@kevinrabun/judges 2.2.0 → 3.0.0

package/dist/evaluators/reliability.js

@@ -17,6 +17,8 @@ export function analyzeReliability(code, language) {
             lineNumbers: emptyCatchLines,
             recommendation: "At minimum, log the error. Ideally, handle it appropriately, rethrow, or propagate to a global error handler.",
             reference: "Error Handling Best Practices",
+            suggestedFix: "Log in catch blocks: catch (err) { logger.error({ err }, 'Operation failed'); throw err; } — never leave catch blocks empty.",
+            confidence: 0.9,
         });
     }
     // Detect missing timeout on network calls (multi-language)
@@ -38,6 +40,8 @@ export function analyzeReliability(code, language) {
             lineNumbers: noTimeoutLines,
             recommendation: "Set explicit timeouts on all network calls. Use AbortController with setTimeout for fetch, or timeout options for HTTP clients.",
             reference: "Resilience Patterns: Timeout",
+            suggestedFix: "Add timeout: const controller = new AbortController(); setTimeout(() => controller.abort(), 5000); fetch(url, { signal: controller.signal });",
+            confidence: 0.8,
         });
     }
     // Detect missing retry logic for transient failures (multi-language)
@@ -52,6 +56,8 @@ export function analyzeReliability(code, language) {
             lineNumbers: externalCallLines.slice(0, 5),
             recommendation: "Implement retry with exponential backoff for transient failures. Use libraries like p-retry, tenacity, Polly, Resilience4j, or backoff crate.",
             reference: "Resilience Patterns: Retry with Backoff",
+            suggestedFix: "Add retry: import pRetry from 'p-retry'; const result = await pRetry(() => fetchData(), { retries: 3, minTimeout: 1000 });",
+            confidence: 0.7,
         });
     }
     // Detect single point of failure patterns
@@ -70,6 +76,8 @@ export function analyzeReliability(code, language) {
             lineNumbers: singleConnLines,
             recommendation: "Use connection pooling to improve resilience and throughput. Most database drivers support connection pools.",
             reference: "Database Connection Management",
+            suggestedFix: "Replace single connection with pool: const pool = new Pool({ max: 10, idleTimeoutMillis: 30000 }); const client = await pool.connect(); try { ... } finally { client.release(); }",
+            confidence: 0.8,
         });
     }
     // Detect unchecked null/undefined access
@@ -88,6 +96,8 @@ export function analyzeReliability(code, language) {
             lineNumbers: unsafeAccessLines.slice(0, 5),
             recommendation: "Use optional chaining (?.) or explicit null checks for deeply nested property access.",
             reference: "Defensive Programming Practices",
+            suggestedFix: "Use optional chaining: const value = obj?.nested?.deep?.prop ?? defaultValue; — prevents TypeError on null/undefined intermediaries.",
+            confidence: 0.75,
         });
     }
     // Detect process.exit / panic / System.exit (multi-language)
@@ -101,6 +111,8 @@ export function analyzeReliability(code, language) {
             lineNumbers: processExitLines,
             recommendation: "Throw errors or use graceful shutdown patterns instead. Let the process exit naturally after cleanup. Reserve panics for truly unrecoverable situations.",
             reference: "Graceful Shutdown Patterns",
+            suggestedFix: "Replace process.exit() with graceful shutdown: process.on('SIGTERM', async () => { await server.close(); await db.disconnect(); });",
+            confidence: 0.9,
         });
     }
     // Circuit breaker pattern missing
@@ -114,6 +126,8 @@ export function analyzeReliability(code, language) {
             description: "Multiple external calls without circuit breaker protection. A failing dependency can cause cascading failure across your system.",
             recommendation: "Implement the circuit breaker pattern (opossum, cockatiel, Polly) to fail fast when external dependencies are unhealthy.",
             reference: "Resilience Patterns: Circuit Breaker (Martin Fowler)",
+            suggestedFix: "Add circuit breaker: import CircuitBreaker from 'opossum'; const breaker = new CircuitBreaker(fetchData, { timeout: 3000, errorThresholdPercentage: 50 }); await breaker.fire();",
+            confidence: 0.7,
         });
     }
     // Missing fallback / degraded mode
@@ -135,6 +149,8 @@ export function analyzeReliability(code, language) {
             lineNumbers: criticalCallLines,
             recommendation: "Provide fallback behavior: cached responses, default values, or gracefully degraded features when dependencies fail.",
             reference: "Resilience Patterns: Fallback / Graceful Degradation",
+            suggestedFix: "Add fallback: try { data = await fetchFromApi(); } catch { data = await cache.get(key) ?? DEFAULT_VALUE; logger.warn('Using fallback data'); }",
+            confidence: 0.8,
         });
     }
     // Missing idempotency for write operations
@@ -154,6 +170,8 @@ export function analyzeReliability(code, language) {
             lineNumbers: writeEndpointLines.slice(0, 3),
             recommendation: "Accept an idempotency key header (Idempotency-Key) and use it to deduplicate write operations.",
             reference: "API Idempotency / Stripe Idempotency Pattern",
+            suggestedFix: "Add idempotency: const key = req.headers['idempotency-key']; if (key && await cache.has(key)) return res.json(await cache.get(key)); // process then cache result.",
+            confidence: 0.7,
         });
     }
     // Panic/fatal in Go or System.exit in Java (already covered above, remove duplicate)
@@ -178,6 +196,8 @@ export function analyzeReliability(code, language) {
             lineNumbers: unhandledPromiseLines,
             recommendation: "Always handle promise rejections with .catch() or try/catch around await. Set up global unhandledRejection handler as safety net.",
             reference: "Node.js Unhandled Rejections",
+            suggestedFix: "Add rejection handling: new Promise((resolve, reject) => { ... }).catch(err => logger.error(err)); or use try/catch with await.",
+            confidence: 0.8,
         });
     }
     return findings;

package/dist/evaluators/reliability.js.map

@@ -1 +1 @@
