Skip to content

PR #2: Implement Keyword Argument Matching Logic #385

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 21, 2025
Merged

PR #2: Implement Keyword Argument Matching Logic #385

merged 1 commit into from
Nov 21, 2025

Conversation

@shivasurya
Copy link
Owner

@shivasurya shivasurya commented Nov 21, 2025

This adds the core matching logic for keyword argument validation in the Go executor. The implementation checks both function name patterns and keyword argument values when determining if a call site matches a rule. It supports exact matching and wildcard patterns for argument values, enabling precise detection of security-sensitive function calls with specific parameter configurations.

@shivasurya shivasurya added enhancement New feature or request go Pull requests that update go code labels Nov 21, 2025
@shivasurya shivasurya self-assigned this Nov 21, 2025
@shivasurya shivasurya added enhancement New feature or request go Pull requests that update go code labels Nov 21, 2025
@safedep
Copy link

safedep bot commented Nov 21, 2025
edited
Loading

SafeDep Report Summary

Green Malicious Packages Badge Green Vulnerable Packages Badge Green Risky License Badge

No dependency changes detected. Nothing to scan.

This report is generated by SafeDep Github App

@codecov
Copy link

codecov bot commented Nov 21, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 83.05085% with 10 lines in your changes missing coverage. Please review.
✅ Project coverage is 78.76%. Comparing base (323b8e9) to head (920a729).
⚠️ Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
sourcecode-parser/dsl/call_matcher.go 83.05% 8 Missing and 2 partials ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #385      +/-   ##
==========================================
+ Coverage   78.73%   78.76%   +0.03%     
==========================================
  Files          70       70              
  Lines        6933     6990      +57     
==========================================
+ Hits         5459     5506      +47     
- Misses       1237     1245       +8     
- Partials      237      239       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@shivasurya Graphite App
Copy link
Owner Author

shivasurya commented Nov 21, 2025
edited
Loading

This stack of pull requests is managed by Graphite. Learn more about stacking.

This was referenced Nov 21, 2025
Merged
Merged
Merged
Merged
Merged
Merged
@shivasurya Graphite App
Copy link
Owner Author

shivasurya commented Nov 21, 2025
edited
Loading

Merge activity

  • Nov 21, 1:29 AM UTC: A user started a stack merge that includes this pull request via Graphite.
  • Nov 21, 1:30 AM UTC: Graphite rebased this pull request as part of a merge.
  • Nov 21, 1:31 AM UTC: @shivasurya merged this pull request with Graphite.

@shivasurya shivasurya changed the base branch from shiva/pr-01-dsl-ir-extension-keyword-args to graphite-base/385 November 21, 2025 01:29
@shivasurya shivasurya changed the base branch from graphite-base/385 to main November 21, 2025 01:29
@shivasurya
feat(dsl): Implement keyword argument matching logic
920a729 
This PR implements the core matching logic that checks CallSite arguments against keyword constraints defined in the IR, making argument checking functional for the first time.

Changes:
- Modified matchesCallSite() to check both function name and argument constraints
- Implemented matchesArguments() to validate keyword argument constraints with AND logic
- Implemented matchesArgumentValue() with type-specific matching for strings, booleans, and numbers
- Added helper functions: cleanValue(), normalizeValue(), matchesBoolean(), matchesNumber()
- Added 12 comprehensive unit tests covering all matching scenarios and edge cases

Test Results:
- All 12 new tests pass
- 100% coverage on matchesArguments(), cleanValue(), matchesBoolean(), matchesNumber()
- 89.1% overall coverage on dsl package
- No regression in existing tests
- Lint passes, build succeeds

Stacked on: PR #1 (shiva/pr-01-dsl-ir-extension-keyword-args)
@shivasurya shivasurya force-pushed the shiva/pr-02-keyword-matching-logic branch from 50f3c62 to 920a729 Compare November 21, 2025 01:30
@shivasurya shivasurya merged commit a7b2db0 into main Nov 21, 2025
3 checks passed
@shivasurya shivasurya deleted the shiva/pr-02-keyword-matching-logic branch November 21, 2025 01:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@shivasurya shivasurya

Labels

enhancement New feature or request go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@shivasurya