@aicqtools/guardrail 1.0.0-alpha.2

package/dist/rules-default/ai-explainability-metadata.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ai-explainability-metadata.js","sourceRoot":"","sources":["../../src/rules-default/ai-explainability-metadata.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAGjD;;;;;;;;;GASG;AACH,MAAM,MAAM,GAAG,qEAAqE,CAAC;AACrF,MAAM,YAAY,GAAG,mEAAmE,CAAC;AAEzF,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,4BAA4B;IAChC,QAAQ,EAAE,CAAC,YAAY,EAAE,KAAK,CAAC;IAC/B,QAAQ,EAAE,MAAM;IAChB,OAAO,EAAE,uHAAuH;IAChI,SAAS,EAAE,wEAAwE;IACnF,IAAI,EAAE,2FAA2F;IACjG,QAAQ,EAAE;QACR,eAAe,CAAC,IAAuB,EAAE,GAAgB;YACvD,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAClD,IAAI,CAAC,MAAM;gBAAE,OAAO;YACpB,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YAClC,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAAC,MAAM,CAAC;gBAAE,OAAO;YACxD,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;YACjD,IAAI,CAAC,IAAI;gBAAE,OAAO;YAClB,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAClC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAAE,OAAO;YACnC,IAAI,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAAE,OAAO;YACxC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QACvB,CAAC;KACF;CACF,CAAC,CAAC"}

package/dist/rules-default/api-response-shape.d.ts

@@ -0,0 +1,3 @@
+declare const _default: import("@aicqtools/rule-sdk").FunctionRule;
+export default _default;
+//# sourceMappingURL=api-response-shape.d.ts.map

package/dist/rules-default/api-response-shape.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-response-shape.d.ts","sourceRoot":"","sources":["../../src/rules-default/api-response-shape.ts"],"names":[],"mappings":";AA0BA,wBAmBG"}

package/dist/rules-default/api-response-shape.js

@@ -0,0 +1,52 @@
+import { defineRule } from '@aicqtools/rule-sdk';
+function isResJsonCall(callee, textOf) {
+    if (callee.type !== 'member_expression')
+        return false;
+    const obj = callee.childForFieldName('object');
+    const prop = callee.childForFieldName('property');
+    if (!obj || !prop)
+        return false;
+    return textOf(obj) === 'res' && textOf(prop) === 'json';
+}
+function objectHasKey(obj, key, textOf) {
+    for (let i = 0; i < obj.namedChildCount; i++) {
+        const pair = obj.namedChild(i);
+        if (!pair)
+            continue;
+        if (pair.type === 'shorthand_property_identifier') {
+            if (textOf(pair) === key)
+                return true;
+            continue;
+        }
+        if (pair.type !== 'pair')
+            continue;
+        const k = pair.childForFieldName('key');
+        if (k && textOf(k).replace(/['"]/g, '') === key)
+            return true;
+    }
+    return false;
+}
+export default defineRule({
+    id: 'api-response-shape',
+    language: ['typescript', 'javascript', 'tsx'],
+    severity: 'warning',
+    message: 'API responses must use the standard shape: { success, data, message }.',
+    messageKo: 'API 응답은 { success, data, message } 표준 형태여야 합니다.',
+    visitors: {
+        call_expression(node, ctx) {
+            const callee = node.childForFieldName('function');
+            if (!callee || !isResJsonCall(callee, ctx.textOf))
+                return;
+            const args = node.childForFieldName('arguments');
+            if (!args || args.namedChildCount === 0)
+                return;
+            const first = args.namedChild(0);
+            if (!first || first.type !== 'object')
+                return;
+            if (!objectHasKey(first, 'success', ctx.textOf)) {
+                ctx.report({ node: first });
+            }
+        },
+    },
+});
+//# sourceMappingURL=api-response-shape.js.map

package/dist/rules-default/api-response-shape.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-response-shape.js","sourceRoot":"","sources":["../../src/rules-default/api-response-shape.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,SAAS,aAAa,CAAC,MAAyB,EAAE,MAAwC;IACxF,IAAI,MAAM,CAAC,IAAI,KAAK,mBAAmB;QAAE,OAAO,KAAK,CAAC;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAG,MAAM,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IAChC,OAAO,MAAM,CAAC,GAAG,CAAC,KAAK,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC;AAC1D,CAAC;AAED,SAAS,YAAY,CAAC,GAAsB,EAAE,GAAW,EAAE,MAAwC;IACjG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,MAAM,IAAI,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI;YAAE,SAAS;QACpB,IAAI,IAAI,CAAC,IAAI,KAAK,+BAA+B,EAAE,CAAC;YAClD,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACtC,SAAS;QACX,CAAC;QACD,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM;YAAE,SAAS;QACnC,MAAM,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACxC,IAAI,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;IAC/D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,oBAAoB;IACxB,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,KAAK,CAAC;IAC7C,QAAQ,EAAE,SAAS;IACnB,OAAO,EAAE,wEAAwE;IACjF,SAAS,EAAE,iDAAiD;IAC5D,QAAQ,EAAE;QACR,eAAe,CAAC,IAAI,EAAE,GAAG;YACvB,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAClD,IAAI,CAAC,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC;gBAAE,OAAO;YAC1D,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;YACjD,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,eAAe,KAAK,CAAC;gBAAE,OAAO;YAChD,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YACjC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ;gBAAE,OAAO;YAC9C,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChD,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC;KACF;CACF,CAAC,CAAC"}

