Popular New Releases in Code Analyzer
standard
eslint
tools
v0.4.2
infer
Infer version v1.1.0
rubocop
RuboCop 1.28 (a.k.a. The 10th Anniversary Edition)
Popular Libraries in Code Analyzer
by airbnb 
javascript
118201 MIT
JavaScript Style Guide
by standard javascript
26892 MIT
🌟 JavaScript Style Guide, with linter & automatic code fixer
by eslint javascript
20402 MIT
Find and fix problems in your JavaScript code.
by rome rust
18488 MIT
The Rome Toolchain. A linter, compiler, bundler, and more for JavaScript, TypeScript, HTML, Markdown, and CSS.
by python python
12936 NOASSERTION
Optional static typing for Python
by facebook html
12336 MIT
A static analyzer for Java, C, C++, and Objective-C
by rubocop ruby
11757 MIT
A Ruby static code analyzer and formatter, based on the community Ruby style guide.
by typescript-eslint typescript
11431 NOASSERTION
:sparkles: Monorepo for all the tooling which enables ESLint to support TypeScript
by rubocop-hq ruby
11243 MIT
A Ruby static code analyzer and formatter, based on the community Ruby style guide.
Trending New libraries in Code Analyzer
by rome rust
18488 MIT
The Rome Toolchain. A linter, compiler, bundler, and more for JavaScript, TypeScript, HTML, Markdown, and CSS.
by praetorian-inc go
1922 Apache-2.0
A static analysis tool for securing Go code
by rslint rust
1516 MIT
A (WIP) Extremely fast JavaScript and TypeScript linter and Rust crate
by imanghafoori1 php
1123 MIT
Fearless refactoring, it does a lot of smart checks to find certain errors.
by denoland rust
1081 MIT
Blazing fast linter for JavaScript and TypeScript written in Rust
by loeffel-io go
968 MIT
An extremely fast directory and filename linter - Bring some structure to your project directories
by csinn csharp
740 Apache-2.0
C# boot camp
by jpedroschmitz typescript
714 MIT
Non-opinionated TypeScript starter for Next.js. All the tools you need to build your next project ⚡️
by enlightn php
623 NOASSERTION
Your performance & security consultant, an artisan command away.
Top Authors in Code Analyzer
1
48 Libraries
1825
2
40 Libraries
4685
3
24 Libraries
350
4
17 Libraries
11475
5
16 Libraries
12111
6
16 Libraries
30891
7
16 Libraries
649
8
15 Libraries
10904
9
15 Libraries
2622
10
15 Libraries
13433
1
48 Libraries
1825
2
40 Libraries
4685
3
24 Libraries
350
4
17 Libraries
11475
5
16 Libraries
12111
6
16 Libraries
30891
7
16 Libraries
649
8
15 Libraries
10904
9
15 Libraries
2622
10
15 Libraries
13433
Trending Kits in Code Analyzer
No Trending Kits are available at this moment for Code Analyzer
Trending Discussions on Code Analyzer
Rust duplicated use statements
Specific Requirements for custom Roslyn Code Analyzer to run in live analysis?
storing all function body from txt file in dictionary in python
PHP 7.4+ class property typing
MS Word Online add-in: How to detect focus?
