npm - @grafema/core - Versions diffs - 0.1.0-alpha.4 → 0.1.1-alpha - Mend

@grafema/core 0.1.0-alpha.4 → 0.1.1-alpha

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (391) hide show

package/README.md +0 -1
package/dist/Orchestrator.d.ts +24 -2
package/dist/Orchestrator.d.ts.map +1 -1
package/dist/Orchestrator.js +197 -24
package/dist/config/ConfigLoader.d.ts +72 -0
package/dist/config/ConfigLoader.d.ts.map +1 -0
package/dist/config/ConfigLoader.js +187 -0
package/dist/config/index.d.ts +6 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +4 -0
package/dist/core/ASTWorker.d.ts +11 -36
package/dist/core/ASTWorker.d.ts.map +1 -1
package/dist/core/ASTWorker.js +93 -99
package/dist/core/CoverageAnalyzer.d.ts +65 -0
package/dist/core/CoverageAnalyzer.d.ts.map +1 -0
package/dist/core/CoverageAnalyzer.js +198 -0
package/dist/core/FileNodeManager.d.ts +40 -0
package/dist/core/FileNodeManager.d.ts.map +1 -0
package/dist/core/FileNodeManager.js +84 -0
package/dist/core/GraphFreshnessChecker.d.ts +33 -0
package/dist/core/GraphFreshnessChecker.d.ts.map +1 -0
package/dist/core/GraphFreshnessChecker.js +101 -0
package/dist/core/HashUtils.d.ts +24 -0
package/dist/core/HashUtils.d.ts.map +1 -0
package/dist/core/HashUtils.js +45 -0
package/dist/core/IncrementalReanalyzer.d.ts +36 -0
package/dist/core/IncrementalReanalyzer.d.ts.map +1 -0
package/dist/core/IncrementalReanalyzer.js +132 -0
package/dist/core/NodeFactory.d.ts +225 -17
package/dist/core/NodeFactory.d.ts.map +1 -1
package/dist/core/NodeFactory.js +208 -18
package/dist/core/ScopeTracker.d.ts +84 -0
package/dist/core/ScopeTracker.d.ts.map +1 -0
package/dist/core/ScopeTracker.js +116 -0
package/dist/core/SemanticId.d.ts +90 -0
package/dist/core/SemanticId.d.ts.map +1 -0
package/dist/core/SemanticId.js +115 -0
package/dist/core/VersionManager.d.ts.map +1 -1
package/dist/core/VersionManager.js +3 -2
package/dist/core/nodes/ArgumentExpressionNode.d.ts +43 -0
package/dist/core/nodes/ArgumentExpressionNode.d.ts.map +1 -0
package/dist/core/nodes/ArgumentExpressionNode.js +60 -0
package/dist/core/nodes/ArrayLiteralNode.d.ts +27 -0
package/dist/core/nodes/ArrayLiteralNode.d.ts.map +1 -0
package/dist/core/nodes/ArrayLiteralNode.js +41 -0
package/dist/core/nodes/CallSiteNode.d.ts +28 -0
package/dist/core/nodes/CallSiteNode.d.ts.map +1 -1
package/dist/core/nodes/CallSiteNode.js +46 -0
package/dist/core/nodes/ClassNode.d.ts +33 -1
package/dist/core/nodes/ClassNode.d.ts.map +1 -1
package/dist/core/nodes/ClassNode.js +46 -2
package/dist/core/nodes/DecoratorNode.d.ts +42 -0
package/dist/core/nodes/DecoratorNode.d.ts.map +1 -0
package/dist/core/nodes/DecoratorNode.js +62 -0
package/dist/core/nodes/EnumNode.d.ts +42 -0
package/dist/core/nodes/EnumNode.d.ts.map +1 -0
package/dist/core/nodes/EnumNode.js +54 -0
package/dist/core/nodes/ExportNode.d.ts +37 -1
package/dist/core/nodes/ExportNode.d.ts.map +1 -1
package/dist/core/nodes/ExportNode.js +48 -2
package/dist/core/nodes/ExpressionNode.d.ts +97 -0
package/dist/core/nodes/ExpressionNode.d.ts.map +1 -0
package/dist/core/nodes/ExpressionNode.js +178 -0
package/dist/core/nodes/ExternalModuleNode.d.ts +28 -0
package/dist/core/nodes/ExternalModuleNode.d.ts.map +1 -0
package/dist/core/nodes/ExternalModuleNode.js +41 -0
package/dist/core/nodes/ExternalStdioNode.d.ts +13 -6
package/dist/core/nodes/ExternalStdioNode.d.ts.map +1 -1
package/dist/core/nodes/ExternalStdioNode.js +15 -8
package/dist/core/nodes/FunctionNode.d.ts +36 -0
package/dist/core/nodes/FunctionNode.d.ts.map +1 -1
package/dist/core/nodes/FunctionNode.js +80 -1
package/dist/core/nodes/ImportNode.d.ts +19 -5
package/dist/core/nodes/ImportNode.d.ts.map +1 -1
package/dist/core/nodes/ImportNode.js +23 -5
package/dist/core/nodes/InterfaceNode.d.ts +46 -0
package/dist/core/nodes/InterfaceNode.d.ts.map +1 -0
package/dist/core/nodes/InterfaceNode.js +55 -0
package/dist/core/nodes/IssueNode.d.ts +73 -0
package/dist/core/nodes/IssueNode.d.ts.map +1 -0
package/dist/core/nodes/IssueNode.js +129 -0
package/dist/core/nodes/MethodCallNode.d.ts +30 -0
package/dist/core/nodes/MethodCallNode.d.ts.map +1 -1
package/dist/core/nodes/MethodCallNode.js +49 -0
package/dist/core/nodes/MethodNode.d.ts +32 -0
package/dist/core/nodes/MethodNode.d.ts.map +1 -1
package/dist/core/nodes/MethodNode.js +48 -0
package/dist/core/nodes/ModuleNode.d.ts +31 -0
package/dist/core/nodes/ModuleNode.d.ts.map +1 -1
package/dist/core/nodes/ModuleNode.js +37 -0
package/dist/core/nodes/NetworkRequestNode.d.ts +54 -0
package/dist/core/nodes/NetworkRequestNode.d.ts.map +1 -0
package/dist/core/nodes/NetworkRequestNode.js +65 -0
package/dist/core/nodes/ObjectLiteralNode.d.ts +27 -0
package/dist/core/nodes/ObjectLiteralNode.d.ts.map +1 -0
package/dist/core/nodes/ObjectLiteralNode.js +41 -0
package/dist/core/nodes/ScopeNode.d.ts +31 -0
package/dist/core/nodes/ScopeNode.d.ts.map +1 -1
package/dist/core/nodes/ScopeNode.js +49 -0
package/dist/core/nodes/TypeNode.d.ts +36 -0
package/dist/core/nodes/TypeNode.d.ts.map +1 -0
package/dist/core/nodes/TypeNode.js +53 -0
package/dist/core/nodes/VariableDeclarationNode.d.ts +27 -0
package/dist/core/nodes/VariableDeclarationNode.d.ts.map +1 -1
package/dist/core/nodes/VariableDeclarationNode.js +40 -0
package/dist/core/nodes/index.d.ts +12 -1
package/dist/core/nodes/index.d.ts.map +1 -1
package/dist/core/nodes/index.js +14 -0
package/dist/diagnostics/DiagnosticCollector.d.ts +98 -0
package/dist/diagnostics/DiagnosticCollector.d.ts.map +1 -0
package/dist/diagnostics/DiagnosticCollector.js +129 -0
package/dist/diagnostics/DiagnosticReporter.d.ts +77 -0
