@cleartrip/frontguard 0.3.4 → 0.3.6

package/README.md

@@ -71,6 +71,7 @@ The PR comment includes:
 | **cycles** | Detects circular imports via madge | Enabled |
 | **dead-code** | Finds unused exports via ts-prune | Enabled |
 | **bundle** | Measures bundle size, compares to baseline | Enabled |
+| **react-native** | Metro config, optional align-deps / doctor, SwiftLint + native hints (RN deps only) | Enabled |
 | **core-web-vitals** | Static CWV hints in JSX/TSX | Enabled |
 | **ai-assisted-strict** | Static heuristics on AI-marked code / AI PRs | **Off** (under development) |
 | **custom-rules** | Your own pattern checks defined in config | Enabled |
@@ -78,6 +79,22 @@ The PR comment includes:
 
 ---
 
+## React Native check (`react-native`)
+
+Runs when `react-native` is in dependencies (skipped otherwise).
+
+| Sub-feature | Default | Notes |
+|-------------|---------|--------|
+| Metro config | **On** | Expects `metro.config.js` (or `.mjs` / `.cjs` / `.ts`) at project root. |
+| `@rnx-kit/align-deps` | **Off** | Set `checks.reactNative.runAlignDeps: true` (uses `npx`, needs registry). Tune `alignDepsArgs` (e.g. `['--requirements', 'react-native@0.76']`). |
+| `react-native doctor` | **Off** | Set `runDoctor: true` where the local CLI exists (can be slow / macOS-heavy). |
+| SwiftLint | **On** (PR only) | If the PR touches `*.swift` and `swiftlint` is on `PATH`, violations are reported; otherwise an info hint. |
+| Android / ObjC hints | **On** (PR only) | Info reminders when `android/**/*.kt|java` or `.m` / `.mm` change — does not run Gradle or Xcode. |
+
+This is intentionally lightweight; you can extend CI with Detekt, Android Lint, or deeper Metro analysis later.
+
+---
+
 ## Bundle Size Strategies
 
 The bundle check supports multiple strategies for extracting the size metric:

package/dist/cli.js

@@ -2517,6 +2517,19 @@ export default defineConfig({
     //   maxReportLines: 80,
     // },
 