Viewing all 'suggestions' in a solution
Webpack plugin API: getting source maps for a module during parsing
how to append one element to a GNU bash array variable and use that array variable as arguments to an ELF executable
Invoke method of analyzed assembly from a Roslyn Code Analyzer
Autosar standard-compilant way to use regex
QUESTION
Rust duplicated use statements
Asked 2022-Mar-23 at 13:43Firt of all, I am a total begginner in Rust, I started to use a code analyzer (Mega-Linter) and it made me realize how much I duplicated the same "use" statements in my submodules. Here what my source file tree looks like :
1src/
2 - lib.rs
3 - ui/
4 - mod.rs
5 - ui_mod_1.rs
6 - ui_mod_2.rs
7Then I realized that my ui_mod_1.rs and ui_mod_2.rs had almost the same bunch of "use" statements :
1src/
2 - lib.rs
3 - ui/
4 - mod.rs
5 - ui_mod_1.rs
6 - ui_mod_2.rs
7// ui_mod_1.rs
8use tui::{
9 layout::{Alignment, Constraint, Direction, Layout, Rect},
10 style::{Color, Modifier, Style},
11};
12
13// rest of the file
141src/
2 - lib.rs
3 - ui/
4 - mod.rs
5 - ui_mod_1.rs
6 - ui_mod_2.rs
7// ui_mod_1.rs
8use tui::{
9 layout::{Alignment, Constraint, Direction, Layout, Rect},
10 style::{Color, Modifier, Style},
11};
12
13// rest of the file
14// ui_mod_2.rs
15use tui::{
16 layout::{Alignment, Constraint, Direction, Layout, Rect},
17 style::{Color, Modifier, Style},
18};
19
20// rest of the file
211src/
2 - lib.rs
3 - ui/
4 - mod.rs
5 - ui_mod_1.rs
6 - ui_mod_2.rs
7// ui_mod_1.rs
8use tui::{
9 layout::{Alignment, Constraint, Direction, Layout, Rect},
10 style::{Color, Modifier, Style},
11};
12
13// rest of the file
14// ui_mod_2.rs
15use tui::{
16 layout::{Alignment, Constraint, Direction, Layout, Rect},
17 style::{Color, Modifier, Style},
18};
19
20// rest of the file
21// mod.rs
22pub mod ui_mod_1;
23pub mod ui_mod_2;
241src/
2 - lib.rs
3 - ui/
4 - mod.rs
5 - ui_mod_1.rs
6 - ui_mod_2.rs
7// ui_mod_1.rs
8use tui::{
9 layout::{Alignment, Constraint, Direction, Layout, Rect},
10 style::{Color, Modifier, Style},
11};
12
13// rest of the file
14// ui_mod_2.rs
15use tui::{
16 layout::{Alignment, Constraint, Direction, Layout, Rect},
17 style::{Color, Modifier, Style},
18};
19
20// rest of the file
21// mod.rs
22pub mod ui_mod_1;
23pub mod ui_mod_2;
24// lib.rs
25pub mod ui;
26The idea behind ui_mod_1.rs and ui_mod_2.rs is to split "ui utilitaries" functions by theme to avoid having a huge source file containing all of them. A possible solution is to merge the two files, but this is not what I want to do.
What I tried is to move the "use" that the two submodules have in common in the mod.rs or even in the lib.rs like so :
1src/
2 - lib.rs
3 - ui/
4 - mod.rs
5 - ui_mod_1.rs
6 - ui_mod_2.rs
7// ui_mod_1.rs
8use tui::{
9 layout::{Alignment, Constraint, Direction, Layout, Rect},
10 style::{Color, Modifier, Style},
11};
12
13// rest of the file
14// ui_mod_2.rs
15use tui::{
16 layout::{Alignment, Constraint, Direction, Layout, Rect},
17 style::{Color, Modifier, Style},
18};
19
20// rest of the file
21// mod.rs
22pub mod ui_mod_1;
23pub mod ui_mod_2;
24// lib.rs
25pub mod ui;
26// mod.rs
27pub use tui::{
28 layout::{Alignment, Constraint, Direction, Layout, Rect},
29 style::{Color, Modifier, Style},
30};
31
32pub mod ui_mod_1;
33pub mod ui_mod_2;
34But this does not work. After some research I still did not find how to do this. Is there an elegant way to regroup "use" statements for all submodules ?