-{"version":3,"file":"reliability.js","sourceRoot":"","sources":["../../src/evaluators/reliability.ts"],"names":[],"mappings":"AACA,OAAO,EAAkB,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,QAAgB;IAC/D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,KAAK,CAAC;IACrB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,6CAA6C;IAC7C,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IAC3E,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,0GAA0G;YACvH,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,+GAA+G;YAC/H,SAAS,EAAE,+BAA+B;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,2DAA2D;IAC3D,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IAC3E,eAAe,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;QAC7B,MAAM,GAAG,GAAG,EAAE,GAAG,CAAC,CAAC;QACnB,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7E,IAAI,CAAC,wEAAwE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5F,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,8BAA8B;YACrC,WAAW,EAAE,2GAA2G;YACxH,WAAW,EAAE,cAAc;YAC3B,cAAc,EAAE,iIAAiI;YACjJ,SAAS,EAAE,8BAA8B;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,qEAAqE;IACrE,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC,MAAM,CACjF,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,CAChD,CAAC;IACF,MAAM,QAAQ,GAAG,0EAA0E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvG,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,sIAAsI;YACnJ,WAAW,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,cAAc,EAAE,+IAA+I;YAC/J,SAAS,EAAE,yCAAyC;SACrD,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,4CAA4C,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACxF,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,sGAAsG;YACnH,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,8GAA8G;YAC9H,SAAS,EAAE,gCAAgC;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,yCAAyC;IACzC,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACnG,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAChC,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,0CAA0C;YACjD,WAAW,EAAE,oGAAoG;YACjH,WAAW,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,cAAc,EAAE,uFAAuF;YACvG,SAAS,EAAE,iCAAiC;SAC7C,CAAC,CAAC;IACL,CAAC;IAED,6DAA6D;IAC7D,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC;IAC7E,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,4IAA4I;YACzJ,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,0JAA0J;YAC1K,SAAS,EAAE,4BAA4B;SACxC,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,wBAAwB,GAAG,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC;IAC9D,MAAM,iBAAiB,GAAG,0DAA0D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChG,IAAI,wBAAwB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACnD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,kIAAkI;YAC/I,cAAc,EAAE,0HAA0H;YAC1I,SAAS,EAAE,sDAAsD;SAClE,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,+BAA+B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/C,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,yCAAyC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvF,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,0FAA0F;YACvG,WAAW,EAAE,iBAAiB;YAC9B,cAAc,EAAE,sHAAsH;YACtI,SAAS,EAAE,sDAAsD;SAClE,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,kBAAkB,GAAa,EAAE,CAAC;IACxC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1F,kBAAkB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC;IACH,CAAC,CAAC,CAAC;IACH,MAAM,cAAc,GAAG,2CAA2C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9E,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QACrD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,uHAAuH;YACpI,WAAW,EAAE,kBAAkB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3C,cAAc,EAAE,gGAAgG;YAChH,SAAS,EAAE,8CAA8C;SAC1D,CAAC,CAAC;IACL,CAAC;IAED,qFAAqF;IACrF,wEAAwE;IACxE,OAAO,EAAE,CAAC,CAAC,4BAA4B;IAEvC,8BAA8B;IAC9B,MAAM,qBAAqB,GAAa,EAAE,CAAC;IAC3C,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC9C,qBAAqB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,qBAAqB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,wGAAwG;YACrH,WAAW,EAAE,qBAAqB;YAClC,cAAc,EAAE,mIAAmI;YACnJ,SAAS,EAAE,8BAA8B;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
+{"version":3,"file":"reliability.js","sourceRoot":"","sources":["../../src/evaluators/reliability.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChE,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,QAAgB;IAC/D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,KAAK,CAAC;IACrB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,6CAA6C;IAC7C,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IAC3E,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EACT,0GAA0G;YAC5G,WAAW,EAAE,eAAe;YAC5B,cAAc,EACZ,+GAA+G;YACjH,SAAS,EAAE,+BAA+B;YAC1C,YAAY,EACV,8HAA8H;YAChI,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,2DAA2D;IAC3D,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IAC3E,eAAe,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE;QAC7B,MAAM,GAAG,GAAG,EAAE,GAAG,CAAC,CAAC;QACnB,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7E,IAAI,CAAC,wEAAwE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5F,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,8BAA8B;YACrC,WAAW,EACT,2GAA2G;YAC7G,WAAW,EAAE,cAAc;YAC3B,cAAc,EACZ,iIAAiI;YACnI,SAAS,EAAE,8BAA8B;YACzC,YAAY,EACV,+IAA+I;YACjJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,qEAAqE;IACrE,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC,MAAM,CACjF,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,CAChD,CAAC;IACF,MAAM,QAAQ,GAAG,0EAA0E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvG,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EACT,sIAAsI;YACxI,WAAW,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,cAAc,EACZ,+IAA+I;YACjJ,SAAS,EAAE,yCAAyC;YACpD,YAAY,EACV,4HAA4H;YAC9H,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,4CAA4C,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACxF,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EACT,sGAAsG;YACxG,WAAW,EAAE,eAAe;YAC5B,cAAc,EACZ,8GAA8G;YAChH,SAAS,EAAE,gCAAgC;YAC3C,YAAY,EACV,mLAAmL;YACrL,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,yCAAyC;IACzC,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACnG,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAChC,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,0CAA0C;YACjD,WAAW,EAAE,oGAAoG;YACjH,WAAW,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,cAAc,EAAE,uFAAuF;YACvG,SAAS,EAAE,iCAAiC;YAC5C,YAAY,EACV,sIAAsI;YACxI,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,6DAA6D;IAC7D,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC;IAC7E,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EACT,4IAA4I;YAC9I,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EACZ,0JAA0J;YAC5J,SAAS,EAAE,4BAA4B;YACvC,YAAY,EACV,qIAAqI;YACvI,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,wBAAwB,GAAG,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC;IAC9D,MAAM,iBAAiB,GAAG,0DAA0D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChG,IAAI,wBAAwB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACnD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EACT,kIAAkI;YACpI,cAAc,EACZ,0HAA0H;YAC5H,SAAS,EAAE,sDAAsD;YACjE,YAAY,EACV,kLAAkL;YACpL,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,+BAA+B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