package/dist/rules-default/async-await-consistency.d.ts

@@ -0,0 +1,3 @@
+declare const _default: import("@aicqtools/rule-sdk").FunctionRule;
+export default _default;
+//# sourceMappingURL=async-await-consistency.d.ts.map

package/dist/rules-default/async-await-consistency.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"async-await-consistency.d.ts","sourceRoot":"","sources":["../../src/rules-default/async-await-consistency.ts"],"names":[],"mappings":";AAmBA,wBAeG"}

package/dist/rules-default/async-await-consistency.js

@@ -0,0 +1,38 @@
+import { defineRule } from '@aicqtools/rule-sdk';
+function bodyHasAwait(body) {
+    function walk(n) {
+        if (n.type === 'await')
+            return true;
+        // Don't descend into nested function/class definitions
+        if (n.type === 'function_definition' || n.type === 'lambda' || n.type === 'class_definition') {
+            return false;
+        }
+        for (let i = 0; i < n.namedChildCount; i++) {
+            const child = n.namedChild(i);
+            if (child && walk(child))
+                return true;
+        }
+        return false;
+    }
+    return walk(body);
+}
+export default defineRule({
+    id: 'async-await-consistency',
+    language: 'python',
+    severity: 'warning',
+    message: '`async def` function has no `await` — likely should be a regular `def`.',
+    messageKo: '`async def` 함수에 `await`가 없습니다 — 일반 `def`로 정의하세요.',
+    visitors: {
+        function_definition(node, ctx) {
+            const text = ctx.textOf(node);
+            if (!text.startsWith('async '))
+                return;
+            const body = node.childForFieldName('body');
+            if (!body)
+                return;
+            if (!bodyHasAwait(body))
+                ctx.report({ node });
+        },
+    },
+});
+//# sourceMappingURL=async-await-consistency.js.map

package/dist/rules-default/async-await-consistency.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"async-await-consistency.js","sourceRoot":"","sources":["../../src/rules-default/async-await-consistency.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,SAAS,YAAY,CAAC,IAAuB;IAC3C,SAAS,IAAI,CAAC,CAAoB;QAChC,IAAI,CAAC,CAAC,IAAI,KAAK,OAAO;YAAE,OAAO,IAAI,CAAC;QACpC,uDAAuD;QACvD,IAAI,CAAC,CAAC,IAAI,KAAK,qBAAqB,IAAI,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;YAC7F,OAAO,KAAK,CAAC;QACf,CAAC;QACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,MAAM,KAAK,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC9B,IAAI,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;QACxC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC;AACpB,CAAC;AAED,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,yBAAyB;IAC7B,QAAQ,EAAE,QAAQ;IAClB,QAAQ,EAAE,SAAS;IACnB,OAAO,EAAE,yEAAyE;IAClF,SAAS,EAAE,kDAAkD;IAC7D,QAAQ,EAAE;QACR,mBAAmB,CAAC,IAAI,EAAE,GAAG;YAC3B,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC9B,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;gBAAE,OAAO;YACvC,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;YAC5C,IAAI,CAAC,IAAI;gBAAE,OAAO;YAClB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC;gBAAE,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QAChD,CAAC;KACF;CACF,CAAC,CAAC"}

package/dist/rules-default/audit-log-ai-decision.d.ts

@@ -0,0 +1,3 @@
+declare const _default: import("@aicqtools/rule-sdk").FunctionRule;
+export default _default;
+//# sourceMappingURL=audit-log-ai-decision.d.ts.map

package/dist/rules-default/audit-log-ai-decision.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-log-ai-decision.d.ts","sourceRoot":"","sources":["../../src/rules-default/audit-log-ai-decision.ts"],"names":[],"mappings":";AAsBA,wBAYG"}