ANSWER
Answered 2022-Mar-23 at 13:43You can create a ui_prelude module that contains the use statements as pub use, and then do just use ui_prelude::* in your modules:
1src/
2 - lib.rs
3 - ui/
4 - mod.rs
5 - ui_mod_1.rs
6 - ui_mod_2.rs
7// ui_mod_1.rs
8use tui::{
9 layout::{Alignment, Constraint, Direction, Layout, Rect},
10 style::{Color, Modifier, Style},
11};
12
13// rest of the file
14// ui_mod_2.rs
15use tui::{
16 layout::{Alignment, Constraint, Direction, Layout, Rect},
17 style::{Color, Modifier, Style},
18};
19
20// rest of the file
21// mod.rs
22pub mod ui_mod_1;
23pub mod ui_mod_2;
24// lib.rs
25pub mod ui;
26// mod.rs
27pub use tui::{
28 layout::{Alignment, Constraint, Direction, Layout, Rect},
29 style::{Color, Modifier, Style},
30};
31
32pub mod ui_mod_1;
33pub mod ui_mod_2;
34// ui_prelude.rs
35pub use tui::{
36 layout::{Alignment, Constraint, Direction, Layout, Rect},
37 style::{Color, Modifier, Style},
38};
391src/
2 - lib.rs
3 - ui/
4 - mod.rs
5 - ui_mod_1.rs
6 - ui_mod_2.rs
7// ui_mod_1.rs
8use tui::{
9 layout::{Alignment, Constraint, Direction, Layout, Rect},
10 style::{Color, Modifier, Style},
11};
12
13// rest of the file
14// ui_mod_2.rs
15use tui::{
16 layout::{Alignment, Constraint, Direction, Layout, Rect},
17 style::{Color, Modifier, Style},
18};
19
20// rest of the file
21// mod.rs
22pub mod ui_mod_1;
23pub mod ui_mod_2;
24// lib.rs
25pub mod ui;
26// mod.rs
27pub use tui::{
28 layout::{Alignment, Constraint, Direction, Layout, Rect},
29 style::{Color, Modifier, Style},
30};
31
32pub mod ui_mod_1;
33pub mod ui_mod_2;
34// ui_prelude.rs
35pub use tui::{
36 layout::{Alignment, Constraint, Direction, Layout, Rect},
37 style::{Color, Modifier, Style},
38};
39// ui_mod_1.rs and ui_mod_2.rs
40use super::ui_prelude::*;
411src/
2 - lib.rs
3 - ui/
4 - mod.rs
5 - ui_mod_1.rs
6 - ui_mod_2.rs
7// ui_mod_1.rs
8use tui::{
9 layout::{Alignment, Constraint, Direction, Layout, Rect},
10 style::{Color, Modifier, Style},
11};
12
13// rest of the file
14// ui_mod_2.rs
15use tui::{
16 layout::{Alignment, Constraint, Direction, Layout, Rect},
17 style::{Color, Modifier, Style},
18};
19
20// rest of the file
21// mod.rs
22pub mod ui_mod_1;
23pub mod ui_mod_2;
24// lib.rs
25pub mod ui;
26// mod.rs
27pub use tui::{
28 layout::{Alignment, Constraint, Direction, Layout, Rect},
29 style::{Color, Modifier, Style},
30};
31
32pub mod ui_mod_1;
33pub mod ui_mod_2;
34// ui_prelude.rs
35pub use tui::{
36 layout::{Alignment, Constraint, Direction, Layout, Rect},
37 style::{Color, Modifier, Style},
38};
39// ui_mod_1.rs and ui_mod_2.rs
40use super::ui_prelude::*;
41// mod.rs
42mod ui_prelude.
43pub mod ui_mod_1;
44pub mod ui_mod_2;
45QUESTION
Specific Requirements for custom Roslyn Code Analyzer to run in live analysis?
Asked 2022-Mar-18 at 12:46I've got a Roslyn based Code Analyzer and Codefix. When directly creating the ReportDiagnostic from an AnalyzerCodeBlock, they would show up in live analysis (Problems in Jetbrains Rider).
However, it needs to parse additional data from the solution to build a dependency tree to make the decision. So now it works like this:
1
2RegisterCompilationStartAction -> then it registers a RegisterCodeBlockStartAction to build a dependency tree
3
4RegisterOperationAction -> Instead of generating the ReportDiagnostic directly, it puts the particular calls into a ConcurrentBag to analyze later.
5
6RegisterCompilationEndAction -> When called, this analyzes the calls from RegisterOperationAction with the dependency tree generated in the RegisterCodeBlockStartAction and generates ReportDiagnostics with the combined information.
7Now it only works on build, not in live analysis. I would love to get this back working in live analysis (I have enable solution-wide analysis enabled) since allowing use of the codefixes are incredibly useful.
Any idea of a known reason (like using any CompilationStart-End) this automatically doesn't work in live mode, or is there a way to refactor this into a different structure compatible with live analysis?
ANSWER
Answered 2022-Mar-18 at 12:46CompilationStart isn't a problem. It doesn't cause an analyzer to be build-only. However, CompilationEnd is the problem. They're build only, and also their associated code fixes won't show in the IDE. This is for performance reasons.