/C,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,yCAAyC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvF,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,0FAA0F;YACvG,WAAW,EAAE,iBAAiB;YAC9B,cAAc,EACZ,sHAAsH;YACxH,SAAS,EAAE,sDAAsD;YACjE,YAAY,EACV,gJAAgJ;YAClJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,kBAAkB,GAAa,EAAE,CAAC;IACxC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1F,kBAAkB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC;IACH,CAAC,CAAC,CAAC;IACH,MAAM,cAAc,GAAG,2CAA2C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9E,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QACrD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,6CAA6C;YACpD,WAAW,EACT,uHAAuH;YACzH,WAAW,EAAE,kBAAkB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC3C,cAAc,EAAE,gGAAgG;YAChH,SAAS,EAAE,8CAA8C;YACzD,YAAY,EACV,oKAAoK;YACtK,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,qFAAqF;IACrF,wEAAwE;IACxE,OAAO,EAAE,CAAC,CAAC,4BAA4B;IAEvC,8BAA8B;IAC9B,MAAM,qBAAqB,GAAa,EAAE,CAAC;IAC3C,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC9C,qBAAqB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,qBAAqB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EACT,wGAAwG;YAC1G,WAAW,EAAE,qBAAqB;YAClC,cAAc,EACZ,mIAAmI;YACrI,SAAS,EAAE,8BAA8B;YACzC,YAAY,EACV,iIAAiI;YACnI,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/evaluators/scalability.d.ts

@@ -1,3 +1,3 @@
-import { Finding } from "../types.js";
+import type { Finding } from "../types.js";
 export declare function analyzeScalability(code: string, language: string): Finding[];
 //# sourceMappingURL=scalability.d.ts.map

package/dist/evaluators/scalability.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"scalability.d.ts","sourceRoot":"","sources":["../../src/evaluators/scalability.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CA0L5E"}
+{"version":3,"file":"scalability.d.ts","sourceRoot":"","sources":["../../src/evaluators/scalability.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAI3C,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CA2P5E"}

package/dist/evaluators/scalability.js

@@ -16,6 +16,8 @@ export function analyzeScalability(code, language) {
             lineNumbers: globalStateLines,
             recommendation: "Externalize state to a database, cache (Redis), or message queue. Use const/final/immutable for configuration. Each instance should be stateless.",
             reference: "12-Factor App: Processes (Factor VI)",
+            suggestedFix: "Replace the top-level mutable variable with a call to an external store (e.g., `await redis.get(key)`) so each instance remains stateless.",
+            confidence: 0.9,
         });
     }
     // In-memory session/store
@@ -30,10 +32,14 @@ export function analyzeScalability(code, language) {
             lineNumbers: inMemLines,
             recommendation: "Use a distributed store (Redis, Memcached, database) for session data, caches, and shared state.",
             reference: "Distributed Systems Best Practices",
+            suggestedFix: "Swap the in-memory `Map`/object store for a Redis-backed store (e.g., `new RedisStore(...)`) so data is shared across instances.",
+            confidence: 0.85,
         });
     }
     // Synchronous blocking in hot paths (multi-language)
-    const blockingPattern = /Sync\s*\(|\.sleep\s*\(|Thread\.sleep|time\.sleep|threading\.Event\(\)\.wait|Task\.Delay.*\.Wait\(\)|\.Result\b|std::thread::sleep|tokio::task::block_in_place/gi;
+    // Require a word-char before "Sync(" so we match readFileSync(), writeSync(),
+    // etc., but not unrelated identifiers that happen to contain "Sync".
+    const blockingPattern = /\wSync\s*\(|\.sleep\s*\(|Thread\.sleep|time\.sleep|threading\.Event\(\)\.wait|Task\.Delay.*\.Wait\(\)|\.Result\b|std::thread::sleep|tokio::task::block_in_place/gi;
     const blockingLines = getLineNumbers(code, blockingPattern);
     if (blockingLines.length > 0) {
         findings.push({
@@ -44,6 +50,8 @@ export function analyzeScalability(code, language) {
             lineNumbers: blockingLines,
             recommendation: "Use asynchronous alternatives (async/await, promises, non-blocking I/O). Move long-running work to background queues.",
             reference: "Reactive & Non-Blocking Architecture Patterns",
+            suggestedFix: "Replace the synchronous call with its async counterpart (e.g., `fs.readFileSync` → `await fs.promises.readFile`) to avoid blocking the event loop.",
+            confidence: 0.9,
         });
     }
     // No timeout on external calls (multi-language)
@@ -58,6 +66,8 @@ export function analyzeScalability(code, language) {
             lineNumbers: fetchLines,
             recommendation: "Set explicit timeouts on all external calls (e.g., 5-30 seconds). Implement circuit breakers (e.g., using libraries like cockatiel or opossum) for critical dependencies.",
             reference: "Release It! — Stability Patterns",
+            suggestedFix: "Add a timeout option to the HTTP call (e.g., `fetch(url, { signal: AbortSignal.timeout(5000) })`) to prevent indefinite hangs.",
+            confidence: 0.7,
         });
     }
     // Single-threaded heavy computation
@@ -75,6 +85,8 @@ export function analyzeScalability(code, language) {
             lineNumbers: cpuOpsLines.length > 0 ? cpuOpsLines : undefined,
             recommendation: "Offload CPU-intensive work to worker threads, a job queue (Bull, Celery), or a dedicated compute service. Use async variants of crypto operations (pbkdf2, scrypt). Consider WebAssembly for hot-path computation.",
             reference: "Node.js Worker Threads / Job Queue Patterns",
+            suggestedFix: "Move the heavy computation into a worker thread or use the async variant (e.g., `crypto.pbkdf2` instead of `crypto.pbkdf2Sync`) to keep the main thread free.",
+            confidence: 0.8,
         });
     }
     // No rate limiting detected
@@ -87,6 +99,8 @@ export function analyzeScalability(code, language) {
             description: "No rate limiting or throttling mechanism is visible. Without rate limiting, the system is vulnerable to being overwhelmed by traffic spikes or abuse.",
             recommendation: "Implement rate limiting at the API gateway or application level. Consider token bucket or sliding window algorithms. Use libraries like express-rate-limit or a cloud-native solution.",
             reference: "API Security & Scalability Best Practices",
+            suggestedFix: "Add a rate-limiting middleware (e.g., `app.use(rateLimit({ windowMs: 60000, max: 100 }))`) to protect endpoints from traffic spikes.",
+            confidence: 0.7,
         });
     }
     // File-based locking / local mutex
@@ -101,6 +115,8 @@ export function analyzeScalability(code, language) {
             lineNumbers: fileLockLines,