package/dist/rules-default/audit-log-ai-decision.js

@@ -0,0 +1,33 @@
+import { defineRule } from '@aicqtools/rule-sdk';
+/**
+ * FSC AI guideline: every AI inference decision must produce an audit log entry.
+ * Heuristic: if a function body invokes an AI SDK (openai/anthropic/aiClient) but
+ * has no logger / audit / console.log call, flag it.
+ *
+ * Limitation: false positives when logging is delegated to a wrapper that doesn't
+ * match the regex. Flip severity to warning if your codebase wraps logging extensively.
+ */
+const AI_CALL_PATTERN = /\b(openai|anthropic|aiClient)\.\w+/;
+const LOG_PATTERN = /\b(logger|auditLog|audit|trace|winston|pino)\.\w+|\bconsole\.(log|info|warn|error)/;
+function check(node, ctx) {
+    const text = ctx.textOf(node);
+    if (!AI_CALL_PATTERN.test(text))
+        return;
+    if (LOG_PATTERN.test(text))
+        return;
+    ctx.report({ node });
+}
+export default defineRule({
+    id: 'audit-log-ai-decision',
+    language: ['typescript', 'tsx'],
+    severity: 'error',
+    message: 'AI inference call must be paired with an audit log entry (FSC AI guideline — auditability).',
+    messageKo: 'AI 추론 호출은 감사 로그가 필수입니다 (금감원 AI 가이드라인 — 감사 추적성).',
+    docs: 'https://github.com/aicqtools/aicqtools/blob/main/docs/rules/audit-log-ai-decision.md',
+    visitors: {
+        function_declaration: check,
+        arrow_function: check,
+        method_definition: check,
+    },
+});
+//# sourceMappingURL=audit-log-ai-decision.js.map

package/dist/rules-default/audit-log-ai-decision.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-log-ai-decision.js","sourceRoot":"","sources":["../../src/rules-default/audit-log-ai-decision.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAGjD;;;;;;;GAOG;AACH,MAAM,eAAe,GAAG,oCAAoC,CAAC;AAC7D,MAAM,WAAW,GAAG,oFAAoF,CAAC;AAEzG,SAAS,KAAK,CAAC,IAAuB,EAAE,GAAgB;IACtD,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC9B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO;IACxC,IAAI,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO;IACnC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;AACvB,CAAC;AAED,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,uBAAuB;IAC3B,QAAQ,EAAE,CAAC,YAAY,EAAE,KAAK,CAAC;IAC/B,QAAQ,EAAE,OAAO;IACjB,OAAO,EAAE,6FAA6F;IACtG,SAAS,EAAE,iDAAiD;IAC5D,IAAI,EAAE,sFAAsF;IAC5F,QAAQ,EAAE;QACR,oBAAoB,EAAE,KAAK;QAC3B,cAAc,EAAE,KAAK;QACrB,iBAAiB,EAAE,KAAK;KACzB;CACF,CAAC,CAAC"}

package/dist/rules-default/camelcase-migration-column.d.ts

@@ -0,0 +1,3 @@
+declare const _default: import("@aicqtools/rule-sdk").FunctionRule;
+export default _default;
+//# sourceMappingURL=camelcase-migration-column.d.ts.map

package/dist/rules-default/camelcase-migration-column.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"camelcase-migration-column.d.ts","sourceRoot":"","sources":["../../src/rules-default/camelcase-migration-column.ts"],"names":[],"mappings":";AAiBA,wBAgCG"}

package/dist/rules-default/camelcase-migration-column.js

@@ -0,0 +1,56 @@
+import { defineRule } from '@aicqtools/rule-sdk';
+const SEQUELIZE_MIGRATION_FNS = new Set(['createTable', 'addColumn', 'changeColumn']);
+const SNAKE_CASE_PATTERN = /^[a-z][a-z0-9]*(_[a-z0-9]+)+$/;
+function findColumnDefObject(callNode) {
+    const args = callNode.childForFieldName('arguments');
+    if (!args)
+        return null;
+    // Sequelize patterns: createTable('users', { columnDef }), addColumn('users', 'colName', {def}), etc.
+    for (let i = 0; i < args.namedChildCount; i++) {
+        const arg = args.namedChild(i);
+        if (arg && arg.type === 'object')
+            return arg;
+    }
+    return null;
+}
+export default defineRule({
+    id: 'camelcase-migration-column',
+    language: ['typescript', 'javascript'],
+    severity: 'warning',
+    message: 'Sequelize migration column should use camelCase to match model attribute (avoid `underscored: true` divergence).',
+    messageKo: 'Sequelize 마이그레이션 컬럼명은 모델과 일치하도록 camelCase 사용 (snake_case는 underscored 옵션 충돌 위험).',
+    docs: 'https://github.com/aicqtools/aicqtools/blob/main/docs/rules/camelcase-migration-column.md',
+    visitors: {
+        call_expression(node, ctx) {
+            const fn = node.childForFieldName('function');
+            if (!fn || fn.type !== 'member_expression')
+                return;
+            const prop = fn.childForFieldName('property');
+            const obj = fn.childForFieldName('object');
+            if (!prop || !obj)
+                return;
+            // Only inside `queryInterface.createTable(...)` etc.
+            if (ctx.textOf(obj) !== 'queryInterface')
+                return;
+            if (!SEQUELIZE_MIGRATION_FNS.has(ctx.textOf(prop)))
+                return;
+            const colObj = findColumnDefObject(node);
+            if (!colObj)
+                return;
+            // Check each top-level key for snake_case
+            for (let i = 0; i < colObj.namedChildCount; i++) {
+                const pair = colObj.namedChild(i);
+                if (!pair || pair.type !== 'pair')
+                    continue;
+                const key = pair.childForFieldName('key');
+                if (!key)
+                    continue;
+                const keyText = ctx.textOf(key).replace(/['"]/g, '');
+                if (SNAKE_CASE_PATTERN.test(keyText)) {
+                    ctx.report({ node: key });
+                }
+            }
+        },
+    },
+});
+//# sourceMappingURL=camelcase-migration-column.js.map