package/dist/diagnostics/DiagnosticReporter.d.ts.map +1 -0
package/dist/diagnostics/DiagnosticReporter.js +159 -0
package/dist/diagnostics/DiagnosticWriter.d.ts +31 -0
package/dist/diagnostics/DiagnosticWriter.d.ts.map +1 -0
package/dist/diagnostics/DiagnosticWriter.js +43 -0
package/dist/diagnostics/index.d.ts +14 -0
package/dist/diagnostics/index.d.ts.map +1 -0
package/dist/diagnostics/index.js +11 -0
package/dist/errors/GrafemaError.d.ts +118 -0
package/dist/errors/GrafemaError.d.ts.map +1 -0
package/dist/errors/GrafemaError.js +131 -0
package/dist/index.d.ts +57 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +54 -1
package/dist/logging/Logger.d.ts +48 -0
package/dist/logging/Logger.d.ts.map +1 -0
package/dist/logging/Logger.js +134 -0
package/dist/plugins/Plugin.d.ts +5 -1
package/dist/plugins/Plugin.d.ts.map +1 -1
package/dist/plugins/Plugin.js +33 -0
package/dist/plugins/analysis/DatabaseAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/DatabaseAnalyzer.js +13 -6
package/dist/plugins/analysis/ExpressAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/ExpressAnalyzer.js +27 -19
package/dist/plugins/analysis/ExpressRouteAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/ExpressRouteAnalyzer.js +21 -14
package/dist/plugins/analysis/FetchAnalyzer.d.ts +1 -0
package/dist/plugins/analysis/FetchAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/FetchAnalyzer.js +34 -14
package/dist/plugins/analysis/IncrementalAnalysisPlugin.d.ts +6 -3
package/dist/plugins/analysis/IncrementalAnalysisPlugin.d.ts.map +1 -1
package/dist/plugins/analysis/IncrementalAnalysisPlugin.js +76 -80
package/dist/plugins/analysis/JSASTAnalyzer.d.ts +180 -17
package/dist/plugins/analysis/JSASTAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/JSASTAnalyzer.js +1171 -471
package/dist/plugins/analysis/ReactAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/ReactAnalyzer.js +56 -57
package/dist/plugins/analysis/RustAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/RustAnalyzer.js +15 -10
package/dist/plugins/analysis/SQLiteAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/SQLiteAnalyzer.js +9 -7
package/dist/plugins/analysis/ServiceLayerAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/ServiceLayerAnalyzer.js +21 -9
package/dist/plugins/analysis/SocketIOAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/SocketIOAnalyzer.js +27 -15
package/dist/plugins/analysis/SystemDbAnalyzer.d.ts.map +1 -1
package/dist/plugins/analysis/SystemDbAnalyzer.js +15 -5
package/dist/plugins/analysis/ast/GraphBuilder.d.ts +34 -4
package/dist/plugins/analysis/ast/GraphBuilder.d.ts.map +1 -1
package/dist/plugins/analysis/ast/GraphBuilder.js +318 -298
package/dist/plugins/analysis/ast/IdGenerator.d.ts +105 -0
package/dist/plugins/analysis/ast/IdGenerator.d.ts.map +1 -0
package/dist/plugins/analysis/ast/IdGenerator.js +116 -0
package/dist/plugins/analysis/ast/types.d.ts +176 -5
package/dist/plugins/analysis/ast/types.d.ts.map +1 -1
package/dist/plugins/analysis/ast/utils/createParameterNodes.d.ts +33 -0
package/dist/plugins/analysis/ast/utils/createParameterNodes.d.ts.map +1 -0
package/dist/plugins/analysis/ast/utils/createParameterNodes.js +89 -0
package/dist/plugins/analysis/ast/utils/index.d.ts +6 -0
package/dist/plugins/analysis/ast/utils/index.d.ts.map +1 -0
package/dist/plugins/analysis/ast/utils/index.js +5 -0
package/dist/plugins/analysis/ast/utils/location.d.ts +87 -0
package/dist/plugins/analysis/ast/utils/location.d.ts.map +1 -0
package/dist/plugins/analysis/ast/utils/location.js +78 -0
package/dist/plugins/analysis/ast/visitors/ASTVisitor.d.ts +9 -4
package/dist/plugins/analysis/ast/visitors/ASTVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/ASTVisitor.js +6 -5
package/dist/plugins/analysis/ast/visitors/CallExpressionVisitor.d.ts +99 -9
package/dist/plugins/analysis/ast/visitors/CallExpressionVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/CallExpressionVisitor.js +663 -125
package/dist/plugins/analysis/ast/visitors/ClassVisitor.d.ts +4 -1
package/dist/plugins/analysis/ast/visitors/ClassVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/ClassVisitor.js +72 -32
package/dist/plugins/analysis/ast/visitors/FunctionVisitor.d.ts +4 -1
package/dist/plugins/analysis/ast/visitors/FunctionVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/FunctionVisitor.js +128 -63
package/dist/plugins/analysis/ast/visitors/ImportExportVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/ImportExportVisitor.js +11 -8
package/dist/plugins/analysis/ast/visitors/TypeScriptVisitor.d.ts +12 -1
package/dist/plugins/analysis/ast/visitors/TypeScriptVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/TypeScriptVisitor.js +36 -14
package/dist/plugins/analysis/ast/visitors/VariableVisitor.d.ts +4 -1
package/dist/plugins/analysis/ast/visitors/VariableVisitor.d.ts.map +1 -1
package/dist/plugins/analysis/ast/visitors/VariableVisitor.js +17 -13
package/dist/plugins/discovery/MonorepoServiceDiscovery.d.ts.map +1 -1
package/dist/plugins/discovery/MonorepoServiceDiscovery.js +3 -2
package/dist/plugins/discovery/SimpleProjectDiscovery.d.ts.map +1 -1
package/dist/plugins/discovery/SimpleProjectDiscovery.js +5 -1
package/dist/plugins/discovery/WorkspaceDiscovery.d.ts +22 -0
package/dist/plugins/discovery/WorkspaceDiscovery.d.ts.map +1 -0
package/dist/plugins/discovery/WorkspaceDiscovery.js +136 -0
package/dist/plugins/discovery/resolveSourceEntrypoint.d.ts +46 -0
package/dist/plugins/discovery/resolveSourceEntrypoint.d.ts.map +1 -0
package/dist/plugins/discovery/resolveSourceEntrypoint.js +86 -0
package/dist/plugins/discovery/workspaces/detector.d.ts +21 -0