             recommendation: "Use distributed locks (Redis SETNX/Redlock, ZooKeeper, etcd) or database-level locking for cross-instance coordination.",
             reference: "Distributed Locking Patterns",
+            suggestedFix: "Replace the local file/mutex lock with a distributed lock (e.g., Redlock via `await redlock.acquire([resource], ttl)`) for cross-instance safety.",
+            confidence: 0.9,
         });
     }
     // Sticky session / session affinity assumptions
@@ -116,6 +132,8 @@ export function analyzeScalability(code, language) {
             lineNumbers: stickySessionLines,
             recommendation: "Use an external session store (Redis, DynamoDB, database) so any instance can serve any request. This enables zero-downtime deployments.",
             reference: "Scalable Session Management",
+            suggestedFix: "Configure the session middleware to use an external store (e.g., `session({ store: new RedisStore({ client }) })`) instead of the default in-memory store.",
+            confidence: 0.75,
         });
     }
     // Hardcoded thread/worker pool sizes
@@ -130,6 +148,8 @@ export function analyzeScalability(code, language) {
             lineNumbers: hardcodedPoolLines,
             recommendation: "Configure pool sizes via environment variables or derive from available resources (os.cpus().length). Allow runtime tuning.",
             reference: "Resource Configuration Best Practices",
+            suggestedFix: "Replace the hardcoded pool size with a configurable value (e.g., `parseInt(process.env.POOL_SIZE) || os.cpus().length`) to adapt to each environment.",
+            confidence: 0.85,
         });
     }
     // No circuit breaker pattern
@@ -143,6 +163,8 @@ export function analyzeScalability(code, language) {
             description: "Multiple external service calls detected without circuit breaker protection. A failing dependency can cascade and bring down the entire system.",
             recommendation: "Implement circuit breakers (opossum, cockatiel, Resilience4j, Polly) to fail fast when dependencies are down. Configure fallbacks.",
             reference: "Release It! — Circuit Breaker Pattern",
+            suggestedFix: "Wrap external service calls with a circuit breaker (e.g., `const breaker = new CircuitBreaker(callFn, { timeout: 3000 }); await breaker.fire()`).",
+            confidence: 0.7,
         });
     }
     // Monolithic query / large payload assembly
@@ -155,6 +177,8 @@ export function analyzeScalability(code, language) {
             description: "Large response payloads increase serialization time, network transfer, and client memory usage. This limits throughput at scale.",
             recommendation: "Implement pagination, field filtering (sparse fieldsets), or streaming for large responses. Consider GraphQL for client-driven field selection.",
             reference: "API Scalability Patterns",
+            suggestedFix: "Add pagination parameters (e.g., `?page=1&limit=50`) and return only the requested slice instead of the full dataset.",
+            confidence: 0.8,
         });
     }
     // WebSocket without connection limits
@@ -170,6 +194,8 @@ export function analyzeScalability(code, language) {
             lineNumbers: wsLines,
             recommendation: "Set maxPayload size, maximum connection limits, and implement connection throttling. Use a WebSocket gateway for production scale.",
             reference: "WebSocket Security & Scalability",
+            suggestedFix: "Pass connection limits when creating the WebSocket server (e.g., `new WebSocketServer({ maxPayload: 1048576, maxConnections: 1000 })`).",
+            confidence: 0.75,
         });
     }
     return findings;

package/dist/evaluators/scalability.js.map

@@ -1 +1 @@
-{"version":3,"file":"scalability.js","sourceRoot":"","sources":["../../src/evaluators/scalability.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,QAAgB;IAC/D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,OAAO,CAAC;IACvB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,wCAAwC;IACxC,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC;IAC/E,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,+BAA+B;YACtC,WAAW,EAAE,6JAA6J;YAC1K,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,mJAAmJ;YACnK,SAAS,EAAE,sCAAsC;SAClD,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,MAAM,YAAY,GAAG,kKAAkK,CAAC;IACxL,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACtD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,8JAA8J;YAC3K,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,kGAAkG;YAClH,SAAS,EAAE,oCAAoC;SAChD,CAAC,CAAC;IACL,CAAC;IAED,qDAAqD;IACrD,MAAM,eAAe,GAAG,iKAAiK,CAAC;IAC1L,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC5D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,oJAAoJ;YACjK,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,uHAAuH;YACvI,SAAS,EAAE,+CAA+C;SAC3D,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IACtE,MAAM,UAAU,GAAG,0EAA0E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzG,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QACzC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,yJAAyJ;YACtK,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,2KAA2K;YAC3L,SAAS,EAAE,kCAAkC;SAC9C,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,6EAA6E;IAC7E,MAAM,gBAAgB,GAAG,gFAAgF,CAAC;IAC1G,MAAM,eAAe,GAAG,mMAAmM,CAAC;IAC5N,MAAM,cAAc,GAAG,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnD,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC1D,IAAI,cAAc,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,YAAY,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,cAAc,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,iCAAiC,CAAC,CAAC,CAAC,EAAE,0GAA0G;YACxT,WAAW,EAAE,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;YAC7D,cAAc,EAAE,oNAAoN;YACpO,SAAS,EAAE,6CAA6C;SACzD,CAAC,CAAC;IACL,CAAC;IAED,4BAA4B;IAC5B,MAAM,YAAY,GAAG,0CAA0C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3E,IAAI,CAAC,YAAY,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,2BAA2B;YAClC,WAAW,EAAE,uJAAuJ;YACpK,cAAc,EAAE,wLAAwL;YACxM,SAAS,EAAE,2CAA2C;SACvD,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,MAAM,eAAe,GAAG,yFAAyF,CAAC;IAClH,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC5D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,oJAAoJ;YACjK,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,yHAAyH;YACzI,SAAS,EAAE,8BAA8B;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,oBAAoB,GAAG,kEAAkE,CAAC;IAChG,MAAM,kBAAkB,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IACtE,MAAM,kBAAkB,GAAG,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1G,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACzD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,qJAAqJ;YAClK,WAAW,EAAE,kBAAkB;YAC/B,cAAc