npm - @lamentis/naome - Versions diffs - 1.3.16 → 1.4.0 - Mend

@lamentis/naome 1.3.16 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/Cargo.lock CHANGED Viewed

@@ -76,7 +76,7 @@ checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79"
 [[package]]
 name = "naome-cli"
-version = "1.3.16"
+version = "1.4.0"
 dependencies = [
  "naome-core",
  "serde_json",
@@ -84,7 +84,7 @@ dependencies = [
 [[package]]
 name = "naome-core"
-version = "1.3.16"
+version = "1.4.0"
 dependencies = [
  "serde",
  "serde_json",

package/crates/naome-cli/Cargo.toml CHANGED Viewed

@@ -1,6 +1,6 @@
 [package]
 name = "naome-cli"
-version = "1.3.16"
+version = "1.4.0"
 edition.workspace = true
 license.workspace = true
 repository.workspace = true

package/crates/naome-cli/src/architecture_commands.rs CHANGED Viewed

@@ -2,11 +2,12 @@ use std::fs;
 use std::path::{Path, PathBuf};
 use naome_core::{
-    config_findings_for, default_architecture_config_text, format_architecture_explain,
+    architecture_validation_sarif_with_root, config_findings_for, format_architecture_explain,
     format_architecture_scan, format_architecture_validation, scan_architecture,
     validate_architecture, ArchitectureScanOptions, ARCHITECTURE_RULE_IDS,
 };
+use crate::architecture_init::architecture_init_config_text;
 use crate::cli_args::{has_flag, option_value};
 pub fn run_arch_command(root: &Path, args: &[String]) -> Result<(), Box<dyn std::error::Error>> {
@@ -28,7 +29,7 @@ fn run_arch_init(root: &Path, args: &[String]) -> Result<(), Box<dyn std::error:
     if path.exists() {
         return Err(format!("{} already exists", display_path(root, &path)).into());
     }
-    fs::write(&path, default_architecture_config_text())?;
+    fs::write(&path, architecture_init_config_text(root))?;
     if has_flag(args, "--json") {
         println!(
             "{}",
@@ -87,6 +88,19 @@ fn run_arch_validate(root: &Path, args: &[String]) -> Result<(), Box<dyn std::er
         root,
         scan_options(root, args, has_flag(args, "--changed-only")),
     )?;
+    if has_flag(args, "--sarif") {
+        let output =
+            serde_json::to_string_pretty(&architecture_validation_sarif_with_root(&report, root))?;
+        if let Some(path) = option_value(args, "--output") {
+            fs::write(root.join(path), output)?;
+        } else {
+            println!("{output}");
+        }
+        if report.status == "fail" {
+            std::process::exit(1);
+        }
+        return Ok(());
+    }
     let json = has_flag(args, "--json") || has_flag(args, "--agent-feedback");
     if json {
         if has_flag(args, "--agent-feedback") {

