Add unqueryvet linter (#6060)

Co-authored-by: Fernandez Ludovic <[email protected]>

Author: MirrexOne

.golangci.next.reference.yml

@@ -120,6 +120,7 @@ linters:
     - tparallel
     - unconvert
     - unparam
+    - unqueryvet
     - unused
     - usestdlibvars
     - usetesting
@@ -233,6 +234,7 @@ linters:
     - tparallel
     - unconvert
     - unparam
+    - unqueryvet
     - unused
     - usestdlibvars
     - usetesting
@@ -3888,6 +3890,21 @@ linters:
       # Default: false
       check-exported: true
 
+    unqueryvet:
+      # Enable SQL builder checking.
+      # Default: true
+      check-sql-builders: false
+      # Regex patterns for acceptable SELECT * usage.
+      # Default:
+      # - "SELECT \\* FROM information_schema\\..*"
+      # - "SELECT \\* FROM pg_catalog\\..*"
+      # - "SELECT COUNT\\(\\*\\)"
+      # - "SELECT MAX\\(\\*\\)"
+      # - "SELECT MIN\\(\\*\\)"
+      allowed-patterns:
+        - "SELECT \\* FROM temp_.*"
+        - "SELECT \\* FROM.*-- migration"
+
     unused:
       # Mark all struct fields that have been written to as used.
       # Default: true

go.mod

@@ -15,6 +15,7 @@ require (
 	github.com/Antonboom/testifylint v1.6.4
 	github.com/BurntSushi/toml v1.5.0
 	github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24
+	github.com/MirrexOne/unqueryvet v1.2.1
 	github.com/OpenPeeDeeP/depguard/v2 v2.2.1
 	github.com/alecthomas/chroma/v2 v2.20.0
 	github.com/alecthomas/go-check-sumtype v0.3.1

go.sum

@@ -4005,6 +4005,24 @@
             }
           }
         },
+        "unqueryvetSettings": {
+          "type": "object",
+          "additionalProperties": false,
+          "properties": {
+            "check-sql-builders": {
+              "description": "Enable SQL builder checking.",
+              "type": "boolean",
+              "default": true
+            },
+            "allowed-patterns": {
+              "description": "Regex patterns for acceptable SELECT * usage.",
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
+            }
+          }
+        },
         "unusedSettings": {
           "type": "object",
           "additionalProperties": false,
@@ -4801,6 +4819,9 @@
             "unparam": {
               "$ref": "#/definitions/settings/definitions/unparamSettings"
             },
+            "unqueryvet": {
+              "$ref": "#/definitions/settings/definitions/unqueryvetSettings"
+            },
             "unused": {
               "$ref": "#/definitions/settings/definitions/unusedSettings"
             },

jsonschema/golangci.next.jsonschema.json

@@ -162,6 +162,9 @@ var defaultLintersSettings = LintersSettings{
 		SkipRegexp:    `(export|internal)_test\.go`,
 		AllowPackages: []string{"main"},
 	},
+	Unqueryvet: UnqueryvetSettings{
+		CheckSQLBuilders: true,
+	},
 	Unused: UnusedSettings{
 		FieldWritesAreUses:     true,
 		PostStatementsAreReads: false,
@@ -250,6 +253,7 @@ type LintersSettings struct {
 	Gomodguard               GoModGuardSettings               `mapstructure:"gomodguard"`
 	Gosec                    GoSecSettings                    `mapstructure:"gosec"`
 	Gosmopolitan             GosmopolitanSettings             `mapstructure:"gosmopolitan"`
+	Unqueryvet               UnqueryvetSettings               `mapstructure:"unqueryvet"`
 	Govet                    GovetSettings                    `mapstructure:"govet"`
 	Grouper                  GrouperSettings                  `mapstructure:"grouper"`
 	Iface                    IfaceSettings                    `mapstructure:"iface"`
@@ -1005,6 +1009,11 @@ type UnparamSettings struct {
 	CheckExported bool `mapstructure:"check-exported"`
 }
 