+    // \u2500\u2500\u2500 React Native (when react-native is a dependency) \u2500\u2500\u2500\u2500\u2500\u2500
+    // Metro config, optional @rnx-kit/align-deps / doctor, SwiftLint on PR .swift, native hints.
+    // reactNative: {
+    //   enabled: true,
+    //   gate: 'info',
+    //   requireMetroConfig: true,
+    //   runAlignDeps: false,                   // npx @rnx-kit/align-deps (registry access)
+    //   alignDepsArgs: ['--requirements', 'react-native'],
+    //   runDoctor: false,                      // local react-native doctor (slow / env-specific)
+    //   swiftLintOnChangedSwift: true,
+    //   hintAndroidNativeOnPr: true,
+    // },
+
     // \u2500\u2500\u2500 Bundle size \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500
     // Measures bundle after build and compares to a baseline.
     //
@@ -2971,13 +2984,13 @@ function parseNumstat(output) {
     if (tab2 < 0) continue;
     const aStr = t3.slice(0, tab);
     const dStr = t3.slice(tab + 1, tab2);
-    const path20 = t3.slice(tab2 + 1);
+    const path21 = t3.slice(tab2 + 1);
     const a3 = aStr === "-" ? 0 : Number(aStr);
     const d3 = dStr === "-" ? 0 : Number(dStr);
     if (!Number.isFinite(a3) || !Number.isFinite(d3)) continue;
     additions += a3;
     deletions += d3;
-    if (path20) files.push(path20);
+    if (path21) files.push(path21);
   }
   return { additions, deletions, files };
 }
@@ -3220,6 +3233,16 @@ var defaultConfig = {
       maxDeltaBytes: null,
       maxTotalBytes: null
     },
+    reactNative: {
+      enabled: true,
+      gate: "info",
+      requireMetroConfig: true,
+      runAlignDeps: false,
+      alignDepsArgs: ["--requirements", "react-native"],
+      runDoctor: false,
+      swiftLintOnChangedSwift: true,
+      hintAndroidNativeOnPr: true
+    },
     coreWebVitals: {
       enabled: true,
       gate: "warn",
@@ -4319,13 +4342,13 @@ async function runEslint(cwd, config, _stack, pr) {
   try {
     const rows = JSON.parse(stdout2);
     for (const row of rows) {
-      const relFile = toRepoRelativePath(cwd, row.filePath);
+      const relFile2 = toRepoRelativePath(cwd, row.filePath);
       for (const m3 of row.messages) {
         findings.push({
           id: `eslint-${m3.ruleId ?? "unknown"}`,
           severity: "warn",
           message: m3.message,
-          file: relFile,
+          file: relFile2,
           detail: m3.line ? `line ${m3.line}` : void 0
         });
       }
@@ -5512,6 +5535,211 @@ function dedupeFindings(f4) {
   }
   return out;
 }
+function gateSeverity6(g4) {
+  return g4 === "block" ? "block" : g4 === "info" ? "info" : "warn";
+}
+var METRO_CANDIDATES = [
+  "metro.config.js",
+  "metro.config.mjs",
+  "metro.config.cjs",
+  "metro.config.ts"
+];
+var SWIFTLINT_MAX_FINDINGS = 40;
+function prSwiftFiles(pr) {
+  if (!hasPrFileList(pr)) return [];
+  return pr.files.map(normalizePrPath).filter((f4) => /\.swift$/i.test(f4));
+}
+function prTouchesAndroidNative(pr) {
+  if (!hasPrFileList(pr)) return false;
+  return pr.files.some((f4) => {
+    const n3 = normalizePrPath(f4);
+    return /(^|\/)android\/.*\.(kt|kts|java)$/i.test(n3);
+  });
+}
+function prTouchesObjc(pr) {
+  if (!hasPrFileList(pr)) return false;
+  return pr.files.some((f4) => /\.(m|mm)$/i.test(normalizePrPath(f4)));
+}
+function truncate5(s3, max) {
+  if (s3.length <= max) return s3;
+  return s3.slice(0, max) + "\u2026";
+}
+function parseSwiftLintJson(raw) {
+  try {
+    const j2 = JSON.parse(raw);
+    if (Array.isArray(j2)) return j2;
+    if (j2 && typeof j2 === "object" && Array.isArray(j2.violations)) {
+      return j2.violations;
+    }
+  } catch {
+  }
+  return [];
+}
+function relFile(cwd, file) {
+  if (!file) return void 0;
+  if (path6.isAbsolute(file)) {
+    try {
+      return normalizePrPath(path6.relative(cwd, file));
+    } catch {
+      return file;
+    }
+  }
+  return normalizePrPath(file);
+}
+async function runReactNative(cwd, config, stack, pr) {
+  const t0 = performance.now();
+  const cfg = config.checks.reactNative;
+  if (!stack.hasReactNative) {
+    return {
+      checkId: "react-native",
+      findings: [],
+      durationMs: Math.round(performance.now() - t0),
+      skipped: "not a React Native project"
+    };
+  }
+  if (!cfg.enabled) {
+    return {
+      checkId: "react-native",
+      findings: [],
+      durationMs: 0,
+      skipped: "disabled in config"
+    };
+  }
+  const findings = [];
+  const sev2 = gateSeverity6(cfg.gate);
+  if (cfg.requireMetroConfig) {
+    let found = false;
+    for (const name of METRO_CANDIDATES) {
+      if (await pathExists(path6.join(cwd, name))) {
+        found = true;
+        break;
+      }
+    }
+    if (!found) {
+      findings.push({
+        id: "rn-metro-config-missing",
+        severity: sev2,
+        message: "No Metro config found (expected metro.config.js|mjs|cjs|ts at project root)",
+        detail: "Metro bundles JavaScript for React Native. Expo and RN templates normally include metro.config.js."
+      });
+    }
+  }
+  if (cfg.runAlignDeps) {
+    const r4 = await runNpx(cwd, ["--yes", "@rnx-kit/align-deps", ...cfg.alignDepsArgs]);
+    if ((r4.exitCode ?? 0) !== 0) {
+      findings.push({
+        id: "rn-align-deps-failed",
+        severity: sev2,
+        message: "@rnx-kit/align-deps reported dependency mismatches",
+        detail: truncate5(
+          [r4.stdout, r4.stderr].filter(Boolean).join("\n") || `exit ${r4.exitCode}`,
+          8e3
+        )
+      });
+    }
+  }
+  if (cfg.runDoctor) {
+    const r4 = await runNpmBinary(cwd, "react-native", ["doctor"]);
+    if (r4.exitCode === 127 || /not recognized|command not found|ENOENT/i.test(r4.stderr)) {
+      findings.push({
+        id: "rn-doctor-skipped",
+        severity: "info",