package/dist/rules-default/camelcase-migration-column.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"camelcase-migration-column.js","sourceRoot":"","sources":["../../src/rules-default/camelcase-migration-column.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,MAAM,uBAAuB,GAAG,IAAI,GAAG,CAAC,CAAC,aAAa,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;AACtF,MAAM,kBAAkB,GAAG,+BAA+B,CAAC;AAE3D,SAAS,mBAAmB,CAAC,QAA2B;IACtD,MAAM,IAAI,GAAG,QAAQ,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;IACrD,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IACvB,sGAAsG;IACtG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,GAAG,CAAC;IAC/C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,4BAA4B;IAChC,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC;IACtC,QAAQ,EAAE,SAAS;IACnB,OAAO,EAAE,kHAAkH;IAC3H,SAAS,EAAE,kFAAkF;IAC7F,IAAI,EAAE,2FAA2F;IACjG,QAAQ,EAAE;QACR,eAAe,CAAC,IAAI,EAAE,GAAG;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAC9C,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,IAAI,KAAK,mBAAmB;gBAAE,OAAO;YACnD,MAAM,IAAI,GAAG,EAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAC9C,MAAM,GAAG,GAAG,EAAE,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YAC3C,IAAI,CAAC,IAAI,IAAI,CAAC,GAAG;gBAAE,OAAO;YAC1B,qDAAqD;YACrD,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,gBAAgB;gBAAE,OAAO;YACjD,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBAAE,OAAO;YAC3D,MAAM,MAAM,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YACzC,IAAI,CAAC,MAAM;gBAAE,OAAO;YACpB,0CAA0C;YAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,CAAC;gBAChD,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;gBAClC,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM;oBAAE,SAAS;gBAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;gBAC1C,IAAI,CAAC,GAAG;oBAAE,SAAS;gBACnB,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;gBACrD,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACrC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;gBAC5B,CAAC;YACH,CAAC;QACH,CAAC;KACF;CACF,CAAC,CAAC"}

package/dist/rules-default/controller-needs-async-wrapper.d.ts

@@ -0,0 +1,3 @@
+declare const _default: import("@aicqtools/rule-sdk").FunctionRule;
+export default _default;
+//# sourceMappingURL=controller-needs-async-wrapper.d.ts.map

package/dist/rules-default/controller-needs-async-wrapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"controller-needs-async-wrapper.d.ts","sourceRoot":"","sources":["../../src/rules-default/controller-needs-async-wrapper.ts"],"names":[],"mappings":";AA+BA,wBAmBG"}

package/dist/rules-default/controller-needs-async-wrapper.js

@@ -0,0 +1,56 @@
+import { defineRule } from '@aicqtools/rule-sdk';
+const ROUTER_METHODS = new Set(['get', 'post', 'put', 'patch', 'delete']);
+function isRouterCall(callee, textOf) {
+    if (callee.type !== 'member_expression')
+        return false;
+    const obj = callee.childForFieldName('object');
+    const prop = callee.childForFieldName('property');
+    if (!obj || !prop)
+        return false;
+    const objText = textOf(obj);
+    if (objText !== 'router' && objText !== 'app')
+        return false;
+    return ROUTER_METHODS.has(textOf(prop));
+}
+function isWrappedHandler(arg, textOf) {
+    if (arg.type !== 'call_expression')
+        return false;
+    const fn = arg.childForFieldName('function');
+    if (!fn)
+        return false;
+    return /asyncWrapper|asyncHandler|catchAsync/i.test(textOf(fn));
+}
+function isAsyncFunction(arg) {
+    if (arg.type !== 'arrow_function' && arg.type !== 'function_expression')
+        return false;
+    for (let i = 0; i < arg.childCount; i++) {
+        const child = arg.child(i);
+        if (child && child.type === 'async')
+            return true;
+    }
+    return arg.text.startsWith('async ');
+}
+export default defineRule({
+    id: 'controller-needs-async-wrapper',
+    language: ['typescript', 'javascript', 'tsx'],
+    severity: 'error',
+    message: 'Async route handlers must be wrapped with asyncWrapper / asyncHandler.',
+    messageKo: '비동기 라우트 핸들러는 asyncWrapper / asyncHandler로 감싸야 합니다.',
+    visitors: {
+        call_expression(node, ctx) {
+            const callee = node.childForFieldName('function');
+            if (!callee || !isRouterCall(callee, ctx.textOf))
+                return;
+            const args = node.childForFieldName('arguments');
+            if (!args || args.namedChildCount < 2)
+                return;
+            const last = args.namedChild(args.namedChildCount - 1);
+            if (!last)
+                return;
+            if (isAsyncFunction(last) && !isWrappedHandler(last, ctx.textOf)) {
+                ctx.report({ node: last });
+            }
+        },
+    },
+});
+//# sourceMappingURL=controller-needs-async-wrapper.js.map