+type UnqueryvetSettings struct {
+	CheckSQLBuilders bool     `mapstructure:"check-sql-builders"`
+	AllowedPatterns  []string `mapstructure:"allowed-patterns"`
+}
+
 type UnusedSettings struct {
 	FieldWritesAreUses     bool `mapstructure:"field-writes-are-uses"`
 	PostStatementsAreReads bool `mapstructure:"post-statements-are-reads"`

pkg/config/linters_settings.go

@@ -0,0 +1,43 @@
+//golangcitest:args -Eunqueryvet
+package testdata
+
+import (
+	"database/sql"
+	"fmt"
+	"strconv"
+)
+
+func _() {
+	query := "SELECT * FROM users" // want "avoid SELECT \\* - explicitly specify needed columns for better performance, maintainability and stability"
+
+	var db *sql.DB
+	rows, _ := db.Query("SELECT * FROM orders WHERE status = ?", "active") // want "avoid SELECT \\* - explicitly specify needed columns for better performance, maintainability and stability"
+	_ = rows
+
+	count := "SELECT COUNT(*) FROM users"
+	_ = count
+
+	goodQuery := "SELECT id, name, email FROM users"
+	_ = goodQuery
+
+	fmt.Println(query)
+
+	_ = strconv.Itoa(42)
+}
+
+type SQLBuilder interface {
+	Select(columns ...string) SQLBuilder
+	From(table string) SQLBuilder
+	Where(condition string) SQLBuilder
+	Query() string
+}
+
+func _(builder SQLBuilder) {
+	query := builder.Select("*").From("products") // want "avoid SELECT \\* in SQL builder - explicitly specify columns to prevent unnecessary data transfer and schema change issues"
+	_ = query
+}
+
+func _(builder SQLBuilder) {
+	query := builder.Select("id", "name", "price").From("products")
+	_ = query
+}

pkg/golinters/unqueryvet/testdata/unqueryvet.go

@@ -0,0 +1,29 @@
+//golangcitest:args -Eunqueryvet
+//golangcitest:config_path testdata/unqueryvet_custom.yml
+package testdata
+
+import (
+	"database/sql"
+	"fmt"
+	"strconv"
+)
+
+func _() {
+	query := "SELECT * FROM users" // want "avoid SELECT \\* - explicitly specify needed columns for better performance, maintainability and stability"
+
+	var db *sql.DB
+	rows, _ := db.Query("SELECT * FROM orders WHERE status = ?", "active") // want "avoid SELECT \\* - explicitly specify needed columns for better performance, maintainability and stability"
+	_ = rows
+
+	count := "SELECT COUNT(*) FROM users"
+	_ = count
+
+	goodQuery := "SELECT id, name, email FROM users"
+	_ = goodQuery
+
+	fmt.Println(query)
+
+	_ = strconv.Itoa(42)
+}
+
+// Custom allowed patterns test - SELECT * from temp tables should be allowed

pkg/golinters/unqueryvet/testdata/unqueryvet_custom.go

@@ -0,0 +1,6 @@
+version: "2"
+
+linters:
+  settings:
+    unqueryvet:
+      check-sql-builders: false

pkg/golinters/unqueryvet/testdata/unqueryvet_custom.yml

@@ -0,0 +1,24 @@
+package unqueryvet
+
+import (
+	"github.com/MirrexOne/unqueryvet"
+	pkgconfig "github.com/MirrexOne/unqueryvet/pkg/config"
+
+	"github.com/golangci/golangci-lint/v2/pkg/config"
+	"github.com/golangci/golangci-lint/v2/pkg/goanalysis"
+)
+
+func New(settings *config.UnqueryvetSettings) *goanalysis.Linter {
+	cfg := pkgconfig.DefaultSettings()
+
+	if settings != nil {
+		cfg.CheckSQLBuilders = settings.CheckSQLBuilders
+		if len(settings.AllowedPatterns) > 0 {
+			cfg.AllowedPatterns = settings.AllowedPatterns
+		}
+	}
+
+	return goanalysis.
+		NewLinterFromAnalyzer(unqueryvet.NewWithConfig(&cfg)).
+		WithLoadMode(goanalysis.LoadModeSyntax)
+}

pkg/golinters/unqueryvet/unqueryvet.go

@@ -0,0 +1,11 @@
+package unqueryvet
+
+import (
+	"testing"
+
+	"github.com/golangci/golangci-lint/v2/test/testshared/integration"
+)
+
+func TestFromTestdata(t *testing.T) {
+	integration.RunTestdata(t)
+}