static-code-analysis

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Static Code Analysis Skill

静态代码分析技能

Step 1 — Detect Language and Choose Tool

步骤1 — 检测语言并选择工具

Language	Recommended tool	Config file
TypeScript / JavaScript	ESLint + typescript-eslint (+ eslint-plugin-import if using `import/*` rules)	`eslint.config.ts`
Go	golangci-lint	`.golangci.yml`
Python	Ruff	`ruff.toml` or `pyproject.toml`
PHP	PHPStan	`phpstan.neon`
Rust	Clippy (built-in)	`clippy.toml`

If a tool is already present, audit its configuration before making changes.

语言	推荐工具	配置文件
TypeScript / JavaScript	ESLint + typescript-eslint (+ eslint-plugin-import 如果使用 `import/*` 规则)	`eslint.config.ts`
Go	golangci-lint	`.golangci.yml`
Python	Ruff	`ruff.toml` 或 `pyproject.toml`
PHP	PHPStan	`phpstan.neon`
Rust	Clippy（内置）	`clippy.toml`

如果项目中已存在相关工具，在修改配置前先审核其现有设置。

Step 2 — Configure Rules

步骤2 — 配置规则

Apply a strict baseline. If you use

import/*

rules, ensure

eslint-plugin-import

is installed and configured.

TypeScript (ESLint)

json

{
  "rules": {
    "@typescript-eslint/no-explicit-any": "error",
    "@typescript-eslint/no-unused-vars": "error",
    "import/no-commonjs": "error",
    "no-console": "warn",
    "eqeqeq": ["error", "always"]
  }
}

Go (golangci-lint)

yaml

linters:
  enable:
    - errcheck
    - gosimple
    - govet
    - ineffassign
    - staticcheck
    - unused
linters-settings:
  govet:
    enable-all: true

Python (Ruff)

toml

[tool.ruff]
select = ["E", "F", "I", "N", "UP", "S", "B"]
ignore = []
line-length = 100

应用严格的基准规则。如果使用

import/*

规则，请确保已安装并配置

eslint-plugin-import

。

TypeScript (ESLint)

json

{
  "rules": {
    "@typescript-eslint/no-explicit-any": "error",
    "@typescript-eslint/no-unused-vars": "error",
    "import/no-commonjs": "error",
    "no-console": "warn",
    "eqeqeq": ["error", "always"]
  }
}

Go (golangci-lint)

yaml

linters:
  enable:
    - errcheck
    - gosimple
    - govet
    - ineffassign
    - staticcheck
    - unused
linters-settings:
  govet:
    enable-all: true

Python (Ruff)

toml

[tool.ruff]
select = ["E", "F", "I", "N", "UP", "S", "B"]
ignore = []
line-length = 100

Step 3 — Integrate with CI

步骤3 — 与CI集成

Add a lint job that runs before tests and fails on any error (exit code 1):

yaml

undefined

添加一个代码检查任务，使其在测试前运行，并在出现任何错误时失败（退出码1）：

yaml

undefined

.github/workflows/ci.yml

lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Run linter run: <lint-command> # e.g., pnpm lint, golangci-lint run, ruff check .


Do not suppress errors with `continue-on-error: true` — violations must be fixed.

lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Run linter run: <lint-command> # 例如：pnpm lint, golangci-lint run, ruff check .


不要使用 `continue-on-error: true` 来忽略错误——必须修复所有违规问题。

Step 4 — Fix Existing Violations

步骤4 — 修复现有违规问题

Run the auto-fixer first to resolve stylistic issues without manual effort:

bash

undefined

首先运行自动修复工具，无需手动操作即可解决风格类问题：

bash

undefined

TypeScript

pnpm eslint . --fix

Python

ruff check . --fix

Go (no auto-fix in golangci-lint; use gofmt + goimports)

Go（golangci-lint无自动修复功能；使用gofmt + goimports）

gofmt -w . goimports -w .


Then address remaining violations manually. Prioritise `error`-level findings.
Document any intentional rule suppression inline with a comment explaining why:

```ts
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- legacy API response type
const response: any = await legacyClient.fetch()

gofmt -w . goimports -w .


然后手动处理剩余的违规问题。优先处理`error`级别的问题。
如果需要有意禁用规则，请在代码中添加注释说明原因：

```ts
// eslint-disable-next-line @typescript-eslint/no-explicit-any -- 遗留API响应类型
const response: any = await legacyClient.fetch()

Step 5 — Pre-commit Hook

步骤5 — 提交前钩子

Install a pre-commit hook so violations are caught before

git push

Using Husky + lint-staged (JS/TS)

bash

pnpm add -D husky lint-staged
npx husky init

json

// package.json
"lint-staged": { "*.{ts,tsx}": "eslint --fix" }

Using pre-commit (Python/Go)

yaml

undefined

安装提交前钩子，确保在

git push

前发现违规问题：

使用 Husky + lint-staged (JS/TS)

bash

pnpm add -D husky lint-staged
npx husky init

json

// package.json
"lint-staged": { "*.{ts,tsx}": "eslint --fix" }

使用 pre-commit (Python/Go)

yaml

undefined

.pre-commit-config.yaml

repos:

repo: https://github.com/astral-sh/ruff-pre-commit rev: v0.4.0 hooks:
- id: ruff args: [--fix]

undefined

repos:

repo: https://github.com/astral-sh/ruff-pre-commit rev: v0.4.0 hooks:
- id: ruff args: [--fix]

undefined

Step 6 — Verify

步骤6 — 验证

```
<lint-command>
```
exits 0 with no output.
CI lint job passes on a clean branch.
Pre-commit hook blocks a commit that introduces a lint error.
No blanket
```
eslint-disable
```
or
```
#noqa
```
without explanatory comments.

```
<lint-command>
```
运行后退出码为0且无输出。
在干净分支上CI代码检查任务通过。
提交前钩子能够阻止引入代码检查错误的提交。
无未添加解释注释的全局
```
eslint-disable
```
或
```
#noqa
```
。