package/dist/plugins/discovery/workspaces/detector.d.ts.map +1 -0
package/dist/plugins/discovery/workspaces/detector.js +49 -0
package/dist/plugins/discovery/workspaces/globResolver.d.ts +35 -0
package/dist/plugins/discovery/workspaces/globResolver.d.ts.map +1 -0
package/dist/plugins/discovery/workspaces/globResolver.js +184 -0
package/dist/plugins/discovery/workspaces/index.d.ts +9 -0
package/dist/plugins/discovery/workspaces/index.d.ts.map +1 -0
package/dist/plugins/discovery/workspaces/index.js +8 -0
package/dist/plugins/discovery/workspaces/parsers.d.ts +38 -0
package/dist/plugins/discovery/workspaces/parsers.d.ts.map +1 -0
package/dist/plugins/discovery/workspaces/parsers.js +80 -0
package/dist/plugins/enrichment/AliasTracker.d.ts.map +1 -1
package/dist/plugins/enrichment/AliasTracker.js +14 -8
package/dist/plugins/enrichment/HTTPConnectionEnricher.d.ts.map +1 -1
package/dist/plugins/enrichment/HTTPConnectionEnricher.js +14 -7
package/dist/plugins/enrichment/ImportExportLinker.d.ts.map +1 -1
package/dist/plugins/enrichment/ImportExportLinker.js +23 -6
package/dist/plugins/enrichment/MethodCallResolver.d.ts.map +1 -1
package/dist/plugins/enrichment/MethodCallResolver.js +18 -12
package/dist/plugins/enrichment/MountPointResolver.d.ts.map +1 -1
package/dist/plugins/enrichment/MountPointResolver.js +8 -3
package/dist/plugins/enrichment/PrefixEvaluator.d.ts.map +1 -1
package/dist/plugins/enrichment/PrefixEvaluator.js +16 -7
package/dist/plugins/enrichment/RustFFIEnricher.d.ts.map +1 -1
package/dist/plugins/enrichment/RustFFIEnricher.js +6 -5
package/dist/plugins/enrichment/ValueDomainAnalyzer.d.ts +17 -0
package/dist/plugins/enrichment/ValueDomainAnalyzer.d.ts.map +1 -1
package/dist/plugins/enrichment/ValueDomainAnalyzer.js +129 -10
package/dist/plugins/indexing/IncrementalModuleIndexer.d.ts.map +1 -1
package/dist/plugins/indexing/IncrementalModuleIndexer.js +23 -14
package/dist/plugins/indexing/JSModuleIndexer.d.ts.map +1 -1
package/dist/plugins/indexing/JSModuleIndexer.js +63 -31
package/dist/plugins/indexing/RustModuleIndexer.d.ts.map +1 -1
package/dist/plugins/indexing/RustModuleIndexer.js +5 -4
package/dist/plugins/indexing/ServiceDetector.d.ts +10 -0
package/dist/plugins/indexing/ServiceDetector.d.ts.map +1 -1
package/dist/plugins/indexing/ServiceDetector.js +28 -15
package/dist/plugins/validation/CallResolverValidator.d.ts.map +1 -1
package/dist/plugins/validation/CallResolverValidator.js +8 -7
package/dist/plugins/validation/DataFlowValidator.d.ts.map +1 -1
package/dist/plugins/validation/DataFlowValidator.js +17 -12
package/dist/plugins/validation/EvalBanValidator.d.ts.map +1 -1
package/dist/plugins/validation/EvalBanValidator.js +17 -16
package/dist/plugins/validation/GraphConnectivityValidator.d.ts.map +1 -1
package/dist/plugins/validation/GraphConnectivityValidator.js +19 -23
package/dist/plugins/validation/NodeCreationValidator.d.ts +85 -0
package/dist/plugins/validation/NodeCreationValidator.d.ts.map +1 -0
package/dist/plugins/validation/NodeCreationValidator.js +415 -0
package/dist/plugins/validation/SQLInjectionValidator.d.ts.map +1 -1
package/dist/plugins/validation/SQLInjectionValidator.js +59 -16
package/dist/plugins/validation/ShadowingDetector.d.ts.map +1 -1
package/dist/plugins/validation/ShadowingDetector.js +6 -5
package/dist/plugins/validation/TypeScriptDeadCodeValidator.d.ts.map +1 -1
package/dist/plugins/validation/TypeScriptDeadCodeValidator.js +12 -11
package/dist/plugins/vcs/GitPlugin.d.ts.map +1 -1
package/dist/plugins/vcs/GitPlugin.js +10 -12
package/dist/plugins/vcs/VCSPlugin.d.ts +3 -2
package/dist/plugins/vcs/VCSPlugin.d.ts.map +1 -1
package/dist/plugins/vcs/VCSPlugin.js +5 -5
package/dist/storage/backends/RFDBServerBackend.d.ts +10 -17
package/dist/storage/backends/RFDBServerBackend.d.ts.map +1 -1
package/dist/storage/backends/RFDBServerBackend.js +31 -10
package/dist/validation/PathValidator.d.ts +1 -2
package/dist/validation/PathValidator.d.ts.map +1 -1
package/package.json +6 -3
package/src/Orchestrator.ts +237 -24
package/src/config/ConfigLoader.ts +263 -0
package/src/config/index.ts +5 -0
package/src/core/ASTWorker.ts +143 -139
package/src/core/CoverageAnalyzer.ts +243 -0
package/src/core/FileNodeManager.ts +100 -0
package/src/core/GraphFreshnessChecker.ts +143 -0
package/src/core/HashUtils.ts +48 -0
package/src/core/IncrementalReanalyzer.ts +192 -0
package/src/core/NodeFactory.ts +401 -18
package/src/core/ScopeTracker.ts +154 -0
package/src/core/SemanticId.ts +192 -0
package/src/core/VersionManager.ts +3 -2
package/src/core/nodes/ArgumentExpressionNode.ts +89 -0
package/src/core/nodes/ArrayLiteralNode.ts +65 -0
package/src/core/nodes/CallSiteNode.ts +58 -0
package/src/core/nodes/ClassNode.ts +63 -2
package/src/core/nodes/DecoratorNode.ts +91 -0
package/src/core/nodes/EnumNode.ts +86 -0
package/src/core/nodes/ExportNode.ts +70 -2
package/src/core/nodes/ExpressionNode.ts +231 -0
package/src/core/nodes/ExternalModuleNode.ts +56 -0
package/src/core/nodes/ExternalStdioNode.ts +17 -9
package/src/core/nodes/FunctionNode.ts +101 -1
package/src/core/nodes/ImportNode.ts +32 -10
package/src/core/nodes/InterfaceNode.ts +91 -0
package/src/core/nodes/IssueNode.ts +177 -0
package/src/core/nodes/MethodCallNode.ts +64 -0
package/src/core/nodes/MethodNode.ts +63 -0
package/src/core/nodes/ModuleNode.ts +50 -0
package/src/core/nodes/NetworkRequestNode.ts +77 -0
package/src/core/nodes/ObjectLiteralNode.ts +65 -0
package/src/core/nodes/ScopeNode.ts +65 -0
package/src/core/nodes/TypeNode.ts +78 -0
package/src/core/nodes/VariableDeclarationNode.ts +52 -0
