UNPKG

agentsqripts

Version:

Comprehensive static code analysis toolkit for identifying technical debt, security vulnerabilities, performance issues, and code quality problems

github.com/Bijikyu/agentsqripts

Bijikyu/agentsqripts

121 lines (118 loc) 4.2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
/** * @file Static bug pattern definitions for comprehensive error detection * @description Single responsibility: Define bug patterns with effort estimation and impact assessment * * This configuration module defines comprehensive bug patterns used by the static bug * analyzer to identify real logic errors, security vulnerabilities, and common programming * mistakes. Each pattern includes effort estimation, impact description, and severity * classification to enable prioritized bug fixing and technical debt management. * * Design rationale: * - Pattern-based detection enables automated bug identification without complex analysis * - Effort estimation helps development teams prioritize bug fixes effectively * - Impact descriptions provide clear business justification for fixes * - Severity classification enables automated prioritization and alert systems * - Category grouping helps identify systemic code quality issues across projects */ // Bug Pattern Constants /** * Comprehensive bug pattern definitions with metadata for prioritization * * Pattern structure rationale: * - effort: Estimated hours to fix (1=trivial, 2=easy, 3=moderate, 4+=complex) * - impact: Business/technical justification for fixing the issue * - severity: Risk level (HIGH=critical bugs, MEDIUM=quality issues, LOW=cleanup) * - category: Grouping for systematic analysis and team specialization * * Pattern categories: * - Type Safety: Type coercion and comparison issues * - Logic Error: Algorithmic and control flow problems * - Security: Vulnerabilities and unsafe practices * - API Usage: Incorrect framework/library usage * - Async/Await: Promise and asynchronous programming issues * - Error Handling: Missing or inadequate error management * - Code Quality: Maintainability and clarity issues * * Effort estimation methodology: * - Based on typical developer time including testing and code review * - Considers complexity of fix and potential side effects * - Accounts for need to understand surrounding code context * - Includes time for writing tests and updating documentation */ const BUG_PATTERNS = { 'type_coercion': { effort: 1, impact: 'Prevents unexpected type coercion bugs and improves code reliability', severity: 'HIGH', category: 'Type Safety' }, 'nan_comparison': { effort: 1, impact: 'Fixes always-false NaN comparisons that never work as expected', severity: 'HIGH', category: 'Logic Error' }, 'dangerous_eval': { effort: 3, impact: 'Eliminates code injection vulnerabilities and improves security', severity: 'HIGH', category: 'Security' }, 'missing_radix': { effort: 1, impact: 'Prevents parseInt base confusion and ensures consistent parsing', severity: 'MEDIUM', category: 'API Usage' }, 'missing_await': { effort: 2, impact: 'Fixes async/await usage and prevents promise handling issues', severity: 'HIGH', category: 'Async/Await' }, 'fs_error_handling': { effort: 2, impact: 'Adds proper error handling for file system operations', severity: 'HIGH', category: 'Error Handling' }, 'unsafe_json_parse': { effort: 2, impact: 'Prevents JSON parsing crashes and improves error handling', severity: 'HIGH', category: 'Error Handling' }, 'async_event_listener': { effort: 2, impact: 'Adds error handling for async event listeners', severity: 'MEDIUM', category: 'Error Handling' }, 'promise_constructor': { effort: 3, impact: 'Encourages proper promise usage patterns and error handling', severity: 'MEDIUM', category: 'Promise Usage' }, 'empty_catch': { effort: 1, impact: 'Prevents silent failure and improves error handling', severity: 'MEDIUM', category: 'Error Handling' }, 'unused_variable': { effort: 1, impact: 'Removes dead code and improves maintainability', severity: 'LOW', category: 'Code Quality' }, 'unreachable_code': { effort: 1, impact: 'Removes dead code paths and improves maintainability', severity: 'MEDIUM', category: 'Code Quality' } }; module.exports = { BUG_PATTERNS };