Skip to content

Commit 433c76e

Browse files
HerringtonDarkholmeHerringtonDarkholme
committed
doc: add disclaimer for what ast-grep cannot do
1 parent 06e4bcd commit 433c76e

File tree

2 files changed

+29
-1
lines changed

2 files changed

+29
-1
lines changed

website/advanced/faq.md

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -201,4 +201,26 @@ pattern:
201201
selector: field_definition # select the effective pattern
202202
```
203203

204-
Note the rule above is one single pattern rule, instead of two. The `context` field provides the full unambiguous code snippet of `class`. So the `a = 123` will be parsed as `field_definition`. The `selector` field then selects the `field_definition` node as the [effective pattern](/advanced/pattern-parse.html#steps-to-create-a-pattern) matcher.
204+
Note the rule above is one single pattern rule, instead of two. The `context` field provides the full unambiguous code snippet of `class`. So the `a = 123` will be parsed as `field_definition`. The `selector` field then selects the `field_definition` node as the [effective pattern](/advanced/pattern-parse.html#steps-to-create-a-pattern) matcher.
205+
206+
## Does ast-grep support some advanced static analysis?
207+
208+
Short answer: **NO**.
209+
210+
Long answer: ast-grep at the moment does not support the following information:
211+
* [scope analysis](https://eslint.org/docs/latest/extend/scope-manager-interface)
212+
* [type information](https://semgrep.dev/docs/writing-rules/pattern-syntax#typed-metavariables)
213+
* [control flow analysis](https://en.wikipedia.org/wiki/Control-flow_analysis)
214+
* [data flow analysis](https://en.wikipedia.org/wiki/Data-flow_analysis)
215+
* [taint analysis](https://semgrep.dev/docs/writing-rules/data-flow/taint-mode)
216+
* [constant propagation](https://semgrep.dev/docs/writing-rules/data-flow/constant-propagation)
217+
218+
More concretely, it is not easy, or even possible, to achieve the following tasks in ast-grep:
219+
220+
* Find variables that are not defined/used in the current scope.
221+
* Find variables of a specific type.
222+
* Find code that is unreachable.
223+
* Find code that is always executed.
224+
* Identify the flow of user input.
225+
226+
Also see [tool comparison](/tool-comparison.html) for more information.

website/advanced/tool-comparison.md

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,12 @@ The author is grateful to these predecessor tools for inspiring ast-grep! The re
1717
**Cons**:
1818
* It is still young and under development. It may have some bugs or limitations that need to be fixed or improved.
1919
* It does not have deep semantic information or comparison equivalence. It only operates on the syntactic level of the code, which may miss some matches or may be too cumbersome to match certain code.
20+
* More specifically, ast-grep at the moment does not support the following information:
21+
* [type information](https://semgrep.dev/docs/writing-rules/pattern-syntax#typed-metavariables)
22+
* [control flow analysis](https://en.wikipedia.org/wiki/Control-flow_analysis)
23+
* [data flow analysis](https://en.wikipedia.org/wiki/Data-flow_analysis)
24+
* [taint analysis](https://semgrep.dev/docs/writing-rules/data-flow/taint-mode)
25+
* [constant propagation](https://semgrep.dev/docs/writing-rules/data-flow/constant-propagation)
2026

2127
## [Semgrep](https://semgrep.dev/)
2228

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy