Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Group and decide which linting rules to include by default. #114

Closed
ryaneberly opened this issue Oct 21, 2015 · 13 comments
Closed

Group and decide which linting rules to include by default. #114

ryaneberly opened this issue Oct 21, 2015 · 13 comments

Comments

@ryaneberly
Copy link
Contributor

see #103
@ryaneberly
Copy link
Contributor Author

Proposing we assign the current rules to "groups". Something like:

Bug Prone
ARG_VAR_CONFLICT
NO_DEFAULT_INSIDE_SWITCH
NESTED_CFOUTPUT
OUTPUT_ATTR
MISSING_VAR

Correctness
ARG_TYPE_MISSING
ARG_TYPE_ANY
ARG_DEFAULT_MISSING
ARG_VAR_MIXED
QUERYNEW_DATATYPE

Bad Practice
GLOBAL_VAR
AVOID_USING_CFDUMP_TAG
AVOID_USING_CFEXECUTE_TAG
AVOID_USING_CFABORT_TAG
AVOID_USING_ABORT
AVOID_USING_WRITEDUMP
AVOID_USING_CFINSERT_TAG
AVOID_USING_CFMODULE_TAG
AVOID_USING_CFUPDATE_TAG

Security
QUERYPARAM_REQ
CFQUERYPARAM_REQ

Code style/Documentation
COMPONENT_HINT_MISSING
FUNCTION_HINT_MISSING-INFO
ARG_HINT_MISSING-INFO
COMPLEX_BOOLEAN_CHECK
EXCESSIVE_FUNCTIONS
FUNCTION_TOO_COMPLEX
EXPLICIT_BOOLEAN_CHECK

Modern Syntax
AVOID_USING_STRUCTNEW
AVOID_USING_ARRAYNEW

And I suggest we include all groups except "Code style/documentation" (and possibly "Modern syntax) by default.

Thoughts?

@justinmclean
Copy link
Contributor

Nice grouping. I'd split out the following into a new group as these are less about style and more about maintainability/complexity/lack of abstraction etc:
COMPLEX_BOOLEAN_CHECK
EXCESSIVE_FUNCTIONS
FUNCTION_TOO_COMPLEX
EXPLICIT_BOOLEAN_CHECK

@justinmclean
Copy link
Contributor

ARG_TYPE_ANY could possible also go into this new group, but also fine where it is.

@ryaneberly
Copy link
Contributor Author

Good feedback. I like it.

Complexity
COMPLEX_BOOLEAN_CHECK
EXCESSIVE_FUNCTIONS
FUNCTION_TOO_COMPLEX
EXPLICIT_BOOLEAN_CHECK

@justinmclean
Copy link
Contributor

Also add to same group:
EXCESSIVE_FUNCTION_LENGTH
EXCESSIVE_COMPONENT_LENGTH

@justinmclean
Copy link
Contributor

also add (and there's more to come):

Poor Naming:
VAR_INVALID_NAME
VAR_ALLCAPS_NAME
VAR_TOO_SHORT
VAR_TOO_LONG
VAR_TOO_WORDY
VAR_IS_TEMPORARY
VAR_HAS_PREFIX_OR_POSTFIX
METHOD_INVALID_NAME
METHOD_TOO_SHORT
METHOD_TOO_LONG
METHOD_TOO_WORDY
METHOD_IS_TEMPORARY
METHOD_HAS_PREFIX_OR_POSTFIX

@justinmclean
Copy link
Contributor

Also in code style add:
FUNCTION_TYPE_MISSING
FUNCTION_TYPE_ANY

@justinmclean
Copy link
Contributor

In bad practice add:
LOCAL_LITERAL_VALUE_USED_TOO_OFTEN
GLOBAL_LITERAL_VALUE_USED_TOO_OFTEN

