@anh3d0nic/qwen-code-termux-ice 4.0.0 → 7.0.0

package/README.md

@@ -1,253 +1,169 @@
-# ❄️ @anh3d0nic/qwen-code-termux-ice v4.0
+# @anh3d0nic/qwen-code-termux-ice v7.0.0
 
-**Advanced Features. Research-Backed. Production-Ready.**
+Mobile-first AI coding validation assistant for Termux.
 
-[![npm version](https://img.shields.io/npm/v/@anh3d0nic/qwen-code-termux-ice.svg)](https://www.npmjs.com/package/@anh3d0nic/qwen-code-termux-ice)
-[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
-
----
-
-## 🚀 Quick Start
+## Installation
 
 ```bash
 npm install -g @anh3d0nic/qwen-code-termux-ice@latest
-qwen-code-ice
 ```
 
----
-
-## ✨ v4.0 NEW FEATURES
-
-### 📏 50 High-Signal Pattern Rules
-
-**Research-backed from SonarQube, ESLint, industry best practices**
-
-**Security (15 rules):**
-- SEC-001: SQL Injection (CWE-89, OWASP A03:2021)
-- SEC-002: XSS via innerHTML (CWE-79)
-- SEC-003: Hardcoded Secrets (CWE-798)
-- SEC-004: Weak Cryptography (CWE-327)
-- SEC-005: Path Traversal (CWE-22)
-- SEC-006: Command Injection (CWE-78)
-- ... and 9 more
-
-**Performance (15 rules):**
-- PERF-001: N+1 Query Pattern
-- PERF-002: Nested Loops O(n²)
-- PERF-003: Memory Leak Risk
-- PERF-004: Blocking I/O
-- ... and 11 more
-
-**Technical Debt (10 rules):**
-- DEBT-001: God Class
-- DEBT-002: Long Method
-- DEBT-003: TODO/FIXME Comments
-- ... and 7 more
-
-**Architecture (10 rules):**
-- ARCH-001: Missing Error Boundaries
-- ARCH-002: Global State Overuse
-- ARCH-003: Direct Database Access
-- ... and 7 more
+## Commands
 
+### Core CLI
 ```bash
-ice-v4 validate "src/code.py"
+qwen-code-ice          # Main interactive CLI
+qwen-ice               # Alias
 ```
 
----
-
-### 👍 User Feedback Loop
-
-**Learn from 60M+ GitHub Copilot reviews**
-
-- Thumbs up/down on suggestions
-- Tracks false positives
-- Improves over time
-- Optional anonymized data collection
-
+### v7.0 Validation Tools
 ```bash
-# Rate suggestions
-ice-v4 feedback --thumbs-up
-ice-v4 feedback --thumbs-down --reason "false positive"
-
-# View stats
-ice-v4 feedback --stats
-
-# Export data (anonymized)
-ice-v4 feedback --export
+ice-v7 mobile              # Mobile-optimized UI layout
+ice-v7 theme [amoled|termux] # Apply dark theme
+ice-v7 session save        # Save current session
+ice-v7 session restore     # Restore previous session
+ice-v7 session clear       # Clear saved session
+ice-v7 validate "code"     # Context-aware validation (skips ORM)
+ice-v7 pushback "code"     # Pushback on dangerous code
+ice-v7 honest              # Honest limitations demo
+ice-v7 layers "code"       # Four-layer validation
+ice-v7 debt "code"         # Technical debt detection
+ice-v7 response "text"     # Format response (auto-detects mobile)
 ```
 
----
-
-### 🗳️ Multi-Model Voting
+## Features
 
-**Research: 40% reduction in false positives**
+### Mobile Detection
+- Detects Termux via `process.env.TERMUX_VERSION`
+- Detects small screens (<80 columns)
+- Formats responses differently for mobile vs desktop
 
-Based on 2026 study where Claude, Gemini, and GPT-5 debated code reviews:
-
-- Send code to Qwen + Gemini + Groq
-- Aggregate votes with confidence scores
-- Report only on high-consensus issues
-- Reduces false positives by 40%
+### Mobile Response Format
+- Truncates to 500 characters on mobile
+- Shows tip to use desktop for full output
 
+### AMOLED Theme
 ```bash
-ice-v4 vote "src/auth.py"
+ice-v7 theme amoled
 ```
+Pure black (#000000) background with high contrast colors.
 
