fix: override severity on rule & inline-rules flags

[Dsaquel]

The severity override doesn't work for the commands:

• ast-grep scan --rule myRule.yml --error
• ast-grep scan --error --inline-rules <my rule>

Summary by CodeRabbit

• Bug Fixes

  • Rule override processing now runs consistently for both file-based and inline rule sources, including stdin paths, ensuring severity overrides are correctly applied.

• Tests

  • Added tests validating severity override behavior for rule-file, inline-rule, and inline-rule with stdin scenarios, ensuring failures surface as expected.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 076c31a and 2761737.

📒 Files selected for processing (2)

• crates/cli/src/scan.rs
• crates/cli/tests/scan_test.rs

🚧 Files skipped from review as they are similar to previous changes (1)

• crates/cli/src/scan.rs

---

📝 Walkthrough

Walkthrough

Scan rule loading now always applies RuleOverwrite processing: file-based, inline, and stdin-loaded rule configurations are passed through overwrite.process_configs(...) before use. Three tests were added to validate severity override behavior across rule-path, inline-rule, and inline-with-stdin flows.

Changes

Cohort / File(s)	Summary
Rule Override Processing crates/cli/src/scan.rs	Consistently apply overwrite.process_configs(configs) for rule-file, inline-rule, and stdin paths when constructing ScanWithConfig / ScanStdin, ensuring all loaded rule configs pass through RuleOverwrite.
Test Coverage crates/cli/tests/scan_test.rs	Add three tests (test_severity_override_with_rule_path, test_severity_override_with_inline_rule, test_severity_override_with_inline_rule_and_stdin) to verify --error severity override works for rule file, inline rules, and inline rules with stdin input.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat: add severity override #1537: Adds the RuleOverwrite machinery and process_configs API that this change invokes when loading rules.
• feat: add RuleOverwrite to rule #1546: Integrates RuleOverwrite processing into scan rule-loading paths; closely overlaps with the modifications here.
• feat: add rule stats for -r and --inline-rules #1589: Alters rule-loading logic in crates/cli/src/scan.rs; likely touches the same code paths adjusted by this PR.

Poem

🐰 I hop through configs, leaf and vine,
File, inline, stdin — now all align.
A gentle overwrite on each rule I press,
Consistency nibbled, chaos suppressed. ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main bug fix: enabling severity override functionality for the --rule and --inline-rules flags, which is the primary objective of the changeset.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

❌ Patch coverage is 88.88889% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 84.42%. Comparing base (e5f9010) to head (2761737).
⚠️ Report is 5 commits behind head on main.

Files with missing lines	Patch %	Lines
crates/cli/src/scan.rs	88.88%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2505      +/-   ##
==========================================
+ Coverage   84.40%   84.42%   +0.01%     
==========================================
  Files         113      113              
  Lines       18665    18669       +4     
==========================================
+ Hits        15755    15761       +6     
+ Misses       2910     2908       -2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

crates/cli/src/scan.rs (1)

297-311: ⚠️ Potential issue | 🟡 Minor

The --stdin path doesn't apply severity overrides.

ScanStdin::try_new has the same rule-loading pattern but doesn't apply RuleOverwrite.process_configs. This means severity overrides via --error, --warning, etc. won't work when combined with --stdin.

Consider applying the same fix here for consistency:

Proposed fix

 fn try_new(arg: ScanArg) -> Result<Self> {
+   let overwrite = RuleOverwrite::new(&arg.overwrite)?;
   let rules = if let Some(path) = &arg.rule {
-     read_rule_file(path, None)?
+     read_rule_file(path, None).and_then(|configs| overwrite.process_configs(configs))?
   } else if let Some(text) = &arg.inline_rules {
-     from_yaml_string(text, &Default::default())
+     let configs = from_yaml_string(text, &Default::default())
       .with_context(|| EC::ParseRule("INLINE_RULES".into()))?;
+     overwrite.process_configs(configs)?
   } else {
     return Err(anyhow::anyhow!(EC::RuleNotSpecified));
   };

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@crates/cli/src/scan.rs` around lines 297 - 311, ScanStdin::try_new loads
rules the same way as Scan::try_new but currently skips applying severity
overrides, so modify ScanStdin::try_new to call RuleOverwrite::process_configs
on the loaded rules (the same way Scan::try_new does) after rules are created
and before returning; locate the rules variable in ScanStdin::try_new and invoke
RuleOverwrite::process_configs(&mut rules, &arg.overwrites or equivalent) and
propagate any error, ensuring --error/--warning overrides are honored for
--stdin.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@crates/cli/src/scan.rs`:
- Around line 297-311: ScanStdin::try_new loads rules the same way as
Scan::try_new but currently skips applying severity overrides, so modify
ScanStdin::try_new to call RuleOverwrite::process_configs on the loaded rules
(the same way Scan::try_new does) after rules are created and before returning;
locate the rules variable in ScanStdin::try_new and invoke
RuleOverwrite::process_configs(&mut rules, &arg.overwrites or equivalent) and
propagate any error, ensuring --error/--warning overrides are honored for
--stdin.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e5f9010 and 076c31a.

📒 Files selected for processing (2)

• crates/cli/src/scan.rs
• crates/cli/tests/scan_test.rs