@eddacraft/anvil-core 0.1.0

package/LICENSE

@@ -0,0 +1,14 @@
+Copyright (c) 2026 EddaCraft. All rights reserved.
+
+PROPRIETARY AND CONFIDENTIAL
+
+This software and associated documentation files (the "Software") are the
+exclusive property of EddaCraft. Unauthorised copying, modification,
+distribution, or use of this Software, via any medium, is strictly prohibited
+without the express written permission of EddaCraft.
+
+The Software is provided for evaluation and testing purposes only to authorised
+beta testers. No licence is granted to use, copy, modify, or distribute the
+Software for any other purpose.
+
+For licensing enquiries, contact: legal@eddacraft.com

package/dist/antipattern/index.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Anti-pattern detection module
+ *
+ * Provides detection of code anti-patterns and architecture boundary violations.
+ */
+export { LocationSchema, type Location, DriftSchema, type Drift, SuppressionSchema, type Suppression, WarningCategorySchema, type WarningCategory, WarningSeveritySchema, type WarningSeverity, ConfidenceSchema, type Confidence, WarningSchema, type Warning, RegexDetectionConfigSchema, type RegexDetectionConfig, AstDetectionConfigSchema, type AstDetectionConfig, DetectionConfigSchema, type DetectionConfig, AntiPatternSchema, type AntiPattern, WarningResultSchema, type WarningResult, type WarningSummary, SuppressionRecordSchema, type SuppressionRecord, createWarningFingerprint, isBlockingWarning, countBySeverity, createWarningResult, validateWarningResultConsistency, } from './types.js';
+export { PATTERNS, type PatternCategory, getPattern, getPatternsByCategory, getEnabledPatterns, getDefaultPatterns, getPatternIds, isValidPatternId, } from './patterns.js';
+export { HTML_PATTERNS } from './patterns-html.js';
+export { CSS_PATTERNS } from './patterns-css.js';
+export { type ScanOptions, type ScanResult, scanFile, scanFiles } from './scanner.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/antipattern/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/antipattern/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAEL,cAAc,EACd,KAAK,QAAQ,EAEb,WAAW,EACX,KAAK,KAAK,EAEV,iBAAiB,EACjB,KAAK,WAAW,EAEhB,qBAAqB,EACrB,KAAK,eAAe,EACpB,qBAAqB,EACrB,KAAK,eAAe,EACpB,gBAAgB,EAChB,KAAK,UAAU,EACf,aAAa,EACb,KAAK,OAAO,EAEZ,0BAA0B,EAC1B,KAAK,oBAAoB,EACzB,wBAAwB,EACxB,KAAK,kBAAkB,EACvB,qBAAqB,EACrB,KAAK,eAAe,EACpB,iBAAiB,EACjB,KAAK,WAAW,EAEhB,mBAAmB,EACnB,KAAK,aAAa,EAClB,KAAK,cAAc,EAEnB,uBAAuB,EACvB,KAAK,iBAAiB,EAEtB,wBAAwB,EACxB,iBAAiB,EACjB,eAAe,EACf,mBAAmB,EACnB,gCAAgC,GACjC,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,QAAQ,EACR,KAAK,eAAe,EACpB,UAAU,EACV,qBAAqB,EACrB,kBAAkB,EAClB,kBAAkB,EAClB,aAAa,EACb,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAGvB,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAGnD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAGjD,OAAO,EAAE,KAAK,WAAW,EAAE,KAAK,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC"}

package/dist/antipattern/index.js

@@ -0,0 +1,31 @@
+/**
+ * Anti-pattern detection module
+ *
+ * Provides detection of code anti-patterns and architecture boundary violations.
+ */
+// Types and schemas
+export { 
+// Location
+LocationSchema, 
+// Drift
+DriftSchema, 
+// Suppression
+SuppressionSchema, 
+// Warning
+WarningCategorySchema, WarningSeveritySchema, ConfidenceSchema, WarningSchema, 
+// Anti-pattern definition
+RegexDetectionConfigSchema, AstDetectionConfigSchema, DetectionConfigSchema, AntiPatternSchema, 
+// Results
+WarningResultSchema, 
+// Suppression records
+SuppressionRecordSchema, 
+// Utilities
+createWarningFingerprint, isBlockingWarning, countBySeverity, createWarningResult, validateWarningResultConsistency, } from './types.js';
+// Pattern catalogue
+export { PATTERNS, getPattern, getPatternsByCategory, getEnabledPatterns, getDefaultPatterns, getPatternIds, isValidPatternId, } from './patterns.js';
+// HTML patterns
+export { HTML_PATTERNS } from './patterns-html.js';
+// CSS patterns
+export { CSS_PATTERNS } from './patterns-css.js';
+// Scanner
+export { scanFile, scanFiles } from './scanner.js';