,EAAE,0IAA0I;YAC1J,SAAS,EAAE,6BAA6B;SACzC,CAAC,CAAC;IACL,CAAC;IAED,qCAAqC;IACrC,MAAM,oBAAoB,GAAG,yEAAyE,CAAC;IACvG,MAAM,kBAAkB,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IACtE,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,oJAAoJ;YACjK,WAAW,EAAE,kBAAkB;YAC/B,cAAc,EAAE,6HAA6H;YAC7I,SAAS,EAAE,uCAAuC;SACnD,CAAC,CAAC;IACL,CAAC;IAED,6BAA6B;IAC7B,MAAM,iBAAiB,GAAG,gFAAgF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtH,MAAM,wBAAwB,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;IACvD,IAAI,wBAAwB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACnD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,iJAAiJ;YAC9J,cAAc,EAAE,oIAAoI;YACpJ,SAAS,EAAE,uCAAuC;SACnD,CAAC,CAAC;IACL,CAAC;IAED,4CAA4C;IAC5C,MAAM,mBAAmB,GAAG,6GAA6G,CAAC;IAC1I,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,kIAAkI;YAC/I,cAAc,EAAE,iJAAiJ;YACjK,SAAS,EAAE,0BAA0B;SACtC,CAAC,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,MAAM,SAAS,GAAG,yDAAyD,CAAC;IAC5E,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IAChD,MAAM,UAAU,GAAG,6DAA6D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5F,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,4IAA4I;YACzJ,WAAW,EAAE,OAAO;YACpB,cAAc,EAAE,oIAAoI;YACpJ,SAAS,EAAE,kCAAkC;SAC9C,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
+{"version":3,"file":"scalability.js","sourceRoot":"","sources":["../../src/evaluators/scalability.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,QAAgB;IAC/D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,OAAO,CAAC;IACvB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,wCAAwC;IACxC,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC;IAC/E,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,+BAA+B;YACtC,WAAW,EACT,6JAA6J;YAC/J,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EACZ,mJAAmJ;YACrJ,SAAS,EAAE,sCAAsC;YACjD,YAAY,EACV,4IAA4I;YAC9I,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,MAAM,YAAY,GAChB,kKAAkK,CAAC;IACrK,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACtD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EACT,8JAA8J;YAChK,WAAW,EAAE,UAAU;YACvB,cAAc,EACZ,kGAAkG;YACpG,SAAS,EAAE,oCAAoC;YAC/C,YAAY,EACV,kIAAkI;YACpI,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,qDAAqD;IACrD,8EAA8E;IAC9E,qEAAqE;IACrE,MAAM,eAAe,GACnB,mKAAmK,CAAC;IACtK,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC5D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EACT,oJAAoJ;YACtJ,WAAW,EAAE,aAAa;YAC1B,cAAc,EACZ,uHAAuH;YACzH,SAAS,EAAE,+CAA+C;YAC1D,YAAY,EACV,oJAAoJ;YACtJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC;IACtE,MAAM,UAAU,GAAG,0EAA0E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzG,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QACzC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EACT,yJAAyJ;YAC3J,WAAW,EAAE,UAAU;YACvB,cAAc,EACZ,2KAA2K;YAC7K,SAAS,EAAE,kCAAkC;YAC7C,YAAY,EACV,gIAAgI;YAClI,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,6EAA6E;IAC7E,MAAM,gBAAgB,GAAG,gFAAgF,CAAC;IAC1G,MAAM,eAAe,GACnB,mMAAmM,CAAC;IACtM,MAAM,cAAc,GAAG,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnD,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC1D,IAAI,cAAc,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,YAAY,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,GAAG,cAAc,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,iCAAiC,CAAC,CAAC,CAAC,EAAE,0GAA0G;YACxT,WAAW,EAAE,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;YAC7D,cAAc,EACZ,oNAAoN;YACtN,SAAS,EAAE,6CAA6C;YACxD,YAAY,EACV,+JAA+J;YACjK,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,4BAA4B;IAC5B,MAAM,YAAY,GAAG,0CAA0C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3E,IAAI,CAAC,YAAY,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,2BAA2B;YAClC,WAAW,EACT,uJAAuJ;YACzJ,cAAc,EACZ,wLAAwL;YAC1L,SAAS,EAAE,2CAA2C;YACtD,YAAY,EACV,sIAAsI;YACxI,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,MAAM,eAAe,GAAG,yFAAyF,CAAC;IAClH,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC5D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EACT,oJAAoJ;YACtJ,WAAW,EAAE,aAAa;YAC1B,cAAc,EACZ,yHAAyH;YAC3H,SAAS,EAAE,8BAA8B;YACzC,YAAY,EACV,mJAAmJ;YACrJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,oBAAoB,GAAG,kEAAkE,CAAC;IAChG,MAAM,kBAAkB,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IACtE,MAAM,kBAAkB,GAAG,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1G,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACzD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,6CAA6C;YACpD,WAAW,EACT,qJAAqJ;YACvJ,WAAW,EAAE,kBAAkB;YAC/B,cAAc,EACZ,0IAA0I;YAC5I,SAAS,EAAE,6BAA6B;YACxC,YAAY,EACV,4JAA4J;YAC9J,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,qCAAqC;IACrC,MAAM,oBAAoB,GAAG,yEAAyE,CAAC;IACvG,MAAM,kBAAkB,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IACtE,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EACT,oJAAoJ;YACtJ,WAAW,EAAE,kBAAkB;YAC/B,cAAc,EACZ,6HAA6H;YAC/H,SAAS,EAAE,uCAAuC;YAClD,YAAY,EACV,uJAAuJ;YACzJ,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,6BAA6B;IAC7B,MAAM,iBAAiB,GAAG,gFAAgF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtH,MAAM,wBAAwB,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;IACvD,IAAI,wBAAwB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACnD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EACT,iJAAiJ;YACnJ,cAAc,EACZ,oIAAoI;YACtI,SAAS,EAAE,uCAAuC;YAClD,YAAY,EACV,mJAAmJ;YACrJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,4CAA4C;IAC5C,MAAM,mBAAmB,GACvB,6GAA6G,CAAC;IAChH,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EACT,kIAAkI;YACpI,cAAc,EACZ,iJAAiJ;YACnJ,SAAS,EAAE,0BAA0B;YACrC,YAAY,EACV,uHAAuH;YACzH,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,MAAM,SAAS,GAAG,yDAAyD,CAAC;IAC5E,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IAChD,MAAM,UAAU,GAAG,6DAA6D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5F,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EACT,4IAA4I;YAC9I,WAAW,EAAE,OAAO;YACpB,cAAc,EACZ,oIAAoI;YACtI,SAAS,EAAE,kCAAkC;YAC7C,YAAY,EACV,yIAAyI;YAC3I,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/evaluators/shared.d.ts

@@ -1,6 +1,20 @@
-import { JudgeDefinition, JudgeEvaluation, TribunalVerdict, Finding, Verdict, JudgesConfig, LangFamily } from "../types.js";
+import type { JudgeDefinition, JudgeEvaluation, TribunalVerdict, Finding, Verdict, JudgesConfig, LangFamily } from "../types.js";
 import { normalizeLanguage, langPattern } from "../language-patterns.js";
 export { normalizeLanguage, langPattern };
+export type FileCategory = "test" | "config" | "types" | "utility" | "server" | "unknown";
+/**
+ * Heuristically classify a source file based on its content (and optionally its
+ * file path). The classification drives file-type gating: absence-based
+ * rules (e.g. "no rate limiting", "no config schema") are suppressed on
+ * non-server files where they would only produce noise.
