finding.ts";
+import type { SemanticModel } from "../model/model.ts";
+import { fingerprintOf } from "../projection/finding-fingerprint.ts";
+import { toConfidence } from "./confidence.ts";
+import type { DetectorContext } from "./detector-context.ts";
+
+/**
+ * D13 — Primary-app code calls a routine in a different app that is declared as
+ * `[InternalProc]` or has `internal` visibility. Crossing this boundary is not
+ * enforced by the BC compiler today but breaks on any minor version bump that the
+ * dependency author makes to their internal surface — a latent compile-break risk.
+ *
+ * Detection strategy: walk every resolved combined-graph edge; flag edges where
+ * (a) the caller's analysisRole is "primary", (b) caller and callee live in different
+ * apps (different appGuid), and (c) the callee routine carries `[InternalProc]` or
+ * its `accessModifier` is `"internal"` (set either from the AL `internal procedure`
+ * modifier or projected from `.app` symbol `IsInternal`).
+ */
+export function detectD13(
+	model: SemanticModel,
+	graph: CombinedGraph,
+	ctx: DetectorContext,
+): { findings: Finding[]; stats: DetectorStats } {
+	const findings: Finding[] = [];
+	const seen = new Set<string>();
+	const { routineById, objectsById } = ctx;
+
+	let candidatesConsidered = 0;
+	let skippedOther = 0;
+	for (const [, edges] of graph.edgesByFrom) {
+		for (const e of edges) {
+			const caller = routineById.get(e.from);
+			const callee = routineById.get(e.to);
+			if (!caller || !callee) continue;
+			if (roleOf(caller) !== "primary") continue;
+			candidatesConsidered++;
+
+			const callerObj = objectsById.get(caller.objectId);
+			const calleeObj = objectsById.get(callee.objectId);
+			if (!callerObj || !calleeObj) continue;
+			// Only flag cross-app boundaries
+			if (callerObj.appGuid === calleeObj.appGuid) {
+				skippedOther++;
+				continue;
+			}
+
+			const attrs = parseRoutineAttributes(callee);
+			if (!attrs.internalProc && callee.accessModifier !== "internal") {
+				skippedOther++;
+				continue;
+			}
+
+			const id = `d13/${e.from}/${e.callsiteId ?? "x"}`;
+			if (seen.has(id)) continue;
+			seen.add(id);
+
+			const cs = caller.features.callSites.find((c) => c.id === e.callsiteId);
+			const anchor = cs?.sourceAnchor ?? caller.sourceAnchor;
+
+			const finding: Finding = {
+				id,
+				rootCauseKey: id,
+				detector: "d13-cross-app-internal-call",
+				title: "Cross-extension call into an internal procedure",
+				rootCause: `${caller.name} calls ${callee.name} (app ${calleeObj.appGuid}), which is declared Internal. Crossing this boundary breaks encapsulation and can stop compiling on any minor version bump of the dependency.`,
+				severity: "high",
+				confidence: toConfidence([], "confirmed"),
+				primaryLocation: anchor,
+				evidencePath: [
+					{
+						routineId: caller.id,
+						callsiteId: e.callsiteId,
+						sourceAnchor: anchor,
+						note: `calls Internal ${callee.name} in app ${calleeObj.appGuid}`,
+					},
+				],
+				affectedObjects: [callerObj.id, calleeObj.id].sort(),
+				affectedTables: [],
+				fixOptions: [
+					{
+						description:
+							"Use the dependency's public API instead, or request the routine be promoted to Public upstream.",
+						safety: "medium",
+					},
+				],
+				provenance: [{ source: "tree-sitter" }],
+			};
+			finding.fingerprint = fingerprintOf(finding, model);
+			findings.push(finding);
+		}
+	}
+	return {
+		findings: findings.sort((a, b) => compareStrings(a.id, b.id)),
+		stats: {
+			detector: "d13-cross-app-internal-call",
+			candidatesConsidered,
+			findingsEmitted: findings.length,
+			skipped: { other: skippedOther > 0 ? skippedOther : undefined },
+		},
+	};
+}

package/src/detectors/d14-dead-routine.ts

@@ -0,0 +1,151 @@
+import type { CombinedGraph } from "../engine/combined-graph.ts";
+import { compareStrings } from "../engine/uncertainty-util.ts";
+import { roleOf } from "../model/entities.ts";
+import type { DetectorStats, Finding } from "../model/finding.ts";
+import type { RoutineId } from "../model/ids.ts";
+import type { SemanticModel } from "../model/model.ts";
+import { fingerprintOf } from "../projection/finding-fingerprint.ts";
+import { toConfidence } from "./confidence.ts";
+import type { DetectorContext } from "./detector-context.ts";
+
+/**
+ * D14 — forward reachability from the "reachable roots" set (triggers, event subscribers,
+ * and the procedures we cannot prove are app-scoped: public/protected always; `internal`
+ * only when the workspace lists at least one `internalsVisibleTo` app).