package/src/core/nodes/index.ts +18 -1
package/src/diagnostics/DiagnosticCollector.ts +163 -0
package/src/diagnostics/DiagnosticReporter.ts +204 -0
package/src/diagnostics/DiagnosticWriter.ts +50 -0
package/src/diagnostics/index.ts +16 -0
package/src/errors/GrafemaError.ts +174 -0
package/src/index.ts +148 -1
package/src/logging/Logger.ts +152 -0
package/src/plugins/Plugin.ts +42 -0
package/src/plugins/analysis/DatabaseAnalyzer.ts +14 -8
package/src/plugins/analysis/ExpressAnalyzer.ts +29 -19
package/src/plugins/analysis/ExpressRouteAnalyzer.ts +22 -21
package/src/plugins/analysis/FetchAnalyzer.ts +39 -16
package/src/plugins/analysis/IncrementalAnalysisPlugin.ts +84 -101
package/src/plugins/analysis/JSASTAnalyzer.ts +1483 -503
package/src/plugins/analysis/ReactAnalyzer.ts +57 -57
package/src/plugins/analysis/RustAnalyzer.ts +15 -10
package/src/plugins/analysis/SQLiteAnalyzer.ts +10 -7
package/src/plugins/analysis/ServiceLayerAnalyzer.ts +22 -16
package/src/plugins/analysis/SocketIOAnalyzer.ts +31 -22
package/src/plugins/analysis/SystemDbAnalyzer.ts +16 -11
package/src/plugins/analysis/ast/GraphBuilder.ts +439 -327
package/src/plugins/analysis/ast/IdGenerator.ts +177 -0
package/src/plugins/analysis/ast/types.ts +209 -6
package/src/plugins/analysis/ast/utils/createParameterNodes.ts +104 -0
package/src/plugins/analysis/ast/utils/index.ts +12 -0
package/src/plugins/analysis/ast/utils/location.ts +103 -0
package/src/plugins/analysis/ast/visitors/ASTVisitor.ts +11 -8
package/src/plugins/analysis/ast/visitors/CallExpressionVisitor.ts +909 -83
package/src/plugins/analysis/ast/visitors/ClassVisitor.ts +97 -44
package/src/plugins/analysis/ast/visitors/FunctionVisitor.ts +159 -93
package/src/plugins/analysis/ast/visitors/ImportExportVisitor.ts +12 -8
package/src/plugins/analysis/ast/visitors/TypeScriptVisitor.ts +41 -14
package/src/plugins/analysis/ast/visitors/VariableVisitor.ts +37 -17
package/src/plugins/discovery/MonorepoServiceDiscovery.ts +3 -2
package/src/plugins/discovery/SimpleProjectDiscovery.ts +6 -1
package/src/plugins/discovery/WorkspaceDiscovery.ts +177 -0
package/src/plugins/discovery/resolveSourceEntrypoint.ts +103 -0
package/src/plugins/discovery/workspaces/detector.ts +63 -0
package/src/plugins/discovery/workspaces/globResolver.ts +229 -0
package/src/plugins/discovery/workspaces/index.ts +23 -0
package/src/plugins/discovery/workspaces/parsers.ts +99 -0
package/src/plugins/enrichment/AliasTracker.ts +14 -8
package/src/plugins/enrichment/HTTPConnectionEnricher.ts +14 -7
package/src/plugins/enrichment/ImportExportLinker.ts +24 -6
package/src/plugins/enrichment/MethodCallResolver.ts +18 -12
package/src/plugins/enrichment/MountPointResolver.ts +8 -3
package/src/plugins/enrichment/PrefixEvaluator.ts +16 -7
package/src/plugins/enrichment/RustFFIEnricher.ts +6 -5
package/src/plugins/enrichment/ValueDomainAnalyzer.ts +149 -12
package/src/plugins/indexing/IncrementalModuleIndexer.ts +23 -14
package/src/plugins/indexing/JSModuleIndexer.ts +74 -34
package/src/plugins/indexing/RustModuleIndexer.ts +5 -4
package/src/plugins/validation/CallResolverValidator.ts +8 -7
package/src/plugins/validation/DataFlowValidator.ts +16 -12
package/src/plugins/validation/EvalBanValidator.ts +17 -16
package/src/plugins/validation/GraphConnectivityValidator.ts +19 -23
package/src/plugins/validation/NodeCreationValidator.ts +554 -0
package/src/plugins/validation/SQLInjectionValidator.ts +61 -15
package/src/plugins/validation/ShadowingDetector.ts +6 -5
package/src/plugins/validation/TypeScriptDeadCodeValidator.ts +12 -11
package/src/plugins/vcs/GitPlugin.ts +40 -12
package/src/plugins/vcs/VCSPlugin.ts +7 -5
package/src/storage/backends/RFDBServerBackend.ts +43 -29
package/src/validation/PathValidator.ts +1 -1
package/dist/core/AnalysisWorker.d.ts +0 -14
package/dist/core/AnalysisWorker.d.ts.map +0 -1
package/dist/core/AnalysisWorker.js +0 -307
package/dist/core/ParallelAnalyzer.d.ts +0 -120
package/dist/core/ParallelAnalyzer.d.ts.map +0 -1
package/dist/core/ParallelAnalyzer.js +0 -331
package/dist/core/QueueWorker.d.ts +0 -12
package/dist/core/QueueWorker.d.ts.map +0 -1
package/dist/core/QueueWorker.js +0 -567
package/dist/core/RFDBClient.d.ts +0 -179
package/dist/core/RFDBClient.d.ts.map +0 -1
package/dist/core/RFDBClient.js +0 -429
package/dist/plugins/discovery/ZonServiceDiscovery.d.ts +0 -19
package/dist/plugins/discovery/ZonServiceDiscovery.d.ts.map +0 -1
package/dist/plugins/discovery/ZonServiceDiscovery.js +0 -204
package/src/core/AnalysisWorker.ts +0 -410
package/src/core/ParallelAnalyzer.ts +0 -476
package/src/core/QueueWorker.ts +0 -780
package/src/plugins/indexing/ServiceDetector.ts +0 -230

package/dist/plugins/validation/NodeCreationValidator.js ADDED Viewed

@@ -0,0 +1,415 @@
+/**
+ * NodeCreationValidator - validates that nodes are created through NodeFactory
+ *
+ * GUARANTEE: All nodes passed to graph.addNode() or graph.addNodes() must be
+ * created through NodeFactory methods, not constructed inline.
+ *
+ * This validator uses the data flow tracking (HAS_PROPERTY, HAS_ELEMENT, FLOWS_INTO edges)
+ * to trace object literals back to their source and verify they come from
+ * NodeFactory calls.
+ *
+ * FLOWS_INTO traversal: When an array variable is passed to addNodes(), we check:
+ * 1. Static array contents via HAS_ELEMENT edges
+ * 2. Dynamic array contents via FLOWS_INTO edges (from push, unshift, splice, indexed assignment)
+ *
+ * DATALOG RULES (conceptual):
+ *
+ * % Find all calls to addNodes (batch)
+ * add_nodes_call(Call) :-
+ *     node(Call, "CALL"),
+ *     attr(Call, "name", "addNodes").
