commit c28fcba77964edb57609fee17b0470638596e5a3
author Ankush Menat <ankush@iwebnotes.com> Sat Apr 17 15:47:34 2021 +0530
committer Ankush Menat <ankush@iwebnotes.com> Sun Apr 18 13:22:19 2021 +0530
tree 6f1fbae836a0d5cc1f9c94cbe0989efae710e77e
parent e972ceb79840783f3947a1856551d477154ec4be

ci(semgrep): add correctness rule for on_cancel

Changes done to doctype object in `on_submit` are not commited to
database. Add rule to catch similar bugs.

.github/helper/semgrep_rules/frappe_correctness.yml

diff --git a/.github/helper/semgrep_rules/frappe_correctness.yml b/.github/helper/semgrep_rules/frappe_correctness.yml
index 394abbf..54df062 100644
--- a/.github/helper/semgrep_rules/frappe_correctness.yml
+++ b/.github/helper/semgrep_rules/frappe_correctness.yml
@@ -7,11 +7,29 @@
     - pattern-inside: |
         def on_submit(self, ...):
           ...
+    - metavariable-regex:
+        metavariable: '$ATTR'
+        # this is negative look-ahead, add more attrs to ignore like (ignore|ignore_this_too|ignore_me)
+        regex: '^(?!status_updater)(.*)$'
   message: |
     Doctype modified after submission. Please check if modification of self.$ATTR is commited to database.
   languages: [python]
   severity: ERROR
 
+- id: frappe-modifying-after-cancel
+  patterns:
+    - pattern: self.$ATTR = ...
+    - pattern-inside: |
+        def on_cancel(self, ...):
+          ...
+    - metavariable-regex:
+        metavariable: '$ATTR'
+        regex: '^(?!ignore_linked_doctypes|status_updater)(.*)$'
+  message: |
+    Doctype modified after cancellation. Please check if modification of self.$ATTR is commited to database.
+  languages: [python]
+  severity: ERROR
+
 - id: frappe-print-function-in-doctypes
   pattern: print(...)
   message: |