Base Code Analyzer Metrics

Copy link to this section

Overview

The Base Code Analyzer outputs metrics with the following severities:

Copy link to this section

Metrics

The following metrics are analyzed by the C3 AI Code Analyzer:

• PSR Anti-Patterns
  • c3-psr-unlimited-fetch
  • c3-psr-unfiltered-remove-all
  • c3-psr-clear-collection
  • c3-psr-loop-single-db-write
  • c3-psr-kv-stored-calc-field
  • c3-psr-sleep-call
• Documentation
  • c3-missing-docs
  • c3-incomplete-method-docs
  • c3-todos-in-type-docs
  • c3-broken-doc-links
  • c3-orphaned-docs
  • c3-missing-pkg-overview
• Training
  • c3-tutorial-notebook-execution
• Linting
  • c3-eslint
  • c3-python-lint
• Tech Debt
  • c3-unticketed-todos
• Security
  • c3-hardcoded-credentials
• Deprecations
  • c3-expired-deprecations
  • c3-deprecated-type-usage
• Extensibility Anti-Patterns
  • c3-hidden-funcs
  • c3-excessive-method-params

Copy link to this section

PSR Anti-Patterns

Copy link to this section

c3-psr-unlimited-fetch

• Name: fetch limit -1
• Description:
  • Identifies invocations of fetch with limit -1.
  • An unlimited fetch could cause production outages by causing the JVM to run out of memory.
• Applies to: .js, .py
• Severities: ⚠️ warning, ❗ error

Copy link to this section

c3-psr-unfiltered-remove-all

• Name: removeAll without a filter
• Description:
  • Identifies invocations of removeAll without a filter.
  • Unfiltered removeAll could cause production data to be deleted inadvertently.
• Applies to: .js, .py
• Severities: ⚠️ warning, ❗ error

Copy link to this section

c3-psr-clear-collection

• Name: Unsafe invocation of clearCollection call
• Description:
  • Identifies invocations of clearCollection.
  • clearCollection is an unfiltered removeAll and could cause production data to be deleted inadvertently.
• Applies to: .js, .py
• Severities: ❗ error

Copy link to this section

c3-psr-loop-single-db-write

• Name: Single database write in a loop
• Description:
  • Identifies invocations of create, merge, upsert, or remove in a loop.
  • Single database write operations in a loop are less efficient than their batch write operation counterparts.
• Applies to: .js, .py
• Severities: ❗ error

Copy link to this section

c3-psr-kv-stored-calc-field

• Name: Stored Calc Field on Key-Value Type
• Description:
  • Identifies stored calc declarations on kv-store Types.
  • Data in kv-datastores can be high-volume and/or frequently invalidated, causing the CalcFieldsQueue to become congested.
• Applies to: .c3typ
• Severities: ⚠️ warning, ❗ error

Copy link to this section

c3-psr-sleep-call

• Name: time.sleep() or Thread.sleep() call
• Description:
  • Identifies invocations of time.sleep() or Thread.sleep() in code.
  • time.sleep() or Thread.sleep() calls introduce a built-in race condition.
• Applies to: .js, .py
• Severities: ❗ error

Copy link to this section

Documentation

Copy link to this section

c3-missing-docs

• Name: Missing Documentation
• Description:
  • Identifies undocumented Types, fields, and APIs.
  • Documentation is critical to the usability and maintainability of a package. All Types, fields, and APIs must be documented.
• Applies to: .c3typ
• Severities: ❗ error

Copy link to this section

c3-incomplete-method-docs

• Name: Incomplete Method Documentation
• Description:
  • Identifies undocumented parameters and returns on APIs.
  • Documenting all API parameters and returns is important to ensure consumers are aware of limitations, assumptions, and treatments of inputs/outputs to the API.
• Applies to: .c3typ
• Severities: ⚠️ warning

