npm - @critiq/rules - Versions diffs - 0.0.2 → 0.1.0 - Mend

@critiq/rules 0.0.2 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (203) hide show

package/rules/typescript/ts.performance.no-expensive-sort-in-render-path.rule.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.performance.no-expensive-sort-in-render-path
+  title: Avoid expensive sort or transforms in render path
+  summary: Sorting or heavy transforms in React render paths should be memoized or precomputed.
+  rationale: Sorting or heavy transforms in React render paths should be memoized or precomputed.
+  tags:
+    - performance
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: performance.no-expensive-sort-in-render-path
+    bind: issue
+emit:
+  finding:
+    category: performance.render
+    severity: medium
+    confidence: 0.8
+    tags:
+      - performance
+  message:
+    title: Avoid expensive sort or transforms in render path
+    summary: "`${captures.issue.text}` matches ts.performance.no-expensive-sort-in-render-path."
+  remediation:
+    summary: Refactor this path to avoid repeated work in hot execution paths.

package/rules/typescript/ts.performance.no-json-parse-stringify-clone.rule.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.performance.no-json-parse-stringify-clone
+  title: Avoid JSON parse/stringify deep-clone
+  summary: JSON stringify/parse cloning is expensive and loses type fidelity for rich objects.
+  rationale: JSON stringify/parse cloning is expensive and loses type fidelity for rich objects.
+  tags:
+    - performance
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: performance.no-json-parse-stringify-clone
+    bind: issue
+emit:
+  finding:
+    category: performance.cpu
+    severity: medium
+    confidence: 0.8
+    tags:
+      - performance
+  message:
+    title: Avoid JSON parse/stringify deep-clone
+    summary: "`${captures.issue.text}` matches ts.performance.no-json-parse-stringify-clone."
+  remediation:
+    summary: Refactor this path to avoid repeated work in hot execution paths.

package/rules/typescript/ts.performance.no-large-object-spread-in-loop.rule.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.performance.no-large-object-spread-in-loop
+  title: Avoid large object spread inside loops
+  summary: Object spread inside loops creates repeated allocations and can degrade throughput.
+  rationale: Object spread inside loops creates repeated allocations and can degrade throughput.
+  tags:
+    - performance
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: performance.no-large-object-spread-in-loop
+    bind: issue
+emit:
+  finding:
+    category: performance.allocation
+    severity: medium
+    confidence: 0.8
+    tags:
+      - performance
+  message:
+    title: Avoid large object spread inside loops
+    summary: "`${captures.issue.text}` matches ts.performance.no-large-object-spread-in-loop."
+  remediation:
+    summary: Refactor this path to avoid repeated work in hot execution paths.

package/rules/typescript/ts.performance.no-n-plus-one-await-in-map.rule.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.performance.no-n-plus-one-await-in-map
+  title: Avoid N+1 await patterns in map flows
+  summary: Per-item awaits inside map-like flows often create avoidable latency and fan-out bottlenecks.
+  rationale: Per-item awaits inside map-like flows often create avoidable latency and fan-out bottlenecks.
+  tags:
+    - performance
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: performance.no-n-plus-one-await-in-map
+    bind: issue
+emit:
+  finding:
+    category: performance.async
+    severity: high
+    confidence: 0.8
+    tags:
+      - performance
+  message:
+    title: Avoid N+1 await patterns in map flows
+    summary: "`${captures.issue.text}` matches ts.performance.no-n-plus-one-await-in-map."
+  remediation:
+    summary: Refactor this path to avoid repeated work in hot execution paths.

package/rules/typescript/ts.performance.no-redundant-network-fetch.rule.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.performance.no-redundant-network-fetch
+  title: Avoid redundant network fetches in one path
+  summary: Repeated fetches for the same stable request identity waste network and CPU budget.
+  rationale: Repeated fetches for the same stable request identity waste network and CPU budget.
+  tags:
+    - performance
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: performance.no-redundant-network-fetch
+    bind: issue
+emit:
+  finding:
+    category: performance.network
+    severity: medium
+    confidence: 0.8
+    tags:
+      - performance
+  message:
+    title: Avoid redundant network fetches in one path
+    summary: "`${captures.issue.text}` matches ts.performance.no-redundant-network-fetch."
+  remediation:
+    summary: Refactor this path to avoid repeated work in hot execution paths.

package/rules/typescript/ts.performance.no-regex-construction-in-loop.rule.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.performance.no-regex-construction-in-loop
+  title: Avoid regex construction inside loops
+  summary: Constructing regular expressions inside loops repeatedly allocates and reparses patterns.
+  rationale: Constructing regular expressions inside loops repeatedly allocates and reparses patterns.
+  tags:
+    - performance
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: performance.no-regex-construction-in-loop
+    bind: issue
+emit:
+  finding:
+    category: performance.allocation
+    severity: medium
+    confidence: 0.8
+    tags:
+      - performance
+  message:
+    title: Avoid regex construction inside loops
+    summary: "`${captures.issue.text}` matches ts.performance.no-regex-construction-in-loop."
+  remediation:
+    summary: Refactor this path to avoid repeated work in hot execution paths.

