@kevinrabun/judges 2.2.0 → 2.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +34 -16
- package/dist/evaluators/accessibility.d.ts.map +1 -1
- package/dist/evaluators/accessibility.js +32 -0
- package/dist/evaluators/accessibility.js.map +1 -1
- package/dist/evaluators/agent-instructions.d.ts.map +1 -1
- package/dist/evaluators/agent-instructions.js +59 -0
- package/dist/evaluators/agent-instructions.js.map +1 -1
- package/dist/evaluators/ai-code-safety.d.ts +9 -0
- package/dist/evaluators/ai-code-safety.d.ts.map +1 -0
- package/dist/evaluators/ai-code-safety.js +511 -0
- package/dist/evaluators/ai-code-safety.js.map +1 -0
- package/dist/evaluators/api-design.d.ts.map +1 -1
- package/dist/evaluators/api-design.js +31 -16
- package/dist/evaluators/api-design.js.map +1 -1
- package/dist/evaluators/authentication.d.ts.map +1 -1
- package/dist/evaluators/authentication.js +68 -10
- package/dist/evaluators/authentication.js.map +1 -1
- package/dist/evaluators/backwards-compatibility.d.ts.map +1 -1
- package/dist/evaluators/backwards-compatibility.js +25 -3
- package/dist/evaluators/backwards-compatibility.js.map +1 -1
- package/dist/evaluators/caching.d.ts.map +1 -1
- package/dist/evaluators/caching.js +25 -4
- package/dist/evaluators/caching.js.map +1 -1
- package/dist/evaluators/ci-cd.d.ts.map +1 -1
- package/dist/evaluators/ci-cd.js +34 -12
- package/dist/evaluators/ci-cd.js.map +1 -1
- package/dist/evaluators/cloud-readiness.d.ts.map +1 -1
- package/dist/evaluators/cloud-readiness.js +26 -0
- package/dist/evaluators/cloud-readiness.js.map +1 -1
- package/dist/evaluators/code-structure.d.ts.map +1 -1
- package/dist/evaluators/code-structure.js +17 -0
- package/dist/evaluators/code-structure.js.map +1 -1
- package/dist/evaluators/compliance.d.ts.map +1 -1
- package/dist/evaluators/compliance.js +34 -5
- package/dist/evaluators/compliance.js.map +1 -1
- package/dist/evaluators/concurrency.d.ts.map +1 -1
- package/dist/evaluators/concurrency.js +20 -0
- package/dist/evaluators/concurrency.js.map +1 -1
- package/dist/evaluators/configuration-management.d.ts.map +1 -1
- package/dist/evaluators/configuration-management.js +50 -11
- package/dist/evaluators/configuration-management.js.map +1 -1
- package/dist/evaluators/cost-effectiveness.d.ts.map +1 -1
- package/dist/evaluators/cost-effectiveness.js +26 -0
- package/dist/evaluators/cost-effectiveness.js.map +1 -1
- package/dist/evaluators/cybersecurity.d.ts.map +1 -1
- package/dist/evaluators/cybersecurity.js +140 -0
- package/dist/evaluators/cybersecurity.js.map +1 -1
- package/dist/evaluators/data-security.d.ts.map +1 -1
- package/dist/evaluators/data-security.js +105 -0
- package/dist/evaluators/data-security.js.map +1 -1
- package/dist/evaluators/data-sovereignty.d.ts.map +1 -1
- package/dist/evaluators/data-sovereignty.js +85 -0
- package/dist/evaluators/data-sovereignty.js.map +1 -1
- package/dist/evaluators/database.d.ts.map +1 -1
- package/dist/evaluators/database.js +33 -9
- package/dist/evaluators/database.js.map +1 -1
- package/dist/evaluators/dependency-health.d.ts.map +1 -1
- package/dist/evaluators/dependency-health.js +71 -9
- package/dist/evaluators/dependency-health.js.map +1 -1
- package/dist/evaluators/documentation.d.ts.map +1 -1
- package/dist/evaluators/documentation.js +20 -0
- package/dist/evaluators/documentation.js.map +1 -1
- package/dist/evaluators/error-handling.d.ts.map +1 -1
- package/dist/evaluators/error-handling.js +89 -24
- package/dist/evaluators/error-handling.js.map +1 -1
- package/dist/evaluators/ethics-bias.d.ts.map +1 -1
- package/dist/evaluators/ethics-bias.js +20 -0
- package/dist/evaluators/ethics-bias.js.map +1 -1
- package/dist/evaluators/index.d.ts +2 -1
- package/dist/evaluators/index.d.ts.map +1 -1
- package/dist/evaluators/index.js +56 -2
- package/dist/evaluators/index.js.map +1 -1
- package/dist/evaluators/internationalization.d.ts.map +1 -1
- package/dist/evaluators/internationalization.js +43 -0
- package/dist/evaluators/internationalization.js.map +1 -1
- package/dist/evaluators/logging-privacy.d.ts.map +1 -1
- package/dist/evaluators/logging-privacy.js +66 -30
- package/dist/evaluators/logging-privacy.js.map +1 -1
- package/dist/evaluators/maintainability.d.ts.map +1 -1
- package/dist/evaluators/maintainability.js +38 -17
- package/dist/evaluators/maintainability.js.map +1 -1
- package/dist/evaluators/observability.d.ts.map +1 -1
- package/dist/evaluators/observability.js +20 -0
- package/dist/evaluators/observability.js.map +1 -1
- package/dist/evaluators/performance.d.ts.map +1 -1
- package/dist/evaluators/performance.js +30 -0
- package/dist/evaluators/performance.js.map +1 -1
- package/dist/evaluators/portability.d.ts.map +1 -1
- package/dist/evaluators/portability.js +22 -0
- package/dist/evaluators/portability.js.map +1 -1
- package/dist/evaluators/rate-limiting.d.ts.map +1 -1
- package/dist/evaluators/rate-limiting.js +33 -10
- package/dist/evaluators/rate-limiting.js.map +1 -1
- package/dist/evaluators/reliability.d.ts.map +1 -1
- package/dist/evaluators/reliability.js +20 -0
- package/dist/evaluators/reliability.js.map +1 -1
- package/dist/evaluators/scalability.d.ts.map +1 -1
- package/dist/evaluators/scalability.js +24 -0
- package/dist/evaluators/scalability.js.map +1 -1
- package/dist/evaluators/shared.d.ts.map +1 -1
- package/dist/evaluators/shared.js +4 -24
- package/dist/evaluators/shared.js.map +1 -1
- package/dist/evaluators/software-practices.d.ts.map +1 -1
- package/dist/evaluators/software-practices.js +47 -0
- package/dist/evaluators/software-practices.js.map +1 -1
- package/dist/evaluators/testing.d.ts.map +1 -1
- package/dist/evaluators/testing.js +20 -0
- package/dist/evaluators/testing.js.map +1 -1
- package/dist/evaluators/ux.d.ts.map +1 -1
- package/dist/evaluators/ux.js +24 -0
- package/dist/evaluators/ux.js.map +1 -1
- package/dist/evaluators/v2.d.ts.map +1 -1
- package/dist/evaluators/v2.js +6 -4
- package/dist/evaluators/v2.js.map +1 -1
- package/dist/index.js +25 -1
- package/dist/index.js.map +1 -1
- package/dist/judges/ai-code-safety.d.ts +3 -0
- package/dist/judges/ai-code-safety.d.ts.map +1 -0
- package/dist/judges/ai-code-safety.js +45 -0
- package/dist/judges/ai-code-safety.js.map +1 -0
- package/dist/judges/index.d.ts.map +1 -1
- package/dist/judges/index.js +2 -0
- package/dist/judges/index.js.map +1 -1
- package/dist/language-patterns.js +1 -1
- package/dist/language-patterns.js.map +1 -1
- package/dist/reports/public-repo-report.d.ts +3 -1
- package/dist/reports/public-repo-report.d.ts.map +1 -1
- package/dist/reports/public-repo-report.js +41 -0
- package/dist/reports/public-repo-report.js.map +1 -1
- package/dist/types.d.ts +24 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +2 -2
- package/server.json +3 -3
|
@@ -19,6 +19,8 @@ export function analyzePortability(code, language) {
|
|
|
19
19
|
lineNumbers: osPathLines.slice(0, 5),
|
|
20
20
|
recommendation: "Use platform-independent path construction (path.join, os.path.join, Path.Combine). Use environment variables or config for base directories.",
|
|
21
21
|
reference: "Cross-Platform File Path Best Practices",
|
|
22
|
+
suggestedFix: "Replace hardcoded paths like `'C:\\Users\\...'` with `path.join(os.homedir(), 'relative', 'path')` or read the base directory from an environment variable.",
|
|
23
|
+
confidence: 0.9,
|
|
22
24
|
});
|
|
23
25
|
}
|
|
24
26
|
// Hardcoded path separators
|
|
@@ -38,6 +40,8 @@ export function analyzePortability(code, language) {
|
|
|
38
40
|
lineNumbers: filteredPathSepLines.slice(0, 5),
|
|
39
41
|
recommendation: "Use path.join() (Node.js), os.path.join() (Python), or Path.Combine() (C#) instead of hardcoded separators.",
|
|
40
42
|
reference: "Node.js path module / Cross-Platform Development",
|
|
43
|
+
suggestedFix: "Replace string-concatenated paths like `dir + '\\\\' + file` with `path.join(dir, file)` to let the runtime choose the correct separator.",
|
|
44
|
+
confidence: 0.8,
|
|
41
45
|
});
|
|
42
46
|
}
|
|
43
47
|
// Platform-specific shell commands
|
|
@@ -52,6 +56,8 @@ export function analyzePortability(code, language) {
|
|
|
52
56
|
lineNumbers: shellLines,
|
|
53
57
|
recommendation: "Use cross-platform APIs instead of shell commands (fs module instead of rm, path module instead of basename). If shell commands are required, use cross-platform alternatives.",
|
|
54
58
|
reference: "Cross-Platform Development Best Practices",
|
|
59
|
+
suggestedFix: "Replace shell calls like `exec('rm -rf dir')` with `fs.rmSync('dir', { recursive: true })` or use the `cross-spawn` package for unavoidable shell commands.",
|
|
60
|
+
confidence: 0.9,
|
|
55
61
|
});
|
|
56
62
|
}
|
|
57
63
|
// Cloud vendor-specific SDK without abstraction
|
|
@@ -73,6 +79,8 @@ export function analyzePortability(code, language) {
|
|
|
73
79
|
lineNumbers: vendorLines.slice(0, 5),
|
|
74
80
|
recommendation: "Create an abstraction layer (interface/adapter pattern) around cloud services. This allows swapping implementations without changing business logic.",
|
|
75
81
|
reference: "Cloud-Agnostic Architecture / Adapter Pattern",
|
|
82
|
+
suggestedFix: "Define an interface (e.g. `IStorageProvider`) and wrap the vendor SDK in an adapter class so business logic depends only on the interface.",
|
|
83
|
+
confidence: 0.7,
|
|
76
84
|
});
|
|
77
85
|
}
|
|
78
86
|
// Hardcoded localhost / IP addresses
|
|
@@ -87,6 +95,8 @@ export function analyzePortability(code, language) {
|
|
|
87
95
|
lineNumbers: hostLines,
|
|
88
96
|
recommendation: "Use environment variables for host configuration. In containers, use service names. In cloud, use DNS-based service discovery.",
|
|
89
97
|
reference: "12-Factor App: Port Binding (Factor VII)",
|
|
98
|
+
suggestedFix: "Replace `'localhost:3000'` with `process.env.HOST ?? 'localhost'` and `process.env.PORT ?? 3000` so the values are configurable per environment.",
|
|
99
|
+
confidence: 0.9,
|
|
90
100
|
});
|
|
91
101
|
}
|
|
92
102
|
// Platform-specific line-ending handling
|
|
@@ -102,6 +112,8 @@ export function analyzePortability(code, language) {
|
|
|
102
112
|
description: "File operations detected without explicit line-ending handling. Windows uses CRLF (\\r\\n) while Unix uses LF (\\n), which can cause issues in cross-platform environments.",
|
|
103
113
|
recommendation: "Use 'utf-8' encoding explicitly. Consider normalizing line endings when reading files. Configure .gitattributes for consistent line endings in version control.",
|
|
104
114
|
reference: "Git Line Endings / Cross-Platform File I/O",
|
|
115
|
+
suggestedFix: "Normalize line endings after reading with `.replace(/\\r\\n/g, '\\n')` and add a `.gitattributes` file with `* text=auto eol=lf`.",
|
|
116
|
+
confidence: 0.7,
|
|
105
117
|
});
|
|
106
118
|
}
|
|
107
119
|
// OS-specific environment variables
|
|
@@ -116,6 +128,8 @@ export function analyzePortability(code, language) {
|
|
|
116
128
|
lineNumbers: osEnvLines,
|
|
117
129
|
recommendation: "Use cross-platform helpers like os.homedir(), os.tmpdir(), or libraries like 'env-paths' to resolve platform-appropriate directories.",
|
|
118
130
|
reference: "Node.js os Module / Cross-Platform File Paths",
|
|
131
|
+
suggestedFix: "Replace `process.env.APPDATA` with `os.homedir()` or use the `env-paths` package to get platform-appropriate config/data directories.",
|
|
132
|
+
confidence: 0.9,
|
|
119
133
|
});
|
|
120
134
|
}
|
|
121
135
|
// Browser-specific APIs in server/universal code
|
|
@@ -131,6 +145,8 @@ export function analyzePortability(code, language) {
|
|
|
131
145
|
lineNumbers: browserApiLines,
|
|
132
146
|
recommendation: "Guard browser API usage with typeof checks (e.g., typeof window !== 'undefined'). Use isomorphic libraries for code shared between client and server.",
|
|
133
147
|
reference: "Universal JavaScript / SSR Best Practices",
|
|
148
|
+
suggestedFix: "Wrap browser API calls in a guard: `if (typeof window !== 'undefined') { window.localStorage.setItem(...) }` or move them to a client-only module.",
|
|
149
|
+
confidence: 0.85,
|
|
134
150
|
});
|
|
135
151
|
}
|
|
136
152
|
// __dirname / __filename in ESM
|
|
@@ -146,6 +162,8 @@ export function analyzePortability(code, language) {
|
|
|
146
162
|
lineNumbers: dirnameLines,
|
|
147
163
|
recommendation: "Use import.meta.url with fileURLToPath() and path.dirname() for ESM-compatible directory resolution: const __dirname = path.dirname(fileURLToPath(import.meta.url))",
|
|
148
164
|
reference: "Node.js ESM: import.meta.url",
|
|
165
|
+
suggestedFix: "Replace `__dirname` with `path.dirname(fileURLToPath(import.meta.url))` after importing `fileURLToPath` from `'node:url'`.",
|
|
166
|
+
confidence: 0.9,
|
|
149
167
|
});
|
|
150
168
|
}
|
|
151
169
|
// Architecture-specific assumptions (32/64 bit)
|
|
@@ -160,6 +178,8 @@ export function analyzePortability(code, language) {
|
|
|
160
178
|
lineNumbers: archLines,
|
|
161
179
|
recommendation: "Use BigInt for values exceeding Number.MAX_SAFE_INTEGER. Be mindful of buffer sizes on memory-constrained platforms. Test on both 32-bit and 64-bit environments.",
|
|
162
180
|
reference: "MDN: BigInt / Node.js Buffer Best Practices",
|
|
181
|
+
suggestedFix: "Use `BigInt` literals (e.g. `9007199254740993n`) for values beyond `Number.MAX_SAFE_INTEGER` and validate buffer sizes against `os.freemem()` before allocating.",
|
|
182
|
+
confidence: 0.8,
|
|
163
183
|
});
|
|
164
184
|
}
|
|
165
185
|
// Platform-specific process signals
|
|
@@ -174,6 +194,8 @@ export function analyzePortability(code, language) {
|
|
|
174
194
|
lineNumbers: signalLines,
|
|
175
195
|
recommendation: "Guard signal handlers with platform checks (process.platform !== 'win32'). Use cross-platform shutdown mechanisms. Consider using 'death' or 'signal-exit' packages.",
|
|
176
196
|
reference: "Node.js Process Signals / Cross-Platform Considerations",
|
|
197
|
+
suggestedFix: "Wrap the handler in a platform check: `if (process.platform !== 'win32') { process.on('SIGUSR1', handler); }` or use the `signal-exit` package.",
|
|
198
|
+
confidence: 0.9,
|
|
177
199
|
});
|
|
178
200
|
}
|
|
179
201
|
return findings;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"portability.js","sourceRoot":"","sources":["../../src/evaluators/portability.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,
|
|
1
|
+
{"version":3,"file":"portability.js","sourceRoot":"","sources":["../../src/evaluators/portability.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5D,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,QAAgB;IAC/D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,OAAO,CAAC;IACvB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,oCAAoC;IACpC,MAAM,kBAAkB,GAAG,kCAAkC,CAAC;IAC9D,MAAM,uBAAuB,GAAG,6CAA6C,CAAC;IAC9E,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IAC9D,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC;IAChE,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,YAAY,EAAE,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;IAClE,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,iCAAiC;YACxC,WAAW,EAAE,SAAS,WAAW,CAAC,MAAM,6EAA6E;YACrH,WAAW,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACpC,cAAc,EAAE,+IAA+I;YAC/J,SAAS,EAAE,yCAAyC;YACpD,YAAY,EAAE,6JAA6J;YAC3K,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,4BAA4B;IAC5B,MAAM,cAAc,GAAG,8EAA8E,CAAC;IACtG,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;IAC1D,8BAA8B;IAC9B,MAAM,oBAAoB,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE;QAC3D,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;QACjD,OAAO,CAAC,0CAA0C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;IACH,IAAI,oBAAoB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,wFAAwF;YACrG,WAAW,EAAE,oBAAoB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC7C,cAAc,EAAE,6GAA6G;YAC7H,SAAS,EAAE,kDAAkD;YAC7D,YAAY,EAAE,2IAA2I;YACzJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,MAAM,eAAe,GAAG,yIAAyI,CAAC;IAClK,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IACzD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,kCAAkC;YACzC,WAAW,EAAE,SAAS,UAAU,CAAC,MAAM,mFAAmF;YAC1H,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,gLAAgL;YAChM,SAAS,EAAE,2CAA2C;YACtD,YAAY,EAAE,6JAA6J;YAC3K,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,UAAU,GAAG,gDAAgD,CAAC;IACpE,MAAM,YAAY,GAAG,uDAAuD,CAAC;IAC7E,MAAM,UAAU,GAAG,kDAAkD,CAAC;IACtE,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IAClD,MAAM,cAAc,GAAG,wDAAwD,CAAC,IAAI,CAAC,IAAI,CAAC;QACxF,wCAAwC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtD,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,QAAQ,EAAE,GAAG,UAAU,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC5E,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,iDAAiD;YACxD,WAAW,EAAE,4IAA4I;YACzJ,WAAW,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACpC,cAAc,EAAE,sJAAsJ;YACtK,SAAS,EAAE,+CAA+C;YAC1D,YAAY,EAAE,4IAA4I;YAC1J,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,qCAAqC;IACrC,MAAM,oBAAoB,GAAG,4DAA4D,CAAC;IAC1F,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IAC7D,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,SAAS,SAAS,CAAC,MAAM,0HAA0H;YAChK,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,gIAAgI;YAChJ,SAAS,EAAE,0CAA0C;YACrD,YAAY,EAAE,kJAAkJ;YAChK,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,yCAAyC;IACzC,MAAM,iBAAiB,GAAG,mCAAmC,CAAC;IAC9D,MAAM,qBAAqB,GAAG,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3D,MAAM,UAAU,GAAG,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClG,4DAA4D;IAC5D,IAAI,UAAU,IAAI,CAAC,qBAAqB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACzE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,6KAA6K;YAC1L,cAAc,EAAE,iKAAiK;YACjL,SAAS,EAAE,4CAA4C;YACvD,YAAY,EAAE,mIAAmI;YACjJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,MAAM,YAAY,GAAG,kHAAkH,CAAC;IACxI,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACtD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,iDAAiD;YACxD,WAAW,EAAE,SAAS,UAAU,CAAC,MAAM,yJAAyJ;YAChM,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,uIAAuI;YACvJ,SAAS,EAAE,+CAA+C;YAC1D,YAAY,EAAE,uIAAuI;YACrJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,iDAAiD;IACjD,MAAM,iBAAiB,GAAG,4GAA4G,CAAC;IACvI,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;IAChE,MAAM,cAAc,GAAG,oEAAoE,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,uEAAuE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7L,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,cAAc,EAAE,CAAC;QACjD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,SAAS,eAAe,CAAC,MAAM,sJAAsJ;YAClM,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,uJAAuJ;YACvK,SAAS,EAAE,2CAA2C;YACtD,YAAY,EAAE,oJAAoJ;YAClK,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAChC,MAAM,cAAc,GAAG,+BAA+B,CAAC;IACvD,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;IAC1D,MAAM,KAAK,GAAG,qEAAqE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/F,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,EAAE,CAAC;QACrC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,yCAAyC;YAChD,WAAW,EAAE,SAAS,YAAY,CAAC,MAAM,sHAAsH;YAC/J,WAAW,EAAE,YAAY;YACzB,cAAc,EAAE,qKAAqK;YACrL,SAAS,EAAE,8BAA8B;YACzC,YAAY,EAAE,4HAA4H;YAC1I,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,WAAW,GAAG,+HAA+H,CAAC;IACpJ,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACpD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,SAAS,SAAS,CAAC,MAAM,uIAAuI;YAC7K,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,mKAAmK;YACnL,SAAS,EAAE,6CAA6C;YACxD,YAAY,EAAE,kKAAkK;YAChL,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,MAAM,aAAa,GAAG,yEAAyE,CAAC;IAChG,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;IACxD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,SAAS,WAAW,CAAC,MAAM,6HAA6H;YACrK,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE,sKAAsK;YACtL,SAAS,EAAE,yDAAyD;YACpE,YAAY,EAAE,iJAAiJ;YAC/J,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rate-limiting.d.ts","sourceRoot":"","sources":["../../src/evaluators/rate-limiting.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"rate-limiting.d.ts","sourceRoot":"","sources":["../../src/evaluators/rate-limiting.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CAiM7E"}
|
|
@@ -1,20 +1,24 @@
|
|
|
1
|
-
import { getLineNumbers, getLangFamily } from "./shared.js";
|
|
1
|
+
import { getLineNumbers, getLangLineNumbers, getLangFamily } from "./shared.js";
|
|
2
|
+
import * as LP from "../language-patterns.js";
|
|
2
3
|
export function analyzeRateLimiting(code, language) {
|
|
3
4
|
const findings = [];
|
|
4
5
|
let ruleNum = 1;
|
|
5
6
|
const prefix = "RATE";
|
|
6
7
|
const lang = getLangFamily(language);
|
|
7
|
-
// No rate limiting middleware
|
|
8
|
-
const hasRateLimit = /rate.?limit|throttle|express-rate-limit|koa-ratelimit|bottleneck|p-limit|limiter|quota/gi.test(code);
|
|
9
|
-
const
|
|
8
|
+
// No rate limiting middleware (multi-language server detection)
|
|
9
|
+
const hasRateLimit = /rate.?limit|throttle|express-rate-limit|koa-ratelimit|bottleneck|p-limit|limiter|quota|@RateLimiter|RateLimitMiddleware|rate_limit/gi.test(code);
|
|
10
|
+
const routeLines = getLangLineNumbers(code, language, LP.HTTP_ROUTE);
|
|
11
|
+
const hasServerCode = routeLines.length > 0 || /createServer|express\(\)|new\s+Hono/gi.test(code);
|
|
10
12
|
if (hasServerCode && !hasRateLimit && code.split("\n").length > 20) {
|
|
11
13
|
findings.push({
|
|
12
14
|
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
13
15
|
severity: "high",
|
|
14
16
|
title: "No rate limiting on API endpoints",
|
|
15
17
|
description: "API server has no rate limiting. Any client can make unlimited requests, enabling DDoS attacks, brute-force login attempts, scraping, and resource exhaustion.",
|
|
16
|
-
recommendation: "Add rate limiting
|
|
18
|
+
recommendation: "Add rate limiting: express-rate-limit (Express), django-ratelimit (Django), @RateLimiter (Spring), tollbooth (Go), governor (Rust).",
|
|
17
19
|
reference: "OWASP API Security Top 10: API4 — Unrestricted Resource Consumption",
|
|
20
|
+
suggestedFix: "Add rate limiting: app.use(rateLimit({ windowMs: 15*60*1000, max: 100 })) (Express), @ratelimit (Django), RateLimiter.of() (Spring), tollbooth.NewLimiter() (Go).",
|
|
21
|
+
confidence: 0.7,
|
|
18
22
|
});
|
|
19
23
|
}
|
|
20
24
|
// No request body size limit
|
|
@@ -28,6 +32,8 @@ export function analyzeRateLimiting(code, language) {
|
|
|
28
32
|
description: "Body parser middleware is used without a size limit. Attackers can send arbitrarily large payloads to exhaust server memory.",
|
|
29
33
|
recommendation: "Configure body parser with a size limit: express.json({ limit: '1mb' }). Set limits appropriate for your use case.",
|
|
30
34
|
reference: "Express Security Best Practices / OWASP",
|
|
35
|
+
suggestedFix: "Set body size limit: app.use(express.json({ limit: '1mb' })); app.use(express.urlencoded({ limit: '1mb', extended: true }));",
|
|
36
|
+
confidence: 0.8,
|
|
31
37
|
});
|
|
32
38
|
}
|
|
33
39
|
// Unbounded query results
|
|
@@ -42,6 +48,8 @@ export function analyzeRateLimiting(code, language) {
|
|
|
42
48
|
lineNumbers: unboundedLines,
|
|
43
49
|
recommendation: "Always enforce a maximum result limit: db.find({}).limit(100). Implement pagination and enforce maximum page sizes.",
|
|
44
50
|
reference: "API Rate Limiting / Database Query Safety",
|
|
51
|
+
suggestedFix: "Add query limits: db.find({}).limit(100).skip(page * 100); enforce max page size: const limit = Math.min(req.query.limit || 20, 100);",
|
|
52
|
+
confidence: 0.85,
|
|
45
53
|
});
|
|
46
54
|
}
|
|
47
55
|
// No rate limit headers in responses
|
|
@@ -53,12 +61,13 @@ export function analyzeRateLimiting(code, language) {
|
|
|
53
61
|
description: "API responses don't include standard rate limit headers (X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, Retry-After).",
|
|
54
62
|
recommendation: "Return rate limit headers on responses so clients can self-throttle. Include Retry-After on 429 responses.",
|
|
55
63
|
reference: "IETF Rate Limit Headers / RFC 6585",
|
|
64
|
+
suggestedFix: "Add rate limit headers: res.set({ 'X-RateLimit-Limit': limit, 'X-RateLimit-Remaining': remaining, 'X-RateLimit-Reset': resetTime, 'Retry-After': retrySeconds });",
|
|
65
|
+
confidence: 0.7,
|
|
56
66
|
});
|
|
57
67
|
}
|
|
58
|
-
// External API calls without backoff
|
|
59
|
-
const
|
|
60
|
-
const
|
|
61
|
-
const hasBackoff = /backoff|retry|exponential|setTimeout.*retry|p-retry|cockatiel|polly/gi.test(code);
|
|
68
|
+
// External API calls without backoff (multi-language)
|
|
69
|
+
const externalCallLines = getLangLineNumbers(code, language, LP.HTTP_CLIENT);
|
|
70
|
+
const hasBackoff = /backoff|retry|exponential|setTimeout.*retry|p-retry|cockatiel|polly|tenacity|retrying|Polly\.Handle|@Retry/gi.test(code);
|
|
62
71
|
if (externalCallLines.length > 0 && !hasBackoff) {
|
|
63
72
|
findings.push({
|
|
64
73
|
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
@@ -66,8 +75,10 @@ export function analyzeRateLimiting(code, language) {
|
|
|
66
75
|
title: "External API calls without retry/backoff strategy",
|
|
67
76
|
description: `Found ${externalCallLines.length} external API call(s) without visible retry/backoff logic. Failed requests won't be retried, and rapid retries could get your client rate-limited or banned.`,
|
|
68
77
|
lineNumbers: externalCallLines.slice(0, 3),
|
|
69
|
-
recommendation: "Implement exponential backoff with jitter for external API calls. Respect Retry-After headers. Use libraries like p-retry
|
|
78
|
+
recommendation: "Implement exponential backoff with jitter for external API calls. Respect Retry-After headers. Use libraries like p-retry (JS), tenacity (Python), Polly (C#).",
|
|
70
79
|
reference: "Exponential Backoff / Rate Limiting Best Practices",
|
|
80
|
+
suggestedFix: "Add retry with backoff: pRetry(() => fetch(url), { retries: 3 }) (JS), @retry(stop=stop_after(3)) (Python), .AddPolicyHandler(GetRetryPolicy()) (C#).",
|
|
81
|
+
confidence: 0.8,
|
|
71
82
|
});
|
|
72
83
|
}
|
|
73
84
|
// setInterval without bounds (potential DoS on resources)
|
|
@@ -82,6 +93,8 @@ export function analyzeRateLimiting(code, language) {
|
|
|
82
93
|
lineNumbers: setIntervalLines,
|
|
83
94
|
recommendation: "Use setTimeout with re-scheduling instead of setInterval to prevent overlap. Add guards to skip execution if the previous run hasn't completed.",
|
|
84
95
|
reference: "JavaScript Timer Best Practices",
|
|
96
|
+
suggestedFix: "Replace setInterval with controlled scheduling: async function poll() { await doWork(); setTimeout(poll, interval); } poll(); — prevents overlapping executions.",
|
|
97
|
+
confidence: 0.75,
|
|
85
98
|
});
|
|
86
99
|
}
|
|
87
100
|
// Auth endpoints without stricter rate limits
|
|
@@ -97,6 +110,8 @@ export function analyzeRateLimiting(code, language) {
|
|
|
97
110
|
lineNumbers: authRouteLines,
|
|
98
111
|
recommendation: "Apply strict rate limits to auth endpoints (e.g., 5-10 requests/minute per IP). Use progressive delays or CAPTCHA after failed attempts. Consider using 'express-rate-limit' or 'rate-limiter-flexible'.",
|
|
99
112
|
reference: "OWASP: Brute Force Protection / NIST 800-63B",
|
|
113
|
+
suggestedFix: "Add auth rate limit: app.use('/auth', rateLimit({ windowMs: 60000, max: 5 })); from 'express-rate-limit'.",
|
|
114
|
+
confidence: 0.8,
|
|
100
115
|
});
|
|
101
116
|
}
|
|
102
117
|
// File upload without size limit
|
|
@@ -112,6 +127,8 @@ export function analyzeRateLimiting(code, language) {
|
|
|
112
127
|
lineNumbers: uploadLines,
|
|
113
128
|
recommendation: "Set explicit file size limits (e.g., multer({ limits: { fileSize: 5 * 1024 * 1024 } })). Limit the number of files per request. Validate file types.",
|
|
114
129
|
reference: "OWASP: Unrestricted File Upload / Multer Limits",
|
|
130
|
+
suggestedFix: "Set upload limits: const upload = multer({ limits: { fileSize: 5 * 1024 * 1024, files: 5 }, fileFilter: allowedTypes });",
|
|
131
|
+
confidence: 0.8,
|
|
115
132
|
});
|
|
116
133
|
}
|
|
117
134
|
// Missing 429 status code responses
|
|
@@ -125,6 +142,8 @@ export function analyzeRateLimiting(code, language) {
|
|
|
125
142
|
description: "API endpoints found but no 429 status code or rate limiting middleware detected. Without rate limiting responses, clients have no feedback mechanism to back off.",
|
|
126
143
|
recommendation: "Return 429 status with Retry-After header when rate limits are exceeded. Include rate limit headers (X-RateLimit-Remaining, X-RateLimit-Reset) in all responses.",
|
|
127
144
|
reference: "RFC 6585: 429 Too Many Requests / IETF Rate Limiting Headers",
|
|
145
|
+
suggestedFix: "Return 429 responses: if (isRateLimited) { res.status(429).set('Retry-After', '60').json({ error: 'Too many requests', retryAfter: 60 }); }",
|
|
146
|
+
confidence: 0.7,
|
|
128
147
|
});
|
|
129
148
|
}
|
|
130
149
|
// WebSocket connections without limits
|
|
@@ -140,6 +159,8 @@ export function analyzeRateLimiting(code, language) {
|
|
|
140
159
|
lineNumbers: wsLines,
|
|
141
160
|
recommendation: "Set maxPayload to limit message sizes. Limit concurrent connections per client. Implement message rate limiting per connection. Set idle timeouts.",
|
|
142
161
|
reference: "ws Package: Connection Limits / WebSocket Security",
|
|
162
|
+
suggestedFix: "Set WebSocket limits: new WebSocket.Server({ maxPayload: 1024 * 1024, perMessageDeflate: false }); add per-connection message rate tracking.",
|
|
163
|
+
confidence: 0.8,
|
|
143
164
|
});
|
|
144
165
|
}
|
|
145
166
|
// Recursive/infinite retry without backoff
|
|
@@ -155,6 +176,8 @@ export function analyzeRateLimiting(code, language) {
|
|
|
155
176
|
lineNumbers: retryLines,
|
|
156
177
|
recommendation: "Use exponential backoff with jitter: delay = baseDelay * Math.pow(2, attempt) + randomJitter. Set a maximum retry count. Use libraries like 'p-retry' or 'axios-retry'.",
|
|
157
178
|
reference: "AWS Architecture Blog: Exponential Backoff and Jitter",
|
|
179
|
+
suggestedFix: "Add backoff: import pRetry from 'p-retry'; await pRetry(() => fetchData(), { retries: 3, minTimeout: 1000, factor: 2 });",
|
|
180
|
+
confidence: 0.8,
|
|
158
181
|
});
|
|
159
182
|
}
|
|
160
183
|
return findings;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rate-limiting.js","sourceRoot":"","sources":["../../src/evaluators/rate-limiting.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,
|
|
1
|
+
{"version":3,"file":"rate-limiting.js","sourceRoot":"","sources":["../../src/evaluators/rate-limiting.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,mBAAmB,CAAC,IAAY,EAAE,QAAgB;IAChE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,MAAM,CAAC;IACtB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,gEAAgE;IAChE,MAAM,YAAY,GAAG,sIAAsI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvK,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC;IACrE,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClG,IAAI,aAAa,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACnE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,gKAAgK;YAC7K,cAAc,EAAE,qIAAqI;YACrJ,SAAS,EAAE,qEAAqE;YAChF,YAAY,EAAE,mKAAmK;YACjL,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,6BAA6B;IAC7B,MAAM,aAAa,GAAG,0FAA0F,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5H,MAAM,YAAY,GAAG,yEAAyE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1G,IAAI,aAAa,IAAI,CAAC,YAAY,EAAE,CAAC;QACnC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,8HAA8H;YAC3I,cAAc,EAAE,oHAAoH;YACpI,SAAS,EAAE,yCAAyC;YACpD,YAAY,EAAE,8HAA8H;YAC5I,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,MAAM,qBAAqB,GAAG,mDAAmD,CAAC;IAClF,MAAM,cAAc,GAAG,cAAc,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC;IACnE,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,uCAAuC;YAC9C,WAAW,EAAE,SAAS,cAAc,CAAC,MAAM,+GAA+G;YAC1J,WAAW,EAAE,cAAc;YAC3B,cAAc,EAAE,qHAAqH;YACrI,SAAS,EAAE,2CAA2C;YACtD,YAAY,EAAE,uIAAuI;YACrJ,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,qCAAqC;IACrC,IAAI,aAAa,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACnE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,qIAAqI;YAClJ,cAAc,EAAE,4GAA4G;YAC5H,SAAS,EAAE,oCAAoC;YAC/C,YAAY,EAAE,mKAAmK;YACjL,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,sDAAsD;IACtD,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IAC7E,MAAM,UAAU,GAAG,8GAA8G,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7I,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QAChD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,mDAAmD;YAC1D,WAAW,EAAE,SAAS,iBAAiB,CAAC,MAAM,8JAA8J;YAC5M,WAAW,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,cAAc,EAAE,gKAAgK;YAChL,SAAS,EAAE,oDAAoD;YAC/D,YAAY,EAAE,uJAAuJ;YACrK,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,0DAA0D;IAC1D,MAAM,kBAAkB,GAAG,mBAAmB,CAAC;IAC/C,MAAM,gBAAgB,GAAG,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IAClE,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,kCAAkC;YACzC,WAAW,EAAE,yIAAyI;YACtJ,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,iJAAiJ;YACjK,SAAS,EAAE,iCAAiC;YAC5C,YAAY,EAAE,kKAAkK;YAChL,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,8CAA8C;IAC9C,MAAM,gBAAgB,GAAG,qGAAqG,CAAC;IAC/H,MAAM,cAAc,GAAG,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IAC9D,MAAM,cAAc,GAAG,6CAA6C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChF,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QACjD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,SAAS,cAAc,CAAC,MAAM,8IAA8I;YACzL,WAAW,EAAE,cAAc;YAC3B,cAAc,EAAE,0MAA0M;YAC1N,SAAS,EAAE,8CAA8C;YACzD,YAAY,EAAE,2GAA2G;YACzH,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,MAAM,aAAa,GAAG,iFAAiF,CAAC;IACxG,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;IACxD,MAAM,cAAc,GAAG,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzF,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,0CAA0C;YACjD,WAAW,EAAE,SAAS,WAAW,CAAC,MAAM,sIAAsI;YAC9K,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE,sJAAsJ;YACtK,SAAS,EAAE,iDAAiD;YAC5D,YAAY,EAAE,0HAA0H;YACxI,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,MAAM,MAAM,GAAG,kEAAkE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7F,MAAM,eAAe,GAAG,4FAA4F,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChI,IAAI,eAAe,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAClD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wDAAwD;YAC/D,WAAW,EAAE,mKAAmK;YAChL,cAAc,EAAE,kKAAkK;YAClL,SAAS,EAAE,8DAA8D;YACzE,YAAY,EAAE,6IAA6I;YAC3J,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,uCAAuC;IACvC,MAAM,SAAS,GAAG,gEAAgE,CAAC;IACnF,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IAChD,MAAM,UAAU,GAAG,0EAA0E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzG,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,uDAAuD;YAC9D,WAAW,EAAE,SAAS,OAAO,CAAC,MAAM,wIAAwI;YAC5K,WAAW,EAAE,OAAO;YACpB,cAAc,EAAE,oJAAoJ;YACpK,SAAS,EAAE,oDAAoD;YAC/D,YAAY,EAAE,8IAA8I;YAC5J,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,YAAY,GAAG,gDAAgD,CAAC;IACtE,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACtD,MAAM,kBAAkB,GAAG,mDAAmD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1F,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACjD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,yCAAyC;YAChD,WAAW,EAAE,SAAS,UAAU,CAAC,MAAM,mJAAmJ;YAC1L,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,yKAAyK;YACzL,SAAS,EAAE,uDAAuD;YAClE,YAAY,EAAE,0HAA0H;YACxI,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"reliability.d.ts","sourceRoot":"","sources":["../../src/evaluators/reliability.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"reliability.d.ts","sourceRoot":"","sources":["../../src/evaluators/reliability.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CAuN5E"}
|
|
@@ -17,6 +17,8 @@ export function analyzeReliability(code, language) {
|
|
|
17
17
|
lineNumbers: emptyCatchLines,
|
|
18
18
|
recommendation: "At minimum, log the error. Ideally, handle it appropriately, rethrow, or propagate to a global error handler.",
|
|
19
19
|
reference: "Error Handling Best Practices",
|
|
20
|
+
suggestedFix: "Log in catch blocks: catch (err) { logger.error({ err }, 'Operation failed'); throw err; } — never leave catch blocks empty.",
|
|
21
|
+
confidence: 0.9,
|
|
20
22
|
});
|
|
21
23
|
}
|
|
22
24
|
// Detect missing timeout on network calls (multi-language)
|
|
@@ -38,6 +40,8 @@ export function analyzeReliability(code, language) {
|
|
|
38
40
|
lineNumbers: noTimeoutLines,
|
|
39
41
|
recommendation: "Set explicit timeouts on all network calls. Use AbortController with setTimeout for fetch, or timeout options for HTTP clients.",
|
|
40
42
|
reference: "Resilience Patterns: Timeout",
|
|
43
|
+
suggestedFix: "Add timeout: const controller = new AbortController(); setTimeout(() => controller.abort(), 5000); fetch(url, { signal: controller.signal });",
|
|
44
|
+
confidence: 0.8,
|
|
41
45
|
});
|
|
42
46
|
}
|
|
43
47
|
// Detect missing retry logic for transient failures (multi-language)
|
|
@@ -52,6 +56,8 @@ export function analyzeReliability(code, language) {
|
|
|
52
56
|
lineNumbers: externalCallLines.slice(0, 5),
|
|
53
57
|
recommendation: "Implement retry with exponential backoff for transient failures. Use libraries like p-retry, tenacity, Polly, Resilience4j, or backoff crate.",
|
|
54
58
|
reference: "Resilience Patterns: Retry with Backoff",
|
|
59
|
+
suggestedFix: "Add retry: import pRetry from 'p-retry'; const result = await pRetry(() => fetchData(), { retries: 3, minTimeout: 1000 });",
|
|
60
|
+
confidence: 0.7,
|
|
55
61
|
});
|
|
56
62
|
}
|
|
57
63
|
// Detect single point of failure patterns
|
|
@@ -70,6 +76,8 @@ export function analyzeReliability(code, language) {
|
|
|
70
76
|
lineNumbers: singleConnLines,
|
|
71
77
|
recommendation: "Use connection pooling to improve resilience and throughput. Most database drivers support connection pools.",
|
|
72
78
|
reference: "Database Connection Management",
|
|
79
|
+
suggestedFix: "Replace single connection with pool: const pool = new Pool({ max: 10, idleTimeoutMillis: 30000 }); const client = await pool.connect(); try { ... } finally { client.release(); }",
|
|
80
|
+
confidence: 0.8,
|
|
73
81
|
});
|
|
74
82
|
}
|
|
75
83
|
// Detect unchecked null/undefined access
|
|
@@ -88,6 +96,8 @@ export function analyzeReliability(code, language) {
|
|
|
88
96
|
lineNumbers: unsafeAccessLines.slice(0, 5),
|
|
89
97
|
recommendation: "Use optional chaining (?.) or explicit null checks for deeply nested property access.",
|
|
90
98
|
reference: "Defensive Programming Practices",
|
|
99
|
+
suggestedFix: "Use optional chaining: const value = obj?.nested?.deep?.prop ?? defaultValue; — prevents TypeError on null/undefined intermediaries.",
|
|
100
|
+
confidence: 0.75,
|
|
91
101
|
});
|
|
92
102
|
}
|
|
93
103
|
// Detect process.exit / panic / System.exit (multi-language)
|
|
@@ -101,6 +111,8 @@ export function analyzeReliability(code, language) {
|
|
|
101
111
|
lineNumbers: processExitLines,
|
|
102
112
|
recommendation: "Throw errors or use graceful shutdown patterns instead. Let the process exit naturally after cleanup. Reserve panics for truly unrecoverable situations.",
|
|
103
113
|
reference: "Graceful Shutdown Patterns",
|
|
114
|
+
suggestedFix: "Replace process.exit() with graceful shutdown: process.on('SIGTERM', async () => { await server.close(); await db.disconnect(); });",
|
|
115
|
+
confidence: 0.9,
|
|
104
116
|
});
|
|
105
117
|
}
|
|
106
118
|
// Circuit breaker pattern missing
|
|
@@ -114,6 +126,8 @@ export function analyzeReliability(code, language) {
|
|
|
114
126
|
description: "Multiple external calls without circuit breaker protection. A failing dependency can cause cascading failure across your system.",
|
|
115
127
|
recommendation: "Implement the circuit breaker pattern (opossum, cockatiel, Polly) to fail fast when external dependencies are unhealthy.",
|
|
116
128
|
reference: "Resilience Patterns: Circuit Breaker (Martin Fowler)",
|
|
129
|
+
suggestedFix: "Add circuit breaker: import CircuitBreaker from 'opossum'; const breaker = new CircuitBreaker(fetchData, { timeout: 3000, errorThresholdPercentage: 50 }); await breaker.fire();",
|
|
130
|
+
confidence: 0.7,
|
|
117
131
|
});
|
|
118
132
|
}
|
|
119
133
|
// Missing fallback / degraded mode
|
|
@@ -135,6 +149,8 @@ export function analyzeReliability(code, language) {
|
|
|
135
149
|
lineNumbers: criticalCallLines,
|
|
136
150
|
recommendation: "Provide fallback behavior: cached responses, default values, or gracefully degraded features when dependencies fail.",
|
|
137
151
|
reference: "Resilience Patterns: Fallback / Graceful Degradation",
|
|
152
|
+
suggestedFix: "Add fallback: try { data = await fetchFromApi(); } catch { data = await cache.get(key) ?? DEFAULT_VALUE; logger.warn('Using fallback data'); }",
|
|
153
|
+
confidence: 0.8,
|
|
138
154
|
});
|
|
139
155
|
}
|
|
140
156
|
// Missing idempotency for write operations
|
|
@@ -154,6 +170,8 @@ export function analyzeReliability(code, language) {
|
|
|
154
170
|
lineNumbers: writeEndpointLines.slice(0, 3),
|
|
155
171
|
recommendation: "Accept an idempotency key header (Idempotency-Key) and use it to deduplicate write operations.",
|
|
156
172
|
reference: "API Idempotency / Stripe Idempotency Pattern",
|
|
173
|
+
suggestedFix: "Add idempotency: const key = req.headers['idempotency-key']; if (key && await cache.has(key)) return res.json(await cache.get(key)); // process then cache result.",
|
|
174
|
+
confidence: 0.7,
|
|
157
175
|
});
|
|
158
176
|
}
|
|
159
177
|
// Panic/fatal in Go or System.exit in Java (already covered above, remove duplicate)
|
|
@@ -178,6 +196,8 @@ export function analyzeReliability(code, language) {
|
|
|
178
196
|
lineNumbers: unhandledPromiseLines,
|
|
179
197
|
recommendation: "Always handle promise rejections with .catch() or try/catch around await. Set up global unhandledRejection handler as safety net.",
|
|
180
198
|
reference: "Node.js Unhandled Rejections",
|
|
199
|
+
suggestedFix: "Add rejection handling: new Promise((resolve, reject) => { ... }).catch(err => logger.error(err)); or use try/catch with await.",
|
|
200
|
+
confidence: 0.8,
|
|
181
201
|
});
|
|
182
202
|
}
|
|
183
203
|
return findings;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"reliability.js","sourceRoot":"","sources":["../../src/evaluators/reliability.ts"],"names":[],"mappings":"AACA,OAAO,
|
|
1
|
+
{"version":3,"file":"reliability.js","sourceRoot":"","sources":["../../src/evaluators/reliability.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChE,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,QAAgB;IAC/D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,KAAK,CAAC;IACrB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,6CAA6C;IAC7C,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IAC3E,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,0GAA0G;YACvH,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,+GAA+G;YAC/H,SAAS,EAAE,+BAA+B;YAC1C,YAAY,EAAE,8HAA8H;YAC5I,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,2DAA2D;IAC3D,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IAC3E,eAAe,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;QAC7B,MAAM,GAAG,GAAG,EAAE,GAAG,CAAC,CAAC;QACnB,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7E,IAAI,CAAC,wEAAwE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5F,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,8BAA8B;YACrC,WAAW,EAAE,2GAA2G;YACxH,WAAW,EAAE,cAAc;YAC3B,cAAc,EAAE,iIAAiI;YACjJ,SAAS,EAAE,8BAA8B;YACzC,YAAY,EAAE,+IAA+I;YAC7J,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,qEAAqE;IACrE,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC,MAAM,CACjF,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,CAChD,CAAC;IACF,MAAM,QAAQ,GAAG,0EAA0E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvG,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,sIAAsI;YACnJ,WAAW,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,cAAc,EAAE,+IAA+I;YAC/J,SAAS,EAAE,yCAAyC;YACpD,YAAY,EAAE,4HAA4H;YAC1I,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,4CAA4C,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACxF,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,sGAAsG;YACnH,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,8GAA8G;YAC9H,SAAS,EAAE,gCAAgC;YAC3C,YAAY,EAAE,mLAAmL;YACjM,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,yCAAyC;IACzC,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACnG,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAChC,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,0CAA0C;YACjD,WAAW,EAAE,oGAAoG;YACjH,WAAW,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,cAAc,EAAE,uFAAuF;YACvG,SAAS,EAAE,iCAAiC;YAC5C,YAAY,EAAE,sIAAsI;YACpJ,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,6DAA6D;IAC7D,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC;IAC7E,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,4IAA4I;YACzJ,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,0JAA0J;YAC1K,SAAS,EAAE,4BAA4B;YACvC,YAAY,EAAE,qIAAqI;YACnJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,wBAAwB,GAAG,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC;IAC9D,MAAM,iBAAiB,GAAG,0DAA0D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChG,IAAI,wBAAwB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACnD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,kIAAkI;YAC/I,cAAc,EAAE,0HAA0H;YAC1I,SAAS,EAAE,sDAAsD;YACjE,YAAY,EAAE,kLAAkL;YAChM,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,+BAA+B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/C,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,yCAAyC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvF,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,0FAA0F;YACvG,WAAW,EAAE,iBAAiB;YAC9B,cAAc,EAAE,sHAAsH;YACtI,SAAS,EAAE,sDAAsD;YACjE,YAAY,EAAE,gJAAgJ;YAC9J,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,kBAAkB,GAAa,EAAE,CAAC;IACxC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1F,kBAAkB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC;IACH,CAAC,CAAC,CAAC;IACH,MAAM,cAAc,GAAG,2CAA2C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9E,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QACrD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,uHAAuH;YACpI,WAAW,EAAE,kBAAkB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3C,cAAc,EAAE,gGAAgG;YAChH,SAAS,EAAE,8CAA8C;YACzD,YAAY,EAAE,oKAAoK;YAClL,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,qFAAqF;IACrF,wEAAwE;IACxE,OAAO,EAAE,CAAC,CAAC,4BAA4B;IAEvC,8BAA8B;IAC9B,MAAM,qBAAqB,GAAa,EAAE,CAAC;IAC3C,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC9C,qBAAqB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,qBAAqB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,wGAAwG;YACrH,WAAW,EAAE,qBAAqB;YAClC,cAAc,EAAE,mIAAmI;YACnJ,SAAS,EAAE,8BAA8B;YACzC,YAAY,EAAE,iIAAiI;YAC/I,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scalability.d.ts","sourceRoot":"","sources":["../../src/evaluators/scalability.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"scalability.d.ts","sourceRoot":"","sources":["../../src/evaluators/scalability.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CAkN5E"}