Copy link to this section

c3-todos-in-type-docs

• Name: Ticket Mentions in Type Documentation
• Description:
  • Identifies Jira ticket mentions visible in customer-facing documentation.
  • Jira tickets are purely internal and shouldn't be visible to customers.
• Applies to: .c3typ
• Severities: ❗ error

Copy link to this section

c3-broken-doc-links

• Name: Broken Documentation Links
• Description:
  • Identifies broken documentation links.
  • All links in documentation should point to valid Types, topics, and external web pages.
• Applies to: .c3typ, .c3doc.md
• Severities: 💡 suggestion, ❗ error

Copy link to this section

c3-orphaned-docs

• Name: Orphaned Documentation
• Description:
  • Identifies .c3doc.md files that aren't referenced in a guide.
  • Topics not referenced in a guide aren't discoverable on the documentation site.
• Applies to: .c3typ, .c3doc.md
• Severities: ⚠️ warning, ❗ error

Copy link to this section

c3-missing-pkg-overview

• Name: Missing Package Overview
• Description:
  • Identifies packages that don't have a package overview.
  • All packages must include an overview page to help consumers identify its purpose and capabilities.
• Applies to: .c3doc.md
• Severities: ⚠️ warning, ❗ error

Copy link to this section

Training

Copy link to this section

c3-tutorial-notebook-execution

• Name: Tutorial Notebook Execution
• Description:
  • Detects instances of out-of-order cell execution in seeded tutorial notebooks.
• Applies to: .ipynb
• Severities: ❗ error

Copy link to this section

Linting

Copy link to this section

c3-eslint

• Name: ESLint
• Description:
  • Identifies ESLint warnings and errors in code.
  • All JavaScript and TypeScript should follow industry standards and conventions.
• Applies to: .js, .ts
• Severities: ⚠️ warning, ❗ error

Copy link to this section

c3-python-lint

• Name: Python Lint
• Description:
  • Identifies pylint warnings and errors in code.
  • All Python should follow industry standards and conventions.
• Applies to: .py
• Severities: ⚠️ warning, ❗ error

Copy link to this section

Technical Debt

Copy link to this section

c3-unticketed-todos

• Name: Unticketed TODOs / FIXMEs
• Description:
  • Identifies TODO or FIXME references in code that don't have an associated ticket.
  • All pending items must include an accompanying ticket to address the action item.
• Applies to: .c3typ, .js, .py
• Severities: ❗ error

Copy link to this section

Security

Copy link to this section

c3-hardcoded-credentials

• Name: Hardcoded Credentials
• Description:
  • Identifies any hardcoded credentials in code.
  • Credentials must be stored in and referenced from a secret vault.
• Applies to: .js, .py
• Severities: ❗ error

Copy link to this section

Deprecations

Copy link to this section

c3-expired-deprecations

• Name: Expired Deprecations
• Description:
  • Identifies @deprecated Types, fields, and APIs that have passed their final version.
  • Deprecated Types, fields, and APIs must be removed one major version after their final version.
• Applies to: .c3typ
• Severities: ⚠️ warning, ❗ error

Copy link to this section

c3-deprecated-type-usage

• Name: Deprecated Type Usage
• Description:
  • Identifies the usage of a @deprecated Type.
  • Usage of @deprecated Type must be refactored to use the prescribed alternative.
• Applies to: .js, .py
• Severities: ❗ error

Copy link to this section

Extensibility Anti-Patterns

Copy link to this section

c3-hidden-funcs

• Name: Hidden Functions
• Description:
  • Identifies functions in code that aren't exposed on the target Type.
  • Relevant hidden functions must be exposed on the target Type to allow consumers to override implementations.
• Applies to: .js, .py
• Severities: 💡 suggestion

Copy link to this section

c3-excessive-method-params

• Name: Too Many Parameters
• Description:
  • Identifies APIs with an excessive number of parameters.
  • Functions with too many parameters can be difficult to use and maintain.
• Applies to: .c3typ
• Severities: ⚠️ warning