@amityco/social-plus-vise 0.4.0 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/README.md +297 -59
  2. package/dist/outcomes.js +376 -0
  3. package/dist/tools/ast.js +297 -0
  4. package/dist/tools/project.js +1209 -12
  5. package/package.json +10 -4
  6. package/rules/auth.yaml +126 -0
  7. package/rules/chat.yaml +876 -0
  8. package/rules/comments.yaml +906 -0
  9. package/rules/feed.yaml +2285 -30
  10. package/rules/live-data.yaml +60 -0
  11. package/rules/moderation.yaml +1286 -0
  12. package/rules/network.yaml +66 -0
  13. package/rules/push.yaml +467 -16
  14. package/rules/sdk-lifecycle.yaml +60 -0
  15. package/rules/security.yaml +60 -0
  16. package/skills/social-plus-vise/SKILL.md +148 -1
  17. package/dist/tools/patch.js +0 -67
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@amityco/social-plus-vise",
3
- "version": "0.4.0",
3
+ "version": "0.8.0",
4
4
  "description": "Skill-guided deterministic CLI for social.plus SDK integration assistance.",
5
5
  "license": "SEE LICENSE IN LICENSE",
6
6
  "type": "module",
@@ -51,14 +51,20 @@
51
51
  "test:mcp": "npm run build && node test/run-mcp-smoke.mjs",
52
52
  "test:readme-coverage": "node test/run-readme-coverage.mjs",
53
53
  "test:rule-coverage": "npm run build && node test/run-rule-coverage.mjs",
54
+ "test:happy-path-clean": "npm run build && node test/run-happy-path-clean.mjs",
55
+ "test:fixture-symmetry": "npm run build && node test/run-fixture-symmetry.mjs",
54
56
  "typecheck": "tsc -p tsconfig.json --noEmit",
55
- "validate": "npm run typecheck && npm test && npm run test:mcp && npm run test:cli && npm run test:docs && npm run test:compliance && npm run test:rule-coverage && npm run test:readme-coverage && npm run test:improvements && npm run pack:check"
57
+ "validate": "npm run typecheck && npm test && npm run test:mcp && npm run test:cli && npm run test:docs && npm run test:ast && npm run test:compliance && npm run test:rule-coverage && npm run test:readme-coverage && npm run test:happy-path-clean && npm run test:fixture-symmetry && npm run test:improvements && npm run pack:check",
58
+ "test:ast": "node test/run-ast-helpers.mjs"
56
59
  },
57
60
  "dependencies": {
58
- "@modelcontextprotocol/sdk": "^1.12.0"
61
+ "@modelcontextprotocol/sdk": "^1.12.0",
62
+ "tree-sitter": "^0.21.1",
63
+ "tree-sitter-kotlin": "^0.3.8",
64
+ "tree-sitter-typescript": "^0.23.2"
59
65
  },
60
66
  "devDependencies": {
61
67
  "@types/node": "^20.11.30",
62
68
  "typescript": "^5.4.5"
63
69
  }
64
- }
70
+ }
package/rules/auth.yaml ADDED
@@ -0,0 +1,126 @@
1
+ {
2
+ "domain": "auth",
3
+ "schema_version": 1,
4
+ "rules": [
5
+ {
6
+ "id": "android.auth.logout-on-user-switch",
7
+ "version": 1,
8
+ "title": "Android must logout before switching user identity",
9
+ "severity": "warning",
10
+ "rationale": "When a host app changes user identity, the SDK session must be cleared before the next login. Otherwise posts, push tokens, live objects, and cached state can cross users.",
11
+ "applies_when": { "platforms": ["android"], "outcomes": ["validate-setup"] },
12
+ "enforcement": {
13
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "android.auth.logout-on-user-switch" }],
14
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "user_switch_flow", "description": "Code path showing logout/disconnect before login as a different user.", "upload_policy": "upload-with-consent" }] }
15
+ }
16
+ },
17
+ {
18
+ "id": "flutter.auth.logout-on-user-switch",
19
+ "version": 1,
20
+ "title": "Flutter must logout before switching user identity",
21
+ "severity": "warning",
22
+ "rationale": "When a host app changes user identity, the SDK session must be cleared before the next login. Otherwise posts, push tokens, live objects, and cached state can cross users.",
23
+ "applies_when": { "platforms": ["flutter"], "outcomes": ["validate-setup"] },
24
+ "enforcement": {
25
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "flutter.auth.logout-on-user-switch" }],
26
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "user_switch_flow", "description": "Code path showing logout/disconnect before login as a different user.", "upload_policy": "upload-with-consent" }] }
27
+ }
28
+ },
29
+ {
30
+ "id": "typescript.auth.logout-on-user-switch",
31
+ "version": 1,
32
+ "title": "TypeScript must logout before switching user identity",
33
+ "severity": "warning",
34
+ "rationale": "When a host app changes user identity, the SDK session must be cleared before the next login. Otherwise posts, push tokens, live objects, and cached state can cross users.",
35
+ "applies_when": { "platforms": ["typescript"], "outcomes": ["validate-setup"] },
36
+ "enforcement": {
37
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "typescript.auth.logout-on-user-switch" }],
38
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "user_switch_flow", "description": "Code path showing logout/disconnect before login as a different user.", "upload_policy": "upload-with-consent" }] }
39
+ }
40
+ },
41
+ {
42
+ "id": "react-native.auth.logout-on-user-switch",
43
+ "version": 1,
44
+ "title": "React Native must logout before switching user identity",
45
+ "severity": "warning",
46
+ "rationale": "When a host app changes user identity, the SDK session must be cleared before the next login. Otherwise posts, push tokens, live objects, and cached state can cross users.",
47
+ "applies_when": { "platforms": ["react-native"], "outcomes": ["validate-setup"] },
48
+ "enforcement": {
49
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "react-native.auth.logout-on-user-switch" }],
50
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "user_switch_flow", "description": "Code path showing logout/disconnect before login as a different user.", "upload_policy": "upload-with-consent" }] }
51
+ }
52
+ },
53
+ {
54
+ "id": "ios.auth.logout-on-user-switch",
55
+ "version": 1,
56
+ "title": "iOS must logout before switching user identity",
57
+ "severity": "warning",
58
+ "rationale": "When a host app changes user identity, the SDK session must be cleared before the next login. Otherwise posts, push tokens, live objects, and cached state can cross users.",
59
+ "applies_when": { "platforms": ["ios"], "outcomes": ["validate-setup"] },
60
+ "enforcement": {
61
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "ios.auth.logout-on-user-switch" }],
62
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "user_switch_flow", "description": "Code path showing logout/disconnect before login as a different user.", "upload_policy": "upload-with-consent" }] }
63
+ }
64
+ },
65
+ {
66
+ "id": "android.auth.no-anonymous-write",
67
+ "version": 1,
68
+ "title": "Android write operations must be gated by authentication",
69
+ "severity": "warning",
70
+ "rationale": "Post/comment/message creation should only be reachable after the app knows the current authenticated user and social.plus login has completed. Agents often wire a composer directly to createPost and rely on SDK failure at runtime.",
71
+ "applies_when": { "platforms": ["android"], "outcomes": ["validate-setup"] },
72
+ "enforcement": {
73
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "android.auth.no-anonymous-write" }],
74
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "auth_gate", "description": "Code path showing authentication check before write operations.", "upload_policy": "upload-with-consent" }] }
75
+ }
76
+ },
77
+ {
78
+ "id": "flutter.auth.no-anonymous-write",
79
+ "version": 1,
80
+ "title": "Flutter write operations must be gated by authentication",
81
+ "severity": "warning",
82
+ "rationale": "Post/comment/message creation should only be reachable after the app knows the current authenticated user and social.plus login has completed. Agents often wire a composer directly to createPost and rely on SDK failure at runtime.",
83
+ "applies_when": { "platforms": ["flutter"], "outcomes": ["validate-setup"] },
84
+ "enforcement": {
85
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "flutter.auth.no-anonymous-write" }],
86
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "auth_gate", "description": "Code path showing authentication check before write operations.", "upload_policy": "upload-with-consent" }] }
87
+ }
88
+ },
89
+ {
90
+ "id": "typescript.auth.no-anonymous-write",
91
+ "version": 1,
92
+ "title": "TypeScript write operations must be gated by authentication",
93
+ "severity": "warning",
94
+ "rationale": "Post/comment/message creation should only be reachable after the app knows the current authenticated user and social.plus login has completed. Agents often wire a composer directly to createPost and rely on SDK failure at runtime.",
95
+ "applies_when": { "platforms": ["typescript"], "outcomes": ["validate-setup"] },
96
+ "enforcement": {
97
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "typescript.auth.no-anonymous-write" }],
98
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "auth_gate", "description": "Code path showing authentication check before write operations.", "upload_policy": "upload-with-consent" }] }
99
+ }
100
+ },
101
+ {
102
+ "id": "react-native.auth.no-anonymous-write",
103
+ "version": 1,
104
+ "title": "React Native write operations must be gated by authentication",
105
+ "severity": "warning",
106
+ "rationale": "Post/comment/message creation should only be reachable after the app knows the current authenticated user and social.plus login has completed. Agents often wire a composer directly to createPost and rely on SDK failure at runtime.",
107
+ "applies_when": { "platforms": ["react-native"], "outcomes": ["validate-setup"] },
108
+ "enforcement": {
109
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "react-native.auth.no-anonymous-write" }],
110
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "auth_gate", "description": "Code path showing authentication check before write operations.", "upload_policy": "upload-with-consent" }] }
111
+ }
112
+ },
113
+ {
114
+ "id": "ios.auth.no-anonymous-write",
115
+ "version": 1,
116
+ "title": "iOS write operations must be gated by authentication",
117
+ "severity": "warning",
118
+ "rationale": "Post/comment/message creation should only be reachable after the app knows the current authenticated user and social.plus login has completed. Agents often wire a composer directly to createPost and rely on SDK failure at runtime.",
119
+ "applies_when": { "platforms": ["ios"], "outcomes": ["validate-setup"] },
120
+ "enforcement": {
121
+ "deterministic": [{ "check": "validator-finding-absent", "finding_rule_id": "ios.auth.no-anonymous-write" }],
122
+ "attestation": { "allowed": true, "host_agent_min_confidence": "high", "human_allowed": true, "evidence_required": [{ "field": "auth_gate", "description": "Code path showing authentication check before write operations.", "upload_policy": "upload-with-consent" }] }
123
+ }
124
+ }
125
+ ]
126
+ }