package/rules/typescript/ts.performance.no-sync-fs-in-request-path.rule.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.performance.no-sync-fs-in-request-path
+  title: Avoid sync filesystem calls in request paths
+  summary: Synchronous filesystem calls on request paths block the event loop and degrade latency.
+  rationale: Synchronous filesystem calls on request paths block the event loop and degrade latency.
+  tags:
+    - performance
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: performance.no-sync-fs-in-request-path
+    bind: issue
+emit:
+  finding:
+    category: performance.io
+    severity: high
+    confidence: 0.8
+    tags:
+      - performance
+  message:
+    title: Avoid sync filesystem calls in request paths
+    summary: "`${captures.issue.text}` matches ts.performance.no-sync-fs-in-request-path."
+  remediation:
+    summary: Refactor this path to avoid repeated work in hot execution paths.

package/rules/typescript/ts.performance.no-unbounded-concurrency.rule.yaml ADDED Viewed

@@ -0,0 +1,32 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.performance.no-unbounded-concurrency
+  title: Avoid unbounded concurrency fan-out
+  summary: Unbounded Promise fan-out over unknown input can exhaust downstream capacity.
+  rationale: Unbounded Promise fan-out over unknown input can exhaust downstream capacity.
+  tags:
+    - performance
+    - rules-catalog
+  stability: stable
+  appliesTo: block
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: performance.no-unbounded-concurrency
+    bind: issue
+emit:
+  finding:
+    category: performance.async
+    severity: high
+    confidence: 0.8
+    tags:
+      - performance
+  message:
+    title: Avoid unbounded concurrency fan-out
+    summary: "`${captures.issue.text}` matches ts.performance.no-unbounded-concurrency."
+  remediation:
+    summary: Refactor this path to avoid repeated work in hot execution paths.

package/rules/typescript/ts.quality.no-ambiguous-abbreviations.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-ambiguous-abbreviations
+  title: Avoid ambiguous abbreviations in public APIs
+  summary: Ambiguous abbreviated names in exported APIs reduce readability and onboarding speed.
+  rationale: Public API names are long-lived and should optimize for clarity over brevity.
+  tags: [quality, maintainability, rules-catalog]
+  stability: stable
+  appliesTo: file
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.ambiguous-abbreviation-public-api
+    bind: issue
+emit:
+  finding:
+    category: quality.maintainability
+    severity: low
+    confidence: 0.76
+    tags: [quality, naming]
+  message:
+    title: Use explicit naming for exported API symbols
+    summary: "`${captures.issue.text}` looks like an ambiguous abbreviation in a public API."
+  remediation:
+    summary: Rename exported symbols to descriptive terms that communicate domain intent.

package/rules/typescript/ts.quality.no-barrel-file-cycle.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-barrel-file-cycle
+  title: Avoid barrel file cycles
+  summary: Cycles involving barrel files obscure ownership and complicate module boundaries.
+  rationale: Re-export cycles make import behavior less predictable and harder to review.
+  tags: [quality, architecture, rules-catalog]
+  stability: stable
+  appliesTo: file
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.barrel-file-cycle
+    bind: issue
+emit:
+  finding:
+    category: quality.architecture
+    severity: medium
+    confidence: 0.83
+    tags: [quality, architecture]
+  message:
+    title: Break the barrel cycle between modules
+    summary: "`${captures.issue.text}` participates in a re-export cycle."
+  remediation:
+    summary: Remove cycle edges, move shared symbols to a third module, and keep barrel ownership explicit.

package/rules/typescript/ts.quality.no-boolean-parameter-trap.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-boolean-parameter-trap
+  title: Avoid boolean parameter trap in public APIs
+  summary: Public APIs with multiple boolean flags reduce readability and increase change risk.
+  rationale: Boolean-heavy signatures hide intent and make call-sites brittle.
+  tags: [quality, maintainability, rules-catalog]
+  stability: stable
+  appliesTo: file
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.boolean-parameter-trap
+    bind: issue
+emit:
+  finding:
+    category: quality.maintainability
+    severity: medium
+    confidence: 0.86
+    tags: [quality, maintainability]
+  message:
+    title: Replace multiple boolean flags with an options object
+    summary: "`${captures.issue.text}` appears to accept multiple boolean flags."
+  remediation:
+    summary: Prefer explicit option objects or dedicated methods to encode behavior clearly.