+ */
+export declare function classifyFile(code: string, language: string, filePath?: string): FileCategory;
+/**
+ * Whether absence-based rules should fire for a file of this category.
+ * Absence-based rules (e.g. "no rate limiting", "no input validation") are
+ * only meaningful on server / entry-point code.
+ */
+export declare function shouldRunAbsenceRules(category: FileCategory): boolean;
 /**
  * Find line numbers in source code that match a given regex pattern.
  */
@@ -20,7 +34,12 @@ export declare function getLangFamily(language: string): LangFamily;
  * override severities, and filter by minimum severity.
  */
 export declare function applyConfig(findings: Finding[], config?: JudgesConfig): Finding[];
-export declare function calculateScore(findings: Finding[]): number;
+/**
+ * Detect positive engineering signals in source code. Returns a bonus score.
+ * Called during scoring to reward good practices, not just penalize problems.
+ */
+export declare function detectPositiveSignals(code: string): number;
+export declare function calculateScore(findings: Finding[], code?: string): number;
 export declare function deriveVerdict(findings: Finding[], score: number): Verdict;
 export declare function buildSummary(judge: JudgeDefinition, findings: Finding[], score: number, verdict: Verdict): string;
 export declare function buildTribunalSummary(evaluations: JudgeEvaluation[], verdict: Verdict, score: number, criticalCount: number, highCount: number): string;
@@ -28,6 +47,9 @@ export declare function buildTribunalSummary(evaluations: JudgeEvaluation[], ver
  * Format a full tribunal verdict as a readable Markdown string.
  */
 export declare function formatVerdictAsMarkdown(verdict: TribunalVerdict): string;
+export declare function isLikelyPlaceholderCredentialValue(value: string): boolean;
+export declare function isStrictCredentialDetectionEnabled(): boolean;
+export declare function looksLikeRealCredentialValue(value: string): boolean;
 /**
  * Format a single judge evaluation as a readable Markdown string.
  */

package/dist/evaluators/shared.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../../src/evaluators/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,eAAe,EACf,eAAe,EACf,eAAe,EACf,OAAO,EAEP,OAAO,EACP,YAAY,EACZ,UAAU,EACX,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGzE,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,CAAC;AAM1C;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAStE;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,UAAU,GAAG,MAAM,GAAG,KAAK,EAAE,MAAM,CAAC,CAAC,GAC7D,MAAM,EAAE,CAKV;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,CAE1D;AAID;;;GAGG;AACH,wBAAgB,WAAW,CACzB,QAAQ,EAAE,OAAO,EAAE,EACnB,MAAM,CAAC,EAAE,YAAY,GACpB,OAAO,EAAE,CAyDX;AAID,wBAAgB,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,CAsB1D;AA0BD,wBAAgB,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAKzE;AAID,wBAAgB,YAAY,CAC1B,KAAK,EAAE,eAAe,EACtB,QAAQ,EAAE,OAAO,EAAE,EACnB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,OAAO,GACf,MAAM,CAsBR;AAED,wBAAgB,oBAAoB,CAClC,WAAW,EAAE,eAAe,EAAE,EAC9B,OAAO,EAAE,OAAO,EAChB,KAAK,EAAE,MAAM,EACb,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,GAChB,MAAM,CAoBR;AAID;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,eAAe,GAAG,MAAM,CAmCxE;AAED;;GAEG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,eAAe,GAAG,MAAM,CAiC9E"}
+{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../../src/evaluators/shared.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,eAAe,EACf,eAAe,EACf,eAAe,EACf,OAAO,EAEP,OAAO,EACP,YAAY,EACZ,UAAU,EACX,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAGzE,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,CAAC;AAO1C,MAAM,MAAM,YAAY,GACpB,MAAM,GACN,QAAQ,GACR,OAAO,GACP,SAAS,GACT,QAAQ,GACR,SAAS,CAAC;AAEd;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,YAAY,CAqG5F;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,YAAY,GAAG,OAAO,CAErE;AAMD;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAUtE;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,UAAU,GAAG,MAAM,GAAG,KAAK,EAAE,MAAM,CAAC,CAAC,GAC7D,MAAM,EAAE,CAKV;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,UAAU,CAE1D;AAID;;;GAGG;AACH,wBAAgB,WAAW,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,OAAO,EAAE,CAsDjF;AAID;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CA0B1D;AAED,wBAAgB,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CA4BzE;AAED,wBAAgB,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAMzE;AAID,wBAAgB,YAAY,CAAC,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,MAAM,CAqBjH;AAED,wBAAgB,oBAAoB,CAClC,WAAW,EAAE,eAAe,EAAE,EAC9B,OAAO,EAAE,OAAO,EAChB,KAAK,EAAE,MAAM,EACb,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,GAChB,MAAM,CAmBR;AAID;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,eAAe,GAAG,MAAM,CAmCxE;AA+BD,wBAAgB,kCAAkC,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAQzE;AAED,wBAAgB,kCAAkC,IAAI,OAAO,CAE5D;AAED,wBAAgB,4BAA4B,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAuBnE;AAED;;GAEG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,eAAe,GAAG,MAAM,CAiC9E"}

package/dist/evaluators/shared.js

@@ -1,6 +1,91 @@
 import { normalizeLanguage, langPattern } from "../language-patterns.js";
 // ─── Re-export language utilities for convenience ────────────────────────────
 export { normalizeLanguage, langPattern };
+/**
+ * Heuristically classify a source file based on its content (and optionally its
+ * file path). The classification drives file-type gating: absence-based
+ * rules (e.g. "no rate limiting", "no config schema") are suppressed on
+ * non-server files where they would only produce noise.
