blog: flaglint-go field-testing and whole-scan identity resolution#17
Conversation
Announces flaglint-go and tells the real engineering story: field-tested against real open-source repos (the official launchdarkly-labs/ld-sample-app-go, weaviate, mint-app, e2b-dev/infra) before shipping, found zero recall on every repo with genuine usage despite zero false positives, then closed the gap with whole-scan identity resolution — without needing go/types. Includes the review-caught false-positive bug (cross-package binding collision) and the honest remaining gaps, not just the wins. All example output and code snippets verified against the actual binary/real source moments before publishing, not written from memory. Signed-off-by: Krishan Kant Sharma <krishansharma0327@gmail.com>
|
Warning Review limit reached
Next review available in: 27 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Deploying flaglint with
|
| Latest commit: |
0252b91
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://da4599f4.flaglint.pages.dev |
| Branch Preview URL: | https://blog-flaglint-go-whole-scan.flaglint.pages.dev |
…trict-types and baseline counts Every identity-resolution gap listed as "not resolved yet" on the flaglint-go Limitations and Supported Scope pages has actually been closed (verified directly against the flaglint-go issue tracker): chained factory-call-then-method (#20), method values (#6), interface satisfaction (#15), block-scoped shadowing (#5), factory returning a wrapper type (#16), and nested go.mod files (#17). These pages were last updated right before that work landed. - limitations.md / supported-scope.md: mark all six as resolved (noting which layer resolves each — Phase 1 default vs. opt-in --strict-types), add two newer Phase-1 mechanisms these pages never mentioned at all (a struct field declared *ld.LDClient with no observed construction, and a composite literal directly initializing a package-level var), and state plainly that zero identity-resolution gaps are currently tracked. - identity-model.md: add worked examples for both newer Phase-1 mechanisms above, plus a new "Phase 2 — --strict-types" section (interface satisfaction, transitive factory wrapping, cross-function method-value forwarding) that didn't exist on this page at all before. - index.md: same corrections to the "what flaglint-go does/doesn't do" summary — it previously named method values and interface satisfaction as open gaps. - cli/{scan,audit,validate}.md: --strict-types wasn't documented as a flag anywhere on the site despite being available on all three commands since it shipped; added to each page's options table. audit.md's baseline JSON example was also missing the "schemaVersion" and "counts" fields flaglint-go now emits; validate.md's Baseline Mode section gains a note on what "counts" actually catches (a brand-new duplicate of an already-baselined call, not just a brand-new fingerprint). Verified: `npm run build` completes cleanly (90 pages), spot-checked the rendered Limitations page's output directly. Signed-off-by: Krishan Kant Sharma <krishansharma0327@gmail.com>
Summary
Announces flaglint-go and tells the real engineering story rather than just an announcement:
launchdarkly-labs/ld-sample-app-go,weaviate/weaviate,CMS-Enterprise/mint-app,e2b-dev/infra) before shipping — found zero recall on every repo with genuine usage, despite zero false positives.go/types.Verification
All example terminal output and code snippets were verified moments before writing, not from memory:
flaglint-go auditagainstld-sample-app-goandweaviateright before finalizing this post — output blocks in the post are byte-for-byte what the binary actually printed just now.LDIntegration,FeatureFlag[T], theStringVariationcall) are verbatim from the real source; where I wasn't fully certain of an exact enclosing function signature, I labeled it as illustrative rather than asserting an invented one.Test plan
npm run build— clean, 90 pages (up from 87)