UNPKG

agentsqripts

Version:

Comprehensive static code analysis toolkit for identifying technical debt, security vulnerabilities, performance issues, and code quality problems

github.com/Bijikyu/agentsqripts

Bijikyu/agentsqripts

121 lines (118 loc) 4.21 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
/** * @file Static bug pattern definitions for comprehensive error detection * @description Single responsibility: Define bug patterns with effort estimation and impact assessment * * This configuration module defines comprehensive bug patterns used by the static bug * analyzer to identify real logic errors, security vulnerabilities, and common programming * mistakes. Each pattern includes effort estimation, impact description, and severity * classification to enable prioritized bug fixing and technical debt management. * * Design rationale: * - Pattern-based detection enables automated bug identification without complex analysis * - Effort estimation helps development teams prioritize bug fixes effectively * - Impact descriptions provide clear business justification for fixes * - Severity classification enables automated prioritization and alert systems * - Category grouping helps identify systemic code quality issues across projects */ // Bug Pattern Constants /** * Comprehensive bug pattern definitions with metadata for prioritization * * Pattern structure rationale: * - effort: Estimated hours to fix (1=trivial, 2=easy, 3=moderate, 4+=complex) * - impact: Business/technical justification for fixing the issue * - severity: Risk level (HIGH=critical bugs, MEDIUM=quality issues, LOW=cleanup) * - category: Grouping for systematic analysis and team specialization * * Pattern categories: * - Type Safety: Type coercion and comparison issues * - Logic Error: Algorithmic and control flow problems * - Security: Vulnerabilities and unsafe practices * - API Usage: Incorrect framework/library usage * - Async/Await: Promise and asynchronous programming issues * - Error Handling: Missing or inadequate error management * - Code Quality: Maintainability and clarity issues * * Effort estimation methodology: * - Based on typical developer time including testing and code review * - Considers complexity of fix and potential side effects * - Accounts for need to understand surrounding code context * - Includes time for writing tests and updating documentation */ const BUG_PATTERNS = { [`type_coercion`]: { effort: 1, impact: `Prevents unexpected type coercion bugs and improves code reliability`, severity: `HIGH`, category: `Type Safety` }, [`nan_comparison`]: { effort: 1, impact: `Fixes always-false NaN comparisons that never work as expected`, severity: `HIGH`, category: `Logic Error` }, [`dangerous_eval`]: { effort: 3, impact: `Eliminates code injection vulnerabilities and improves security`, severity: `HIGH`, category: `Security` }, [`missing_radix`]: { effort: 1, impact: `Prevents parseInt base confusion and ensures consistent parsing`, severity: `MEDIUM`, category: `API Usage` }, [`missing_await`]: { effort: 2, impact: `Fixes async/await usage and prevents promise handling issues`, severity: `HIGH`, category: `Async/Await` }, [`fs_error_handling`]: { effort: 2, impact: `Adds proper error handling for file system operations`, severity: `HIGH`, category: `Error Handling` }, [`unsafe_json_parse`]: { effort: 2, impact: `Prevents JSON parsing crashes and improves error handling`, severity: `HIGH`, category: `Error Handling` }, [`async_event_listener`]: { effort: 2, impact: `Adds error handling for async event listeners`, severity: `MEDIUM`, category: `Error Handling` }, [`promise_constructor`]: { effort: 3, impact: `Encourages proper promise usage patterns and error handling`, severity: `MEDIUM`, category: `Promise Usage` }, 'empty_catch': { effort: 1, impact: 'Prevents silent failure and improves error handling', severity: 'MEDIUM', category: 'Error Handling' }, 'unused_variable': { effort: 1, impact: 'Removes dead code and improves maintainability', severity: 'LOW', category: 'Code Quality' }, 'unreachable_code': { effort: 1, impact: 'Removes dead code paths and improves maintainability', severity: 'MEDIUM', category: 'Code Quality' } }; module.exports = { BUG_PATTERNS };