package/dist/rules-default/controller-needs-async-wrapper.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"controller-needs-async-wrapper.js","sourceRoot":"","sources":["../../src/rules-default/controller-needs-async-wrapper.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;AAE1E,SAAS,YAAY,CAAC,MAAyB,EAAE,MAAwC;IACvF,IAAI,MAAM,CAAC,IAAI,KAAK,mBAAmB;QAAE,OAAO,KAAK,CAAC;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAG,MAAM,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IAChC,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC5B,IAAI,OAAO,KAAK,QAAQ,IAAI,OAAO,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IAC5D,OAAO,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAsB,EAAE,MAAwC;IACxF,IAAI,GAAG,CAAC,IAAI,KAAK,iBAAiB;QAAE,OAAO,KAAK,CAAC;IACjD,MAAM,EAAE,GAAG,GAAG,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAC7C,IAAI,CAAC,EAAE;QAAE,OAAO,KAAK,CAAC;IACtB,OAAO,uCAAuC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAClE,CAAC;AAED,SAAS,eAAe,CAAC,GAAsB;IAC7C,IAAI,GAAG,CAAC,IAAI,KAAK,gBAAgB,IAAI,GAAG,CAAC,IAAI,KAAK,qBAAqB;QAAE,OAAO,KAAK,CAAC;IACtF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC3B,IAAI,KAAK,IAAI,KAAK,CAAC,IAAI,KAAK,OAAO;YAAE,OAAO,IAAI,CAAC;IACnD,CAAC;IACD,OAAO,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;AACvC,CAAC;AAED,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,gCAAgC;IACpC,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,KAAK,CAAC;IAC7C,QAAQ,EAAE,OAAO;IACjB,OAAO,EAAE,wEAAwE;IACjF,SAAS,EAAE,oDAAoD;IAC/D,QAAQ,EAAE;QACR,eAAe,CAAC,IAAI,EAAE,GAAG;YACvB,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAClD,IAAI,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC;gBAAE,OAAO;YACzD,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;YACjD,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,eAAe,GAAG,CAAC;gBAAE,OAAO;YAC9C,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe,GAAG,CAAC,CAAC,CAAC;YACvD,IAAI,CAAC,IAAI;gBAAE,OAAO;YAClB,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjE,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;KACF;CACF,CAAC,CAAC"}

package/dist/rules-default/enforce-utf8-encoding.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Detect EUC-KR / CP949 / non-UTF-8 file encoding by checking the first few bytes of the source.
+ * UTF-8 BOM is acceptable (some Windows tools add it).
+ *
+ * Heuristic limitation: tree-sitter has already decoded the source as UTF-8, so we look for
+ * `replacement character (U+FFFD)` patterns which appear when invalid UTF-8 was decoded loosely.
+ */
+declare const _default: import("@aicqtools/rule-sdk").FunctionRule;
+export default _default;
+//# sourceMappingURL=enforce-utf8-encoding.d.ts.map

package/dist/rules-default/enforce-utf8-encoding.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"enforce-utf8-encoding.d.ts","sourceRoot":"","sources":["../../src/rules-default/enforce-utf8-encoding.ts"],"names":[],"mappings":"AAEA;;;;;;GAMG;;AACH,wBAgBG"}

package/dist/rules-default/enforce-utf8-encoding.js

@@ -0,0 +1,28 @@
+import { defineRule } from '@aicqtools/rule-sdk';
+/**
+ * Detect EUC-KR / CP949 / non-UTF-8 file encoding by checking the first few bytes of the source.
+ * UTF-8 BOM is acceptable (some Windows tools add it).
+ *
+ * Heuristic limitation: tree-sitter has already decoded the source as UTF-8, so we look for
+ * `replacement character (U+FFFD)` patterns which appear when invalid UTF-8 was decoded loosely.
+ */
+export default defineRule({
+    id: 'enforce-utf8-encoding',
+    language: ['typescript', 'javascript', 'tsx', 'python'],
+    severity: 'error',
+    message: 'File appears to use non-UTF-8 encoding (replacement chars detected) — re-save as UTF-8.',
+    messageKo: '파일이 UTF-8 외 인코딩으로 보입니다 (U+FFFD 검출) — UTF-8로 재저장하세요.',
+    visitors: {
+        program(node, ctx) {
+            // Heuristic: if source contains the Unicode replacement char, decoding likely failed.
+            if (ctx.source.includes('�'))
+                ctx.report({ node });
+        },
+        module(node, ctx) {
+            // Python's root node is "module", TS's is "program"
+            if (ctx.source.includes('�'))
+                ctx.report({ node });
+        },
+    },
+});
+//# sourceMappingURL=enforce-utf8-encoding.js.map

