Jeremie Fraeys
|
90ae9edfff
|
feat(verification): Custom linting tool (fetchml-vet) for structural invariants
Add golang.org/x/tools/go/analysis based linting tool:
- fetchml-vet: Custom go vet tool for security invariants
Add analyzers for critical security patterns:
- noBareDetector: Ensures CreateDetector always captures DetectionInfo
(prevents silent metadata loss in GPU detection)
- manifestEnv: Validates functions returning Artifacts populate Environment
(ensures reproducibility metadata capture)
- noInlineCredentials: Detects inline credential patterns in config structs
(enforces environment variable references)
- hipaaComplete: Validates HIPAA mode configs have all required fields
(structural check for compliance completeness)
Integration with make lint-custom:
- Builds bin/fetchml-vet from tools/fetchml-vet/cmd/fetchml-vet/
- Runs with: go vet -vettool=bin/fetchml-vet ./internal/...
Part of: V.4 custom linting from security plan
|
2026-02-23 19:44:00 -05:00 |
|