deslop 0.2.0

A static analyzer that spots low-context and AI-assisted code patterns across naming, concurrency, security, performance, and test quality.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

use super::{
    RuleConfigurability, RuleDefaultSeverity, RuleDefinition, RuleLanguage, RuleStatus, bindings,
};

pub(crate) const RULE_DEFINITIONS: &[RuleDefinition] = &[
    RuleDefinition {
        id: "rust_axum_router_built_in_handler",
        language: RuleLanguage::Rust,
        family: "runtime_boundary",
        default_severity: RuleDefaultSeverity::Warning,
        status: RuleStatus::Stable,
        configurability: &[
            RuleConfigurability::Disable,
            RuleConfigurability::Ignore,
            RuleConfigurability::SeverityOverride,
        ],
        description: "Axum routers assembled inside handler call paths instead of startup wiring.",
        binding_location: bindings::RUST_RUNTIME_BOUNDARY,
    },
    RuleDefinition {
        id: "rust_clone_heavy_state_in_loop",
        language: RuleLanguage::Rust,
        family: "runtime_boundary",
        default_severity: RuleDefaultSeverity::Info,
        status: RuleStatus::Stable,
        configurability: &[
            RuleConfigurability::Disable,
            RuleConfigurability::Ignore,
            RuleConfigurability::SeverityOverride,
        ],
        description: "Likely heavy state cloned repeatedly inside loops in Rust application code.",
        binding_location: bindings::RUST_RUNTIME_BOUNDARY,
    },
    RuleDefinition {
        id: "rust_env_var_read_in_request_path",
        language: RuleLanguage::Rust,
        family: "runtime_boundary",
        default_severity: RuleDefaultSeverity::Warning,
        status: RuleStatus::Stable,
        configurability: &[
            RuleConfigurability::Disable,
            RuleConfigurability::Ignore,
            RuleConfigurability::SeverityOverride,
        ],
        description: "Rust request handlers reading environment configuration on the hot request path.",
        binding_location: bindings::RUST_RUNTIME_BOUNDARY,
    },
    RuleDefinition {
        id: "rust_tokio_runtime_built_per_call",
        language: RuleLanguage::Rust,
        family: "runtime_boundary",
        default_severity: RuleDefaultSeverity::Warning,
        status: RuleStatus::Stable,
        configurability: &[
            RuleConfigurability::Disable,
            RuleConfigurability::Ignore,
            RuleConfigurability::SeverityOverride,
        ],
        description: "Tokio runtimes created per call instead of being owned at process or bootstrap boundaries.",
        binding_location: bindings::RUST_RUNTIME_BOUNDARY,
    },
    RuleDefinition {
        id: "rust_tonic_channel_connect_per_request",
        language: RuleLanguage::Rust,
        family: "runtime_boundary",
        default_severity: RuleDefaultSeverity::Warning,
        status: RuleStatus::Stable,
        configurability: &[
            RuleConfigurability::Disable,
            RuleConfigurability::Ignore,
            RuleConfigurability::SeverityOverride,
        ],
        description: "tonic transport channels dialed on request paths instead of reusing configured clients.",
        binding_location: bindings::RUST_RUNTIME_BOUNDARY,
    },
    RuleDefinition {
        id: "rust_workspace_missing_resolver",
        language: RuleLanguage::Rust,
        family: "runtime_boundary",
        default_severity: RuleDefaultSeverity::Info,
        status: RuleStatus::Stable,
        configurability: &[
            RuleConfigurability::Disable,
            RuleConfigurability::Ignore,
            RuleConfigurability::SeverityOverride,
        ],
        description: "Workspace Cargo manifests with multiple members but no explicit resolver version.",
        binding_location: bindings::RUST_RUNTIME_BOUNDARY,
    },
];