package/dist/antipattern/patterns-css.d.ts

@@ -0,0 +1,17 @@
+/**
+ * CSS Anti-pattern Definitions
+ *
+ * Detects common CSS anti-patterns:
+ * - AP-012: !important usage
+ * - AP-013: CSS @import (performance concern)
+ *
+ * All patterns are opt-in by default (D-001).
+ *
+ * @module antipattern/patterns-css
+ */
+import type { AntiPattern } from './types.js';
+/**
+ * All CSS anti-patterns
+ */
+export declare const CSS_PATTERNS: readonly AntiPattern[];
+//# sourceMappingURL=patterns-css.d.ts.map

package/dist/antipattern/patterns-css.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns-css.d.ts","sourceRoot":"","sources":["../../src/antipattern/patterns-css.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAmE9C;;GAEG;AACH,eAAO,MAAM,YAAY,EAAE,SAAS,WAAW,EAAiD,CAAC"}

package/dist/antipattern/patterns-css.js

@@ -0,0 +1,72 @@
+/**
+ * CSS Anti-pattern Definitions
+ *
+ * Detects common CSS anti-patterns:
+ * - AP-012: !important usage
+ * - AP-013: CSS @import (performance concern)
+ *
+ * All patterns are opt-in by default (D-001).
+ *
+ * @module antipattern/patterns-css
+ */
+/**
+ * AP-012: !important in CSS
+ *
+ * Detects usage of `!important` in CSS declarations.
+ * Overuse of !important creates specificity wars and makes CSS harder to maintain.
+ */
+const AP012_IMPORTANT = {
+    id: 'AP-012',
+    name: '!important in CSS',
+    category: 'css',
+    severity: 'warning',
+    confidence: 'high',
+    detection: {
+        type: 'regex',
+        pattern: String.raw `!\s*important`,
+    },
+    title: '!important used in CSS',
+    explanation: 'Using !important overrides all other specificity rules, creating maintenance headaches. ' +
+        'It often indicates specificity wars or architectural issues in CSS.',
+    suggestion: 'Increase selector specificity naturally, restructure CSS to avoid conflicts, ' +
+        'or use CSS layers (@layer) for better cascade control.',
+    nudge: "Don't use `!important` — it breaks the cascade and makes styles nearly " +
+        'impossible to override. Instead, increase the specificity of your ' +
+        'selector or restructure your CSS to avoid the conflict.',
+    fileExtensions: ['.css', '.scss', '.less'],
+    allowlist: ['**/reset.css', '**/normalize.css'],
+    enabled: true,
+    optIn: true,
+};
+/**
+ * AP-013: CSS @import
+ *
+ * Detects usage of CSS `@import` which causes sequential loading.
+ * This is a performance concern, not a bug.
+ */
+const AP013_CSS_IMPORT = {
+    id: 'AP-013',
+    name: 'CSS @import',
+    category: 'css',
+    severity: 'info',
+    confidence: 'high',
+    detection: {
+        type: 'regex',
+        pattern: String.raw `@import\s+(?:url\()?["']`,
+    },
+    title: 'CSS @import causes sequential loading',
+    explanation: 'CSS @import causes browsers to load stylesheets sequentially rather than in parallel, ' +
+        'which increases page load time. Each @import blocks rendering until the imported file loads.',
+    suggestion: 'Use <link> tags in HTML for parallel loading, or use a CSS bundler ' +
+        '(PostCSS, Sass, etc.) to inline imports at build time.',
+    nudge: 'Replace this CSS `@import` with a `<link>` tag in your HTML. `@import` ' +
+        'blocks parallel downloads and slows page load. Each `@import` creates a ' +
+        'sequential request.',
+    fileExtensions: ['.css', '.scss', '.less'],
+    enabled: true,
+    optIn: true,
+};
+/**
+ * All CSS anti-patterns
+ */
+export const CSS_PATTERNS = [AP012_IMPORTANT, AP013_CSS_IMPORT];

package/dist/antipattern/patterns-html.d.ts

@@ -0,0 +1,21 @@
+/**
+ * HTML Anti-pattern Definitions
+ *
+ * Detects common HTML anti-patterns:
+ * - AP-008: Inline style attributes
+ * - AP-009: Inline script blocks
+ * - AP-010: Inline event handlers
+ * - AP-011: Deprecated HTML tags
+ *
+ * All patterns are opt-in by default (D-001).
+ * All patterns include email template allowlist since HTML emails
+ * legitimately use inline styles and scripts.
+ *
+ * @module antipattern/patterns-html
+ */
+import type { AntiPattern } from './types.js';
+/**
+ * All HTML anti-patterns
+ */
+export declare const HTML_PATTERNS: readonly AntiPattern[];
+//# sourceMappingURL=patterns-html.d.ts.map