Related discussion: https://github.com/dotnet/roslyn/issues/51653
QUESTION
storing all function body from txt file in dictionary in python
Asked 2022-Mar-07 at 01:31I'm trying to do code analyzer app and i have a txt file that contains a python code and my goal now is to save all functions in this txt file in dictionary in the class, but i don't have any idea how can i do it
at first i create class that name is class CodeAnalyzer:
1def __init__(self, file):
2 self.file = file
3 self.file_string = ""
4 self.file_func= {}
5 self.errors = {}
6and i want to save function in self.file_func= {}
this is process step, every method should return key and value added to attributes
1def __init__(self, file):
2 self.file = file
3 self.file_string = ""
4 self.file_func= {}
5 self.errors = {}
6def process_file(self):
7 for i, line in enumerate(self.file):
8 self.file_string += line
9 self.check_divide_by_zero(i, line)
10 self.check_parameters_num(i, line)
11This what i tried to do but ie's failed :
1def __init__(self, file):
2 self.file = file
3 self.file_string = ""
4 self.file_func= {}
5 self.errors = {}
6def process_file(self):
7 for i, line in enumerate(self.file):
8 self.file_string += line
9 self.check_divide_by_zero(i, line)
10 self.check_parameters_num(i, line)
11def store_function(self,i,line):
12 if(line.startswith('def')):
13 self.file_func.setdefault(i,[]).append((self.file_string[file_string.index(':') ,:]))
14Any one have an Idea or help on it ?
ANSWER
Answered 2022-Mar-07 at 01:31You can just use exec() with it's globals() dict set to your class instance's namespace.
1def __init__(self, file):
2 self.file = file
3 self.file_string = ""
4 self.file_func= {}
5 self.errors = {}
6def process_file(self):
7 for i, line in enumerate(self.file):
8 self.file_string += line
9 self.check_divide_by_zero(i, line)
10 self.check_parameters_num(i, line)
11def store_function(self,i,line):
12 if(line.startswith('def')):
13 self.file_func.setdefault(i,[]).append((self.file_string[file_string.index(':') ,:]))
14class CodeAnalyzer:
15 def __init__(self,file):
16 # Read a string from the file
17 f=open(file)
18 t=f.read()
19 f.close()
20
21 #Populate the namespace dictionary by executing the code in the file
22 self.namespace={}#this includes all declarations of functions, variables and classes
23 exec(t,self.namespace)#this means that when variables are declared, they use the class instance's attributes dictionary as their global namespace
24
25 #Filter the namespace dict based on the contents
26 self.functions={i:self.namespace[i] for i in self.namespace if isinstance(i,type(lambda:0))}#type(lambda:0) is just FunctionType
27 self.classes={i:self.namespace[i] for i in self.namespace if isinstance(i,type)}#all classes are instances of type
28 self.variables={i:self.namespace[i] for i in self.namespace if i not in self.functions|self.classes}#everything else, using dictionary merge
29
30Feel free to comment on this answer if you have further questions.
QUESTION
PHP 7.4+ class property typing
Asked 2022-Feb-09 at 14:23I'm sure that question has been asked numerous times but I can't seem to find a good/satisfying answer so please bear with me.
Using PHP 7.4+, I tend to type everything I can. But I have some problems with Doctrine entities properties.
If I type everything correctly, I usually get a lot of errors like this one.
Typed property App\Entity\User::$createdAt must not be accessed before initialization
A code sample for that type of error would look something like this
1/**
2 * @var DateTimeInterface
3 * @ORM\Column(type="datetime")
4 */
5protected DateTimeInterface $createdAt;
6So, I used to make the property nullable even though the database field is not. So it would look something like this.
1/**
2 * @var DateTimeInterface
3 * @ORM\Column(type="datetime")
4 */
5protected DateTimeInterface $createdAt;
6/**
7 * @var DateTimeInterface|null
8 * @ORM\Column(type="datetime")
9 */
10protected ?DateTimeInterface $createdAt = null;
11But, now I have another problem. I decided to implement a static code analyzer in my project and now I'm using PHPStan. So now, when I scan my code I get errors like that one.
Line src/Entity/Trait/TimestampableEntityPropertiesTrait.php (in context of class App\Entity\Article)
16 Property App\Entity\Article::$createdAt type mapping mismatch: property can contain DateTimeInterface|null but database expects DateTimeInterface.
