Currently if you want to scan a folder for terraform code (for example) it only works with .tf files. To support .hcl files, it requires making a patch upstream to semgrep and waiting for a new release. Could we make this overridable without having to edit code?
Describe the solution you'd like
Validate test commands arguments before Run. This pattern will allow us to governance behaviors such as flags/arguments validation in all commands. Additionally, this should make the code easier to understand and maintain.
Requirements
Golang basic level.
“How to Implement” suggestion
See [issue](datreeio/datree#4
Many repositories need to fix, so please help if you like.
If you could help, it would be helpful if you could comment before starting the work not to overlapping.
Run exit command after lint.
echo '::group:: Running golangci-lint with reviewdog 🐶 ...'
go
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior:
.bandit file with content:[bandit]
tests: B101,B102,B301
bandit -c .bandit -r module/[main] ERROR .bandit : Error parsing file.Expected behavior
working as described in readme
Bandit version
ba
According to PEP8, exception class names should end with "Error" if they define an actual exception.
However, pylint doesn't offer such an check.
Add a new naming check which checks if a class extends any known exception class. Then check it's name. Since an exception can also be used as a non-error offer a configuration like a "allow-list" similar to g
Affects PMD Version:
6.45.0
Description:
UseCollectionIsEmptyRule fails with NPE if:
Is your feature request related to a problem? Please describe.
When one is using the method "WriteString" of the type "strings::Builder" and does not handle the error it is flagged because all errors must be handled. However, This method never returns an error. Hence, it makes sense to ignore it (even by default).
The problem with revive is, that it does not allow to ignore methods with
This would allow for more localized suppressions. Say we have a method foo(Object o) in an annotated third-party library where o has no type annotation, but o really should be @Nullable, as foo() can handle being passed null as a parameter. In code checked by NullAway, say you write:
void bigMethod() {
...
foo(null); // NullAway reports an error
...
}I beli
[spotbugs] Running SpotBugs...
[spotbugs] Unexpected problem occured during version sanity check
[spotbugs] Reported exception:
[spotbugs] java.lang.AbstractMethodError: Receiver class org.slf4j.nop.NOPServiceProvider does not define or inherit an implementation of the resolved method 'abstract java.lang.String getRequesteApiVersion()' of interface org.slf4j.
I wrote some of the code to do this in a branch https://github.com/python-security/pyt/compare/class_based_views, but since I'm working on other things and this feature seems cool and important I'm making this issue
Let me know if you would like any help in implementing.
Rubberduck version information
The info below can be copy-paste-completed from the first lines of Rubberduck's log or the About box:
Rubberduck version [Version 2.5.2.6030
OS: Microsoft Windows NT 10.0.22000.0, x64
Host Product: Microsoft Office x64
Host Version: 16.0.14701.20226
Host Executable: WINWORD.EXE
Description
Language inspection for assignment of LCase suggests usi
Add a description, image, and links to the static-code-analysis topic page so that developers can more easily learn about it.
To associate your repository with the static-code-analysis topic, visit your repo's landing page and select "manage topics."
Both
autocorrectandauto-correctare used frequently in RuboCop. Should we be consistent? If so, which one?Any change should only affect comments and other string content, not method names.