package/dist/antipattern/patterns-html.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns-html.d.ts","sourceRoot":"","sources":["../../src/antipattern/patterns-html.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAqI9C;;GAEG;AACH,eAAO,MAAM,aAAa,EAAE,SAAS,WAAW,EAKtC,CAAC"}

package/dist/antipattern/patterns-html.js

@@ -0,0 +1,139 @@
+/**
+ * HTML Anti-pattern Definitions
+ *
+ * Detects common HTML anti-patterns:
+ * - AP-008: Inline style attributes
+ * - AP-009: Inline script blocks
+ * - AP-010: Inline event handlers
+ * - AP-011: Deprecated HTML tags
+ *
+ * All patterns are opt-in by default (D-001).
+ * All patterns include email template allowlist since HTML emails
+ * legitimately use inline styles and scripts.
+ *
+ * @module antipattern/patterns-html
+ */
+/**
+ * AP-008: Inline style attribute
+ *
+ * Detects `style="..."` attributes in HTML elements.
+ * Inline styles hinder maintainability and prevent caching of CSS.
+ */
+const AP008_INLINE_STYLE = {
+    id: 'AP-008',
+    name: 'Inline style attribute',
+    category: 'html',
+    severity: 'warning',
+    confidence: 'high',
+    detection: {
+        type: 'regex',
+        pattern: String.raw `style\s*=\s*["']`,
+    },
+    title: 'Inline style attribute found',
+    explanation: 'Inline styles mix presentation with structure, making CSS harder to maintain, ' +
+        'override, and cache. They also increase HTML file size.',
+    suggestion: 'Move styles to an external CSS file or use CSS classes. ' +
+        'For dynamic styles, use CSS custom properties or a CSS-in-JS solution.',
+    nudge: "Move this inline style to a CSS class. Inline styles can't be overridden " +
+        'by stylesheets, break consistency, and make maintenance harder. Define a ' +
+        'class in your stylesheet and apply it instead.',
+    fileExtensions: ['.html', '.htm'],
+    allowlist: ['**/email/**'],
+    enabled: true,
+    optIn: true,
+};
+/**
+ * AP-009: Inline script block
+ *
+ * Detects `<script>` blocks with inline code (not just closing tags).
+ * Inline scripts bypass CSP and prevent caching.
+ */
+const AP009_INLINE_SCRIPT = {
+    id: 'AP-009',
+    name: 'Inline script block',
+    category: 'html',
+    severity: 'warning',
+    confidence: 'high',
+    detection: {
+        type: 'regex',
+        pattern: String.raw `<script(?:\s[^>]*)?>(?!\s*<\/script>)`,
+    },
+    title: 'Inline script block found',
+    explanation: 'Inline scripts bypass Content Security Policy (CSP), prevent browser caching, ' +
+        'and make code harder to test and maintain.',
+    suggestion: 'Move JavaScript to external .js files referenced with <script src="...">. ' +
+        'This enables caching, CSP compliance, and better separation of concerns.',
+    nudge: 'Move this script to an external `.js` file and reference it with ' +
+        '`<script src="...">`. Inline scripts cannot be cached, violate CSP ' +
+        'policies, and make code harder to test.',
+    fileExtensions: ['.html', '.htm'],
+    allowlist: ['**/email/**'],
+    enabled: true,
+    optIn: true,
+};
+/**
+ * AP-010: Inline event handler
+ *
+ * Detects `on*="..."` attributes like onclick, onload, etc.
+ * Inline handlers mix behavior with structure and bypass CSP.
+ */
+const AP010_INLINE_EVENT_HANDLER = {
+    id: 'AP-010',
+    name: 'Inline event handler',
+    category: 'html',
+    severity: 'warning',
+    confidence: 'high',
+    detection: {
+        type: 'regex',
+        pattern: String.raw `\bon\w+\s*=\s*["']`,
+    },
+    title: 'Inline event handler found',
+    explanation: 'Inline event handlers (onclick, onload, etc.) mix behavior with HTML structure, ' +
+        'bypass CSP, and make code harder to debug and maintain.',
+    suggestion: 'Use addEventListener() in external JavaScript files instead. ' +
+        'For frameworks, use the framework event binding syntax.',
+    nudge: 'Remove this inline event handler and use `addEventListener()` in an ' +
+        'external script instead. Inline handlers mix behaviour with markup and ' +
+        'are blocked by strict Content Security Policies.',
+    fileExtensions: ['.html', '.htm'],
+    allowlist: ['**/email/**'],
+    enabled: true,
+    optIn: true,
+};
+/**
+ * AP-011: Deprecated HTML tags
+ *
+ * Detects usage of deprecated HTML tags like <font>, <center>, <marquee>, etc.
+ * These tags are obsolete and should be replaced with CSS.
+ */
+const AP011_DEPRECATED_TAGS = {
+    id: 'AP-011',
+    name: 'Deprecated HTML tag',
+    category: 'html',
+    severity: 'warning',
+    confidence: 'high',
+    detection: {
+        type: 'regex',
+        pattern: String.raw `<(?:font|center|marquee|blink|big|strike)\b`,
+    },
+    title: 'Deprecated HTML tag used',
+    explanation: 'Deprecated HTML tags like <font>, <center>, and <marquee> are obsolete. ' +
+        'They may not render correctly in modern browsers and indicate outdated practices.',
+    suggestion: 'Replace deprecated tags with semantic HTML and CSS. ' +
+        'For example, use CSS text-align instead of <center>, and CSS font properties instead of <font>.',
+    nudge: 'Replace this deprecated HTML tag with its modern CSS equivalent. Use CSS ' +
+        'for visual presentation instead of presentational HTML elements.',
+    fileExtensions: ['.html', '.htm'],
+    allowlist: ['**/email/**'],
+    enabled: true,
+    optIn: true,
+};
+/**
+ * All HTML anti-patterns
+ */
+export const HTML_PATTERNS = [
+    AP008_INLINE_STYLE,
+    AP009_INLINE_SCRIPT,
+    AP010_INLINE_EVENT_HANDLER,
+    AP011_DEPRECATED_TAGS,
+];