|
|
@@ -16,6 +16,8 @@ export function analyzeScalability(code, language) {
|
|
|
16
16
|
lineNumbers: globalStateLines,
|
|
17
17
|
recommendation: "Externalize state to a database, cache (Redis), or message queue. Use const/final/immutable for configuration. Each instance should be stateless.",
|
|
18
18
|
reference: "12-Factor App: Processes (Factor VI)",
|
|
19
|
+
suggestedFix: "Replace the top-level mutable variable with a call to an external store (e.g., `await redis.get(key)`) so each instance remains stateless.",
|
|
20
|
+
confidence: 0.9,
|
|
19
21
|
});
|
|
20
22
|
}
|
|
21
23
|
// In-memory session/store
|
|
@@ -30,6 +32,8 @@ export function analyzeScalability(code, language) {
|
|
|
30
32
|
lineNumbers: inMemLines,
|
|
31
33
|
recommendation: "Use a distributed store (Redis, Memcached, database) for session data, caches, and shared state.",
|
|
32
34
|
reference: "Distributed Systems Best Practices",
|
|
35
|
+
suggestedFix: "Swap the in-memory `Map`/object store for a Redis-backed store (e.g., `new RedisStore(...)`) so data is shared across instances.",
|
|
36
|
+
confidence: 0.85,
|
|
33
37
|
});
|
|
34
38
|
}
|
|
35
39
|
// Synchronous blocking in hot paths (multi-language)
|
|
@@ -44,6 +48,8 @@ export function analyzeScalability(code, language) {
|
|
|
44
48
|
lineNumbers: blockingLines,
|
|
45
49
|
recommendation: "Use asynchronous alternatives (async/await, promises, non-blocking I/O). Move long-running work to background queues.",
|
|
46
50
|
reference: "Reactive & Non-Blocking Architecture Patterns",
|
|
51
|
+
suggestedFix: "Replace the synchronous call with its async counterpart (e.g., `fs.readFileSync` → `await fs.promises.readFile`) to avoid blocking the event loop.",
|
|
52
|
+
confidence: 0.9,
|
|
47
53
|
});
|
|
48
54
|
}
|
|
49
55
|
// No timeout on external calls (multi-language)
|
|
@@ -58,6 +64,8 @@ export function analyzeScalability(code, language) {
|
|
|
58
64
|
lineNumbers: fetchLines,
|
|
59
65
|
recommendation: "Set explicit timeouts on all external calls (e.g., 5-30 seconds). Implement circuit breakers (e.g., using libraries like cockatiel or opossum) for critical dependencies.",
|
|
60
66
|
reference: "Release It! — Stability Patterns",
|
|
67
|
+
suggestedFix: "Add a timeout option to the HTTP call (e.g., `fetch(url, { signal: AbortSignal.timeout(5000) })`) to prevent indefinite hangs.",
|
|
68
|
+
confidence: 0.7,
|
|
61
69
|
});
|
|
62
70
|
}
|
|
63
71
|
// Single-threaded heavy computation
|
|
@@ -75,6 +83,8 @@ export function analyzeScalability(code, language) {
|
|
|
75
83
|
lineNumbers: cpuOpsLines.length > 0 ? cpuOpsLines : undefined,
|
|
76
84
|
recommendation: "Offload CPU-intensive work to worker threads, a job queue (Bull, Celery), or a dedicated compute service. Use async variants of crypto operations (pbkdf2, scrypt). Consider WebAssembly for hot-path computation.",
|
|
77
85
|
reference: "Node.js Worker Threads / Job Queue Patterns",
|
|
86
|
+
suggestedFix: "Move the heavy computation into a worker thread or use the async variant (e.g., `crypto.pbkdf2` instead of `crypto.pbkdf2Sync`) to keep the main thread free.",
|
|
87
|
+
confidence: 0.8,
|
|
78
88
|
});
|
|
79
89
|
}
|
|
80
90
|
// No rate limiting detected
|
|
@@ -87,6 +97,8 @@ export function analyzeScalability(code, language) {
|
|
|
87
97
|
description: "No rate limiting or throttling mechanism is visible. Without rate limiting, the system is vulnerable to being overwhelmed by traffic spikes or abuse.",
|
|
88
98
|
recommendation: "Implement rate limiting at the API gateway or application level. Consider token bucket or sliding window algorithms. Use libraries like express-rate-limit or a cloud-native solution.",
|
|
89
99
|
reference: "API Security & Scalability Best Practices",
|
|
100
|
+
suggestedFix: "Add a rate-limiting middleware (e.g., `app.use(rateLimit({ windowMs: 60000, max: 100 }))`) to protect endpoints from traffic spikes.",
|
|
101
|
+
confidence: 0.7,
|
|
90
102
|
});
|
|
91
103
|
}
|
|
92
104
|
// File-based locking / local mutex
|
|
@@ -101,6 +113,8 @@ export function analyzeScalability(code, language) {
|
|
|
101
113
|
lineNumbers: fileLockLines,
|
|
102
114
|
recommendation: "Use distributed locks (Redis SETNX/Redlock, ZooKeeper, etcd) or database-level locking for cross-instance coordination.",
|
|
103
115
|
reference: "Distributed Locking Patterns",
|
|
116
|
+
suggestedFix: "Replace the local file/mutex lock with a distributed lock (e.g., Redlock via `await redlock.acquire([resource], ttl)`) for cross-instance safety.",
|
|
117
|
+
confidence: 0.9,
|
|
104
118
|
});
|
|
105
119
|
}
|
|
106
120
|
// Sticky session / session affinity assumptions
|
|
@@ -116,6 +130,8 @@ export function analyzeScalability(code, language) {
|
|
|
116
130
|
lineNumbers: stickySessionLines,
|
|
117
131
|
recommendation: "Use an external session store (Redis, DynamoDB, database) so any instance can serve any request. This enables zero-downtime deployments.",
|
|
118
132
|
reference: "Scalable Session Management",
|
|
133
|
+
suggestedFix: "Configure the session middleware to use an external store (e.g., `session({ store: new RedisStore({ client }) })`) instead of the default in-memory store.",
|
|
134
|
+
confidence: 0.75,
|
|
119
135
|
});
|
|
120
136
|
}
|
|
121
137
|
// Hardcoded thread/worker pool sizes
|
|
@@ -130,6 +146,8 @@ export function analyzeScalability(code, language) {
|
|
|
130
146
|
lineNumbers: hardcodedPoolLines,
|
|
131
147
|
recommendation: "Configure pool sizes via environment variables or derive from available resources (os.cpus().length). Allow runtime tuning.",
|
|
132
148
|
reference: "Resource Configuration Best Practices",
|
|
149
|
+
suggestedFix: "Replace the hardcoded pool size with a configurable value (e.g., `parseInt(process.env.POOL_SIZE) || os.cpus().length`) to adapt to each environment.",
|
|
150
|
+
confidence: 0.85,
|
|
133
151
|
});
|
|
134
152
|
}
|
|
135
153
|
// No circuit breaker pattern
|
|
@@ -143,6 +161,8 @@ export function analyzeScalability(code, language) {
|
|
|
143
161
|
description: "Multiple external service calls detected without circuit breaker protection. A failing dependency can cascade and bring down the entire system.",
|
|
144
162
|
recommendation: "Implement circuit breakers (opossum, cockatiel, Resilience4j, Polly) to fail fast when dependencies are down. Configure fallbacks.",
|
|
145
163
|
reference: "Release It! — Circuit Breaker Pattern",
|
|
164
|
+
suggestedFix: "Wrap external service calls with a circuit breaker (e.g., `const breaker = new CircuitBreaker(callFn, { timeout: 3000 }); await breaker.fire()`).",
|
|
165
|
+
confidence: 0.7,
|
|
146
166
|
});
|
|
147
167
|
}
|
|
148
168
|
// Monolithic query / large payload assembly
|
|
@@ -155,6 +175,8 @@ export function analyzeScalability(code, language) {
|
|
|
155
175
|
description: "Large response payloads increase serialization time, network transfer, and client memory usage. This limits throughput at scale.",
|
|
156
176
|
recommendation: "Implement pagination, field filtering (sparse fieldsets), or streaming for large responses. Consider GraphQL for client-driven field selection.",