package/crates/naome-cli/src/architecture_init/infer.rs ADDED Viewed

@@ -0,0 +1,131 @@
+use std::collections::BTreeSet;
+use super::render::SectionBlock;
+pub fn layers(files: &BTreeSet<String>) -> Vec<SectionBlock> {
+    [
+        block_if_present(
+            "ui",
+            files,
+            &["src/components/**", "src/ui/**", "Sources/**/Views/**"],
+        ),
+        block_if_present(
+            "application",
+            files,
+            &["src/features/**", "src/usecases/**", "src/application/**"],
+        ),
+        block_if_present("domain", files, &["src/domain/**", "Sources/**/Domain/**"]),
+        block_if_present(
+            "infrastructure",
+            files,
+            &[
+                "src/infrastructure/**",
+                "src/adapters/**",
+                "Sources/**/Infrastructure/**",
+            ],
+        ),
+    ]
+    .into_iter()
+    .flatten()
+    .collect()
+}
+pub fn contexts(files: &BTreeSet<String>) -> Vec<SectionBlock> {
+    let mut contexts = src_contexts(files)
+        .into_iter()
+        .map(|name| SectionBlock {
+            name: name.clone(),
+            paths: vec![format!("src/{name}/**")],
+            public_api: vec![
+                format!("src/{name}/index.*"),
+                format!("src/{name}/public/**"),
+            ],
+        })
+        .collect::<Vec<_>>();
+    contexts.extend(swift_contexts(files));
+    contexts
+}
+fn block_if_present(
+    name: &str,
+    files: &BTreeSet<String>,
+    candidates: &[&str],
+) -> Option<SectionBlock> {
+    let paths = candidates
+        .iter()
+        .filter(|pattern| files.iter().any(|file| glob_like_matches(file, pattern)))
+        .map(|pattern| (*pattern).to_string())
+        .collect::<Vec<_>>();
+    (!paths.is_empty()).then(|| SectionBlock {
+        name: name.to_string(),
+        paths,
+        public_api: Vec::new(),
+    })
+}
+fn src_contexts(files: &BTreeSet<String>) -> Vec<String> {
+    let ignored = [
+        "adapters",
+        "application",
+        "components",
+        "domain",
+        "infrastructure",
+        "ui",
+    ];
+    let mut contexts = BTreeSet::new();
+    for file in files {
+        let Some(rest) = file.strip_prefix("src/") else {
+            continue;
+        };
+        let Some((name, _)) = rest.split_once('/') else {
+            continue;
+        };
+        if !ignored.contains(&name) {
+            contexts.insert(name.to_string());
+        }
+    }
+    contexts.into_iter().collect()
+}
+fn swift_contexts(files: &BTreeSet<String>) -> Vec<SectionBlock> {
+    let mut targets = BTreeSet::new();
+    for file in files {
+        let Some(rest) = file.strip_prefix("Sources/") else {
+            continue;
+        };
+        if let Some((target, _)) = rest.split_once('/') {
+            targets.insert(target.to_string());
+        }
+    }
+    targets
+        .into_iter()
+        .map(|target| SectionBlock {
+            name: target.to_lowercase(),
+            paths: vec![format!("Sources/{target}/**")],
+            public_api: vec![format!("Sources/{target}/Public/**")],
+        })
+        .collect()
+}
+fn glob_like_matches(path: &str, pattern: &str) -> bool {
+    if !pattern.contains("**") {
+        return path == pattern;
+    }
+    let mut remainder = path;
+    for (index, part) in pattern.split("**").enumerate() {
+        if part.is_empty() {
+            continue;
+        }
+        if index == 0 {
+            let prefix = part.trim_end_matches('/');
+            if !path.starts_with(prefix) {
+                return false;
+            }
+        }
+        let Some(found) = remainder.find(part.trim_matches('*')) else {
+            return false;
+        };
+        remainder = &remainder[found + part.len().min(remainder.len())..];
+    }
+    true
+}

package/crates/naome-cli/src/architecture_init/render.rs ADDED Viewed

@@ -0,0 +1,56 @@
+use naome_core::default_architecture_config_text;
+pub struct SectionBlock {
+    pub name: String,
+    pub paths: Vec<String>,
+    pub public_api: Vec<String>,
+}
+pub fn config(layers: Vec<SectionBlock>, contexts: Vec<SectionBlock>) -> String {
+    let mut text = "# NAOME architecture fitness configuration.\n".to_string();
+    text.push_str("layers:\n");
+    for layer in layers {
+        text.push_str(&layer.render_paths());
+    }
+    text.push_str("\nallowed_dependencies:\n");
+    text.push_str("  ui:\n    - application\n    - domain\n");
+    text.push_str("  application:\n    - domain\n");
+    text.push_str("  infrastructure:\n    - domain\n");
+    text.push_str("  domain:\n\ncontexts:\n");
+    if contexts.is_empty() {
+        text.push_str("  default:\n    paths:\n      - \"src/**\"\n    public_api:\n      - \"src/index.*\"\n");
+    } else {
+        for context in contexts {
+            text.push_str(&context.render_context());
+        }
+    }
+    text.push_str("\nrules:\n");
+    text.push_str(default_rules_tail());
+    text
+}
+impl SectionBlock {
+    fn render_paths(&self) -> String {
+        let mut text = format!("  {}:\n    paths:\n", self.name);
+        for path in &self.paths {
+            text.push_str(&format!("      - \"{path}\"\n"));
+        }
+        text
+    }
+    fn render_context(&self) -> String {
+        let mut text = self.render_paths();
+        text.push_str("    public_api:\n");
+        for path in &self.public_api {
+            text.push_str(&format!("      - \"{path}\"\n"));
+        }
+        text
+    }
+}
+fn default_rules_tail() -> &'static str {
+    default_architecture_config_text()
+        .split_once("\nrules:\n")
+        .map(|(_, tail)| tail)
+        .unwrap_or("")
+}