+ *
+ * Flaggable candidates:
+ *  - `local procedure` — scope-limited to the declaring object; always flaggable when
+ *    unreached.
+ *  - `internal procedure` — app-scoped when no `internalsVisibleTo` entries exist;
+ *    flaggable in that case (otherwise treated as external API surface and not flagged).
+ *
+ * A local helper called only via a public wrapper is correctly reached, because the
+ * wrapper is itself a root. Suppresses test-helper objects (object name ending in
+ * Test/Tests) and roots themselves.
+ *
+ * **Page / PageExtension procedures are also suppressed**: AL page metadata can reference
+ * a same-object procedure from property expressions (`Caption = MyCaption()`,
+ * `Visible = ShowGroup`, `Enabled = IsEditable()`, action `OnAction` handlers, factbox
+ * lambdas, …). Al-sem's resolver does not yet traverse those property values into call
+ * edges, so we cannot prove a page-procedure unreachable — flagging it would emit ~50 %
+ * false-positive noise on real Continia workspaces. Same rationale for `Report` and
+ * `XmlPort` whose layout/section bindings reference procedures. Codeunit / Table /
+ * TableExtension procedures continue to be flagged because their call graph is fully
+ * modelled by the resolver.
+ */
+const OBJECT_TYPES_WITHOUT_FULL_CALL_GRAPH: ReadonlySet<string> = new Set([
+	"Page",
+	"PageExtension",
+	"Report",
+	"XmlPort",
+	"Query",
+]);
+export function detectD14(
+	model: SemanticModel,
+	graph: CombinedGraph,
+	ctx: DetectorContext,
+): { findings: Finding[]; stats: DetectorStats } {
+	const roots = ctx.reachableRoots;
+	const reachable = new Set<RoutineId>(roots);
+	const queue: RoutineId[] = [...roots];
+	while (queue.length > 0) {
+		const id = queue.shift();
+		if (id === undefined) break;
+		for (const e of graph.edgesByFrom.get(id) ?? []) {
+			if (!reachable.has(e.to)) {
+				reachable.add(e.to);
+				queue.push(e.to);
+			}
+		}
+	}
+
+	const findings: Finding[] = [];
+	const { objectsById } = ctx;
+	let candidatesConsidered = 0;
+	let skippedOther = 0;
+	let skippedNonLocal = 0;
+	let skippedPropertyExpressionHost = 0;
+	for (const r of model.routines) {
+		if (roleOf(r) !== "primary") continue;
+		if (!r.bodyAvailable) continue;
+		candidatesConsidered++;
+		if (reachable.has(r.id)) {
+			skippedOther++;
+			continue;
+		}
+		// `local procedure` is always flaggable (scope-limited to its object). `internal` is
+		// flaggable only when the workspace declares no `internalsVisibleTo` apps — without
+		// any granted consumer, `internal` is effectively app-scoped. `public`/`protected`
+		// stay roots (potential external API surface).
+		const accessFlaggable =
+			r.accessModifier === "local" ||
+			(r.accessModifier === "internal" && !ctx.internalReachableExternally);
+		if (!accessFlaggable) {
+			skippedNonLocal++;
+			continue;
+		}
+		const obj = objectsById.get(r.objectId);
+		if (obj?.name.match(/Tests?$/i)) {
+			skippedOther++;
+			continue;
+		}
+		if (obj !== undefined && OBJECT_TYPES_WITHOUT_FULL_CALL_GRAPH.has(obj.objectType)) {
+			// See OBJECT_TYPES_WITHOUT_FULL_CALL_GRAPH docs — al-sem's resolver does not
+			// model property-expression references on these object types yet.
+			skippedPropertyExpressionHost++;
+			continue;
+		}
+		if (roots.has(r.id)) {
+			skippedOther++;
+			continue;
+		}
+		const accessNote =
+			r.accessModifier === "internal"
+				? " The workspace's app.json has no `internalsVisibleTo` entries, so no other app can call it."