+ */
+export function classifyFile(code, language, filePath) {
+    const lines = code.split("\n");
+    const lineCount = lines.length;
+    // ── Path-based fast checks ───────────────────────────────────────────────
+    if (filePath) {
+        const lowerPath = filePath.toLowerCase().replace(/\\/g, "/");
+        if (/[/\\]?(?:__tests__|test|tests|spec|__mocks__|__fixtures__)[/\\]/i.test(lowerPath) ||
+            /\.(test|spec|e2e)\.\w+$/i.test(lowerPath)) {
+            return "test";
+        }
+        if (/(?:^|[/\\])(?:tsconfig|jest\.config|webpack\.config|vite\.config|eslint|\.eslintrc|babel\.config|rollup\.config|\.prettierrc|Makefile|Dockerfile|docker-compose|package\.json|Cargo\.toml|go\.mod|pom\.xml|build\.gradle|\.csproj|\.sln|\.editorconfig)[^/\\]*$/i.test(lowerPath)) {
+            return "config";
+        }
+        if (/\.d\.ts$/i.test(lowerPath)) {
+            return "types";
+        }
+        // Health check / readiness probe endpoints (should not trigger absence rules)
+        if (/(?:^|[/\\])(?:health|healthcheck|health-check|readiness|liveness|ready|live|ping|status)\.\w+$/i.test(lowerPath)) {
+            return "utility";
+        }
+        // Migration / seed files
+        if (/(?:^|[/\\])(?:migrations?|seeds?|fixtures)[/\\]/i.test(lowerPath)) {
+            return "config";
+        }
+    }
+    // ── Content-based classification ─────────────────────────────────────────
+    // Test files: heavy test framework usage
+    const testFrameworkLines = lines.filter((l) => /\b(?:describe|it|test|beforeEach|afterEach|beforeAll|afterAll|expect|assert)\s*\(/i.test(l)).length;
+    if (testFrameworkLines >= 3) {
+        return "test";
+    }
+    // Pure type-definition files: mostly interfaces, types, enums, no runtime
+    const typeOnlyPattern = /^\s*(?:export\s+)?(?:interface|type|enum|declare|namespace)\b/;
+    const importPattern = /^\s*(?:import|export)\s/;
+    const commentOrBlank = /^\s*(?:\/\/|\/\*|\*|$)/;
+    const runtimeStatements = lines.filter((l) => {
+        const trimmed = l.trim();
+        return (trimmed.length > 0 &&
+            !commentOrBlank.test(trimmed) &&
+            !typeOnlyPattern.test(trimmed) &&
+            !importPattern.test(trimmed) &&
+            !/^\s*\}/.test(trimmed) && // closing braces
+            !/^\s*\*\//.test(trimmed)); // end of block comment
+    }).length;
+    if (lineCount > 5 && runtimeStatements / lineCount < 0.15) {
+        return "types";
+    }
+    // Config-like files: mostly key-value, constants, no functions
+    const constExportLines = lines.filter((l) => /^\s*(?:export\s+)?(?:const|let|var)\s+\w+\s*=\s*(?:\{|"|'|\d|true|false|null|\[)/i.test(l)).length;
+    const functionDeclLines = lines.filter((l) => /(?:function\s+\w+|=>\s*\{|class\s+\w+|def\s+\w+|fn\s+\w+|func\s+\w+)/i.test(l)).length;
+    if (lineCount > 5 && constExportLines / lineCount > 0.3 && functionDeclLines === 0) {
+        return "config";
+    }
+    // Health-check endpoints detected by content (lightweight route returning 200/ok)
+    if (/(?:\/health|\/ready|\/live|\/ping|\/status)\b/i.test(code) &&
+        lineCount < 50 &&
+        /(?:res\.(?:send|json|status)|return.*(?:ok|healthy|200))/i.test(code)) {
+        return "utility";
+    }
+    // Server / entry point: has HTTP handlers, route definitions, or listen
+    const serverSignals = /\b(?:app\.(?:get|post|put|delete|patch|use|listen)|router\.|express\(|createServer|fastify|Koa|hono|http\.(?:Server|createServer)|new\s+Hono|Flask|Django|Spring|@(?:Get|Post|Put|Delete|Controller|RequestMapping)|func\s+\w+Handler|gin\.\w+|http\.Handle)/i;
+    if (serverSignals.test(code)) {
+        return "server";
+    }
+    // Small utility with no I/O
+    const hasIO = /\b(?:fetch|axios|http|https|net|fs\.|readFile|writeFile|database|query|exec|spawn|child_process|socket)\b/i.test(code);
+    if (!hasIO && lineCount < 200) {
+        return "utility";
+    }
+    return "unknown";
+}
+/**
+ * Whether absence-based rules should fire for a file of this category.
+ * Absence-based rules (e.g. "no rate limiting", "no input validation") are
+ * only meaningful on server / entry-point code.
+ */
+export function shouldRunAbsenceRules(category) {
+    return category === "server" || category === "unknown";
+}
 // ─── Shared Utilities ────────────────────────────────────────────────────────
 // Helper functions used by all analyzer modules and the evaluation engine.
 // ──────────────────────────────────────────────────────────────────────────────
@@ -11,6 +96,7 @@ export function getLineNumbers(code, pattern) {
     const lines = code.split("\n");
     const matches = [];
     for (let i = 0; i < lines.length; i++) {
+        pattern.lastIndex = 0;
         if (pattern.test(lines[i])) {
             matches.push(i + 1);
         }
@@ -91,7 +177,46 @@ export function applyConfig(findings, config) {
     return result;
 }
 // ─── Scoring ─────────────────────────────────────────────────────────────────
-export function calculateScore(findings) {
+/**
+ * Detect positive engineering signals in source code. Returns a bonus score.
+ * Called during scoring to reward good practices, not just penalize problems.
