Merge branch 'main' into feat/dml-transforms

Author: ajitpratap0

pkg/linter/rule.go

@@ -229,16 +229,41 @@ func (r BaseRule) CanAutoFix() bool {
 // Use this to validate that user-specified rule names in configuration
 // files (e.g., .gosqlx.yml) reference actual rules.
 var ValidRuleIDs = map[string]string{
+	// Whitespace rules
 	"L001": "Trailing Whitespace",
 	"L002": "Mixed Indentation",
 	"L003": "Consecutive Blank Lines",
 	"L004": "Indentation Depth",
 	"L005": "Long Lines",
 	"L006": "Column Alignment",
+	// Style rules
 	"L007": "Keyword Case Consistency",
 	"L008": "Comma Placement",
 	"L009": "Aliasing Consistency",
 	"L010": "Redundant Whitespace",
+	// Safety rules
+	"L011": "Delete Without WHERE",
+	"L012": "Update Without WHERE",
+	"L013": "Drop Without IF EXISTS",
+	"L014": "Truncate Table",
+	"L015": "Select Into Outfile",
+	// Performance rules
+	"L016": "Select Star",
+	"L017": "Missing WHERE on Full Scan",
+	"L018": "Leading Wildcard LIKE",
+	"L019": "NOT IN With NULL Risk",
+	"L020": "Correlated Subquery in SELECT",
+	"L021": "OR Instead of IN",
+	"L022": "Function on Indexed Column",
+	"L023": "Implicit Cross Join",
+	// Naming/style rules
+	"L024": "Table Alias Required",
+	"L025": "Reserved Keyword Identifier",
+	"L026": "Implicit Column List in INSERT",
+	"L027": "UNION Instead of UNION ALL",
+	"L028": "Missing ORDER BY with LIMIT",
+	"L029": "Subquery Can Be JOIN",
+	"L030": "Distinct on Many Columns",
 }
 
 // IsValidRuleID checks whether a rule ID corresponds to an implemented rule.

pkg/linter/rules/naming/distinct_on_many_columns.go

@@ -0,0 +1,76 @@
+// Copyright 2026 GoSQLX Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package naming
+
+import (
+	"fmt"
+
+	"github.com/ajitpratap0/GoSQLX/pkg/linter"
+	"github.com/ajitpratap0/GoSQLX/pkg/sql/ast"
+)
+
+const distinctColumnThreshold = 5
+
+// DistinctOnManyColumnsRule (L030) warns when DISTINCT is used with many columns.
+// DISTINCT on many columns is often a sign of a missing GROUP BY or denormalized
+// data. It also forces a sort over all projected columns, which is expensive.
+type DistinctOnManyColumnsRule struct{ linter.BaseRule }
+
+// NewDistinctOnManyColumnsRule creates a new L030 rule instance.
+func NewDistinctOnManyColumnsRule() *DistinctOnManyColumnsRule {
+	return &DistinctOnManyColumnsRule{
+		BaseRule: linter.NewBaseRule(
+			"L030",
+			"Distinct on Many Columns",
+			"DISTINCT on many columns suggests a missing GROUP BY or data quality issue",
+			linter.SeverityWarning,
+			false,
+		),
+	}
+}
+
+// Check inspects SELECT statements for DISTINCT with many columns.
+func (r *DistinctOnManyColumnsRule) Check(ctx *linter.Context) ([]linter.Violation, error) {
+	if ctx.AST == nil {
+		return nil, nil
+	}
+	var violations []linter.Violation
+	for _, stmt := range ctx.AST.Statements {
+		sel, ok := stmt.(*ast.SelectStatement)
+		if !ok {
+			continue
+		}
+		if !sel.Distinct {
+			continue
+		}
+		colCount := len(sel.Columns)
+		if colCount >= distinctColumnThreshold {
+			violations = append(violations, linter.Violation{
+				Rule:       r.ID(),
+				RuleName:   r.Name(),
+				Severity:   r.Severity(),
+				Message:    fmt.Sprintf("DISTINCT on %d columns is expensive and may indicate a missing GROUP BY or join issue", colCount),
+				Location:   sel.Pos,
+				Suggestion: "Consider using GROUP BY with aggregate functions, or investigate whether the query structure can be simplified",
+			})
+		}
+	}
+	return violations, nil
+}
+
+// Fix is a no-op: replacing DISTINCT with GROUP BY requires semantic understanding.
+func (r *DistinctOnManyColumnsRule) Fix(content string, violations []linter.Violation) (string, error) {
+	return content, nil
+}

pkg/linter/rules/naming/doc.go

@@ -0,0 +1,25 @@
+// Copyright 2026 GoSQLX Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package naming provides linter rules for SQL naming conventions and style.
+//
+// Rules:
+//   - L024: Table alias required (multi-table queries)
+//   - L025: Reserved keyword used as identifier
+//   - L026: Implicit column list in INSERT
+//   - L027: UNION instead of UNION ALL
+//   - L028: Missing ORDER BY with LIMIT
+//   - L029: Subquery in WHERE can be a JOIN
+//   - L030: DISTINCT on many columns
+package naming

