CSA is not a good fit because its core is driving a path-sensitive analysis. CSA can solve “may” problems (“try to find a path through the program which leads to a state that violates a predicate P”), but can’t solve “must” problems (“show that no path through the program ends in a state that violates P”).
Inferring and verifying lifetimes is a “must” problem – just like type checking. So CSA is not suitable.
ClangTidy is a general-purpose framework for checks, it is not limited to pattern-matching. ClangTidy provides the AST to the check, and it is up to the check to decide what to do with it.
We have been working on a dataflow framework that allows to compute an all-paths solution to dataflow problems. This framework allows to develop dataflow-based checks in ClangTidy (or in any other system that provides access to the Clang AST).
We are upstreaming our dataflow-based ClangTidy check that verifies that std::optional values are known to have a value before it is unwrapped, on all paths through the program. You can find the tests for it here: https://github.com/llvm/llvm-project/blob/main/clang/unittests/Analysis/FlowSensitive/UncheckedOptionalAccessModelTest.cpp . The core modeling for std::optional is in clang/Analysis/FlowSensitive because it is a reusable building block for building many other checks, not just the optional unwrapping check. Unfortunately the ClangTidy part is not upstream yet, but we will be mailing it out soon.