-**Example Output:**
-```
-🗳️  Multi-Model Voting
-
-   ✅ QWEN: VIOLATION (confidence: 95%)
-   ✅ GEMINI: VIOLATION (confidence: 90%)
-   ❌ GROQ: OK (confidence: 85%)
-   
-   Consensus: VIOLATION (67% agreement)
-   Confidence: MEDIUM
+### Session Management
+```bash
+ice-v7 session save    # Saves to ~/.qwen/ice_session.json
+ice-v7 session restore # Restores from ~/.qwen/ice_session.json
 ```
 
----
-
-### 🔧 Auto-Fix Mode (Experimental)
-
-**Based on GitHub Copilot Autofix, Xygeni AutoFix**
-
-⚠️ **VERY CAREFUL** with multiple safety layers:
-
-- ✅ Requires user confirmation
-- ✅ Creates backup before changes
-- ✅ Shows diff first (dry run)
-- ✅ Only LOW/MEDIUM severity
-- ✅ Runs tests after (if available)
-- ✅ Logs all changes
-
+### Context-Aware Validation
 ```bash
-# Dry run first (default)
-ice-v4 autofix --dry-run src/auth.py
-
-# Apply with confirmation
-ice-v4 autofix --apply src/auth.py
-# ⚠️ Shows big warnings, requires 'y' to confirm
+ice-v7 validate "prisma.user.findUnique()"
+# Skips SQL injection warning when ORM detected
 ```
 
----
-
-## 🎯 Why v4.0 is Different
+Skip contexts configured:
+- `prisma.`, `sequelize.`, `typeorm.`, `knex.` - ORM detection
+- `.findOne()`, `.findAll()` - ORM methods
+- `.query(?)` - Parameterized queries
+- `.test.`, `.spec.` - Test files
+- `process.env` - Already using env vars
 
-| Feature | ICE v4.0 | Others |
-|---------|----------|--------|
-| **Pattern Rules** | ✅ 50 specific | ❌ 6 generic |
-| **CWE/OWASPRefs** | ✅ Yes | ❌ No |
-| **Feedback Loop** | ✅ Built-in | ❌ Rare |
-| **Multi-Model** | ✅ 3 models | ❌ Single |
-| **False Positive Reduction** | ✅ 40% less | ❌ 25% avg |
-| **Auto-Fix** | ✅ Safe, careful | ⚠️ Risky |
-| **Research-Backed** | ✅ Yes | ❌ Marketing |
-
----
-
-## 📦 Installation
-
-### From npm
+### Pushback Mode
+```bash
+ice-v7 pushback "SELECT * FROM users WHERE id = '' + userId"
+```
+Blocks and explains why for:
+- SQL injection patterns
+- Hardcoded passwords
+- eval() usage
+- Infinite loops
 
+### Honest Limitations
 ```bash
-npm install -g @anh3d0nic/qwen-code-termux-ice@latest
+ice-v7 honest
 ```
+Shows uncertainty when confidence <60%
 
-### From Source
+### Four-Layer Validation
+```bash
+ice-v7 layers "code"
+```
+Checks: Security, Architecture, Performance, Maintainability
 
+### Technical Debt Detection
 ```bash
-git clone https://github.com/anh3d0nic/qwen-code-termux-ice.git
-cd qwen-code-termux-ice
-npm install --legacy-peer-deps
-npm run build
+ice-v7 debt "code"
 ```
+Detects: God classes, missing abstractions, TODO/FIXME comments
 
----
+## Configuration Files
 
-## 🎮 Usage
+| File | Location | Purpose |
+|------|----------|---------|
+| Session | `~/.qwen/ice_session.json` | Auto-saved conversations |
+| Config | `~/.qwen/ice_config.json` | User preferences |
 
-### v4.0 Commands
+## Package Info
 
-```bash
-# Enhanced validation (50 rules)
-ice-v4 validate "src/code.py"