package/dist/rules-default/enforce-utf8-encoding.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enforce-utf8-encoding.js","sourceRoot":"","sources":["../../src/rules-default/enforce-utf8-encoding.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD;;;;;;GAMG;AACH,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,uBAAuB;IAC3B,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,KAAK,EAAE,QAAQ,CAAC;IACvD,QAAQ,EAAE,OAAO;IACjB,OAAO,EAAE,yFAAyF;IAClG,SAAS,EAAE,qDAAqD;IAChE,QAAQ,EAAE;QACR,OAAO,CAAC,IAAI,EAAE,GAAG;YACf,sFAAsF;YACtF,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QACrD,CAAC;QACD,MAAM,CAAC,IAAI,EAAE,GAAG;YACd,oDAAoD;YACpD,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QACrD,CAAC;KACF;CACF,CAAC,CAAC"}

package/dist/rules-default/explicit-kst-timezone.d.ts

@@ -0,0 +1,3 @@
+declare const _default: import("@aicqtools/rule-sdk").FunctionRule;
+export default _default;
+//# sourceMappingURL=explicit-kst-timezone.d.ts.map

package/dist/rules-default/explicit-kst-timezone.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"explicit-kst-timezone.d.ts","sourceRoot":"","sources":["../../src/rules-default/explicit-kst-timezone.ts"],"names":[],"mappings":";AA0BA,wBAkBG"}

package/dist/rules-default/explicit-kst-timezone.js

@@ -0,0 +1,49 @@
+import { defineRule } from '@aicqtools/rule-sdk';
+/**
+ * `toLocaleString()` / `toLocaleDateString()` without explicit timezone option
+ * defaults to the runtime's local zone — non-deterministic in CI / serverless.
+ * Korean projects should pass `{ timeZone: 'Asia/Seoul' }`.
+ *
+ * Known limitation: doesn't catch indirect calls (e.g., via a wrapper function).
+ */
+const LOCALE_METHODS = new Set([
+    'toLocaleString',
+    'toLocaleDateString',
+    'toLocaleTimeString',
+]);
+function hasTimezoneOption(args, textOf) {
+    if (!args)
+        return false;
+    for (let i = 0; i < args.namedChildCount; i++) {
+        const arg = args.namedChild(i);
+        if (!arg || arg.type !== 'object')
+            continue;
+        if (/timeZone|timezone/i.test(textOf(arg)))
+            return true;
+    }
+    return false;
+}
+export default defineRule({
+    id: 'explicit-kst-timezone',
+    language: ['typescript', 'javascript', 'tsx'],
+    severity: 'warning',
+    message: 'Locale-aware date method without `timeZone` option is non-deterministic — pass `Asia/Seoul` explicitly.',
+    messageKo: '`timeZone` 옵션 없는 locale 날짜 메서드는 환경별 결과 차이 — `Asia/Seoul` 명시 권장.',
+    docs: 'https://github.com/aicqtools/aicqtools/blob/main/docs/rules/explicit-kst-timezone.md',
+    visitors: {
+        call_expression(node, ctx) {
+            const fn = node.childForFieldName('function');
+            if (!fn || fn.type !== 'member_expression')
+                return;
+            const prop = fn.childForFieldName('property');
+            if (!prop)
+                return;
+            if (!LOCALE_METHODS.has(ctx.textOf(prop)))
+                return;
+            const args = node.childForFieldName('arguments');
+            if (!hasTimezoneOption(args, ctx.textOf))
+                ctx.report({ node });
+        },
+    },
+});
+//# sourceMappingURL=explicit-kst-timezone.js.map

package/dist/rules-default/explicit-kst-timezone.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"explicit-kst-timezone.js","sourceRoot":"","sources":["../../src/rules-default/explicit-kst-timezone.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD;;;;;;GAMG;AACH,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC;IAC7B,gBAAgB;IAChB,oBAAoB;IACpB,oBAAoB;CACrB,CAAC,CAAC;AAEH,SAAS,iBAAiB,CAAC,IAA8B,EAAE,MAAwC;IACjG,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ;YAAE,SAAS;QAC5C,IAAI,oBAAoB,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;IAC1D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,uBAAuB;IAC3B,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,KAAK,CAAC;IAC7C,QAAQ,EAAE,SAAS;IACnB,OAAO,EAAE,yGAAyG;IAClH,SAAS,EAAE,iEAAiE;IAC5E,IAAI,EAAE,sFAAsF;IAC5F,QAAQ,EAAE;QACR,eAAe,CAAC,IAAI,EAAE,GAAG;YACvB,MAAM,EAAE,GAAG,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAC9C,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,IAAI,KAAK,mBAAmB;gBAAE,OAAO;YACnD,MAAM,IAAI,GAAG,EAAE,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAC9C,IAAI,CAAC,IAAI;gBAAE,OAAO;YAClB,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBAAE,OAAO;YAClD,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;YACjD,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC;gBAAE,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QACjE,CAAC;KACF;CACF,CAAC,CAAC"}