So, what would be the right way to handle this type of situation?
Any advice would be greatly appreciated.
EDIT
I should have mentioned that sometimes, I don't want to/can't initialize the property in the constructor since I don't have the correct values just yet.
ANSWER
Answered 2022-Feb-09 at 14:23I'm not sure if this is a bad practice, but it turned out I only had to remove that check from phpstan configuration.
1/**
2 * @var DateTimeInterface
3 * @ORM\Column(type="datetime")
4 */
5protected DateTimeInterface $createdAt;
6/**
7 * @var DateTimeInterface|null
8 * @ORM\Column(type="datetime")
9 */
10protected ?DateTimeInterface $createdAt = null;
11# phpstan.neon
12parameters:
13 doctrine:
14 allowNullablePropertyForRequiredField: true
15EDIT:
After some digging, I realized I should be using a DTO which would allow a null value, and then transfer it to my entity once ready (and valid). This way, my entity is always valid and I do not risk flushing some invalid data in the DB.
QUESTION
MS Word Online add-in: How to detect focus?
Asked 2021-Nov-30 at 10:26In developing a Microsoft Word Online add-in, my team needs to detect focus being gained/regained by the document (ETA: to trigger other functionality which depends on this knowledge). It appears that Microsoft has tightly locked down scriptability in this context--all window.on* functions are replaced by null, all error-handling code is deeply obfuscated, etc. Our efforts so far have been frustrated.
Simply setting window.onfocus to a new function causes the add-in to not load correctly, likely because it's triggering a code analyzer as unsafe, but hard to tell.
There is also nothing in the Microsoft Word Online JavaScript API which directly provides this functionality. Scripts can detect when the document selection has changed easily with a provided method, but that seems to be about it for documented functionality in this area. (Obviously simply sensing document changes will not work.)
What's the best approach to sensing document and/or window focus in this situation? Thank you.
ANSWER
Answered 2021-Nov-30 at 10:26The document.onvisibilitychange event can be used as a rough approximation of the required functionality.
1document.onvisibilitychange = (ev) => {
2 if (document.visibilityState == "visible") {
3 // Handle pseudo-focus event
4 }
5 else {
6 // Handle pseudo-blur event
7 }
8};
9This may be combined as desired with with the Office Online API DocumentSelectionChanged event to refine further to sense when the cursor is placed within the Word document. (That is, fire focus-gained logic only when the Office DocumentSelectionChanged event is fired the first time after the browser document.onvisibilitychange event fired with document.visibilityState equal to "visible".)
QUESTION
Viewing all 'suggestions' in a solution
Asked 2021-Nov-08 at 15:47Newbie question, I've just switched from Visual Studio to Rider, so I'm still trying to get my bearings.
Trying to use the code analyzers and see the suggestions for the entire solution.
The errors/warnings I can see in the 'Errors In Solution' window but the suggestions are not listed there. Can I add them to that list somehow?, or is there a different window?
Edit:
It's not just the Roslyn analyzers, for example a spelling mistake shows up highlighted in the source as as 'suggestion'.
When opening the 'Errors in Solution' I would have expected those to also be there but they aren't.
ANSWER
Answered 2021-Nov-08 at 11:42
QUESTION
Webpack plugin API: getting source maps for a module during parsing
Asked 2021-Nov-03 at 23:17I'm writing a code analyzer. My analyzer uses Webpack's JavaScriptParser hooks. I need to output an error message, but the line number from node.loc is off because a loader has transformed the source code. So I want to feed the error message through a source map before logging it.
1class FooPlugin {
2 apply(compiler) {
3 compiler.hooks.normalModuleFactory.tap("FooPlugin", factory => {
4 factory.hooks.parser
5 .for('javascript/auto')
6 .tap("FooPlugin", parser => {
7 parser.hooks.call.for("foo").tap("FooPlugin", expr => {
8 const map = getSourceMapSomehow(); /* ??? */
9 const originalLine = map.originalPositionFor(expr.loc.start).line;
10 console.log("foo() call found at line " + originalLine);
11 });
12 });
13 });
14 }
15}
16I can't figure out how to fill in getSourceMapSomehow() in the example above. How can I get the source map for the current module inside a JavaScriptParser hook?
