deslop 0.2.0

A static analyzer that spots low-context and AI-assisted code patterns across naming, concurrency, security, performance, and test quality.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

mod library;
mod performance;
mod security;

pub(super) const LIBRARY_BINDING_LOCATION: &str = library::BINDING_LOCATION;
pub(super) const SECURITY_BINDING_LOCATION: &str = security::BINDING_LOCATION;

use crate::analysis::{ParsedFile, ParsedFunction};
use crate::model::Finding;

use super::framework_patterns::body_lines;

pub(crate) fn go_library_misuse_file_findings(file: &ParsedFile) -> Vec<Finding> {
    let mut findings = security::file_security_findings(file);

    for function in &file.functions {
        findings.extend(go_library_misuse_function_findings(file, function));
    }

    findings
}

fn go_library_misuse_function_findings(
    file: &ParsedFile,
    function: &ParsedFunction,
) -> Vec<Finding> {
    if file.is_test_file || function.is_test_function {
        return Vec::new();
    }

    let lines = body_lines(function);

    let mut findings = performance::performance_findings(file, function, &lines);
    findings.extend(security::security_findings(file, function, &lines));
    findings.extend(library::library_findings(file, function, &lines));
    findings
}