+ *
+ * % Find array argument passed to addNodes (arg 0)
+ * add_nodes_array(Call, Arr) :-
+ *     add_nodes_call(Call),
+ *     edge(Call, Arr, "PASSES_ARGUMENT"),
+ *     node(Arr, "ARRAY_LITERAL").
+ *
+ * % Find objects inside the array (static elements)
+ * add_nodes_object(Call, Obj) :-
+ *     add_nodes_array(Call, Arr),
+ *     edge(Arr, Obj, "HAS_ELEMENT"),
+ *     node(Obj, "OBJECT_LITERAL").
+ *
+ * % Find objects pushed/unshifted/spliced into array (dynamic elements)
+ * add_nodes_object(Call, Obj) :-
+ *     add_nodes_call(Call),
+ *     edge(Call, ArrVar, "PASSES_ARGUMENT"),
+ *     node(ArrVar, "VARIABLE"),
+ *     incoming(ArrVar, Obj, "FLOWS_INTO"),  % value --FLOWS_INTO--> array
+ *     node(Obj, "OBJECT_LITERAL").
+ *
+ * % Object created via NodeFactory
+ * from_node_factory(Obj) :-
+ *     incoming(Obj, Creator, "ASSIGNED_FROM"),
+ *     node(Creator, "CALL"),
+ *     attr(Creator, "object", "NodeFactory").
+ *
+ * % Violation: object in addNodes not from NodeFactory
+ * violation_batch(Call, Obj) :-
+ *     add_nodes_object(Call, Obj),
+ *     \+ from_node_factory(Obj).
+ */
+import { Plugin, createSuccessResult } from '../Plugin.js';
+export class NodeCreationValidator extends Plugin {
+    get metadata() {
+        return {
+            name: 'NodeCreationValidator',
+            phase: 'VALIDATION',
+            priority: 90, // Run after data flow analysis
+            creates: {
+                nodes: [],
+                edges: []
+            }
+        };
+    }
+    async execute(context) {
+        const { graph } = context;
+        const logger = this.log(context);
+        logger.info('Starting NodeFactory usage validation');
+        const startTime = Date.now();
+        const issues = [];
+        let addNodeCalls = 0;
+        let addNodesCalls = 0;
+        let inlineObjects = 0;
+        let factoryObjects = 0;
+        let unknownObjects = 0;
+        // Check if graph supports required methods
+        if (!graph.getAllEdges || !graph.getAllNodes) {
+            logger.debug('Graph does not support getAllEdges/getAllNodes, skipping validation');
+            return createSuccessResult({ nodes: 0, edges: 0 }, { skipped: true });
+        }
+        const allNodes = await graph.getAllNodes();
+        const allEdges = await graph.getAllEdges();
+        // Build lookup maps for efficient queries
+        const nodesById = new Map();
+        for (const node of allNodes) {
+            nodesById.set(node.id, node);
+        }
+        const edgesBySrc = new Map();
+        const edgesByDst = new Map();
+        for (const edge of allEdges) {
+            if (!edgesBySrc.has(edge.src))
+                edgesBySrc.set(edge.src, []);
+            edgesBySrc.get(edge.src).push(edge);
+            if (!edgesByDst.has(edge.dst))
+                edgesByDst.set(edge.dst, []);
+            edgesByDst.get(edge.dst).push(edge);
+        }
+        // 1. Find all calls to addNode and addNodes
+        logger.debug('Searching for addNode/addNodes calls');
+        for (const node of allNodes) {
+            if (node.type !== 'CALL')
+                continue;
+            const callNode = node;
+            // Check for addNode() method call
+            if (callNode.method === 'addNode' || callNode.name === 'addNode' ||
+                (callNode.name && callNode.name.endsWith('.addNode'))) {
+                addNodeCalls++;
+                const argIssues = await this.validateAddNodeCall(callNode, edgesBySrc, edgesByDst, nodesById);
+                issues.push(...argIssues);
+            }
+            // Check for addNodes() method call
+            if (callNode.method === 'addNodes' || callNode.name === 'addNodes' ||
+                (callNode.name && callNode.name.endsWith('.addNodes'))) {
+                addNodesCalls++;
+                const argIssues = await this.validateAddNodesCall(callNode, edgesBySrc, edgesByDst, nodesById);
+                issues.push(...argIssues);
+            }
+        }
+        // Count violation types
+        for (const issue of issues) {
+            if (issue.type === 'INLINE_OBJECT_LITERAL' || issue.type === 'INLINE_ARRAY_ELEMENT') {
+                inlineObjects++;
+            }
+            else if (issue.type === 'UNKNOWN_SOURCE') {
+                unknownObjects++;
+            }
+        }
+        const totalTime = ((Date.now() - startTime) / 1000).toFixed(1);
+        const summary = {
+            addNodeCalls,
+            addNodesCalls,
+            inlineObjects,
+            factoryObjects, // Would need positive tracking to count
+            unknownObjects,
+            totalViolations: issues.length,
+            timeSeconds: totalTime
+        };
+        logger.info('Validation complete', { ...summary });
+        if (issues.length > 0) {
+            logger.warn('NodeFactory violations found', { count: issues.length });
+            for (const issue of issues.slice(0, 10)) { // Limit output
+                logger.warn(`[${issue.type}] ${issue.message}`, { suggestion: issue.suggestion });
+            }
+            if (issues.length > 10) {
+                logger.debug(`... and ${issues.length - 10} more violations`);
+            }
+        }
+        else {
+            logger.info('All nodes created through NodeFactory');
+        }
+        return createSuccessResult({ nodes: 0, edges: 0 }, { summary, issues });
+    }
+    /**
+     * Validate a single addNode(node) call
+     */
+    async validateAddNodeCall(callNode, edgesBySrc, edgesByDst, nodesById) {
+        const issues = [];
+        // Find PASSES_ARGUMENT edge (arg 0)
+        const passedArgs = edgesBySrc.get(callNode.id)?.filter(e => e.type === 'PASSES_ARGUMENT') || [];
+        for (const argEdge of passedArgs) {
+            const argNode = nodesById.get(argEdge.dst);
+            if (!argNode)
+                continue;
+            // Check if it's an inline object literal
+            if (argNode.type === 'OBJECT_LITERAL') {
+                const isFromFactory = this.isFromNodeFactory(argNode.id, edgesByDst, nodesById);
+                if (!isFromFactory) {
+                    issues.push({
+                        type: 'INLINE_OBJECT_LITERAL',
+                        severity: 'ERROR',
+                        message: `Inline object literal passed to addNode() at ${callNode.file}:${callNode.line}`,
+                        callSiteId: callNode.id,
+                        objectId: argNode.id,
+                        file: callNode.file,
+                        line: callNode.line,
+                        suggestion: 'Use NodeFactory.createX() to create the node instead of an inline object'
+                    });
+                }
+            }
+            // Check if it's a variable - trace its origin
+            if (argNode.type === 'VARIABLE' || argNode.type === 'VARIABLE_DECLARATION') {
+                const source = this.traceVariableSource(argNode.id, edgesBySrc, nodesById);
+                if (source && source.type === 'OBJECT_LITERAL') {
+                    const isFromFactory = this.isFromNodeFactory(source.id, edgesByDst, nodesById);
+                    if (!isFromFactory) {
+                        issues.push({
+                            type: 'INLINE_OBJECT_LITERAL',
+                            severity: 'ERROR',
+                            message: `Variable "${argNode.name}" assigned from inline object literal, passed to addNode() at ${callNode.file}:${callNode.line}`,
+                            callSiteId: callNode.id,
+                            objectId: source.id,