ANSWER
Answered 2021-Oct-29 at 15:06I figured it out by reading the Webpack source code. The function I needed was module.originalSource().
1class FooPlugin {
2 apply(compiler) {
3 compiler.hooks.normalModuleFactory.tap("FooPlugin", factory => {
4 factory.hooks.parser
5 .for('javascript/auto')
6 .tap("FooPlugin", parser => {
7 parser.hooks.call.for("foo").tap("FooPlugin", expr => {
8 const map = getSourceMapSomehow(); /* ??? */
9 const originalLine = map.originalPositionFor(expr.loc.start).line;
10 console.log("foo() call found at line " + originalLine);
11 });
12 });
13 });
14 }
15}
16const map = new SourceMapConsumer(parser.state.module.originalSource().map());
17const originalLine = map.originalPositionFor(expr.loc.start).line;
18console.log("foo() call found at line " + originalLine);
19QUESTION
how to append one element to a GNU bash array variable and use that array variable as arguments to an ELF executable
Asked 2021-Sep-20 at 08:39In the Bismon static source code analyzer (GPLv3+ licensed, git commit 49dd1bd232854a) for embedded C and C++ code (using a plugin for GCC 10 straight compiler on Debian bookworm for x86-64) I have a test Bash script Hello-World-Analyze which uses a GNU array variable bismon_hello_args.
That variable is declared (at line 56) using:
1declare -a bismon_hello_args
2and I would like to fill that bismon_hello_args array variable from script arguments starting with --bismon, and later invoke the bismon executable (compiled from C source files) with several arguments to its main being the elements of that bismon_hello_args array variable.
So if my Hello-World-Analyze script is invoked as Hello-World-Analyze --bismon-debug-after-load --bismon-anon-web-cookie=/tmp/bismoncookie --gcc=/usr/local/bin/gcc-11 I want the bismon ELF executable to be started with two arguments (so argc=3, in C parlance) : --bismon-debug-after-load followed by --bismon-anon-web-cookie=/tmp/bismoncookie
For some reason, the following code (lines 58 to 64) in that Hello-World-Analyze script:
1declare -a bismon_hello_args
2for f in "$@"; do
3 case "$f" in
4 --bismon*) bismon_hello_args+=$f;;
5 --asm) export BISMON_PLUGIN_ASMOUT=/tmp/gcc10_metaplugin_BMGCC.s;;
6 --gcc=*) export BISMON_GCC=$(echo $f | /bin/sed -e s/--gcc=//);;
7 esac
8done
9does not work as expected. It should be (and was in a previous git commit e8c3d795bc9dc8) later followed with
1declare -a bismon_hello_args
2for f in "$@"; do
3 case "$f" in
4 --bismon*) bismon_hello_args+=$f;;
5 --asm) export BISMON_PLUGIN_ASMOUT=/tmp/gcc10_metaplugin_BMGCC.s;;
6 --gcc=*) export BISMON_GCC=$(echo $f | /bin/sed -e s/--gcc=//);;
7 esac
8done
9./bismon $bismon_hello_args &
10But debugging prints show that bismon is invoked with argc=2 so one long argv[1] program argument...
What am I doing wrong?
ANSWER
Answered 2021-Sep-20 at 08:39Merely += adds a string to an existing string. You probably want bismon_hello_args+=("$f");; (notice also the quotes). To call the program, use ./bismon "${bismon_hello_args[@]}" & (notice the quotes, again).
The syntax to use an array variable is different than the syntax for simple scalars. This syntax was inherited from ksh, which in turn needed to find a way to introduce new behavior without sacrificing compatibility with existing Bourne shell scripts.
Without the array modifiers, Bash simply accesses the first element of the array. (This confuses beginners and experienced practitioners alike.)
QUESTION
Invoke method of analyzed assembly from a Roslyn Code Analyzer
Asked 2021-Aug-30 at 18:04I have a C# roslyn code analyzer that needs to analyze the usage scenarios of generic method invocations of a given class. I am gathering all the references to the method, the generic type parameters and so forth and then want to invoke the methods (via reflection) to analyze the output to report potential diagnostics in the analyzer. Is there a way from a Roslyn-Compilation.Assembly to a System.Reflection.Assembly? If not, is there any other way?