package/dist/rules-default/fk-needs-on-delete.d.ts

@@ -0,0 +1,3 @@
+declare const _default: import("@aicqtools/rule-sdk").FunctionRule;
+export default _default;
+//# sourceMappingURL=fk-needs-on-delete.d.ts.map

package/dist/rules-default/fk-needs-on-delete.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fk-needs-on-delete.d.ts","sourceRoot":"","sources":["../../src/rules-default/fk-needs-on-delete.ts"],"names":[],"mappings":";AA2BA,wBAsBG"}

package/dist/rules-default/fk-needs-on-delete.js

@@ -0,0 +1,54 @@
+import { defineRule } from '@aicqtools/rule-sdk';
+const FK_METHODS = new Set(['belongsTo', 'hasMany', 'hasOne', 'belongsToMany']);
+function findObjectArg(args) {
+    for (let i = 0; i < args.namedChildCount; i++) {
+        const arg = args.namedChild(i);
+        if (arg && arg.type === 'object')
+            return arg;
+    }
+    return null;
+}
+function objectHasKey(obj, key, textOf) {
+    for (let i = 0; i < obj.namedChildCount; i++) {
+        const pair = obj.namedChild(i);
+        if (!pair || (pair.type !== 'pair' && pair.type !== 'shorthand_property_identifier'))
+            continue;
+        if (pair.type === 'shorthand_property_identifier') {
+            if (textOf(pair) === key)
+                return true;
+            continue;
+        }
+        const k = pair.childForFieldName('key');
+        if (k && textOf(k).replace(/['"]/g, '') === key)
+            return true;
+    }
+    return false;
+}
+export default defineRule({
+    id: 'fk-needs-on-delete',
+    language: ['typescript', 'javascript'],
+    severity: 'error',
+    message: 'Foreign-key association is missing an explicit `onDelete` policy.',
+    messageKo: 'FK 관계에 명시적 `onDelete` 정책이 빠졌습니다.',
+    visitors: {
+        call_expression(node, ctx) {
+            const callee = node.childForFieldName('function');
+            if (!callee || callee.type !== 'member_expression')
+                return;
+            const prop = callee.childForFieldName('property');
+            if (!prop || !FK_METHODS.has(ctx.textOf(prop)))
+                return;
+            const args = node.childForFieldName('arguments');
+            if (!args)
+                return;
+            const opts = findObjectArg(args);
+            if (!opts) {
+                ctx.report({ node });
+                return;
+            }
+            if (!objectHasKey(opts, 'onDelete', ctx.textOf))
+                ctx.report({ node });
+        },
+    },
+});
+//# sourceMappingURL=fk-needs-on-delete.js.map

package/dist/rules-default/fk-needs-on-delete.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fk-needs-on-delete.js","sourceRoot":"","sources":["../../src/rules-default/fk-needs-on-delete.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC;AAEhF,SAAS,aAAa,CAAC,IAAuB;IAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9C,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,GAAG,CAAC;IAC/C,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,YAAY,CAAC,GAAsB,EAAE,GAAW,EAAE,MAAwC;IACjG,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,eAAe,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7C,MAAM,IAAI,GAAG,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAC/B,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,IAAI,IAAI,CAAC,IAAI,KAAK,+BAA+B,CAAC;YAAE,SAAS;QAC/F,IAAI,IAAI,CAAC,IAAI,KAAK,+BAA+B,EAAE,CAAC;YAClD,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACtC,SAAS;QACX,CAAC;QACD,MAAM,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACxC,IAAI,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;IAC/D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,oBAAoB;IACxB,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC;IACtC,QAAQ,EAAE,OAAO;IACjB,OAAO,EAAE,mEAAmE;IAC5E,SAAS,EAAE,kCAAkC;IAC7C,QAAQ,EAAE;QACR,eAAe,CAAC,IAAI,EAAE,GAAG;YACvB,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAClD,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,mBAAmB;gBAAE,OAAO;YAC3D,MAAM,IAAI,GAAG,MAAM,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;YAClD,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBAAE,OAAO;YACvD,MAAM,IAAI,GAAG,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;YACjD,IAAI,CAAC,IAAI;gBAAE,OAAO;YAClB,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;YACjC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;gBACrB,OAAO;YACT,CAAC;YACD,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC;gBAAE,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;QACxE,CAAC;KACF;CACF,CAAC,CAAC"}