|
|
157
177
|
reference: "API Scalability Patterns",
|
|
178
|
+
suggestedFix: "Add pagination parameters (e.g., `?page=1&limit=50`) and return only the requested slice instead of the full dataset.",
|
|
179
|
+
confidence: 0.8,
|
|
158
180
|
});
|
|
159
181
|
}
|
|
160
182
|
// WebSocket without connection limits
|
|
@@ -170,6 +192,8 @@ export function analyzeScalability(code, language) {
|
|
|
170
192
|
lineNumbers: wsLines,
|
|
171
193
|
recommendation: "Set maxPayload size, maximum connection limits, and implement connection throttling. Use a WebSocket gateway for production scale.",
|
|
172
194
|
reference: "WebSocket Security & Scalability",
|
|
195
|
+
suggestedFix: "Pass connection limits when creating the WebSocket server (e.g., `new WebSocketServer({ maxPayload: 1048576, maxConnections: 1000 })`).",
|
|
196
|
+
confidence: 0.75,
|
|
173
197
|
});
|
|
174
198
|
}
|
|
175
199
|
return findings;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scalability.js","sourceRoot":"","sources":["../../src/evaluators/scalability.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,QAAgB;IAC/D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,OAAO,CAAC;IACvB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,wCAAwC;IACxC,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC;IAC/E,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,+BAA+B;YACtC,WAAW,EAAE,6JAA6J;YAC1K,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,mJAAmJ;YACnK,SAAS,EAAE,sCAAsC;
|
|
1
|
+
{"version":3,"file":"scalability.js","sourceRoot":"","sources":["../../src/evaluators/scalability.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,QAAgB;IAC/D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,OAAO,CAAC;IACvB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,wCAAwC;IACxC,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC;IAC/E,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,+BAA+B;YACtC,WAAW,EAAE,6JAA6J;YAC1K,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,mJAAmJ;YACnK,SAAS,EAAE,sCAAsC;YACjD,YAAY,EAAE,4IAA4I;YAC1J,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,MAAM,YAAY,GAAG,kKAAkK,CAAC;IACxL,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACtD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,8JAA8J;YAC3K,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,kGAAkG;YAClH,SAAS,EAAE,oCAAoC;YAC/C,YAAY,EAAE,kIAAkI;YAChJ,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,qDAAqD;IACrD,MAAM,eAAe,GAAG,iKAAiK,CAAC;IAC1L,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC5D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,oJAAoJ;YACjK,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,uHAAuH;YACvI,SAAS,EAAE,+CAA+C;YAC1D,YAAY,EAAE,oJAAoJ;YAClK,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IACtE,MAAM,UAAU,GAAG,0EAA0E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzG,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QACzC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,yJAAyJ;YACtK,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,2KAA2K;YAC3L,SAAS,EAAE,kCAAkC;YAC7C,YAAY,EAAE,gIAAgI;YAC9I,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,6EAA6E;IAC7E,MAAM,gBAAgB,GAAG,gFAAgF,CAAC;IAC1G,MAAM,eAAe,GAAG,mMAAmM,CAAC;IAC5N,MAAM,cAAc,GAAG,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnD,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC1D,IAAI,cAAc,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,YAAY,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,cAAc,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,iCAAiC,CAAC,CAAC,CAAC,EAAE,0GAA0G;YACxT,WAAW,EAAE,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;YAC7D,cAAc,EAAE,oNAAoN;YACpO,SAAS,EAAE,6CAA6C;YACxD,YAAY,EAAE,+JAA+J;YAC7K,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,4BAA4B;IAC5B,MAAM,YAAY,GAAG,0CAA0C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3E,IAAI,CAAC,YAAY,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,2BAA2B;YAClC,WAAW,EAAE,uJAAuJ;YACpK,cAAc,EAAE,wLAAwL;YACxM,SAAS,EAAE,2CAA2C;YACtD,YAAY,EAAE,sIAAsI;YACpJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,MAAM,eAAe,GAAG,yFAAyF,CAAC;IAClH,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC5D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,oJAAoJ;YACjK,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,yHAAyH;YACzI,SAAS,EAAE,8BAA8B;YACzC,YAAY,EAAE,mJAAmJ;YACjK,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,oBAAoB,GAAG,kEAAkE,CAAC;IAChG,MAAM,kBAAkB,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IACtE,MAAM,kBAAkB,GAAG,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1G,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACzD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,qJAAqJ;YAClK,WAAW,EAAE,kBAAkB;YAC/B,cAAc,EAAE,0IAA0I;YAC1J,SAAS,EAAE,6BAA6B;YACxC,YAAY,EAAE,4JAA4J;YAC1K,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,qCAAqC;IACrC,MAAM,oBAAoB,GAAG,yEAAyE,CAAC;IACvG,MAAM,kBAAkB,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IACtE,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,oJAAoJ;YACjK,WAAW,EAAE,kBAAkB;YAC/B,cAAc,EAAE,6HAA6H;YAC7I,SAAS,EAAE,uCAAuC;YAClD,YAAY,EAAE,uJAAuJ;YACrK,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,6BAA6B;IAC7B,MAAM,iBAAiB,GAAG,gFAAgF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtH,MAAM,wBAAwB,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;IACvD,IAAI,wBAAwB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACnD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,iJAAiJ;YAC9J,cAAc,EAAE,oIAAoI;YACpJ,SAAS,EAAE,uCAAuC;YAClD,YAAY,EAAE,mJAAmJ;YACjK,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,4CAA4C;IAC5C,MAAM,mBAAmB,GAAG,6GAA6G,CAAC;IAC1I,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,kIAAkI;YAC/I,cAAc,EAAE,iJAAiJ;YACjK,SAAS,EAAE,0BAA0B;YACrC,YAAY,EAAE,uHAAuH;YACrI,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,MAAM,SAAS,GAAG,yDAAyD,CAAC;IAC5E,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IAChD,MAAM,UAAU,GAAG,6DAA6D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5F,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,4IAA4I;YACzJ,WAAW,EAAE,OAAO;YACpB,cAAc,EAAE,oIAAoI;YACpJ,SAAS,EAAE,kCAAkC;YAC7C,YAAY,EAAE,yIAAyI;YACvJ,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../../src/evaluators/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,eAAe,EACf,eAAe,EACf,OAAO,EAEP,OAAO,EACP,YAAY,EACZ,UAAU,EACX,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGzE,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,CAAC;AAM1C;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../../src/evaluators/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,eAAe,EACf,eAAe,EACf,OAAO,EAEP,OAAO,EACP,YAAY,EACZ,UAAU,EACX,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGzE,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,CAAC;AAM1C;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAUtE;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,UAAU,GAAG,MAAM,GAAG,KAAK,EAAE,MAAM,CAAC,CAAC,GAC7D,MAAM,EAAE,CAKV;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,CAE1D;AAID;;;GAGG;AACH,wBAAgB,WAAW,CACzB,QAAQ,EAAE,OAAO,EAAE,EACnB,MAAM,CAAC,EAAE,YAAY,GACpB,OAAO,EAAE,CAyDX;AAID,wBAAgB,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,CAsB1D;AAED,wBAAgB,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAKzE;AAID,wBAAgB,YAAY,CAC1B,KAAK,EAAE,eAAe,EACtB,QAAQ,EAAE,OAAO,EAAE,EACnB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,OAAO,GACf,MAAM,CAsBR;AAED,wBAAgB,oBAAoB,CAClC,WAAW,EAAE,eAAe,EAAE,EAC9B,OAAO,EAAE,OAAO,EAChB,KAAK,EAAE,MAAM,EACb,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,GAChB,MAAM,CAoBR;AAID;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,eAAe,GAAG,MAAM,CAmCxE;AAED;;GAEG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,eAAe,GAAG,MAAM,CAiC9E"}
|