[clang-tools-extra] Enforce SL.con.3: Add check to replace operator[] with at() [Cont.] (PR #95220)

[Paul Heidekrüger via cfe-commits]

================
@@ -0,0 +1,50 @@
+.. title:: clang-tidy - cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses
+
+cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses
+===============================================================
+
+Flags calls to ``operator[]`` in STL containers and suggests replacing it with
+safe alternatives.
+
+For example, both
+
+.. code-block:: c++
+
+  std::vector<int> a;
+  int b = a[4];
+
+and
+
+.. code-block:: c++
+
+  std::unique_ptr<vector> a;
+  int b = a[0];
+
+will generate a warning.
+
+STL containers with well-defined behavior for ``operator[]`` are excluded from this
+check.
+
+This check enforces part of the `SL.con.3
+<https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#slcon3-avoid-bounds-errors>`
+guideline and is part of the `Bounds Safety (Bounds 4)
+<https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines#Pro-bounds-arrayindex>`
+profile from the C++ Core Guidelines.
+
+Options
+-------
+
+.. option:: ExcludeClasses
+
+    Semicolon-delimited list of class names that should additionally be
+    excluded from this check. Default is empty string.
+
+.. option:: FixMode
+
+    Determines what fixes are suggested. Either `None` (default), `at` (use 
+    ``a.at(index)`` if a fitting function exists) or `function` (use a 
----------------
paulhdk wrote:

Good catch!

Personally, I prefer lowercase spelling for all three options. Writing uppercase after the colon when setting the option via `cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses.FixMode: <option_name>` feels unnatural to me. Feel free to re-open if there's a particular reason why uppercase makes more sense here.

https://github.com/llvm/llvm-project/pull/95220