+                            file: callNode.file,
+                            line: callNode.line,
+                            suggestion: 'Use NodeFactory.createX() to create the node instead of an inline object'
+                        });
+                    }
+                }
+            }
+        }
+        return issues;
+    }
+    /**
+     * Validate addNodes([...]) call
+     * Also checks for objects that flow into arrays via FLOWS_INTO edges
+     */
+    async validateAddNodesCall(callNode, edgesBySrc, edgesByDst, nodesById) {
+        const issues = [];
+        // Find PASSES_ARGUMENT edge (arg 0 - the array)
+        const passedArgs = edgesBySrc.get(callNode.id)?.filter(e => e.type === 'PASSES_ARGUMENT') || [];
+        for (const argEdge of passedArgs) {
+            const argNode = nodesById.get(argEdge.dst);
+            if (!argNode)
+                continue;
+            // Check if it's an array literal
+            if (argNode.type === 'ARRAY_LITERAL') {
+                // Find all HAS_ELEMENT edges
+                const elements = edgesBySrc.get(argNode.id)?.filter(e => e.type === 'HAS_ELEMENT') || [];
+                for (const elemEdge of elements) {
+                    const elemNode = nodesById.get(elemEdge.dst);
+                    if (!elemNode)
+                        continue;
+                    // Check if element is an inline object literal
+                    if (elemNode.type === 'OBJECT_LITERAL') {
+                        const isFromFactory = this.isFromNodeFactory(elemNode.id, edgesByDst, nodesById);
+                        if (!isFromFactory) {
+                            const elemIndex = elemEdge.metadata?.elementIndex ?? '?';
+                            issues.push({
+                                type: 'INLINE_ARRAY_ELEMENT',
+                                severity: 'ERROR',
+                                message: `Inline object literal at index ${elemIndex} in addNodes() array at ${callNode.file}:${callNode.line}`,
+                                callSiteId: callNode.id,
+                                objectId: elemNode.id,
+                                file: callNode.file,
+                                line: callNode.line,
+                                suggestion: 'Use NodeFactory.createX() to create each node in the array'
+                            });
+                        }
+                    }
+                    // Check if element is a variable - trace its origin
+                    if (elemNode.type === 'VARIABLE' || elemNode.type === 'VARIABLE_DECLARATION') {
+                        const source = this.traceVariableSource(elemNode.id, edgesBySrc, nodesById);
+                        if (source && source.type === 'OBJECT_LITERAL') {
+                            const isFromFactory = this.isFromNodeFactory(source.id, edgesByDst, nodesById);
+                            if (!isFromFactory) {
+                                const elemIndex = elemEdge.metadata?.elementIndex ?? '?';
+                                issues.push({
+                                    type: 'INLINE_ARRAY_ELEMENT',
+                                    severity: 'ERROR',
+                                    message: `Variable "${elemNode.name}" at index ${elemIndex} assigned from inline object, passed to addNodes() at ${callNode.file}:${callNode.line}`,
+                                    callSiteId: callNode.id,
+                                    objectId: source.id,
+                                    file: callNode.file,
+                                    line: callNode.line,
+                                    suggestion: 'Use NodeFactory.createX() to create the node'
+                                });
+                            }
+                        }
+                    }
+                }
+            }
+            // Check if it's a variable containing an array
+            if (argNode.type === 'VARIABLE' || argNode.type === 'VARIABLE_DECLARATION') {
+                // Check what flows INTO this variable (array mutations via push/unshift/splice/indexed)
+                const incomingFlows = this.getArrayContents(argNode.id, edgesByDst, nodesById);
+                for (const sourceNode of incomingFlows) {
+                    // Check if the pushed value is an object literal
+                    if (sourceNode.type === 'OBJECT_LITERAL') {
+                        const isFromFactory = this.isFromNodeFactory(sourceNode.id, edgesByDst, nodesById);
+                        if (!isFromFactory) {
+                            issues.push({
+                                type: 'INLINE_ARRAY_ELEMENT',
+                                severity: 'ERROR',
+                                message: `Object pushed into array "${argNode.name}" is not from NodeFactory, passed to addNodes() at ${callNode.file}:${callNode.line}`,
+                                callSiteId: callNode.id,
+                                objectId: sourceNode.id,
+                                file: callNode.file,
+                                line: callNode.line,
+                                suggestion: 'Use NodeFactory.createX() to create nodes before pushing to array'
+                            });
+                        }
+                    }
+                    // Also trace if the pushed value is a variable
+                    if (sourceNode.type === 'VARIABLE' || sourceNode.type === 'VARIABLE_DECLARATION') {
+                        const source = this.traceVariableSource(sourceNode.id, edgesBySrc, nodesById);
+                        if (source && source.type === 'OBJECT_LITERAL') {
+                            const isFromFactory = this.isFromNodeFactory(source.id, edgesByDst, nodesById);
+                            if (!isFromFactory) {
+                                issues.push({
+                                    type: 'INLINE_ARRAY_ELEMENT',
+                                    severity: 'ERROR',
+                                    message: `Variable "${sourceNode.name}" pushed into array "${argNode.name}" is not from NodeFactory, passed to addNodes() at ${callNode.file}:${callNode.line}`,
+                                    callSiteId: callNode.id,
+                                    objectId: source.id,
+                                    file: callNode.file,
+                                    line: callNode.line,
+                                    suggestion: 'Use NodeFactory.createX() to create the node'
+                                });
+                            }
+                        }
+                    }
+                }
+                // Also check static array contents (HAS_ELEMENT) - existing logic
+                const source = this.traceVariableSource(argNode.id, edgesBySrc, nodesById);
+                if (source && source.type === 'ARRAY_LITERAL') {
+                    // Recursively check array elements
+                    const elements = edgesBySrc.get(source.id)?.filter(e => e.type === 'HAS_ELEMENT') || [];
+                    for (const elemEdge of elements) {
+                        const elemNode = nodesById.get(elemEdge.dst);
+                        if (!elemNode)
+                            continue;
+                        if (elemNode.type === 'OBJECT_LITERAL') {
+                            const isFromFactory = this.isFromNodeFactory(elemNode.id, edgesByDst, nodesById);
+                            if (!isFromFactory) {
+                                const elemIndex = elemEdge.metadata?.elementIndex ?? '?';