+				: "";
+		const finding: Finding = {
+			id: `d14/${r.id}`,
+			rootCauseKey: `d14/${r.id}`,
+			detector: "d14-dead-routine",
+			title: "Routine is unreachable from any entry point",
+			rootCause: `${r.name} on ${obj?.name ?? r.objectId} is not called from any page action, trigger, OnRun, web service, or event subscriber in this app — appears to be dead code.${accessNote}`,
+			severity: "info",
+			confidence: toConfidence([], "possible"),
+			primaryLocation: r.sourceAnchor,
+			evidencePath: [
+				{
+					routineId: r.id,
+					sourceAnchor: r.sourceAnchor,
+					note: `${r.name} (no inbound edges from entry-point closure)`,
+				},
+			],
+			affectedObjects: [r.objectId],
+			affectedTables: [],
+			fixOptions: [
+				{
+					description:
+						"Remove the routine if truly unused, or wire it up to an entry point if intended to be invoked.",
+					safety: "low",
+				},
+			],
+			provenance: [{ source: "tree-sitter" }],
+		};
+		finding.fingerprint = fingerprintOf(finding, model);
+		findings.push(finding);
+	}
+	return {
+		findings: findings.sort((a, b) => compareStrings(a.id, b.id)),
+		stats: {
+			detector: "d14-dead-routine",
+			candidatesConsidered,
+			findingsEmitted: findings.length,
+			skipped: {
+				...(skippedOther > 0 ? { other: skippedOther } : {}),
+				...(skippedNonLocal > 0 ? { nonLocal: skippedNonLocal } : {}),
+				...(skippedPropertyExpressionHost > 0
+					? { propertyExpressionHost: skippedPropertyExpressionHost }
+					: {}),
+			},
+		},
+	};
+}

package/src/detectors/d16-obsolete-routine-call.ts

@@ -0,0 +1,94 @@
+import { parseRoutineAttributes } from "../engine/attribute-parser.ts";
+import type { CombinedGraph } from "../engine/combined-graph.ts";
+import { compareStrings } from "../engine/uncertainty-util.ts";
+import { roleOf } from "../model/entities.ts";
+import type { DetectorStats, Finding } from "../model/finding.ts";
+import type { SemanticModel } from "../model/model.ts";
+import { fingerprintOf } from "../projection/finding-fingerprint.ts";
+import { toConfidence } from "./confidence.ts";
+import type { DetectorContext } from "./detector-context.ts";
+
+/**
+ * D16 — Primary-app code calls a routine whose `[Obsolete(...)]` attribute is present.
+ *
+ * Detection strategy: walk every resolved combined-graph edge; flag edges where
+ * (a) the caller's analysisRole is "primary", and (b) the callee routine carries an
+ * `[Obsolete(...)]` attribute.
+ *
+ * Severity is mapped from the obsolete state:
+ *   - Pending  → "info"   (deprecated, should migrate)
+ *   - Removed  → "high"   (call will break on the next version bump)
+ *
+ * Crosses app boundaries — catches calls into Base App's deprecation surface that
+ * per-file analyzers can't follow.
+ */
+export function detectD16(
+	model: SemanticModel,
+	graph: CombinedGraph,
+	ctx: DetectorContext,
+): { findings: Finding[]; stats: DetectorStats } {
+	const findings: Finding[] = [];
+	const { routineById } = ctx;
+
+	let candidatesConsidered = 0;
+	let skippedOther = 0;
+	for (const [, edges] of graph.edgesByFrom) {
+		for (const e of edges) {
+			const caller = routineById.get(e.from);
+			const callee = routineById.get(e.to);
+			if (!caller || !callee) continue;
+			if (roleOf(caller) !== "primary") continue;
+			candidatesConsidered++;
+
+			const attrs = parseRoutineAttributes(callee);
+			if (attrs.obsoleteState === undefined) {
+				skippedOther++;
+				continue;
+			}
+
+			const cs = caller.features.callSites.find((c) => c.id === e.callsiteId);
+			const anchor = cs?.sourceAnchor ?? caller.sourceAnchor;
+			const sev = attrs.obsoleteState === "Removed" ? "high" : "info";
+
+			const finding: Finding = {
+				id: `d16/${e.from}/${e.callsiteId ?? "x"}/${e.to}`,
+				rootCauseKey: `d16/${e.from}/${e.callsiteId ?? "x"}/${e.to}`,
+				detector: "d16-obsolete-routine-call",
+				title: `Call to obsolete routine (${attrs.obsoleteState})`,
+				rootCause: `${caller.name} calls ${callee.name}${attrs.obsoleteReason ? ` — ${attrs.obsoleteReason}` : ""}.`,
+				severity: sev,
+				confidence: toConfidence([], "confirmed"),
+				primaryLocation: anchor,
+				evidencePath: [
+					{
+						routineId: caller.id,
+						callsiteId: e.callsiteId,
+						sourceAnchor: anchor,
+						note: `calls ${attrs.obsoleteState} ${callee.name}`,
+					},
+				],
+				affectedObjects: [caller.objectId, callee.objectId].sort(),
+				affectedTables: [],
+				fixOptions: [
+					{
+						description:
+							attrs.obsoleteReason ?? "Replace the call with the documented successor API.",
+						safety: "high",
+					},
+				],
+				provenance: [{ source: "tree-sitter" }],
+			};
+			finding.fingerprint = fingerprintOf(finding, model);
+			findings.push(finding);
+		}
+	}
+	return {
+		findings: findings.sort((a, b) => compareStrings(a.id, b.id)),
+		stats: {
+			detector: "d16-obsolete-routine-call",
+			candidatesConsidered,
+			findingsEmitted: findings.length,
+			skipped: { other: skippedOther > 0 ? skippedOther : undefined },
+		},
+	};
+}