The governance layer would be stronger if regex rule packs had explicit automated tests verifying: true positives (violations detected), false positives (clean code passes), and edge cases for each rule category. Consider a test harness that runs sonar-rules-setup.sh rules against known-good and known-bad SQL samples.
The governance layer would be stronger if regex rule packs had explicit automated tests verifying: true positives (violations detected), false positives (clean code passes), and edge cases for each rule category. Consider a test harness that runs sonar-rules-setup.sh rules against known-good and known-bad SQL samples.