LowFile-scopeGo Plug & play

Avoid exposing internal IDs in error messages

Do not include internal identifiers (DB IDs, service IDs, tokens) in client-facing errors. Log them internally; return generic messages externally.

Why this matters

Reduces information leakage, improves security, and keeps public errors stable.

Side-by-side examples engineers can pattern-match during review.

Avoid

return fmt.Errorf("serviceId %s not found", serviceID)

Prefer

logger.Error("resource not found", "service_id", serviceID)
return ErrNotFound

Bad

fmt.Errorf("pk=%s invalid", pk)

Good

logger.Error("invalid", "pk", pk); return ErrInvalid

From the same buckets as this rule.

Critical
Avoid equality operators in loop termination conditions
Check if loops use equality operators (== or !=) in termination conditions. These can lead to infinite loops if the condition is never met exactly. Instead, use relational operators like < or > for safer loop termination.
error-handlingreadability-refactor
Critical
Avoid Returning Null in Non-Async Task Methods
Returning null from a Task or Task<T> method causes a NullReferenceException if awaited. Use Task.CompletedTask or Task.FromResult<T>(null) instead.
error-handlingreadability-refactor+1
Critical
Avoid Using Boolean Expressions in `except` Statements
Detect `except` clauses that use `or` or `and` to catch multiple exceptions. This does not work as intended. Recommend using a tuple of exceptions instead.
error-handlingstack-python