jordan/stemedb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
200b84751e
stemedb/applications/aphoria/dogfood/cachewrap/gap-analysis.md
jml e758f2ebfb feat(aphoria): implement programmatic extractors for Option<T> semantics 
Completes Task #3 of httpclient dogfooding with 100% detection rate (7/7 violations).

## New Extractors

- **OptionBoundsExtractor**: Detects Option<T> fields set to None (unbounded)
- **OptionValueExtractor**: Extracts values from Some(n) for threshold checks

Both extractors use context-aware pattern matching to understand Rust Option<T>
semantics, which declarative extractors cannot handle.

## Implementation

**Files Created**:
- applications/aphoria/src/extractors/option_bounds.rs (257 lines)
- applications/aphoria/src/extractors/option_value.rs (277 lines)
- applications/aphoria/docs/examples/extractors/programmatic-option-semantics.md

**Files Modified**:
- applications/aphoria/src/extractors/mod.rs - Added module declarations
- applications/aphoria/src/extractors/registry.rs - Registered extractors
- applications/aphoria/dogfood/httpclient/.aphoria/claims.toml - Added 4 claims
- applications/aphoria/dogfood/httpclient/TASK-1-SUMMARY.md - Task #3 completion

## Results

| Metric | Value |
|--------|-------|
| Detection Rate | 100% (7/7 violations) |
| Improvement | +29 percentage points (from 71%) |
| New Violations | 2 (max_redirects, max_retries unbounded) |
| Unit Tests | 13 (all passing) |

## Two-Claim Strategy

For each bounded Option<T> field:
1. **configured** claim - Detects None (unbounded)
2. **max_value** claim - Validates Some(n) threshold

Example:
- `max_redirects: None` → CONFLICT (not configured)
- `max_redirects: Some(20)` → CONFLICT (exceeds 10)
- `max_redirects: Some(5)` → PASS

## Enterprise Quality

✓ Proper error handling (no unwrap/expect)
✓ Comprehensive tests (6+7 unit tests)
✓ Full documentation with examples
✓ Reusable for 10+ similar patterns
✓ Screening patterns for performance

## Cachewrap Dogfood

Also includes complete cachewrap dogfood exercise:
- 10 claims for Redis cache wrapper
- Day 1-5 summaries
- Full retrospective and evaluation
- Declarative extractors for all patterns

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-11 06:43:10 +00:00

55 lines
2.8 KiB
Markdown
Raw Blame History

# Gap Analysis: Scan v1
**Date:** 2026-02-11
**Scan:** scan-v1.json
**Detection Rate:** 0% (0/10 violations detected)
## Violations vs Detection
| # | Violation | Claim ID | File:Line | Detected? | Why Not? | Extractor Needed |
|---|-----------|----------|-----------|-----------|----------|------------------|
| 1 | Key injection | cache-key-validation-001 | client.rs:27 | ❌ | No key validation checker | `key_validation_check.toml` |
| 2 | TLS disabled | cache-tls-validation-001 | config.rs:23 | ❌ | No `verify_tls: false` detector | `tls_verification_check.toml` |
| 3 | Hardcoded password | cache-hardcoded-password-001 | config.rs:18 | ❌ | Built-in secrets extractor may not match pattern | `hardcoded_password_check.toml` |
| 4 | Missing TTL | cache-ttl-required-001 | client.rs:66 | ❌ | No SET without EX/PX detector | `ttl_presence_check.toml` |
| 5 | Unbounded size | cache-max-size-001 | config.rs:32 | ❌ | No `max_size: None` detector | `max_size_check.toml` |
| 6 | Sync blocking | cache-async-blocking-001 | client.rs:105 | ❌ | No blocking in async detector | `async_blocking_check.toml` |
| 7 | No eviction | cache-eviction-policy-001 | config.rs:37 | ❌ | No `eviction_policy: None` detector | `eviction_policy_check.toml` |
| 8 | Zero timeout | cache-timeout-001 | config.rs:27 | ❌ | No `Duration::from_secs(0)` detector | `timeout_check.toml` |
| 9 | No pooling | cache-max-connections-001 | client.rs:30 | ❌ | No connection-per-request detector | `connection_pool_check.toml` |
| 10 | No metrics | cache-metrics-enabled-001 | config.rs:42 | ❌ | No `metrics_enabled: false` detector | `metrics_check.toml` |
## Summary
- **Violations embedded:** 10
- **Detected by built-in extractors:** 0
- **Missing (need custom extractors):** 10 (100%)
## Extractor Creation Plan
All 10 violations need custom extractors. Priority by category:
### Security (3 extractors):
1. `key_validation_check.toml` - Detect missing `validate_key()` call
2. `tls_verification_check.toml` - Detect `verify_tls: false`
3. `hardcoded_password_check.toml` - Detect `password: "secret123"`
### Performance (3 extractors):
4. `ttl_presence_check.toml` - Detect `SET` without `EX`/`PX`
5. `max_size_check.toml` - Detect `max_size: None`
6. `async_blocking_check.toml` - Detect `get_connection()` in async fn
### Correctness (3 extractors):
7. `eviction_policy_check.toml` - Detect `eviction_policy: None`
8. `timeout_check.toml` - Detect `Duration::from_secs(0)`
9. `connection_pool_check.toml` - Detect repeated `get_multiplexed_async_connection()`
### Observability (1 extractor):
10. `metrics_check.toml` - Detect `metrics_enabled: false`
## Next Step: Phase 4 Extractor Creation
Use `/aphoria-custom-extractor-creator` for each of the 10 missing patterns.
**Target:** Create all 10 extractors in ~40 minutes (4 min per extractor)
Reference in New Issue View Git Blame Copy Permalink