@kernlang/review 2.0.0 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/concept-rules/boundary-mutation.d.ts +13 -0
- package/dist/concept-rules/boundary-mutation.js +40 -0
- package/dist/concept-rules/boundary-mutation.js.map +1 -0
- package/dist/concept-rules/ignored-error.d.ts +13 -0
- package/dist/concept-rules/ignored-error.js +40 -0
- package/dist/concept-rules/ignored-error.js.map +1 -0
- package/dist/concept-rules/illegal-dependency.d.ts +13 -0
- package/dist/concept-rules/illegal-dependency.js +49 -0
- package/dist/concept-rules/illegal-dependency.js.map +1 -0
- package/dist/concept-rules/index.d.ts +15 -0
- package/dist/concept-rules/index.js +27 -0
- package/dist/concept-rules/index.js.map +1 -0
- package/dist/concept-rules/unguarded-effect.d.ts +13 -0
- package/dist/concept-rules/unguarded-effect.js +58 -0
- package/dist/concept-rules/unguarded-effect.js.map +1 -0
- package/dist/concept-rules/unrecovered-effect.d.ts +13 -0
- package/dist/concept-rules/unrecovered-effect.js +61 -0
- package/dist/concept-rules/unrecovered-effect.js.map +1 -0
- package/dist/confidence.d.ts +92 -0
- package/dist/confidence.js +263 -0
- package/dist/confidence.js.map +1 -0
- package/dist/differ.js +4 -2
- package/dist/differ.js.map +1 -1
- package/dist/external-tools.js +7 -3
- package/dist/external-tools.js.map +1 -1
- package/dist/file-role.d.ts +10 -0
- package/dist/file-role.js +80 -0
- package/dist/file-role.js.map +1 -0
- package/dist/graph.d.ts +11 -0
- package/dist/graph.js +152 -0
- package/dist/graph.js.map +1 -0
- package/dist/index.d.ts +46 -3
- package/dist/index.js +313 -27
- package/dist/index.js.map +1 -1
- package/dist/inferrer.js +123 -25
- package/dist/inferrer.js.map +1 -1
- package/dist/kern-lint.d.ts +18 -0
- package/dist/kern-lint.js +24 -0
- package/dist/kern-lint.js.map +1 -0
- package/dist/llm-bridge.d.ts +42 -0
- package/dist/llm-bridge.js +176 -0
- package/dist/llm-bridge.js.map +1 -0
- package/dist/llm-review.d.ts +8 -1
- package/dist/llm-review.js +20 -7
- package/dist/llm-review.js.map +1 -1
- package/dist/mappers/ts-concepts.d.ts +9 -0
- package/dist/mappers/ts-concepts.js +518 -0
- package/dist/mappers/ts-concepts.js.map +1 -0
- package/dist/quality-rules.d.ts +3 -3
- package/dist/quality-rules.js +3 -11
- package/dist/quality-rules.js.map +1 -1
- package/dist/reporter.d.ts +19 -3
- package/dist/reporter.js +232 -20
- package/dist/reporter.js.map +1 -1
- package/dist/rules/base.js +167 -15
- package/dist/rules/base.js.map +1 -1
- package/dist/rules/confidence.d.ts +37 -0
- package/dist/rules/confidence.js +159 -0
- package/dist/rules/confidence.js.map +1 -0
- package/dist/rules/dead-logic.d.ts +13 -0
- package/dist/rules/dead-logic.js +393 -0
- package/dist/rules/dead-logic.js.map +1 -0
- package/dist/rules/express.js +69 -2
- package/dist/rules/express.js.map +1 -1
- package/dist/rules/ground-layer.d.ts +23 -0
- package/dist/rules/ground-layer.js +132 -0
- package/dist/rules/ground-layer.js.map +1 -0
- package/dist/rules/index.d.ts +1 -1
- package/dist/rules/index.js +8 -2
- package/dist/rules/index.js.map +1 -1
- package/dist/rules/kern-source.d.ts +16 -0
- package/dist/rules/kern-source.js +726 -0
- package/dist/rules/kern-source.js.map +1 -0
- package/dist/rules/nextjs.js +38 -10
- package/dist/rules/nextjs.js.map +1 -1
- package/dist/rules/null-safety.d.ts +12 -0
- package/dist/rules/null-safety.js +123 -0
- package/dist/rules/null-safety.js.map +1 -0
- package/dist/rules/react.js +64 -1
- package/dist/rules/react.js.map +1 -1
- package/dist/rules/security-v2.d.ts +12 -0
- package/dist/rules/security-v2.js +415 -0
- package/dist/rules/security-v2.js.map +1 -0
- package/dist/rules/security-v3.d.ts +12 -0
- package/dist/rules/security-v3.js +397 -0
- package/dist/rules/security-v3.js.map +1 -0
- package/dist/rules/security-v4.d.ts +22 -0
- package/dist/rules/security-v4.js +688 -0
- package/dist/rules/security-v4.js.map +1 -0
- package/dist/rules/security.d.ts +12 -0
- package/dist/rules/security.js +286 -0
- package/dist/rules/security.js.map +1 -0
- package/dist/rules/utils.d.ts +7 -0
- package/dist/rules/utils.js +21 -0
- package/dist/rules/utils.js.map +1 -0
- package/dist/rules/vue.js +1 -1
- package/dist/rules/vue.js.map +1 -1
- package/dist/spec-checker.d.ts +83 -0
- package/dist/spec-checker.js +405 -0
- package/dist/spec-checker.js.map +1 -0
- package/dist/suppression/apply-suppression.d.ts +17 -0
- package/dist/suppression/apply-suppression.js +94 -0
- package/dist/suppression/apply-suppression.js.map +1 -0
- package/dist/suppression/index.d.ts +6 -0
- package/dist/suppression/index.js +6 -0
- package/dist/suppression/index.js.map +1 -0
- package/dist/suppression/parse-directives.d.ts +25 -0
- package/dist/suppression/parse-directives.js +161 -0
- package/dist/suppression/parse-directives.js.map +1 -0
- package/dist/suppression/types.d.ts +32 -0
- package/dist/suppression/types.js +5 -0
- package/dist/suppression/types.js.map +1 -0
- package/dist/taint.d.ts +115 -0
- package/dist/taint.js +1052 -0
- package/dist/taint.js.map +1 -0
- package/dist/types.d.ts +71 -0
- package/dist/types.js.map +1 -1
- package/package.json +7 -4
|
@@ -0,0 +1,132 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Ground-layer KERN-IR lint rules.
|
|
3
|
+
*
|
|
4
|
+
* These operate on IRNode[], not ts-morph SourceFile.
|
|
5
|
+
* 4 are codegen errors (compilation fails via KernCodegenError).
|
|
6
|
+
* 7 are lint warnings/info (reported but compilation succeeds).
|
|
7
|
+
*/
|
|
8
|
+
import { createFingerprint } from '../types.js';
|
|
9
|
+
// ── Helpers ──────────────────────────────────────────────────────────────
|
|
10
|
+
function props(node) {
|
|
11
|
+
return node.props || {};
|
|
12
|
+
}
|
|
13
|
+
function children(node, type) {
|
|
14
|
+
const c = node.children || [];
|
|
15
|
+
return type ? c.filter(n => n.type === type) : c;
|
|
16
|
+
}
|
|
17
|
+
function loc(node) {
|
|
18
|
+
return { line: node.loc?.line || 0, col: node.loc?.col || 1 };
|
|
19
|
+
}
|
|
20
|
+
function finding(ruleId, severity, category, message, node, extra) {
|
|
21
|
+
const { line, col } = loc(node);
|
|
22
|
+
return {
|
|
23
|
+
source: 'kern',
|
|
24
|
+
ruleId,
|
|
25
|
+
severity,
|
|
26
|
+
category,
|
|
27
|
+
message,
|
|
28
|
+
primarySpan: { file: '', startLine: line, startCol: col, endLine: line, endCol: col },
|
|
29
|
+
fingerprint: createFingerprint(ruleId, line, col),
|
|
30
|
+
...extra,
|
|
31
|
+
};
|
|
32
|
+
}
|
|
33
|
+
// ── Rules ────────────────────────────────────────────────────────────────
|
|
34
|
+
/** guard without else action (lint warning) */
|
|
35
|
+
export const guardWithoutElse = (nodes) => {
|
|
36
|
+
const findings = [];
|
|
37
|
+
for (const node of nodes) {
|
|
38
|
+
if (node.type === 'guard' && !props(node).else) {
|
|
39
|
+
findings.push(finding('guard-without-else', 'warning', 'pattern', `Guard '${props(node).name || 'unnamed'}' has no else action — failures will throw generic Error`, node));
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
return findings;
|
|
43
|
+
};
|
|
44
|
+
/** action missing idempotent annotation (lint info) */
|
|
45
|
+
export const actionMissingIdempotent = (nodes) => {
|
|
46
|
+
const findings = [];
|
|
47
|
+
for (const node of nodes) {
|
|
48
|
+
if (node.type === 'action') {
|
|
49
|
+
const p = props(node);
|
|
50
|
+
if (p.idempotent !== 'true' && p.idempotent !== true) {
|
|
51
|
+
findings.push(finding('action-missing-idempotent', 'info', 'pattern', `Action '${p.name}' should declare idempotent=true/false for safety reasoning`, node));
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
return findings;
|
|
56
|
+
};
|
|
57
|
+
/** branch missing known variants (lint warning) */
|
|
58
|
+
export const branchNonExhaustive = (nodes) => {
|
|
59
|
+
const findings = [];
|
|
60
|
+
for (const node of nodes) {
|
|
61
|
+
if (node.type === 'branch') {
|
|
62
|
+
const paths = children(node, 'path');
|
|
63
|
+
if (paths.length === 0) {
|
|
64
|
+
findings.push(finding('branch-non-exhaustive', 'warning', 'pattern', `Branch '${props(node).name || 'unnamed'}' has no paths defined`, node));
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
}
|
|
68
|
+
return findings;
|
|
69
|
+
};
|
|
70
|
+
/** collect without limit (lint info) */
|
|
71
|
+
export const collectUnbounded = (nodes) => {
|
|
72
|
+
const findings = [];
|
|
73
|
+
for (const node of nodes) {
|
|
74
|
+
if (node.type === 'collect' && !props(node).limit) {
|
|
75
|
+
findings.push(finding('collect-unbounded', 'info', 'pattern', `Collect '${props(node).name || 'unnamed'}' has no limit — could return unbounded results`, node));
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
return findings;
|
|
79
|
+
};
|
|
80
|
+
/** reason without basis field (lint info) */
|
|
81
|
+
export const reasonWithoutBasis = (nodes) => {
|
|
82
|
+
const findings = [];
|
|
83
|
+
for (const node of nodes) {
|
|
84
|
+
if (node.type === 'reason' && !props(node).basis) {
|
|
85
|
+
findings.push(finding('reason-without-basis', 'info', 'pattern', `Reason annotation missing basis field — adds low trust level`, node));
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
return findings;
|
|
89
|
+
};
|
|
90
|
+
/** assume with basis but no evidence (lint info — low trust) */
|
|
91
|
+
export const assumeLowTrust = (nodes) => {
|
|
92
|
+
const findings = [];
|
|
93
|
+
for (const node of nodes) {
|
|
94
|
+
if (node.type === 'assume') {
|
|
95
|
+
const p = props(node);
|
|
96
|
+
// Check if any reason child has basis but the assume has no evidence
|
|
97
|
+
const reasonChild = children(node, 'reason')[0];
|
|
98
|
+
if (reasonChild && props(reasonChild).basis && !p.evidence) {
|
|
99
|
+
findings.push(finding('assume-low-trust', 'info', 'pattern', `Assume has basis but no evidence — low trust level`, node));
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
return findings;
|
|
104
|
+
};
|
|
105
|
+
/** expect range inverted (lint warning — min > max) */
|
|
106
|
+
export const expectRangeInverted = (nodes) => {
|
|
107
|
+
const findings = [];
|
|
108
|
+
for (const node of nodes) {
|
|
109
|
+
if (node.type === 'expect') {
|
|
110
|
+
const p = props(node);
|
|
111
|
+
const within = p.within;
|
|
112
|
+
if (within && within.includes('..')) {
|
|
113
|
+
const [lo, hi] = within.split('..').map(Number);
|
|
114
|
+
if (!isNaN(lo) && !isNaN(hi) && lo > hi) {
|
|
115
|
+
findings.push(finding('expect-range-inverted', 'warning', 'bug', `Expect '${p.name || 'unnamed'}' has inverted range: ${lo} > ${hi}`, node));
|
|
116
|
+
}
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
return findings;
|
|
121
|
+
};
|
|
122
|
+
// ── All ground-layer lint rules ──────────────────────────────────────────
|
|
123
|
+
export const GROUND_LAYER_RULES = [
|
|
124
|
+
guardWithoutElse,
|
|
125
|
+
actionMissingIdempotent,
|
|
126
|
+
branchNonExhaustive,
|
|
127
|
+
collectUnbounded,
|
|
128
|
+
reasonWithoutBasis,
|
|
129
|
+
assumeLowTrust,
|
|
130
|
+
expectRangeInverted,
|
|
131
|
+
];
|
|
132
|
+