+                                issues.push({
+                                    type: 'INLINE_ARRAY_ELEMENT',
+                                    severity: 'ERROR',
+                                    message: `Inline object at index ${elemIndex} in array "${argNode.name}" passed to addNodes() at ${callNode.file}:${callNode.line}`,
+                                    callSiteId: callNode.id,
+                                    objectId: elemNode.id,
+                                    file: callNode.file,
+                                    line: callNode.line,
+                                    suggestion: 'Use NodeFactory.createX() to create each node in the array'
+                                });
+                            }
+                        }
+                    }
+                }
+            }
+        }
+        return issues;
+    }
+    /**
+     * Get all nodes that flow INTO an array variable via FLOWS_INTO edges
+     * These are objects/values that were pushed, unshifted, spliced, or assigned to the array
+     *
+     * Edge direction: value --FLOWS_INTO--> array
+     * So we look for INCOMING edges where dst === arrayNodeId
+     */
+    getArrayContents(arrayNodeId, edgesByDst, nodesById) {
+        const contents = [];
+        // Find INCOMING FLOWS_INTO edges to this array
+        const incomingFlows = edgesByDst.get(arrayNodeId)?.filter(e => e.type === 'FLOWS_INTO') || [];
+        for (const edge of incomingFlows) {
+            const sourceNode = nodesById.get(edge.src);
+            if (sourceNode) {
+                contents.push(sourceNode);
+            }
+        }
+        return contents;
+    }
+    /**
+     * Check if a node is created from NodeFactory
+     * Traces ASSIGNED_FROM edges to find the source call
+     */
+    isFromNodeFactory(nodeId, edgesByDst, nodesById, visited = new Set()) {
+        if (visited.has(nodeId))
+            return false;
+        visited.add(nodeId);
+        // Find incoming ASSIGNED_FROM edges
+        const incomingEdges = edgesByDst.get(nodeId)?.filter(e => e.type === 'ASSIGNED_FROM') || [];
+        for (const edge of incomingEdges) {
+            const sourceNode = nodesById.get(edge.src);
+            if (!sourceNode)
+                continue;
+            // Check if source is a CALL to NodeFactory
+            if (sourceNode.type === 'CALL') {
+                const callNode = sourceNode;
+                // Check various ways NodeFactory calls can appear
+                if (callNode.object === 'NodeFactory' ||
+                    callNode.name?.startsWith('NodeFactory.') ||
+                    callNode.name === 'NodeFactory') {
+                    return true;
+                }
+            }
+            // Continue tracing through variables
+            if (sourceNode.type === 'VARIABLE' || sourceNode.type === 'VARIABLE_DECLARATION') {
+                if (this.isFromNodeFactory(sourceNode.id, edgesByDst, nodesById, visited)) {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+    /**
+     * Trace a variable back to its source node (through ASSIGNED_FROM edges)
+     */
+    traceVariableSource(nodeId, edgesBySrc, nodesById, visited = new Set()) {
+        if (visited.has(nodeId))
+            return null;
+        visited.add(nodeId);
+        // Find outgoing ASSIGNED_FROM edges (variable -> source)
+        const outgoingEdges = edgesBySrc.get(nodeId)?.filter(e => e.type === 'ASSIGNED_FROM') || [];
+        for (const edge of outgoingEdges) {
+            const targetNode = nodesById.get(edge.dst);
+            if (!targetNode)
+                continue;
+            // If target is a literal/call/object, return it
+            if (targetNode.type === 'OBJECT_LITERAL' ||
+                targetNode.type === 'ARRAY_LITERAL' ||
+                targetNode.type === 'CALL' ||
+                targetNode.type === 'LITERAL') {
+                return targetNode;
+            }
+            // Continue tracing through variables
+            if (targetNode.type === 'VARIABLE' || targetNode.type === 'VARIABLE_DECLARATION') {
+                const source = this.traceVariableSource(targetNode.id, edgesBySrc, nodesById, visited);
+                if (source)
+                    return source;
+            }
+        }
+        return null;
+    }
+}

package/dist/plugins/validation/SQLInjectionValidator.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"SQLInjectionValidator.d.ts","sourceRoot":"","sources":["../../../src/plugins/validation/SQLInjectionValidator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAsEhF,qBAAa,qBAAsB,SAAQ,MAAM;IAC/C,OAAO,CAAC,aAAa,CAAsB;;IAO3C,IAAI,QAAQ,IAAI,cAAc,CAU7B;IAEK,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;~~IAmE5D~~;;OAEG;YACW,gBAAgB;IAgF9B;;OAEG;YACW,gCAAgC;IAsC9C;;;OAGG;YACW,oBAAoB;~~CAqDnC~~;AAED,eAAe,qBAAqB,CAAC"}
1	+ {"version":3,"file":"SQLInjectionValidator.d.ts","sourceRoot":"","sources":["../../../src/plugins/validation/SQLInjectionValidator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAsEhF,qBAAa,qBAAsB,SAAQ,MAAM;IAC/C,OAAO,CAAC,aAAa,CAAsB;;IAO3C,IAAI,QAAQ,IAAI,cAAc,CAU7B;IAEK,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IAgH5D;;OAEG;YACW,gBAAgB;IAgF9B;;OAEG;YACW,gCAAgC;IAsC9C;;;OAGG;YACW,oBAAoB;CAsDnC;AAED,eAAe,qBAAqB,CAAC"}

package/dist/plugins/validation/SQLInjectionValidator.js CHANGED Viewed

@@ -34,15 +34,18 @@ export class SQLInjectionValidator extends Plugin {
             phase: 'VALIDATION',
             priority: 90, // After ValueDomainAnalyzer (65)
             creates: {
-                nodes: [],
-                edges: []
+                nodes: ['issue:security'],
+                edges: ['AFFECTS']
             }
         };
     }
     async execute(context) {
         const { graph } = context;
-        console.log('[SQLInjectionValidator] Checking for SQL injection vulnerabilities...');
+        const logger = this.log(context);
+        logger.info('Starting SQL injection vulnerability check');
         const issues = [];
+        let issueNodeCount = 0;
+        let affectsEdgeCount = 0;
         // 1. Find all CALL nodes that look like SQL queries
         const sqlCalls = [];
         for await (const node of graph.queryNodes({ nodeType: 'CALL' })) {
@@ -52,12 +55,12 @@ export class SQLInjectionValidator extends Plugin {
                 sqlCalls.push(callNode);
             }
         }
-        console.log(`[SQLInjectionValidator] Found ${sqlCalls.length} potential SQL calls`);
+        logger.debug('SQL calls collected', { count: sqlCalls.length });
         // 2. For each SQL call, analyze the query argument
         for (const call of sqlCalls) {
             const result = await this.analyzeQueryCall(call, graph);
             if (result.isVulnerable) {
-                issues.push({
+                const issue = {
                     type: 'SQL_INJECTION',
                     severity: 'ERROR',
                     message: `Potential SQL injection at ${call.file}:${call.line || '?'} - ${result.reason}`,
@@ -66,32 +69,72 @@ export class SQLInjectionValidator extends Plugin {
                     line: call.line,
                     reason: result.reason,
                     nondeterministicSources: result.sources
-                });
+                };
+                issues.push(issue);
+                // Persist issue to graph if reportIssue is available
+                if (context.reportIssue) {
+                    await context.reportIssue({
+                        category: 'security',
+                        severity: 'error',
