Files
wehub-resource-sync a06f331eb8
CI / benchmark (push) Has been skipped
install-script / posix-syntax (push) Successful in 6m1s
CI / build-onnx (push) Failing after 6m43s
init-smoke / dry-run (push) Failing after 15m57s
security / govulncheck (push) Has been cancelled
security / trivy-fs (push) Has been cancelled
CI / test (1.26, ubuntu-latest) (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
CI / test (1.26, macos-latest) (push) Has been cancelled
CI / build-windows (push) Has been cancelled
CI / lint (push) Has been cancelled
install-script / powershell-syntax (push) Has been cancelled
install-script / install (macos-14) (push) Has been cancelled
install-script / install (ubuntu-latest) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:33:42 +08:00

27 lines
1009 B
Go

package astquery
// Idiomatic / correctness review rulepack. These detectors register
// exactly like the SAST / hygiene rules — through mustRegisterSAST —
// but carry Category = CategoryReview so the analyze layer can fan
// them out independently of the security set.
//
// Two classes of rule live here:
//
// - Decidable rules (nil-deref-prone type assertions, inverted
// error checks) fire on a self-contained structural shape and need
// no further context. They surface as-is.
//
// - Undecidable-from-AST-alone rules (check-then-act on a map, a
// query call inside a loop body that smells of N+1) are emitted
// optimistically here and then refined by the graph-grounding
// post-pass in the review layer, where the resolved call / loop
// metadata is reachable. The detectors stay pure-AST: their
// PostFilters only ever see (parser.QueryResult, []byte).
//
// All rules cover Go and Python.
func init() {
registerGoReviewRules()
registerPyReviewRules()
}