package/rules/typescript/ts.quality.no-dead-export.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-dead-export
+  title: Remove dead exports
+  summary: Exported symbols with no known consumers increase maintenance overhead.
+  rationale: Dead exports are accidental API surface that should be removed or documented.
+  tags: [quality, maintainability, rules-catalog]
+  stability: stable
+  appliesTo: file
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.dead-export
+    bind: issue
+emit:
+  finding:
+    category: quality.maintainability
+    severity: low
+    confidence: 0.78
+    tags: [quality, maintainability]
+  message:
+    title: Remove or justify unused exported symbol
+    summary: "`${captures.issue.text}` appears to be exported but unused by the project."
+  remediation:
+    summary: Remove dead exports, make them internal, or document supported public entrypoints.

package/rules/typescript/ts.quality.no-hidden-side-effect-import.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-hidden-side-effect-import
+  title: Avoid hidden side-effect imports
+  summary: Bare side-effect imports outside setup files make module behavior implicit.
+  rationale: Hidden side effects are difficult to reason about and can create order-dependent bugs.
+  tags: [quality, maintainability, rules-catalog]
+  stability: stable
+  appliesTo: file
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.hidden-side-effect-import
+    bind: issue
+emit:
+  finding:
+    category: quality.maintainability
+    severity: medium
+    confidence: 0.85
+    tags: [quality, maintainability]
+  message:
+    title: Move side effects into explicit setup boundaries
+    summary: "`${captures.issue.text}` is a side-effect-only import outside allowlisted setup files."
+  remediation:
+    summary: Use explicit setup modules or import named symbols instead of hidden side effects.

package/rules/typescript/ts.quality.no-inconsistent-error-shape.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-inconsistent-error-shape
+  title: Keep error payload shape consistent
+  summary: Inconsistent thrown or rejected error shapes make error handling brittle.
+  rationale: Standardized error construction simplifies observability, retries, and user-safe handling.
+  tags: [quality, error-handling, rules-catalog]
+  stability: stable
+  appliesTo: block
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.inconsistent-error-shape
+    bind: issue
+emit:
+  finding:
+    category: quality.error-handling
+    severity: medium
+    confidence: 0.82
+    tags: [quality, error-handling]
+  message:
+    title: Use a consistent error construction pattern
+    summary: "`${captures.issue.text}` indicates mixed error shapes in this module."
+  remediation:
+    summary: Standardize on one error type or envelope and normalize throw/reject paths.

package/rules/typescript/ts.quality.no-mixed-abstraction-level.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-mixed-abstraction-level
+  title: Keep function abstraction levels consistent
+  summary: Functions that mix transport, persistence, validation, and domain logic are hard to change safely.
+  rationale: Mixed abstraction creates hidden coupling and complicates testing and review.
+  tags: [quality, architecture, rules-catalog]
+  stability: stable
+  appliesTo: file
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.mixed-abstraction-level
+    bind: issue
+emit:
+  finding:
+    category: quality.architecture
+    severity: medium
+    confidence: 0.8
+    tags: [quality, architecture]
+  message:
+    title: Split this flow into cohesive layers
+    summary: "`${captures.issue.text}` combines multiple abstraction levels in a single flow."
+  remediation:
+    summary: Separate transport, validation, persistence, and domain logic into dedicated functions or services.

package/rules/typescript/ts.quality.no-primitive-obsession-in-domain-model.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-primitive-obsession-in-domain-model
+  title: Avoid primitive obsession in domain model APIs
+  summary: Domain-facing APIs with many primitive parameters should use richer value objects.
+  rationale: Grouping related primitives into value types improves readability and reduces argument-order bugs.
+  tags: [quality, maintainability, rules-catalog]
+  stability: stable
+  appliesTo: file
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.primitive-obsession-domain-model
+    bind: issue
+emit:
+  finding:
+    category: quality.design
+    severity: low
+    confidence: 0.8
+    tags: [quality, design]
+  message:
+    title: Replace primitive parameter groups with domain objects
+    summary: "`${captures.issue.text}` appears to rely on repeated primitive parameters."
+  remediation:
+    summary: Introduce a value object or typed input model for related arguments.

package/rules/typescript/ts.quality.no-temporal-coupling.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-temporal-coupling
+  title: Avoid APIs with hidden call-order requirements
+  summary: APIs that require callers to invoke methods in strict hidden order are fragile.
+  rationale: Temporal coupling is a common source of runtime bugs and unclear contracts.
+  tags: [quality, architecture, rules-catalog]
+  stability: experimental
+  appliesTo: file
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.temporal-coupling-api-order
+    bind: issue
+emit:
+  finding:
+    category: quality.architecture
+    severity: low
+    confidence: 0.65
+    tags: [quality, architecture]
+  message:
+    title: Encode call ordering in the API contract
+    summary: "`${captures.issue.text}` suggests implicit call ordering requirements."
+  remediation:
+    summary: Model lifecycle stages explicitly in types or stateful objects to prevent invalid sequences.

