From c28fcba77964edb57609fee17b0470638596e5a3 Mon Sep 17 00:00:00 2001
From: Ankush Menat <ankush@iwebnotes.com>
Date: Sat, 17 Apr 2021 15:47:34 +0530
Subject: [PATCH] ci(semgrep): add correctness rule for on_cancel

Changes done to doctype object in `on_submit` are not commited to
database. Add rule to catch similar bugs.
---
 .../semgrep_rules/frappe_correctness.yml       | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/.github/helper/semgrep_rules/frappe_correctness.yml b/.github/helper/semgrep_rules/frappe_correctness.yml
index 394abbf74d..54df062480 100644
--- a/.github/helper/semgrep_rules/frappe_correctness.yml
+++ b/.github/helper/semgrep_rules/frappe_correctness.yml
@@ -7,11 +7,29 @@ rules:
     - pattern-inside: |
         def on_submit(self, ...):
           ...
+    - metavariable-regex:
+        metavariable: '$ATTR'
+        # this is negative look-ahead, add more attrs to ignore like (ignore|ignore_this_too|ignore_me)
+        regex: '^(?!status_updater)(.*)$'
   message: |
     Doctype modified after submission. Please check if modification of self.$ATTR is commited to database.
   languages: [python]
   severity: ERROR
 
+- id: frappe-modifying-after-cancel
+  patterns:
+    - pattern: self.$ATTR = ...
+    - pattern-inside: |
+        def on_cancel(self, ...):
+          ...
+    - metavariable-regex:
+        metavariable: '$ATTR'
+        regex: '^(?!ignore_linked_doctypes|status_updater)(.*)$'
+  message: |
+    Doctype modified after cancellation. Please check if modification of self.$ATTR is commited to database.
+  languages: [python]
+  severity: ERROR
+
 - id: frappe-print-function-in-doctypes
   pattern: print(...)
   message: |