+ */
+export function detectPositiveSignals(code) {
+    let bonus = 0;
+    // Parameterized queries (prepared statements, $1 placeholders)
+    if (/\$\d+|PreparedStatement|\?\s*(?:,|\))|\.prepare\s*\(/i.test(code))
+        bonus += 3;
+    // Security headers imported (helmet, csp, hsts)
+    if (/\bhelmet\b|content-security-policy|strict-transport-security/i.test(code))
+        bonus += 3;
+    // Proper error handling (try/catch with actual handling, not empty catch)
+    if (/catch\s*\([^)]+\)\s*\{[^}]*(?:log|throw|return|next|reject|emit)/i.test(code))
+        bonus += 2;
+    // Input validation present (joi, zod, yup, express-validator, class-validator)
+    if (/\b(?:joi|zod|yup|ajv|class-validator|express-validator)\b/i.test(code))
+        bonus += 2;
+    // Authentication middleware
+    if (/\b(?:passport|requireAuth|isAuthenticated|authMiddleware|verifyToken|authorize)\b/i.test(code))
+        bonus += 3;
+    // Rate limiting
+    if (/\b(?:rateLimit|rateLimiter|express-rate-limit|throttle|bottleneck)\b/i.test(code))
+        bonus += 2;
+    // CORS properly configured
+    if (/\bcors\b.*\b(?:origin|methods|credentials)\b/i.test(code))
+        bonus += 1;
+    // TypeScript strict mode or runtime type checking
+    if (/\bstrict(?:NullChecks|Mode)?\s*:\s*true\b/i.test(code))
+        bonus += 1;
+    // Structured logging (winston, pino, bunyan)
+    if (/\b(?:winston|pino|bunyan|createLogger|getLogger)\b/i.test(code))
+        bonus += 2;
+    // Tests present (basic signal for quality)
+    if (/\b(?:describe|it|test|expect|assert)\s*\(/i.test(code))
+        bonus += 1;
+    // Cap total bonus at +15
+    return Math.min(bonus, 15);
+}
+export function calculateScore(findings, code) {
     let score = 100;
     for (const f of findings) {
         switch (f.severity) {
@@ -112,29 +237,12 @@ export function calculateScore(findings) {
                 break;
         }
     }
+    // Add positive signals bonus if code is provided
+    if (code) {
+        score += detectPositiveSignals(code);
+    }
     return Math.max(0, Math.min(100, score));
 }
-function findingPriorityValue(finding) {
-    const severityWeight = {
-        critical: 100,
-        high: 70,
-        medium: 40,
-        low: 15,
-        info: 5,
-    };
-    const confidence = typeof finding.confidence === "number"
-        ? Math.max(0, Math.min(1, finding.confidence))
-        : 0.75;
-    return severityWeight[finding.severity] * (0.6 + confidence * 0.4);
-}
-function sortFindingsByPriority(findings) {
-    return [...findings].sort((a, b) => {
-        const priorityDiff = findingPriorityValue(b) - findingPriorityValue(a);
-        if (priorityDiff !== 0)
-            return priorityDiff;
-        return a.ruleId.localeCompare(b.ruleId);
-    });
-}
 export function deriveVerdict(findings, score) {
     if (findings.some((f) => f.severity === "critical"))
         return "fail";
@@ -154,11 +262,12 @@ export function buildSummary(judge, findings, score, verdict) {
     summary += `Verdict: **${verdict.toUpperCase()}** | Score: **${score}/100**\n`;
     summary += `Findings: ${critical} critical, ${high} high, ${medium} medium, ${low} low\n\n`;
     if (findings.length === 0) {
-        summary += "No pattern-based issues detected. Heuristic analysis has inherent limits — absence of findings does not guarantee the code is free of defects. Manual expert review is strongly recommended.";
+        summary +=
+            "No pattern-based issues detected. Heuristic analysis has inherent limits — absence of findings does not guarantee the code is free of defects. Manual expert review is strongly recommended.";
     }
     else {
         summary += "Key issues:\n";
-        for (const f of sortFindingsByPriority(findings.filter((f) => ["critical", "high"].includes(f.severity)))) {
+        for (const f of findings.filter((f) => ["critical", "high"].includes(f.severity))) {
             summary += `- [${f.ruleId}] (${f.severity}) ${f.title}: ${f.description}\n`;
         }
     }
@@ -188,7 +297,7 @@ export function formatVerdictAsMarkdown(verdict) {
     let md = verdict.summary;
     md += `\n## Detailed Findings\n\n`;
     for (const evaluation of verdict.evaluations) {
-        for (const finding of sortFindingsByPriority(evaluation.findings)) {
+        for (const finding of evaluation.findings) {
             const severityBadge = finding.severity === "critical"
                 ? "🔴 CRITICAL"
                 : finding.severity === "high"
@@ -215,13 +324,72 @@ export function formatVerdictAsMarkdown(verdict) {
     }
     return md;
 }
+// ─── Shared Credential / Placeholder Detection ──────────────────────────────
+// Centralised so authentication.ts, data-security.ts, and cybersecurity.ts
+// all use the same logic instead of maintaining identical copies.
+// ─────────────────────────────────────────────────────────────────────────────
+const EXACT_PLACEHOLDERS = new Set([
+    "test",
+    "testing",
+    "mock",
+    "dummy",
+    "example",
+    "sample",
+    "fake",
+    "na",
+    "n/a",
+    "none",
+    "null",
+    "undefined",
+    "changeme",
+    "change_me",
+    "replace_me",
+    "replace-me",
+    "your_token_here",
+    "your_api_key",
+    "unused",
+    "not_used",
+    "placeholder",
+]);
+export function isLikelyPlaceholderCredentialValue(value) {
+    const normalized = value.trim().toLowerCase();
+    if (EXACT_PLACEHOLDERS.has(normalized))
+        return true;
+    if (/^(?:test|mock|dummy|sample|example|fake|placeholder|na|n\/a|unused|changeme|replace)[-_a-z0-9]*$/i.test(normalized))
+        return true;
+    return false;
+}
+export function isStrictCredentialDetectionEnabled() {
+    return process.env.JUDGES_CREDENTIAL_MODE?.toLowerCase() === "strict";
+}
+export function looksLikeRealCredentialValue(value) {
+    if (isLikelyPlaceholderCredentialValue(value))
+        return false;
+    if (!isStrictCredentialDetectionEnabled())
+        return true;
+    const normalized = value.trim();
+    if (normalized.length < 12)
+        return false;
+    if (/(?:test|mock|dummy|sample|example|fake|placeholder|changeme|replace[_-]?me|unused|not[_-]?used|password|secret)/i.test(normalized))
+        return false;
+    const hasLower = /[a-z]/.test(normalized);
+    const hasUpper = /[A-Z]/.test(normalized);
+    const hasDigit = /\d/.test(normalized);
+    const hasSymbol = /[^A-Za-z0-9]/.test(normalized);
+    const classCount = [hasLower, hasUpper, hasDigit, hasSymbol].filter(Boolean).length;
+    if (normalized.length >= 20 && classCount >= 2)
+        return true;
+    if (normalized.length >= 16 && classCount >= 3)
+        return true;
+    return false;
+}
 /**
  * Format a single judge evaluation as a readable Markdown string.
  */
 export function formatEvaluationAsMarkdown(evaluation) {
     let md = evaluation.summary + "\n\n";
     md += `## Detailed Findings\n\n`;
-    for (const finding of sortFindingsByPriority(evaluation.findings)) {
+    for (const finding of evaluation.findings) {
         const severityBadge = finding.severity === "critical"
             ? "🔴 CRITICAL"
             : finding.severity === "high"