package/rules/typescript/ts.quality.no-wide-public-surface.rule.yaml ADDED Viewed

@@ -0,0 +1,27 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.quality.no-wide-public-surface
+  title: Keep module public surface narrow
+  summary: Modules exporting too many symbols become hard to evolve safely.
+  rationale: Broad module APIs increase accidental coupling and long-term maintenance cost.
+  tags: [quality, architecture, rules-catalog]
+  stability: stable
+  appliesTo: file
+scope:
+  languages: [typescript, javascript]
+match:
+  fact:
+    kind: quality.wide-public-surface
+    bind: issue
+emit:
+  finding:
+    category: quality.architecture
+    severity: medium
+    confidence: 0.84
+    tags: [quality, architecture]
+  message:
+    title: Reduce public exports in this module
+    summary: "`${captures.issue.text}` exports more public symbols than the maintainability threshold."
+  remediation:
+    summary: Split APIs, hide internals, or create focused entrypoints with fewer exports.

package/rules/typescript/ts.react.no-accessibility-label-missing.rule.yaml ADDED Viewed

@@ -0,0 +1,36 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.react.no-accessibility-label-missing
+  title: Give interactive elements an accessible name
+  summary: Buttons, links, and inputs need labels, aria attributes, or visible text so assistive technologies can describe them.
+  rationale: Unlabeled controls are ambiguous to keyboard and screen reader users and fail basic accessibility expectations.
+  tags:
+    - react
+    - accessibility
+    - ui
+    - rules-catalog
+  stability: experimental
+  appliesTo: function
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: ui.react.missing-accessible-name
+    bind: issue
+emit:
+  finding:
+    category: correctness.ui
+    severity: high
+    confidence: 0.74
+    tags:
+      - react
+      - accessibility
+      - ui
+  message:
+    title: Add an accessible name to interactive elements
+    summary: "`${captures.issue.text}` renders without aria labeling or visible text."
+  remediation:
+    summary: Add aria-label or aria-labelledby, associate a label element, or include descriptive visible content.

package/rules/typescript/ts.react.no-activedescendant-on-non-focusable-host.rule.yaml ADDED Viewed

@@ -0,0 +1,36 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.react.no-activedescendant-on-non-focusable-host
+  title: Make aria-activedescendant hosts keyboard focusable
+  summary: "Elements that manage active descendants must participate in the tab order or be native controls that already receive focus."
+  rationale: Screen readers and keyboard users cannot follow listbox and combobox patterns when the controlling node never becomes focused.
+  tags:
+    - react
+    - accessibility
+    - ui
+    - rules-catalog
+  stability: experimental
+  appliesTo: function
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: ui.react.activedescendant-host-not-focusable
+    bind: issue
+emit:
+  finding:
+    category: correctness.ui
+    severity: high
+    confidence: 0.8
+    tags:
+      - react
+      - accessibility
+      - ui
+  message:
+    title: Add focusability to the active-descendant owner
+    summary: "`${captures.issue.text}` sets `aria-activedescendant` on a host that is not keyboard focusable."
+  remediation:
+    summary: Use a native input or button where possible, or add `tabIndex={0}` on the owning element while preserving roving tabindex semantics for options.

package/rules/typescript/ts.react.no-click-without-keyboard-handler.rule.yaml ADDED Viewed

@@ -0,0 +1,36 @@
+apiVersion: critiq.dev/v1alpha1
+kind: Rule
+metadata:
+  id: ts.react.no-click-without-keyboard-handler
+  title: Support keyboard interaction for click handlers
+  summary: "Non-interactive JSX elements that respond to clicks also need an equivalent keyboard path."
+  rationale: Mouse-only interaction blocks keyboard users and creates inaccessible custom controls that do not behave like native UI elements.
+  tags:
+    - react
+    - accessibility
+    - ui
+    - rules-catalog
+  stability: experimental
+  appliesTo: function
+scope:
+  languages:
+    - typescript
+    - javascript
+match:
+  fact:
+    kind: ui.react.click-without-keyboard-handler
+    bind: issue
+emit:
+  finding:
+    category: correctness.ui
+    severity: high
+    confidence: 0.84
+    tags:
+      - react
+      - accessibility
+      - ui
+  message:
+    title: Add keyboard support to click-driven UI
+    summary: "`${captures.issue.text}` handles clicks without an equivalent keyboard event."
+  remediation:
+    summary: Prefer native buttons or links, or add the necessary role, focus behavior, and keyboard handlers for the same action.