+        message: "react-native doctor not run (CLI binary not found in this project)",
+        detail: "Install dependencies so `node_modules/.bin/react-native` exists, or only enable runDoctor on agents with the RN CLI."
+      });
+    } else if ((r4.exitCode ?? 0) !== 0) {
+      findings.push({
+        id: "rn-doctor-issues",
+        severity: sev2,
+        message: "react-native doctor exited with errors",
+        detail: truncate5([r4.stdout, r4.stderr].filter(Boolean).join("\n"), 8e3)
+      });
+    }
+  }
+  const swifts = prSwiftFiles(pr);
+  if (cfg.swiftLintOnChangedSwift && swifts.length > 0) {
+    const existing = await existingRepoPaths(cwd, swifts);
+    if (existing.length > 0) {
+      let ver;
+      try {
+        ver = await W2("swiftlint", ["version"], { nodeOptions: { cwd } });
+      } catch {
+        ver = { exitCode: 1, stdout: "", stderr: "" };
+      }
+      if ((ver.exitCode ?? 0) !== 0) {
+        findings.push({
+          id: "rn-swiftlint-unavailable",
+          severity: "info",
+          message: "PR changes Swift files but SwiftLint is not on PATH",
+          detail: `Touched: ${existing.slice(0, 12).join(", ")}${existing.length > 12 ? "\u2026" : ""}`
+        });
+      } else {
+        let r4;
+        try {
+          r4 = await W2("swiftlint", ["lint", "--reporter", "json", "--quiet", ...existing], {
+            nodeOptions: { cwd }
+          });
+        } catch (e3) {
+          r4 = {
+            exitCode: 1,
+            stdout: "",
+            stderr: e3 instanceof Error ? e3.message : String(e3)
+          };
+        }
+        const out = (r4.stdout ?? "").trim();
+        const violations = out ? parseSwiftLintJson(out) : [];
+        if (violations.length > 0) {
+          const slice = violations.slice(0, SWIFTLINT_MAX_FINDINGS);
+          for (const v3 of slice) {
+            const isErr = (v3.severity ?? "").toLowerCase() === "error";
+            findings.push({
+              id: `rn-swiftlint-${(v3.rule_id ?? "rule").replace(/[^a-z0-9-]/gi, "-")}`,
+              severity: isErr ? sev2 : "warn",
+              message: v3.reason ?? "SwiftLint violation",
+              file: relFile(cwd, v3.file),
+              detail: v3.line != null ? `line ${v3.line}` : void 0
+            });
+          }
+          if (violations.length > SWIFTLINT_MAX_FINDINGS) {
+            findings.push({
+              id: "rn-swiftlint-truncated",
+              severity: "info",
+              message: `SwiftLint: ${violations.length - SWIFTLINT_MAX_FINDINGS} more violation(s) not listed`
+            });
+          }
+        } else if ((r4.exitCode ?? 0) !== 0) {
+          findings.push({
+            id: "rn-swiftlint-failed",
+            severity: sev2,
+            message: "SwiftLint failed",
+            detail: truncate5([out, r4.stderr].filter(Boolean).join("\n") || `exit ${r4.exitCode}`, 4e3)
+          });
+        }
+      }
+    }
+  }
+  if (cfg.hintAndroidNativeOnPr && prTouchesAndroidNative(pr)) {
+    findings.push({
+      id: "rn-android-native-hint",
+      severity: "info",
+      message: "PR touches Android Kotlin/Java under android/",
+      detail: "Consider Android Lint (`./gradlew :app:lint`) or Detekt in CI when native sources change."
+    });
+  }
+  if (hasPrFileList(pr) && prTouchesObjc(pr)) {
+    findings.push({
+      id: "rn-ios-objc-hint",
+      severity: "info",
+      message: "PR touches Objective-C (.m / .mm) sources",
+      detail: "Consider clang-format or Xcode Analyze on changed native files."
+    });
+  }
+  return {
+    checkId: "react-native",
+    findings,
+    durationMs: Math.round(performance.now() - t0)
+  };
+}
 var DEFAULT_GLOB = "**/*.{ts,tsx,js,jsx,mjs,cjs}";
 async function runCustomRules(cwd, config, restrictToFiles) {
   const t0 = performance.now();
@@ -6106,6 +6334,7 @@ var CHECK_DESCRIPTIONS = {
   cycles: "Runs madge for circular dependencies on TypeScript/JavaScript entry points. Import cycles can cause brittle builds and load order bugs.",
   "dead-code": "Runs ts-prune to find unused exports in the TypeScript project. Helps trim dead surface area.",
   bundle: "Measures bundle size using a stack-aware strategy (Next.js build output, Vite/CRA file sizes, or custom command) and compares to a checked-in baseline.",
+  "react-native": "When react-native is a dependency: Metro config presence, optional @rnx-kit/align-deps and react-native doctor, SwiftLint on changed Swift in PRs, and light hints for Android/iOS native edits.",
   "core-web-vitals": "Static hints in JSX/TSX related to Core Web Vitals (e.g. LCP-friendly images, main-thread hygiene). Not a substitute for real field metrics.",
   "ai-assisted-strict": "Under development \u2014 off by default. When enabled: scans @frontguard-ai regions or AI-disclosed PR files for risky patterns (eval, XSS sinks, etc.) and AST heuristics.",
   "pr-hygiene": "Validates PR metadata when CI provides PR context: description length, checklist items, and similar hygiene rules from config.",
@@ -7385,6 +7614,7 @@ async function runFrontGuard(opts) {
     cycles,
     deadCode,
     coreWebVitals,
+    reactNative,
     tsAnyDelta,
     customRules,
     aiStrict
@@ -7396,6 +7626,7 @@ async function runFrontGuard(opts) {
     runCycles(opts.cwd, config, stack, pr),
     runDeadCode(opts.cwd, config, stack, pr),
     runCoreWebVitals(opts.cwd, config, stack, pr),
+    runReactNative(opts.cwd, config, stack, pr),
     runTsAnyDelta(opts.cwd, config, stack),
     runCustomRules(opts.cwd, config, restrictFiles),
     runAiAssistedStrict(opts.cwd, config, pr)
@@ -7412,6 +7643,7 @@ async function runFrontGuard(opts) {
     deadCode,
     bundle,
     coreWebVitals,
+    reactNative,
     aiStrict,
     prHygiene,
     prSize,