package/crates/naome-cli/src/architecture_init/repository.rs ADDED Viewed

@@ -0,0 +1,59 @@
+use std::collections::BTreeSet;
+use std::fs;
+use std::path::{Path, PathBuf};
+use naome_core::{naomeignore_patterns, path_matches_any};
+pub fn files(root: &Path) -> BTreeSet<String> {
+    let mut found = BTreeSet::new();
+    let ignore_patterns = naomeignore_patterns(root);
+    let mut pending = vec![root.to_path_buf()];
+    while let Some(dir) = pending.pop() {
+        let Ok(entries) = fs::read_dir(&dir) else {
+            continue;
+        };
+        for entry in entries.flatten() {
+            let path = entry.path();
+            let relative = normalize(path.strip_prefix(root).unwrap_or(&path));
+            if ignored(&relative, &ignore_patterns) {
+                continue;
+            }
+            let Ok(metadata) = fs::symlink_metadata(&path) else {
+                continue;
+            };
+            if metadata.is_dir() {
+                pending.push(path);
+            } else if metadata.is_file() {
+                found.insert(relative);
+            }
+        }
+    }
+    found
+}
+fn ignored(path: &str, ignore_patterns: &[String]) -> bool {
+    path.is_empty()
+        || path == ".git"
+        || path.starts_with(".git/")
+        || path == ".naome"
+        || path.starts_with(".naome/")
+        || path == "node_modules"
+        || path.contains("/node_modules/")
+        || build_output(path)
+        || matches_any(path, ignore_patterns)
+}
+fn build_output(path: &str) -> bool {
+    matches!(path, "target" | "dist" | "build")
+        || path.contains("/target/")
+        || path.contains("/dist/")
+        || path.contains("/build/")
+}
+fn normalize(path: impl Into<PathBuf>) -> String {
+    path.into().to_string_lossy().replace('\\', "/")
+}
+fn matches_any(path: &str, patterns: &[String]) -> bool {
+    path_matches_any(path, patterns)
+}

package/crates/naome-cli/src/architecture_init.rs ADDED Viewed

@@ -0,0 +1,17 @@
+mod infer;
+mod render;
+mod repository;
+use std::path::Path;
+use naome_core::default_architecture_config_text;
+pub fn architecture_init_config_text(root: &Path) -> String {
+    let files = repository::files(root);
+    let layers = infer::layers(&files);
+    let contexts = infer::contexts(&files);
+    if layers.is_empty() && contexts.is_empty() {
+        return default_architecture_config_text().to_string();
+    }
+    render::config(layers, contexts)
+}

package/crates/naome-cli/src/main.rs CHANGED Viewed

@@ -1,4 +1,5 @@
 mod architecture_commands;
+mod architecture_init;
 mod check_commands;
 mod cli_args;
 mod context_commands;
@@ -61,7 +62,7 @@ const HELP: &str = r#"Usage:
   naome arch init [--config <path>] [--json]
   naome arch explain [--config <path>] [--json]
   naome arch scan [--config <path>] [--changed-only] [--write] [--output <path>] [--json]
-  naome arch validate [--config <path>] [--changed-only] [--agent-feedback] [--json]
+  naome arch validate [--config <path>] [--changed-only] [--agent-feedback] [--json|--sarif] [--output <path>]
   naome workflow search-profile [--json]
   naome workflow agent-plan [--json]
   naome workflow context-delta [--read-path <path>...] [--json]

package/crates/naome-cli/tests/architecture_cli.rs CHANGED Viewed

@@ -38,6 +38,81 @@ fn architecture_explain_json_lists_all_validation_rules() {
     }
 }
+#[test]
+fn architecture_init_generates_repo_aware_layers_and_contexts() {
+    let root = fixture_root();
+    write_fixture_file(&root, "src/billing/index.ts", "export const billing = 1;\n");
+    write_fixture_file(
+        &root,
+        "src/ticketing/index.ts",
+        "export const ticketing = 1;\n",
+    );
+    write_fixture_file(&root, "src/domain/event.ts", "export const event = 1;\n");
+    write_fixture_file(&root, "src/infrastructure/db.ts", "export const db = 1;\n");
+    write_fixture_file(
+        &root,
+        "Sources/App/Views/HomeView.swift",
+        "import SwiftUI\n",
+    );
+    run_arch_init(&root);
+    let config = fs::read_to_string(root.join("naome.arch.yaml")).unwrap();
+    assert!(config.contains("ui:"));
+    assert!(config.contains("\"Sources/**/Views/**\""));
+    assert!(config.contains("billing:"));
+    assert!(config.contains("\"src/billing/**\""));
+    assert!(config.contains("ticketing:"));
+    assert!(config.contains("\"src/ticketing/**\""));
+    assert!(config.contains("public_api:"));
+    assert!(config.contains("\"src/billing/index.*\""));
+}
+#[test]
+fn architecture_init_respects_naomeignore_boundaries() {
+    let root = fixture_root();
+    fs::write(
+        root.join(".naomeignore"),
+        ".naome/archive/\n.naome/tasks/\nvendor/\ngenerated/**\n",
+    )
+    .unwrap();
+    write_fixture_file(&root, "vendor/billing/index.ts", "export const x = 1;\n");
+    write_fixture_file(
+        &root,
+        "generated/ticketing/index.ts",
+        "export const y = 1;\n",
+    );
+    write_fixture_file(&root, "src/domain/event.ts", "export const event = 1;\n");
+    run_arch_init(&root);
+    let config = fs::read_to_string(root.join("naome.arch.yaml")).unwrap();
+    assert!(config.contains("\"src/domain/**\""));
+    assert!(!config.contains("vendor"));
+    assert!(!config.contains("generated/ticketing"));
+}
+fn run_arch_init(root: &std::path::Path) {
+    let output = Command::new(env!("CARGO_BIN_EXE_naome"))
+        .args(["arch", "init"])
+        .current_dir(root)
+        .output()
+        .unwrap();
+    assert!(
+        output.status.success(),
+        "{}{}",
+        String::from_utf8_lossy(&output.stdout),
+        String::from_utf8_lossy(&output.stderr)
+    );
+}
+fn write_fixture_file(root: &std::path::Path, path: &str, content: &str) {
+    let target = root.join(path);
+    fs::create_dir_all(target.parent().unwrap()).unwrap();
+    fs::write(target, content).unwrap();
+}
 fn fixture_root() -> std::path::PathBuf {
     let nonce = SystemTime::now()
         .duration_since(UNIX_EPOCH)

