e758f2ebfb
Completes Task #3 of httpclient dogfooding with 100% detection rate (7/7 violations). ## New Extractors - **OptionBoundsExtractor**: Detects Option<T> fields set to None (unbounded) - **OptionValueExtractor**: Extracts values from Some(n) for threshold checks Both extractors use context-aware pattern matching to understand Rust Option<T> semantics, which declarative extractors cannot handle. ## Implementation **Files Created**: - applications/aphoria/src/extractors/option_bounds.rs (257 lines) - applications/aphoria/src/extractors/option_value.rs (277 lines) - applications/aphoria/docs/examples/extractors/programmatic-option-semantics.md **Files Modified**: - applications/aphoria/src/extractors/mod.rs - Added module declarations - applications/aphoria/src/extractors/registry.rs - Registered extractors - applications/aphoria/dogfood/httpclient/.aphoria/claims.toml - Added 4 claims - applications/aphoria/dogfood/httpclient/TASK-1-SUMMARY.md - Task #3 completion ## Results | Metric | Value | |--------|-------| | Detection Rate | 100% (7/7 violations) | | Improvement | +29 percentage points (from 71%) | | New Violations | 2 (max_redirects, max_retries unbounded) | | Unit Tests | 13 (all passing) | ## Two-Claim Strategy For each bounded Option<T> field: 1. **configured** claim - Detects None (unbounded) 2. **max_value** claim - Validates Some(n) threshold Example: - `max_redirects: None` → CONFLICT (not configured) - `max_redirects: Some(20)` → CONFLICT (exceeds 10) - `max_redirects: Some(5)` → PASS ## Enterprise Quality ✓ Proper error handling (no unwrap/expect) ✓ Comprehensive tests (6+7 unit tests) ✓ Full documentation with examples ✓ Reusable for 10+ similar patterns ✓ Screening patterns for performance ## Cachewrap Dogfood Also includes complete cachewrap dogfood exercise: - 10 claims for Redis cache wrapper - Day 1-5 summaries - Full retrospective and evaluation - Declarative extractors for all patterns Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2.8 KiB
2.8 KiB
Gap Analysis: Scan v1
Date: 2026-02-11 Scan: scan-v1.json Detection Rate: 0% (0/10 violations detected)
Violations vs Detection
| # | Violation | Claim ID | File:Line | Detected? | Why Not? | Extractor Needed |
|---|---|---|---|---|---|---|
| 1 | Key injection | cache-key-validation-001 | client.rs:27 | ❌ | No key validation checker | key_validation_check.toml |
| 2 | TLS disabled | cache-tls-validation-001 | config.rs:23 | ❌ | No verify_tls: false detector |
tls_verification_check.toml |
| 3 | Hardcoded password | cache-hardcoded-password-001 | config.rs:18 | ❌ | Built-in secrets extractor may not match pattern | hardcoded_password_check.toml |
| 4 | Missing TTL | cache-ttl-required-001 | client.rs:66 | ❌ | No SET without EX/PX detector | ttl_presence_check.toml |
| 5 | Unbounded size | cache-max-size-001 | config.rs:32 | ❌ | No max_size: None detector |
max_size_check.toml |
| 6 | Sync blocking | cache-async-blocking-001 | client.rs:105 | ❌ | No blocking in async detector | async_blocking_check.toml |
| 7 | No eviction | cache-eviction-policy-001 | config.rs:37 | ❌ | No eviction_policy: None detector |
eviction_policy_check.toml |
| 8 | Zero timeout | cache-timeout-001 | config.rs:27 | ❌ | No Duration::from_secs(0) detector |
timeout_check.toml |
| 9 | No pooling | cache-max-connections-001 | client.rs:30 | ❌ | No connection-per-request detector | connection_pool_check.toml |
| 10 | No metrics | cache-metrics-enabled-001 | config.rs:42 | ❌ | No metrics_enabled: false detector |
metrics_check.toml |
Summary
- Violations embedded: 10
- Detected by built-in extractors: 0
- Missing (need custom extractors): 10 (100%)
Extractor Creation Plan
All 10 violations need custom extractors. Priority by category:
Security (3 extractors):
key_validation_check.toml- Detect missingvalidate_key()calltls_verification_check.toml- Detectverify_tls: falsehardcoded_password_check.toml- Detectpassword: "secret123"
Performance (3 extractors):
ttl_presence_check.toml- DetectSETwithoutEX/PXmax_size_check.toml- Detectmax_size: Noneasync_blocking_check.toml- Detectget_connection()in async fn
Correctness (3 extractors):
eviction_policy_check.toml- Detecteviction_policy: Nonetimeout_check.toml- DetectDuration::from_secs(0)connection_pool_check.toml- Detect repeatedget_multiplexed_async_connection()
Observability (1 extractor):
metrics_check.toml- Detectmetrics_enabled: false
Next Step: Phase 4 Extractor Creation
Use /aphoria-custom-extractor-creator for each of the 10 missing patterns.
Target: Create all 10 extractors in ~40 minutes (4 min per extractor)