Prefer Struct (or value objects) over OpenStruct for performance and type clarity.
performance-efficiencyreadability-refactor
Low
Use Template Literals Instead of String Concatenation
Check for cases of string concatenation using +. Template literals improve readability and are less error-prone.
performance-efficiencyreadability-refactor+1
Low
Use timezone-aware datetime objects
Store and compare datetimes as timezone-aware (UTC). Convert to local time only at the edges (UI/IO).
stack-pythonstyle-conventions
Low
Use translation keys for user-facing text
Do not hardcode UI strings; use I18n keys with proper scopes.
internationalization-i18nmaintainability
Low
Use Try-With-Resources for Resource Management
Ensure that resources such as streams or file handlers are managed using try-with-resources to avoid leaks.
error-handlingperformance-efficiency
Low
Use Type Annotations for Better Readability
Check if function signatures include type annotations. Type hints improve readability and help catch type-related errors early. Recommend adding type annotations where missing.
maintainabilityreadability-refactor+2
Low
Use Type Annotations for Public APIs
Ensure that functions in public APIs include type annotations. Type annotations improve code clarity and help catch type-related errors early. Recommend adding them where missing.
maintainabilityreadability-refactor+2
Low
Use type hints for better clarity
Add scalar/union/nullable type hints and return types to functions, methods, and properties; prefer interfaces over mixed.
readability-refactorstack-php+1
Low
Utility Classes Should Not Have Public Constructors
Utility classes are not meant to be instantiated. Mark them as static or provide a private constructor to prevent unintended instantiation.
maintainabilitystyle-conventions
Low
Validate gateway responses and avoid storing PAN substitutes long-term
Accept only short-lived tokens from the gateway (JWT/JWE or opaque) and validate signature/expiry; do not persist tokens beyond business need. Never attempt to reconstruct PAN from tokens. (PCI DSS data minimization)
compliance-pci-dsssecurity-hardening+1
Low
Validate parameter types before casting
Use instanceof/pattern matching and guard before casts; avoid ClassCastException.
error-handlingsecurity-hardening
Low
Validate Terraform variables with types and constraints
All variables must declare a type, default (when sensible), and validation blocks; mark sensitive inputs with sensitive=true.
infra-as-codeconfig-environment+1
Low
Version and deprecate APIs with logged contract changes
Expose explicit API versions (e.g., v1, v2). Breaking changes require a deprecation window and a CHANGELOG entry; log api_version in requests for traceability.
Enforces consistent usage of hyphenated (kebab-case) or non-hyphenated (camelCase) attribute names on custom components in templates.
stack-vuestyle-conventions
Low
Wrap Errors with Context Information
When returning an error from a function, include contextual information. Use `fmt.Errorf` with `%w` (or similar error wrapping) to add a message while preserving the original error.
error-handlingobservability-logging
Low
Write One Statement Per Line for Clarity
Detect multiple statements on the same line, separated by semicolons. This reduces readability and debugging efficiency. Recommend placing each statement on its own line.