DarkPlayer

joined 1 year ago
[–] [email protected] 0 points 1 year ago

Checking the return value is just a very basic example of a consistency check and is already supported by some tools. But I think we are heading towards more advanced and project specific checks, such as identifying missing authentication checks. This won't work based on hard coded rules or hints (like [[nodiscard]]) but will be detected because this API endpoint looks different from the others. However, even the return value example is still relevant. Something like [[nodiscard]] isn't supported by all programming languages nor is it used in all third party libraries or system header files.

Regarding semantic merges: You're right that automated tools will not be able to determine whether the merged code makes sense from a logical point of view. But that is not the point of this section. The main idea is that by parsing the code and merging the ASTs merge tools will be able to resolve conflicts even if there are changes on the same line. And they can determine whether the generated syntax would be valid. It is still up to the developer to verify that the merged code makes logical sense.