@justinmclean
Copy link
Contributor

Also add to complexity:
EXCESSIVE_ARGUMENTS

@ryaneberly
Copy link
Contributor Author

with justinmclean's suggestions

Bug Prone
ARG_VAR_CONFLICT
NO_DEFAULT_INSIDE_SWITCH
NESTED_CFOUTPUT
OUTPUT_ATTR
MISSING_VAR

Correctness
ARG_DEFAULT_MISSING
ARG_TYPE_ANY
ARG_TYPE_MISSING
ARG_VAR_MIXED
QUERYNEW_DATATYPE

Bad Practice
AVOID_USING_ABORT
AVOID_USING_CFABORT_TAG
AVOID_USING_CFDUMP_TAG
AVOID_USING_CFEXECUTE_TAG
AVOID_USING_CFINSERT_TAG
AVOID_USING_CFMODULE_TAG
AVOID_USING_CFUPDATE_TAG
AVOID_USING_WRITEDUMP
GLOBAL_LITERAL_VALUE_USED_TOO_OFTEN
GLOBAL_VAR
LOCAL_LITERAL_VALUE_USED_TOO_OFTEN

Security
CFQUERYPARAM_REQ
QUERYPARAM_REQ

Code style/Documentation
ARG_HINT_MISSING-INFO
COMPONENT_HINT_MISSING
FUNCTION_HINT_MISSING-INFO
FUNCTION_TYPE_ANY
FUNCTION_TYPE_MISSING

Modern Syntax
AVOID_USING_ARRAYNEW
AVOID_USING_STRUCTNEW

Complexity
COMPLEX_BOOLEAN_CHECK
EXCESSIVE_FUNCTIONS
EXCESSIVE_ARGUMENTS
EXPLICIT_BOOLEAN_CHECK
EXCESSIVE_COMPONENT_LENGTH
EXCESSIVE_FUNCTION_LENGTH
FUNCTION_TOO_COMPLEX

Poor Naming:
METHOD_HAS_PREFIX_OR_POSTFIX
METHOD_INVALID_NAME
METHOD_IS_TEMPORARY
METHOD_TOO_SHORT
METHOD_TOO_LONG
METHOD_TOO_WORDY
VAR_ALLCAPS_NAME
VAR_HAS_PREFIX_OR_POSTFIX
VAR_INVALID_NAME
VAR_IS_TEMPORARY
VAR_TOO_SHORT
VAR_TOO_LONG
VAR_TOO_WORDY

ryaneberly added a commit that referenced this issue Nov 6, 2015
@ryaneberly
#114
6d7785a
@ryaneberly ryaneberly mentioned this issue May 12, 2016
Closed
@denuno
Copy link
Collaborator

denuno commented May 22, 2016
edited by ryaneberly
Loading

Love'n the groups! I just added a GUI for CFLint to CFEclipse, and these groups would help organize it better. To make editing/keeping track easier, I created a wiki page for the group list here: https://github.com/cflint/CFLint/wiki/Rule-Groups

Would the groups define the rules, or would we define the groups in the rules? Eg:

"security" : ["CFQUERYPARAM_REQ","QUERYPARAM_REQ"]
versus

    {
      "name": "ArgVarChecker",
      "message": [
        {
          "code": "ARG_VAR_CONFLICT",
          "messageText": "Variable ${variable} should not be declared in both var and argument scopes.",
          "severity": "ERROR",
          "groups":["buggy"]
        },

Would it be one group per rule, or could some rules be in more than one group?

I think I like rules being able to be in more than one group, but it might be better if that's not allowed...

@ryaneberly
Copy link
Contributor Author

I like the first option.

ryaneberly added a commit that referenced this issue Oct 24, 2016
@ryaneberly
#114
beff1ec
ryaneberly added a commit that referenced this issue Jan 30, 2017
@ryaneberly
#114 rule groups support.
8807d1c
ryaneberly added a commit that referenced this issue Jan 30, 2017
@ryaneberly
#114
a9042db
@ryaneberly
Copy link
Contributor Author

java -jar CFLint-0.11.0.jar --listrulegroups

java -jar CFLint-0.11.0.jar --rulegroups Naming,Complexity

ryaneberly added a commit that referenced this issue Jan 30, 2017
@ryaneberly
#114 fix default excludes
5ef3be7
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@justinmclean @denuno @ryaneberly