Metastatic.Analysis.BusinessLogic.SilentErrorCase (Metastatic v0.10.4)

View Source

Detects conditional statements that only handle the success case.

This analyzer identifies conditionals where only the success/truthy branch is handled without a corresponding error/falsy branch or catch-all, potentially leading to silent failures.

Cross-Language Applicability

This is a universal pattern that applies to all languages with conditionals:

  • Python: if without else when handling error-prone operations
  • JavaScript: if without else when handling promises/results
  • Elixir: case with only {:ok, _} branch
  • Rust: match with only Ok(_) branch
  • Go: Checking only success case without error handling

Examples

Bad (Elixir)

case Accounts.get_user(id) do
  {:ok, user} -> user
end
# What happens if error is returned?

Good (Elixir)

case Accounts.get_user(id) do
  {:ok, user} -> user
  {:error, _} -> nil
end

Bad (Python)

result = get_user(id)
if result.success:
    return result.value
# What if not success?

Good (Python)

result = get_user(id)
if result.success:
    return result.value
else:
    return None

Bad (Rust)

match get_user(id) {
    Ok(user) => user,
}  // Compile error - non-exhaustive match

Good (Rust)

match get_user(id) {
    Ok(user) => user,
    Err(e) => handle_error(e),
}

Detection Strategy

Checks for:

  1. Conditionals with only a "then" branch (no "else")
  2. Pattern matching with only success patterns and no catch-all
  3. Missing error handling paths in multi-branch conditionals