pkg/linter/rules/naming/implicit_column_list.go

@@ -0,0 +1,68 @@
+// Copyright 2026 GoSQLX Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package naming
+
+import (
+	"github.com/ajitpratap0/GoSQLX/pkg/linter"
+	"github.com/ajitpratap0/GoSQLX/pkg/sql/ast"
+)
+
+// ImplicitColumnListRule (L026) flags INSERT statements without an explicit column list.
+// INSERT INTO table VALUES (...) is fragile — it breaks when columns are added/reordered.
+type ImplicitColumnListRule struct{ linter.BaseRule }
+
+// NewImplicitColumnListRule creates a new L026 rule instance.
+func NewImplicitColumnListRule() *ImplicitColumnListRule {
+	return &ImplicitColumnListRule{
+		BaseRule: linter.NewBaseRule(
+			"L026",
+			"Implicit Column List in INSERT",
+			"INSERT without explicit column list is fragile and breaks on schema changes",
+			linter.SeverityWarning,
+			false,
+		),
+	}
+}
+
+// Check inspects INSERT statements for missing column lists.
+func (r *ImplicitColumnListRule) Check(ctx *linter.Context) ([]linter.Violation, error) {
+	if ctx.AST == nil {
+		return nil, nil
+	}
+	var violations []linter.Violation
+	for _, stmt := range ctx.AST.Statements {
+		ins, ok := stmt.(*ast.InsertStatement)
+		if !ok {
+			continue
+		}
+		// If there are VALUES but no explicit column list, flag it
+		if len(ins.Values) > 0 && len(ins.Columns) == 0 {
+			violations = append(violations, linter.Violation{
+				Rule:       r.ID(),
+				RuleName:   r.Name(),
+				Severity:   r.Severity(),
+				Message:    "INSERT INTO " + ins.TableName + " has no explicit column list",
+				Location:   ins.Pos,
+				Suggestion: "Specify columns explicitly: INSERT INTO " + ins.TableName + " (col1, col2, ...) VALUES (...)",
+			})
+		}
+	}
+	return violations, nil
+}
+
+// Fix is a no-op: adding column list requires schema knowledge.
+func (r *ImplicitColumnListRule) Fix(content string, violations []linter.Violation) (string, error) {
+	return content, nil
+}

pkg/linter/rules/naming/missing_order_by_limit.go

@@ -0,0 +1,78 @@
+// Copyright 2026 GoSQLX Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package naming
+
+import (
+	"github.com/ajitpratap0/GoSQLX/pkg/linter"
+	"github.com/ajitpratap0/GoSQLX/pkg/sql/ast"
+)
+
+// MissingOrderByLimitRule (L028) flags queries that use LIMIT/OFFSET without ORDER BY.
+// Without ORDER BY, the rows returned by LIMIT are non-deterministic — different
+// executions may return different rows, making pagination unreliable.
+type MissingOrderByLimitRule struct{ linter.BaseRule }
+
+// NewMissingOrderByLimitRule creates a new L028 rule instance.
+func NewMissingOrderByLimitRule() *MissingOrderByLimitRule {
+	return &MissingOrderByLimitRule{
+		BaseRule: linter.NewBaseRule(
+			"L028",
+			"Missing ORDER BY with LIMIT",
+			"LIMIT without ORDER BY produces non-deterministic results",
+			linter.SeverityWarning,
+			false,
+		),
+	}
+}
+
+// Check inspects SELECT statements for LIMIT/OFFSET without ORDER BY.
+func (r *MissingOrderByLimitRule) Check(ctx *linter.Context) ([]linter.Violation, error) {
+	if ctx.AST == nil {
+		return nil, nil
+	}
+	var violations []linter.Violation
+	for _, stmt := range ctx.AST.Statements {
+		sel, ok := stmt.(*ast.SelectStatement)
+		if !ok {
+			continue
+		}
+		hasLimit := sel.Limit != nil || sel.Fetch != nil
+		if !hasLimit {
+			continue
+		}
+		hasOffset := sel.Offset != nil || (sel.Fetch != nil && sel.Fetch.OffsetValue != nil)
+		hasOrderBy := len(sel.OrderBy) > 0
+		if !hasOrderBy {
+			msg := "LIMIT without ORDER BY produces non-deterministic results"
+			if hasOffset {
+				msg = "LIMIT/OFFSET without ORDER BY produces non-deterministic pagination"
+			}
+			violations = append(violations, linter.Violation{
+				Rule:       r.ID(),
+				RuleName:   r.Name(),
+				Severity:   r.Severity(),
+				Message:    msg,
+				Location:   sel.Pos,
+				Suggestion: "Add ORDER BY to ensure deterministic row selection with LIMIT",
+			})
+		}
+	}
+	return violations, nil
+}
+
+// Fix is a no-op: choosing the right ORDER BY requires business logic.
+func (r *MissingOrderByLimitRule) Fix(content string, violations []linter.Violation) (string, error) {
+	return content, nil
+}