feat: stability improvements#20
Merged
yardexx merged 11 commits intofeature/new_architecturefrom Jan 25, 2026
Merged
Conversation
Add analyzer_testing and test_reflective_loader packages to enable proper unit testing of analysis rules using the official Dart testing framework.
Add comprehensive unit tests for security rules using analyzer_testing: - prefer_https_over_http: 11 tests - avoid_hardcoded_urls: 10 tests - avoid_weak_hashing: 8 tests - prefer_secure_random: 7 tests - avoid_hardcoded_secrets: 11 tests Total: 47 new tests covering positive and negative cases.
- Add dart test step to run unit tests on every PR - Add coverage generation and upload to Codecov - Add separate integration test job - Configure codecov.yml with coverage thresholds (70% project, 80% patch)
Update README and example to correctly document analysis_options.yaml as the configuration file with dart_shield: key, replacing incorrect references to shield_options.yaml. - Add coverage badge to README - Simplify configuration documentation - Update example/analysis_options.yaml to use correct format
- Create rule_metadata.dart with severity levels and OWASP/CWE refs - Map rule IDs to proper severity (high/medium/low/info) - Add --min-severity flag to analyze command for filtering - Update shield_runner to filter results by minimum severity Severity assignments: - avoid_hardcoded_secrets: high (CWE-798) - prefer_https_over_http: high (CWE-319) - avoid_weak_hashing: medium (CWE-328) - prefer_secure_random: medium (CWE-330) - avoid_hardcoded_urls: low (CWE-547)
- Add pubspec.lock to .gitignore (not needed for packages) - Add internal docs to .gitignore (GEMINI.md, ROADMAP.md, etc.) - Update .pubignore with test/, tool/, codecov.yml, docs.json - Remove pubspec.lock files from git tracking - Remove internal planning documents from git tracking
Run dart format to ensure consistent code style across the project.
|
To view this pull requests documentation preview, visit the following URL: docs.page/yardexx/dart_shield~20 Documentation is deployed and generated using docs.page. |
Owner
Author
|
@copilot review this PR |
yardexx
added a commit
that referenced
this pull request
Jan 26, 2026
* feat: introduce analyzer interface and domain models * feat: implement code analyzer with plugin infrastructure * feat: add security rules * feat: implement configuration management * feat: add core analyzer engine and runner * feat: implement reporters * refactor: migrate CLI commands to new architecture * refactor: update main entry point * refactor: remove legacy security_analyzer module * chore: update dependencies and example configuration * chore: remove obsolete test files * docs: add project context and architecture documentation * refactor(core): cleanup ShieldRunner and reporter selection * feat(analyzer): implement code scanning and issue mapping * fix(analyzer): update analyzer result DTO structure * feat(secrets): implement advanced secret scanning with Gitleaks rules (#18) * feat(core): implement structured error handling system * fix(analyzer): fix secret scanner keyword matching case sensitivity * test: add unit tests for core/config/rules and E2E integration test * feat!: replace gitbook with docs.page (#19) * feat!: replace gitbook with docs.page * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * docs: basic structure * feat: stability improvements (#20) * chore: add test dependencies for analysis rules Add analyzer_testing and test_reflective_loader packages to enable proper unit testing of analysis rules using the official Dart testing framework. * test: add unit tests for all 5 analysis rules Add comprehensive unit tests for security rules using analyzer_testing: - prefer_https_over_http: 11 tests - avoid_hardcoded_urls: 10 tests - avoid_weak_hashing: 8 tests - prefer_secure_random: 7 tests - avoid_hardcoded_secrets: 11 tests Total: 47 new tests covering positive and negative cases. * ci: add tests and code coverage to CI pipeline - Add dart test step to run unit tests on every PR - Add coverage generation and upload to Codecov - Add separate integration test job - Configure codecov.yml with coverage thresholds (70% project, 80% patch) * docs: fix configuration documentation inconsistency Update README and example to correctly document analysis_options.yaml as the configuration file with dart_shield: key, replacing incorrect references to shield_options.yaml. - Add coverage badge to README - Simplify configuration documentation - Update example/analysis_options.yaml to use correct format * feat: add severity metadata and filtering to rules - Create rule_metadata.dart with severity levels and OWASP/CWE refs - Map rule IDs to proper severity (high/medium/low/info) - Add --min-severity flag to analyze command for filtering - Update shield_runner to filter results by minimum severity Severity assignments: - avoid_hardcoded_secrets: high (CWE-798) - prefer_https_over_http: high (CWE-319) - avoid_weak_hashing: medium (CWE-328) - prefer_secure_random: medium (CWE-330) - avoid_hardcoded_urls: low (CWE-547) * chore: update ignore files and clean up tracked files - Add pubspec.lock to .gitignore (not needed for packages) - Add internal docs to .gitignore (GEMINI.md, ROADMAP.md, etc.) - Update .pubignore with test/, tool/, codecov.yml, docs.json - Remove pubspec.lock files from git tracking - Remove internal planning documents from git tracking * style: apply dart format to codebase Run dart format to ensure consistent code style across the project. * ci: raise Dart SDK version * style: formatting * style: formatting * ci: update test suite
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Status
READY/IN DEVELOPMENT/HOLD
Description
Type of Change