package/dist/rules-default/human-oversight-checkpoint.d.ts

@@ -0,0 +1,3 @@
+declare const _default: import("@aicqtools/rule-sdk").FunctionRule;
+export default _default;
+//# sourceMappingURL=human-oversight-checkpoint.d.ts.map

package/dist/rules-default/human-oversight-checkpoint.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"human-oversight-checkpoint.d.ts","sourceRoot":"","sources":["../../src/rules-default/human-oversight-checkpoint.ts"],"names":[],"mappings":";AAyBA,wBAYG"}

package/dist/rules-default/human-oversight-checkpoint.js

@@ -0,0 +1,37 @@
+import { defineRule } from '@aicqtools/rule-sdk';
+/**
+ * FSC AI guideline: AI-driven decisions writing to authoritative storage must
+ * pass through a human oversight checkpoint. Detect functions that invoke an
+ * AI SDK and immediately persist the result via DB writes (insert/update/
+ * create) without an explicit review marker (review/approve/oversight).
+ *
+ * Limitation: heuristic — best-effort detection. False positives in pipelines
+ * that intentionally store the raw model output for downstream review.
+ */
+const AI_CALL = /\b(openai|anthropic|aiClient)\.\w+/;
+const DB_WRITE = /\b(prisma|knex|db|sequelize|mongoose)\.\w+\.(insert|update|create|save|upsert|insertMany)|\.\$create\(|\.\$update\(/;
+const REVIEW_MARKER = /\b(review|approve|oversight|humanCheck|approveByUser|requiresApproval)\b/i;
+function check(node, ctx) {
+    const text = ctx.textOf(node);
+    if (!AI_CALL.test(text))
+        return;
+    if (!DB_WRITE.test(text))
+        return;
+    if (REVIEW_MARKER.test(text))
+        return;
+    ctx.report({ node });
+}
+export default defineRule({
+    id: 'human-oversight-checkpoint',
+    language: ['typescript', 'tsx'],
+    severity: 'warning',
+    message: 'AI inference result is persisted without a human oversight marker (FSC AI guideline — human-in-the-loop checkpoint).',
+    messageKo: 'AI 추론 결과가 인간 검토 표시 없이 저장됩니다 (금감원 AI 가이드라인 — 인간 개입 포인트).',
+    docs: 'https://github.com/aicqtools/aicqtools/blob/main/docs/rules/human-oversight-checkpoint.md',
+    visitors: {
+        function_declaration: check,
+        arrow_function: check,
+        method_definition: check,
+    },
+});
+//# sourceMappingURL=human-oversight-checkpoint.js.map

package/dist/rules-default/human-oversight-checkpoint.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"human-oversight-checkpoint.js","sourceRoot":"","sources":["../../src/rules-default/human-oversight-checkpoint.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAGjD;;;;;;;;GAQG;AACH,MAAM,OAAO,GAAG,oCAAoC,CAAC;AACrD,MAAM,QAAQ,GAAG,qHAAqH,CAAC;AACvI,MAAM,aAAa,GAAG,2EAA2E,CAAC;AAElG,SAAS,KAAK,CAAC,IAAuB,EAAE,GAAgB;IACtD,MAAM,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC9B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO;IAChC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO;IACjC,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO;IACrC,GAAG,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;AACvB,CAAC;AAED,eAAe,UAAU,CAAC;IACxB,EAAE,EAAE,4BAA4B;IAChC,QAAQ,EAAE,CAAC,YAAY,EAAE,KAAK,CAAC;IAC/B,QAAQ,EAAE,SAAS;IACnB,OAAO,EAAE,sHAAsH;IAC/H,SAAS,EAAE,yDAAyD;IACpE,IAAI,EAAE,2FAA2F;IACjG,QAAQ,EAAE;QACR,oBAAoB,EAAE,KAAK;QAC3B,cAAc,EAAE,KAAK;QACrB,iBAAiB,EAAE,KAAK;KACzB;CACF,CAAC,CAAC"}

package/dist/rules-default/index.d.ts

@@ -0,0 +1,6 @@
+import type { Rule } from '@aicqtools/rule-sdk';
+export declare const builtinFunctionRules: readonly Rule[];
+export declare function loadBuiltinYamlRules(): Promise<Rule[]>;
+export declare function loadAllBuiltinRules(): Promise<Rule[]>;
+export declare function loadFunctionRulesFromDir(dir: string): Promise<Rule[]>;
+//# sourceMappingURL=index.d.ts.map

package/dist/rules-default/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/rules-default/index.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AA0DhD,eAAO,MAAM,oBAAoB,EAAE,SAAS,IAAI,EAmD/C,CAAC;AAEF,wBAAsB,oBAAoB,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,CAW5D;AAED,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,CAG3D;AAED,wBAAsB,wBAAwB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,CAY3E"}