package/dist/antipattern/patterns.d.ts

@@ -0,0 +1,72 @@
+/**
+ * Anti-pattern Catalogue
+ *
+ * Defines the built-in anti-patterns that Anvil detects. Each pattern has:
+ * - ID: Unique identifier (AP-001, AP-002, etc.)
+ * - Detection: Regex or AST-based detection method
+ * - Messaging: Title, explanation, and suggestion for warnings
+ * - Configuration: Severity, confidence, allowlist, threshold, etc.
+ *
+ * @module antipattern/patterns
+ */
+import type { AntiPattern } from './types.js';
+/**
+ * All built-in anti-patterns
+ */
+export declare const PATTERNS: readonly AntiPattern[];
+/**
+ * Pattern categories for filtering
+ */
+export type PatternCategory = AntiPattern['category'];
+/**
+ * Get a pattern by ID
+ *
+ * @param id - Pattern ID (e.g., 'AP-001')
+ * @returns The pattern definition, or undefined if not found
+ *
+ * @example
+ * ```ts
+ * const pattern = getPattern('AP-001');
+ * console.log(pattern?.name); // 'Broad eslint-disable'
+ * ```
+ */
+export declare function getPattern(id: string): AntiPattern | undefined;
+/**
+ * Get all patterns in a category
+ *
+ * @param category - The category to filter by
+ * @returns Array of patterns in that category
+ *
+ * @example
+ * ```ts
+ * const escapeHatches = getPatternsByCategory('escape-hatch');
+ * console.log(escapeHatches.map(p => p.id)); // ['AP-001', 'AP-002']
+ * ```
+ */
+export declare function getPatternsByCategory(category: PatternCategory): AntiPattern[];
+/**
+ * Get all enabled patterns (respects enabled flag, not optIn)
+ *
+ * @returns Array of enabled patterns
+ */
+export declare function getEnabledPatterns(): AntiPattern[];
+/**
+ * Get all default patterns (enabled and not opt-in)
+ *
+ * @returns Array of patterns that are enabled by default
+ */
+export declare function getDefaultPatterns(): AntiPattern[];
+/**
+ * Get pattern IDs for all patterns
+ *
+ * @returns Array of pattern IDs
+ */
+export declare function getPatternIds(): string[];
+/**
+ * Check if a pattern ID is valid
+ *
+ * @param id - Pattern ID to check
+ * @returns true if the ID exists in the catalogue
+ */
+export declare function isValidPatternId(id: string): boolean;
+//# sourceMappingURL=patterns.d.ts.map

package/dist/antipattern/patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/antipattern/patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAiP9C;;GAEG;AACH,eAAO,MAAM,QAAQ,EAAE,SAAS,WAAW,EAUjC,CAAC;AAEX;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;AAMtD;;;;;;;;;;;GAWG;AACH,wBAAgB,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,WAAW,GAAG,SAAS,CAE9D;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,eAAe,GAAG,WAAW,EAAE,CAE9E;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,WAAW,EAAE,CAElD;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,WAAW,EAAE,CAElD;AAED;;;;GAIG;AACH,wBAAgB,aAAa,IAAI,MAAM,EAAE,CAExC;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAEpD"}