SONARPY-976 Rule S6396: Superfluous curly brace quantifiers should be… (#1102)

marco-bearzi-sonarsource · web-flow · commit 98b2d8f7f679 · 2022-03-25T17:05:05.000+01:00
diff --git a/its/ruling/src/test/resources/expected/python-S6396.json b/its/ruling/src/test/resources/expected/python-S6396.json
@@ -0,0 +1,6 @@
+{
+'project:tensorflow/tools/api/tests/api_compatibility_test.py':[
+131,
+147,
+],
+}
diff --git a/python-checks/src/main/java/org/sonar/python/checks/CheckList.java b/python-checks/src/main/java/org/sonar/python/checks/CheckList.java
@@ -66,6 +66,7 @@
 import org.sonar.python.checks.regex.StringReplaceCheck;
 import org.sonar.python.checks.regex.UnquantifiedNonCapturingGroupCheck;
 import org.sonar.python.checks.regex.VerboseRegexCheck;
+import org.sonar.python.checks.regex.SuperfluousCurlyBraceCheck;
 
 public final class CheckList {
 
@@ -235,6 +236,7 @@ public static Iterable<Class> getChecks() {
       StringLiteralDuplicationCheck.class,
       StringReplaceCheck.class,
       StrongCryptographicKeysCheck.class,
+      SuperfluousCurlyBraceCheck.class,
       TempFileCreationCheck.class,
       ToDoCommentCheck.class,
       TooManyLinesInFileCheck.class,
diff --git a/python-checks/src/main/java/org/sonar/python/checks/regex/SuperfluousCurlyBraceCheck.java b/python-checks/src/main/java/org/sonar/python/checks/regex/SuperfluousCurlyBraceCheck.java
@@ -0,0 +1,34 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.python.checks.regex;
+
+import org.sonar.check.Rule;
+import org.sonar.plugins.python.api.tree.CallExpression;
+import org.sonarsource.analyzer.commons.regex.RegexParseResult;
+import org.sonarsource.analyzer.commons.regex.finders.SuperfluousCurlyBraceFinder;
+
+@Rule(key = "S6396")
+public class SuperfluousCurlyBraceCheck extends AbstractRegexCheck {
+
+  @Override
+  public void checkRegex(RegexParseResult regexParseResult, CallExpression regexFunctionCall) {
+    new SuperfluousCurlyBraceFinder(this::addIssue).visit(regexParseResult);
+  }
+}
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S6396.html b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S6396.html
@@ -0,0 +1,22 @@
+<p>Curly brace quantifiers in regular expressions can be used to have a more fine-grained control over how many times the character or the
+sub-expression preceeding them should occur. They can be used to match an expression exactly n times with <code>{n}</code>, between n and m times with
+<code>{n,m}</code>, or at least n times with <code>{n,}</code>. In some cases, using such a quantifier is superfluous for the semantic of the regular
+expression, and it can be removed to improve readability. This rule raises an issue when one of the following quantifiers is encountered:</p>
+<ul>
+  <li> <code>{1,1}</code> or <code>{1}</code>: they match the expression exactly once. The same behavior can be achieved without the quantifier. </li>
+  <li> <code>{0,0}</code> or <code>{0}</code>: they match the expression zero times. The same behavior can be achieved by removing the expression.
+  </li>
+</ul>
+<h2>Noncompliant Code Example</h2>
+<pre>
+r"ab{1,1}c"
+r"ab{1}c"
+r"ab{0,0}c"
+r"ab{0}c"
+</pre>
+<h2>Compliant Solution</h2>
+<pre>
+r"abc"
+r"ac"
+</pre>
+
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S6396.json b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/S6396.json
@@ -0,0 +1,17 @@
+{
+  "title": "Superfluous curly brace quantifiers should be avoided",
+  "type": "CODE_SMELL",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "5min"
+  },
+  "tags": [
+    "regex"
+  ],
+  "defaultSeverity": "Major",
+  "ruleSpecification": "RSPEC-6396",
+  "sqKey": "S6396",
+  "scope": "All",
+  "quickfix": "unknown"
+}
diff --git a/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/Sonar_way_profile.json b/python-checks/src/main/resources/org/sonar/l10n/py/rules/python/Sonar_way_profile.json
@@ -154,6 +154,7 @@
     "S6323",
     "S6331",
     "S6035",
-    "S6395"
+    "S6395",
+    "S6396"
   ]
 }
diff --git a/python-checks/src/test/java/org/sonar/python/checks/regex/SuperfluousCurlyBraceCheckTest.java b/python-checks/src/test/java/org/sonar/python/checks/regex/SuperfluousCurlyBraceCheckTest.java
@@ -0,0 +1,31 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2022 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.python.checks.regex;
+
+import org.junit.Test;
+import org.sonar.python.checks.utils.PythonCheckVerifier;
+
+public class SuperfluousCurlyBraceCheckTest {
+
+  @Test
+  public void test() {
+    PythonCheckVerifier.verify("src/test/resources/checks/regex/superfluousCurlyBraceCheck.py", new SuperfluousCurlyBraceCheck());
+  }
+}
diff --git a/python-checks/src/test/resources/checks/regex/superfluousCurlyBraceCheck.py b/python-checks/src/test/resources/checks/regex/superfluousCurlyBraceCheck.py
@@ -0,0 +1,30 @@
+import re
+
+
+def non_compliant():
+    input = "Bob is a Bird... Bob is a Plane... Bob is Superman!"
+
+    changed = re.match(r"(abc){1}", input)  # Noncompliant {{Remove this unnecessary quantifier.}}
+    #                         ^^^
+    changed = re.match(r"(abc){1,1}", input)  # Noncompliant {{Remove this unnecessary quantifier.}}
+    #                         ^^^^^
+    changed = re.match(r"(abc){0}", input)  # Noncompliant {{Remove this unnecessarily quantified expression.}}
+    #                    ^^^^^^^^
+    changed = re.match(r"(abc){0,0}", input)  # Noncompliant {{Remove this unnecessarily quantified expression.}}
+    #                    ^^^^^^^^^^
+
+
+def compliant():
+    input = "Bob is a Bird... Bob is a Plane... Bob is Superman! abcabcabcabcabc"
+    changed = re.match(r"(abc){0,}", input)
+    changed = re.match(r"(abc){1,}", input)
+    changed = re.match(r"(abc){1,2,3}", input)
+
+    changed = re.match(r"(abc){0,}", input)
+    changed = re.match(r"(abc){2}", input)
+    changed = re.match(r"(abc){1,2}", input)
+    changed = re.match(r"(abc){0,1}", input)
+
+
+def coverage(input):
+    re.match(r"Bob is", input)

-Original file line number
+Diff line change
@@ @@ -0,0 +1,6 @@ @@
 +{
 +'project:tensorflow/tools/api/tests/api_compatibility_test.py':[
 +131,
 +147,
 +],
 +}
Original file line number	Diff line number	Diff line change
`@@ -154,6 +154,7 @@`
`154`	`154`	`"S6323",`
`155`	`155`	`"S6331",`
`156`	`156`	`"S6035",`
`157`		`- "S6395"`
	`157`	`+ "S6395",`
	`158`	`+ "S6396"`
`158`	`159`	`]`
`159`	`160`	`}`