+- **Version:** 7.0.0
+- **License:** MIT
+- **Dependencies:** None
+- **Size:** 13.1 MB (compressed)
+- **Binaries:** qwen-code-ice, qwen-ice, ice-v7
 
-# Feedback
-ice-v4 feedback --thumbs-up
-ice-v4 feedback --stats
+## Changelog
 
-# Multi-model voting
-ice-v4 vote "src/auth.py"
+### v7.0.0 (2026-03-21)
 
-# Auto-fix (experimental)
-ice-v4 autofix --dry-run src/auth.py
-ice-v4 autofix --apply src/auth.py
-```
+**Consolidated from previous versions:**
 
----
+**From v6.0:**
+- Mobile screen detection (`detectMobile()` function)
+- Mobile response formatting (500 char limit)
+- Desktop response formatting
+- AMOLED theme with ANSI codes
+- Session save/restore (`SessionManager` class)
 
-## 📊 Research Backing
+**From v5.0:**
+- Context-aware validation rules (4 rules with skip contexts)
+- Pushback mode (4 triggers with blocking)
+- Honest limitations mode (confidence threshold 60%)
 
-### Pattern Libraries
-- SonarQube Server 2026.1 LTA
-- ESLint best practices 2026
-- CWE/OWASP top 10 references
+**From v3.0:**
+- Four-layer validation (Security, Architecture, Performance, Maintainability)
+- Technical debt detection (God class, missing abstractions)
 
-### Feedback Loop
-- GitHub Copilot: 60M+ code reviews
-- Microsoft Agent Academy guidelines
-- Quick sentiment signals (thumbs up/down)
+**Removed:**
+- Vim keyboard shortcuts (not aligned with mobile focus)
+- Multi-model voting (was simulation only)
+- Local-first mode (was print only)
+- Feedback loop (no analysis implemented)
+- Auto-fix mode (too basic for production)
 
-### Multi-Model Voting
-- Zhihu study (March 2026): Claude vs Gemini vs GPT-5
-- 40% reduction in false positives
-- Consensus-based reporting
+### v6.0.0 (2026-03-21)
 
-### Auto-Fix
-- GitHub Advanced Security Autofix
-- Xygeni AutoRemediation
-- International AI Safety Report 2025 recommendations
+Added mobile UX features, AMOLED theme, session management.
 
----
+### v5.0.0 (2026-03-21)
 
-## 🧪 Testing
+Added context-aware validation, pushback mode, honest limitations.
 
-```bash
-# Run v4.0 tests
-npm run test-v4
+### v4.0.0 (2026-03-21)
 
-# Test validation
-ice-v4 validate "def login(user): query = 'SELECT * FROM users WHERE id = ' + user"
+Added pattern rules with CWE/OWASP references.
 
-# Test feedback
-ice-v4 feedback --thumbs-up
+### v3.0.0 (2026-03-21)
 
-# Test voting
-ice-v4 vote "test code"
-```
+Added four-layer validation, technical debt detection.
 
----
+### v1.1.0 (2026-03-21)
 
-## 📈 Real Metrics
+Removed deprecated `@anh3d0nic/ice` dependency.
 
-| Metric | v3.0 | v4.0 Target |
-|--------|------|-------------|
-| Pattern Rules | 6 generic | **50 specific** |
-| False Positives | 25% | **<10%** (with voting) |
-| User Satisfaction | N/A | **>85%** (with feedback) |
-| Auto-Fix Success | N/A | **75%** (tests pass) |
+### v1.0.1 (2026-03-21)
 
----
+Initial release.
 
-## 🔗 Links
+## Repository
 