The Analyzer project and the solution to be analyzed are under my control.
Thanks!
ANSWER
Answered 2021-Aug-30 at 18:04You can't do this: when your analyzer is running we haven't actually built the assembly yet. Furthermore, there's no guarantee your built thing can actually run. If I'm using a Windows machine to say build a project that only runs on Linux...that won't work well.
QUESTION
Autosar standard-compilant way to use regex
Asked 2021-Aug-05 at 17:28I need to parse URI-like string. This URI is specific to the project and corresponds to "scheme://path/to/file", where path should be a syntactically correct path to file from filesystem point of view. For this purpose std::regex was used with pattern R"(^(r[o|w])\:\/\/(((?!\$|\~|\.{2,}|\/$).)+)$)".
It works fine but code analyzer complies that it is not compliant as $ character is not belong to the C++ Language Standard basic source character set:
AUTOSAR C++14 A2-3-1 (Required) Only those characters specified in the C++ Language Standard basic source character set shall be used in the source code.
Exception to this rule (according to Autosar Guidelines):
It is permitted to use other characters inside the text of a wide string and a UTF-8 encoded string literal.
wchar_t is prohibited by other rule, although it works with UTF-8 string (but it looks ugly and unreadable in the code, also I'm afraid it is not safe).
Could someone help me with workaround or std::regex here is not the best solution, then what would be better?
Are any other drawbacks of using UTF-8 string literal?
P.S. I need $ to be sure (on parsing phase) that path is not a directory and that it is not contain none of /../, ~, $ , so I can't just skip it.
ANSWER
Answered 2021-Aug-05 at 17:28I feel like making the code worse for the sake of satisfying an analyser is counterproductive and most likely violates the spirit of the guidelines, so I'm intentionally ignoring ways to address the problem that would involve building the regex string in a convoluted manner, since what you did is the best way to build such a regex string.
Could someone help me with workaround or std::regex here is not the best solution, then what would be better?
Option A: Write a simple validation function:
I'm actually surprised that such strict guidelines even allow regexes in the first place. They are notoriously hard to audit, debug, and maintain.
You could easily express the same logic with actual code, which would not only satisfy the analyser, but be more aligned with the spirit of the guidelines. On top of that it'll compile faster and probably run faster as well.
Something along these rough lines, based on a cursory reading of your regex. (please don't just use this without running it through a battery of tests, I sure didn't):
1bool check_and_remove_path_prefix(std::string_view& path) {
2 constexpr std::array<std::string_view, 2> valid_prefixes = {
3 R"(ro://)",
4 R"(rw://)"
5 };
6
7 for(auto p: valid_prefixes) {
8 if(path.starts_with(p)) {
9 path.remove_prefix(p.size());
10 return true;
11 }
12 }
13 return false;
14}
15
16bool is_valid_path_elem_char(char c) {
17 // This matches your regex, but is probably wrong, as it will accept a bunch of control characters.
18 // N.B. \x24 is the dollar sign character
19 return c != '~' && c != '\x24' && c != '\r' && c != '\n';
20}
21
22bool is_valid_path(std::string_view path) {
23 if(!check_and_remove_path_prefix(path)) { return false; }
24
25 char prev_c = '\0';
26 bool current_segment_empty = true;
27 for(char c : path) {
28 // Disallow two or more consecutive periods
29 if( c == '.' && prev_c == '.') { return false; }
30
31 // Disallow empty segments
32 if(c == '/') {
33 if(current_segment_empty) { return false; }
34 current_segment_empty = true;
35 }
36 else {
37 if(!is_valid_path_elem_char(c)) { return false; }
38 current_segment_empty = false;
39 }
40
41 prev_c = c;
42 }
43
44 return !current_segment_empty;
45}
46Option B: Don't bother with the check
It's hard from our point of view to determine whether that option is in the cards or not for you, but for every intent and purpose, the distinction between a badly formed path and a well-formed path that does not point to a valid file is moot.
So just use the path as if it's valid, you should be handling the errors that would result from a badly formed path anyways.
Community Discussions contain sources that include Stack Exchange Network
Tutorials and Learning Resources in Code Analyzer
Tutorials and Learning Resources are not available at this moment for Code Analyzer
Share this Page
Get latest updates on Code Analyzer