+                        message: issue.message,
+                        file: call.file || '',
+                        line: call.line || 0,
+                        column: call.column || 0,
+                        targetNodeId: call.id,
+                        context: {
+                            type: 'SQL_INJECTION',
+                            reason: result.reason,
+                            nondeterministicSources: result.sources
+                        }
+                    });
+                    issueNodeCount++;
+                    affectsEdgeCount++;
+                }
             }
         }
         // 3. Also check via graph pattern - CALL nodes that have ARGUMENT -> PARAMETER paths
-        const patternViolations = await this.checkViaGraphPattern(graph, sqlCalls);
+        const patternViolations = await this.checkViaGraphPattern(graph, logger, sqlCalls);
         for (const violation of patternViolations) {
             // Avoid duplicates
             if (!issues.find(i => i.nodeId === violation.nodeId)) {
                 issues.push(violation);
+                // Persist issue to graph if reportIssue is available
+                if (context.reportIssue) {
+                    await context.reportIssue({
+                        category: 'security',
+                        severity: 'error',
+                        message: violation.message,
+                        file: violation.file || '',
+                        line: violation.line || 0,
+                        targetNodeId: violation.nodeId,
+                        context: {
+                            type: 'SQL_INJECTION',
+                            reason: violation.reason,
+                            nondeterministicSources: violation.nondeterministicSources
+                        }
+                    });
+                    issueNodeCount++;
+                    affectsEdgeCount++;
+                }
             }
         }
         const summary = {
             sqlCallsChecked: sqlCalls.length,
-            vulnerabilitiesFound: issues.length
+            vulnerabilitiesFound: issues.length,
+            issueNodesCreated: issueNodeCount,
+            affectsEdgesCreated: affectsEdgeCount
         };
-        console.log('[SQLInjectionValidator] Summary:', summary);
+        logger.info('Validation complete', summary);
         if (issues.length > 0) {
-            console.log('[SQLInjectionValidator] ❌ SQL injection vulnerabilities found:');
+            logger.warn('SQL injection vulnerabilities found', { count: issues.length });
             for (const issue of issues) {
-                console.log(`  🚫 ${issue.message}`);
+                logger.warn(issue.message);
             }
         }
         else {
-            console.log('[SQLInjectionValidator] ✅ No SQL injection vulnerabilities detected');
+            logger.info('No SQL injection vulnerabilities detected');
         }
-        return createSuccessResult({ nodes: 0, edges: 0 }, { summary, issues });
+        return createSuccessResult({ nodes: issueNodeCount, edges: affectsEdgeCount }, { summary, issues });
     }
     /**
      * Analyze a SQL query call for injection vulnerabilities
@@ -200,14 +243,14 @@ export class SQLInjectionValidator extends Plugin {
      * Check via Datalog graph pattern for SQL injection
      * Pattern: CALL -[PASSES_ARGUMENT]-> VARIABLE -[ASSIGNED_FROM*]-> PARAMETER
      */
-    async checkViaGraphPattern(graph, excludeCalls = []) {
+    async checkViaGraphPattern(graph, logger, excludeCalls = []) {
         const issues = [];
         const excludeIds = new Set(excludeCalls.map(c => c.id));
         // Find CALL nodes that have argument tracing to PARAMETER
         try {
             // Check if graph supports checkGuarantee
             if (!graph.checkGuarantee) {
-                console.log('[SQLInjectionValidator] Graph does not support checkGuarantee, skipping pattern-based check');
+                logger.debug('Graph does not support checkGuarantee, skipping pattern-based check');
                 return issues;
             }
             // Check guarantee for SQL method calls with parameter-derived arguments
@@ -243,7 +286,7 @@ export class SQLInjectionValidator extends Plugin {
         }
         catch (err) {
             // Datalog query might fail if backend doesn't support it
-            console.log('[SQLInjectionValidator] Datalog check skipped:', err.message);
+            logger.debug('Datalog check skipped', { error: err.message });
         }
         return issues;
     }

package/dist/plugins/validation/ShadowingDetector.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ShadowingDetector.d.ts","sourceRoot":"","sources":["../../../src/plugins/validation/ShadowingDetector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAoChF,qBAAa,iBAAkB,SAAQ,MAAM;IAC3C,IAAI,QAAQ,IAAI,cAAc,CAU7B;IAEK,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;~~CAsG7D~~"}
1	+ {"version":3,"file":"ShadowingDetector.d.ts","sourceRoot":"","sources":["../../../src/plugins/validation/ShadowingDetector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAoChF,qBAAa,iBAAkB,SAAQ,MAAM;IAC3C,IAAI,QAAQ,IAAI,cAAc,CAU7B;IAEK,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;CAuG7D"}

package/dist/plugins/validation/ShadowingDetector.js CHANGED Viewed

@@ -32,7 +32,8 @@ export class ShadowingDetector extends Plugin {
     }
     async execute(context) {
         const { graph } = context;
-        console.log('[ShadowingDetector] Checking for variable shadowing...');
+        const logger = this.log(context);
+        logger.info('Starting variable shadowing detection');
         const issues = [];
         // Get all relevant nodes
         const allClasses = await graph.getAllNodes({ type: 'CLASS' });
@@ -104,15 +105,15 @@ export class ShadowingDetector extends Plugin {
             scopeShadows: scopeCount,
             totalIssues: issues.length
         };
-        console.log('[ShadowingDetector] Summary:', summary);
+        logger.info('Detection complete', { ...summary });
         if (issues.length > 0) {
-            console.log('[ShadowingDetector] Shadowing issues found:');
+            logger.warn('Shadowing issues found', { count: issues.length });
             for (const issue of issues) {
-                console.log(`  ${issue.type === 'CROSS_FILE_SHADOW' ? '📁' : '🔒'} ${issue.message}`);
+                logger.warn(issue.message, { type: issue.type });
             }
         }
         else {
-            console.log('[ShadowingDetector] No shadowing issues detected');
+            logger.info('No shadowing issues detected');
         }
         return createSuccessResult({ nodes: 0, edges: 0 }, { summary, issues });
     }

package/dist/plugins/validation/TypeScriptDeadCodeValidator.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"TypeScriptDeadCodeValidator.d.ts","sourceRoot":"","sources":["../../../src/plugins/validation/TypeScriptDeadCodeValidator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AA4BhF,qBAAa,2BAA4B,SAAQ,MAAM;IACrD,IAAI,QAAQ,IAAI,cAAc,CAW7B;IAEK,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;~~CAgJ7D~~"}
1	+ {"version":3,"file":"TypeScriptDeadCodeValidator.d.ts","sourceRoot":"","sources":["../../../src/plugins/validation/TypeScriptDeadCodeValidator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,MAAM,EAAuB,MAAM,cAAc,CAAC;AAC3D,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AA4BhF,qBAAa,2BAA4B,SAAQ,MAAM;IACrD,IAAI,QAAQ,IAAI,cAAc,CAW7B;IAEK,OAAO,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;CAiJ7D"}