+- **Source:** https://github.com/anh3d0nic/qwen-code-termux-ice
 - **npm:** https://www.npmjs.com/package/@anh3d0nic/qwen-code-termux-ice
-- **GitHub:** https://github.com/anh3d0nic/qwen-code-termux-ice
-- **Documentation:** ./docs/
-
----
-
-**v4.0 - Research-Backed, Production-Ready** ❄️
-
-*Based on 2026 industry research + best practices*

package/package.json

@@ -1,14 +1,10 @@
 {
   "name": "@anh3d0nic/qwen-code-termux-ice",
-  "version": "4.0.0",
-  "description": "Qwen Code ICE v4.0 - Advanced Features (Patterns + Feedback + Voting + AutoFix)",
-  "engines": {
-    "node": ">=20.0.0"
-  },
+  "version": "7.0.0",
+  "description": "Qwen Code ICE v7.0 - Consolidated Mobile-First Validation",
+  "engines": { "node": ">=20.0.0" },
   "type": "module",
-  "workspaces": [
-    "packages/*"
-  ],
+  "workspaces": [ "packages/*" ],
   "repository": {
     "type": "git",
     "url": "git+https://github.com/anh3d0nic/qwen-code-termux-ice.git"
@@ -18,46 +14,19 @@
   "bin": {
     "qwen-code-ice": "./scripts/start.js",
     "qwen-ice": "./scripts/start.js",
-    "ice-v3": "./scripts/ice-v3.js",
-    "ice-v4": "./scripts/ice-v4.js",
-    "ice-validate": "./scripts/ice-validate.js",
-    "ice-feedback": "./scripts/ice-feedback.js",
-    "ice-vote": "./scripts/ice-vote.js",
-    "ice-autofix": "./scripts/ice-autofix.js"
+    "ice-v7": "./scripts/ice-v7.js"
   },
   "scripts": {
     "start": "node scripts/start.js",
     "dev": "node scripts/dev.js",
     "build": "node scripts/build.js",
-    "ice-v3": "node scripts/ice-v3.js",
-    "test-v3": "node scripts/test-v3.js",
-    "ice-v4": "node scripts/ice-v4.js",
-    "test-v4": "node scripts/test-v4.js"
+    "ice-v7": "node scripts/ice-v7.js",
+    "test-v7": "node scripts/test-v7.js"
   },
   "keywords": [
-    "qwen",
-    "code",
-    "termux",
-    "ice",
-    "ai",
-    "assistant",
-    "android",
-    "groq",
-    "gemini",
-    "thinking-partner",
-    "code-validation",
-    "security-scanner",
-    "technical-debt",
-    "code-quality",
-    "claude-code-alternative",
-    "real-enhancements",
-    "multi-model-voting",
-    "feedback-loop",
-    "autofix",
-    "pattern-library",
-    "sonarqube",
-    "eslint"
+    "qwen", "code", "termux", "ice", "ai", "assistant", "android",
+    "groq", "gemini", "mobile-ux", "amoled", "session-resume",
+    "context-aware", "pushback", "validation"
   ],
-  "dependencies": {},
-  "devDependencies": {}
-}
+  "dependencies": {}
+}

package/scripts/ice-mobile.js

@@ -0,0 +1,5 @@
+#!/usr/bin/env node
+import('./ice-v6.js').then(m => {
+  process.argv = ['node', 'ice-v6.js', 'mobile'];
+  m.default && m.default();
+});

package/scripts/ice-session.js

@@ -0,0 +1,6 @@
+#!/usr/bin/env node
+import('./ice-v6.js').then(m => {
+  const action = process.argv[3] || 'save';
+  process.argv = ['node', 'ice-v6.js', 'session', action];
+  m.default && m.default();
+});