//# sourceMappingURL=ground-layer.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ground-layer.js","sourceRoot":"","sources":["../../src/rules/ground-layer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAIhD,4EAA4E;AAE5E,SAAS,KAAK,CAAC,IAAY;IACzB,OAAO,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;AAC1B,CAAC;AAED,SAAS,QAAQ,CAAC,IAAY,EAAE,IAAa;IAC3C,MAAM,CAAC,GAAG,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC;IAC9B,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,GAAG,CAAC,IAAY;IACvB,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;AAChE,CAAC;AAED,SAAS,OAAO,CACd,MAAc,EACd,QAAsC,EACtC,QAAmC,EACnC,OAAe,EACf,IAAY,EACZ,KAA8B;IAE9B,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;IAChC,OAAO;QACL,MAAM,EAAE,MAAM;QACd,MAAM;QACN,QAAQ;QACR,QAAQ;QACR,OAAO;QACP,WAAW,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;QACrF,WAAW,EAAE,iBAAiB,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC;QACjD,GAAG,KAAK;KACT,CAAC;AACJ,CAAC;AAED,4EAA4E;AAE5E,+CAA+C;AAC/C,MAAM,CAAC,MAAM,gBAAgB,GAAiB,CAAC,KAAe,EAAE,EAAE;IAChE,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;YAC/C,QAAQ,CAAC,IAAI,CAAC,OAAO,CACnB,oBAAoB,EAAE,SAAS,EAAE,SAAS,EAC1C,UAAU,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,IAAI,SAAS,0DAA0D,EACjG,IAAI,CACL,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,uDAAuD;AACvD,MAAM,CAAC,MAAM,uBAAuB,GAAiB,CAAC,KAAe,EAAE,EAAE;IACvE,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;YACtB,IAAI,CAAC,CAAC,UAAU,KAAK,MAAM,IAAI,CAAC,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;gBACrD,QAAQ,CAAC,IAAI,CAAC,OAAO,CACnB,2BAA2B,EAAE,MAAM,EAAE,SAAS,EAC9C,WAAW,CAAC,CAAC,IAAI,6DAA6D,EAC9E,IAAI,CACL,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,mDAAmD;AACnD,MAAM,CAAC,MAAM,mBAAmB,GAAiB,CAAC,KAAe,EAAE,EAAE;IACnE,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC,OAAO,CACnB,uBAAuB,EAAE,SAAS,EAAE,SAAS,EAC7C,WAAW,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,IAAI,SAAS,wBAAwB,EAChE,IAAI,CACL,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,wCAAwC;AACxC,MAAM,CAAC,MAAM,gBAAgB,GAAiB,CAAC,KAAe,EAAE,EAAE;IAChE,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;YAClD,QAAQ,CAAC,IAAI,CAAC,OAAO,CACnB,mBAAmB,EAAE,MAAM,EAAE,SAAS,EACtC,YAAY,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,IAAI,SAAS,iDAAiD,EAC1F,IAAI,CACL,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,6CAA6C;AAC7C,MAAM,CAAC,MAAM,kBAAkB,GAAiB,CAAC,KAAe,EAAE,EAAE;IAClE,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;YACjD,QAAQ,CAAC,IAAI,CAAC,OAAO,CACnB,sBAAsB,EAAE,MAAM,EAAE,SAAS,EACzC,8DAA8D,EAC9D,IAAI,CACL,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,gEAAgE;AAChE,MAAM,CAAC,MAAM,cAAc,GAAiB,CAAC,KAAe,EAAE,EAAE;IAC9D,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;YACtB,qEAAqE;YACrE,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YAChD,IAAI,WAAW,IAAI,KAAK,CAAC,WAAW,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;gBAC3D,QAAQ,CAAC,IAAI,CAAC,OAAO,CACnB,kBAAkB,EAAE,MAAM,EAAE,SAAS,EACrC,oDAAoD,EACpD,IAAI,CACL,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,uDAAuD;AACvD,MAAM,CAAC,MAAM,mBAAmB,GAAiB,CAAC,KAAe,EAAE,EAAE;IACnE,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;YACtB,MAAM,MAAM,GAAG,CAAC,CAAC,MAA4B,CAAC;YAC9C,IAAI,MAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACpC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAChD,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC;oBACxC,QAAQ,CAAC,IAAI,CAAC,OAAO,CACnB,uBAAuB,EAAE,SAAS,EAAE,KAAK,EACzC,WAAW,CAAC,CAAC,IAAI,IAAI,SAAS,yBAAyB,EAAE,MAAM,EAAE,EAAE,EACnE,IAAI,CACL,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAEF,4EAA4E;AAE5E,MAAM,CAAC,MAAM,kBAAkB,GAAmB;IAChD,gBAAgB;IAChB,uBAAuB;IACvB,mBAAmB;IACnB,gBAAgB;IAChB,kBAAkB;IAClB,cAAc;IACd,mBAAmB;CACpB,CAAC"}
|
package/dist/rules/index.d.ts
CHANGED
|
@@ -11,6 +11,6 @@
|
|
|
11
11
|
import type { ReviewRule } from '../types.js';
|
|
12
12
|
/**
|
|
13
13
|
* Get all active review rules for a given target.
|
|
14
|
-
* Base
|
|
14
|
+
* Base + security + dead-logic + null-safety are always active; framework rules activate by target.
|
|
15
15
|
*/
|
|
16
16
|
export declare function getActiveRules(target?: string): ReviewRule[];
|
package/dist/rules/index.js
CHANGED
|
@@ -9,18 +9,24 @@
|
|
|
9
9
|
* [nextjs] Active when target = nextjs (on top of react)
|
|
10
10
|
*/
|
|
11
11
|
import { baseRules } from './base.js';
|
|
12
|
+
import { securityRules } from './security.js';
|
|
13
|
+
import { securityV2Rules } from './security-v2.js';
|
|
14
|
+
import { securityV3Rules } from './security-v3.js';
|
|
15
|
+
import { securityV4Rules } from './security-v4.js';
|
|
16
|
+
import { deadLogicRules } from './dead-logic.js';
|
|
12
17
|
import { reactRules } from './react.js';
|
|
13
18
|
import { vueRules } from './vue.js';
|
|
14
19
|
import { nextjsRules } from './nextjs.js';
|
|
15
20
|
import { expressRules } from './express.js';
|
|
21
|
+
import { nullSafetyRules } from './null-safety.js';
|
|
16
22
|
const REACT_TARGETS = new Set(['nextjs', 'tailwind', 'web', 'native']);
|
|
17
23
|
const VUE_TARGETS = new Set(['vue', 'nuxt']);
|
|
18
24
|
/**
|
|
19
25
|
* Get all active review rules for a given target.
|
|
20
|
-
* Base
|
|
26
|
+
* Base + security + dead-logic + null-safety are always active; framework rules activate by target.
|
|
21
27
|
*/
|
|
22
28
|
export function getActiveRules(target) {
|
|
23
|
-
const rules = [...baseRules];
|
|
29
|
+
const rules = [...baseRules, ...securityRules, ...securityV2Rules, ...securityV3Rules, ...securityV4Rules, ...deadLogicRules, ...nullSafetyRules];
|
|
24
30
|
if (target && REACT_TARGETS.has(target)) {
|
|
25
31
|
rules.push(...reactRules);
|
|
26
32
|
}
|
package/dist/rules/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/rules/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/rules/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAEnD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC;AACvE,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;AAE7C;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,MAAe;IAC5C,MAAM,KAAK,GAAiB,CAAC,GAAG,SAAS,EAAE,GAAG,aAAa,EAAE,GAAG,eAAe,EAAE,GAAG,eAAe,EAAE,GAAG,eAAe,EAAE,GAAG,cAAc,EAAE,GAAG,eAAe,CAAC,CAAC;IAEhK,IAAI,MAAM,IAAI,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACxC,KAAK,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC;IAC5B,CAAC;IAED,IAAI,MAAM,IAAI,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAED,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;IAC7B,CAAC;IAED,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,KAAK,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* .kern source review rules that operate on flattened IRNode[] plus file path.
|
|
3
|
+
*
|
|
4
|
+
* These are distinct from ground-layer lint rules because they need file-aware
|
|
5
|
+
* spans and scope-sensitive analysis over handler/expr bodies.
|
|
6
|
+
*/
|
|
7
|
+
import type { IRNode } from '@kernlang/core';
|
|
8
|
+
import type { ReviewFinding } from '../types.js';
|
|
9
|
+
export type KernSourceRule = (nodes: IRNode[], filePath: string) => ReviewFinding[];
|
|
10
|
+
export declare const undefinedReference: KernSourceRule;
|
|
11
|
+
export declare const typeModelMismatch: KernSourceRule;
|
|
12
|
+
export declare const unusedState: KernSourceRule;
|
|
13
|
+
export declare const handlerHeavy: KernSourceRule;
|
|
14
|
+
export declare const missingConfidence: KernSourceRule;
|
|
15
|
+
export declare function lintKernSourceIR(nodes: IRNode[], filePath: string, rules?: KernSourceRule[]): ReviewFinding[];
|
|
16
|
+
export declare const KERN_SOURCE_RULES: KernSourceRule[];
|