package/crates/naome-core/Cargo.toml CHANGED Viewed

@@ -1,6 +1,6 @@
 [package]
 name = "naome-core"
-version = "1.3.16"
+version = "1.4.0"
 edition.workspace = true
 license.workspace = true
 repository.workspace = true

package/crates/naome-core/src/architecture/config_findings/configuration/coverage.rs ADDED Viewed

@@ -0,0 +1,81 @@
+use super::super::super::output::ArchitectureConfigFinding;
+use super::super::super::scan::{ArchitectureScanReport, FileFact};
+pub fn findings(scan: &ArchitectureScanReport) -> Vec<ArchitectureConfigFinding> {
+    let mut findings = Vec::new();
+    findings.extend(unmatched_layer_findings(scan));
+    findings.extend(unmatched_context_findings(scan));
+    findings
+}
+fn unmatched_layer_findings(scan: &ArchitectureScanReport) -> Vec<ArchitectureConfigFinding> {
+    unmatched_membership_findings(
+        scan,
+        scan.config.layers.keys(),
+        MembershipFinding {
+            id: "arch.config.layer_matches_no_files",
+            subject_prefix: "layer",
+            label: "Layer",
+            noun: "layer",
+        },
+        |fact| &fact.layers,
+    )
+}
+fn unmatched_context_findings(scan: &ArchitectureScanReport) -> Vec<ArchitectureConfigFinding> {
+    unmatched_membership_findings(
+        scan,
+        scan.config.contexts.keys(),
+        MembershipFinding {
+            id: "arch.config.context_matches_no_files",
+            subject_prefix: "context",
+            label: "Context",
+            noun: "context",
+        },
+        |fact| &fact.contexts,
+    )
+}
+struct MembershipFinding {
+    id: &'static str,
+    subject_prefix: &'static str,
+    label: &'static str,
+    noun: &'static str,
+}
+fn unmatched_membership_findings<'a, I, F>(
+    scan: &ArchitectureScanReport,
+    names: I,
+    finding: MembershipFinding,
+    memberships: F,
+) -> Vec<ArchitectureConfigFinding>
+where
+    I: Iterator<Item = &'a String>,
+    F: Fn(&FileFact) -> &[String],
+{
+    names
+        .filter(|name| {
+            !scan
+                .file_facts
+                .values()
+                .any(|fact| memberships(fact).iter().any(|member| member == *name))
+        })
+        .map(|name| ArchitectureConfigFinding {
+            id: finding.id.to_string(),
+            severity: "warning".to_string(),
+            subject: format!("{}:{name}", finding.subject_prefix),
+            message: format!(
+                "{} {name} does not match any scanned repository file.",
+                finding.label
+            ),
+            suggestion: format!(
+                "Update {name} path patterns in naome.arch.yaml or remove the {} if it is not part of this repository.",
+                finding.noun
+            ),
+            agent_instruction: format!(
+                "Do not rely on {} {name} for architecture enforcement until its paths match repository files.",
+                finding.noun
+            ),
+        })
+        .collect()
+}

package/crates/naome-core/src/architecture/config_findings/configuration/overlap.rs ADDED Viewed

@@ -0,0 +1,117 @@
+use super::super::super::output::ArchitectureConfigFinding;
+use super::super::super::scan::ArchitectureScanReport;
+pub fn findings(scan: &ArchitectureScanReport) -> Vec<ArchitectureConfigFinding> {
+    let mut findings = Vec::new();
+    findings.extend(broad_layer_findings(scan));
+    findings.extend(catch_all_context_findings(scan));
+    findings
+}
+fn broad_layer_findings(scan: &ArchitectureScanReport) -> Vec<ArchitectureConfigFinding> {
+    let mut findings = Vec::new();
+    for (layer_name, layer) in &scan.config.layers {
+        let Some(broad_pattern) = layer
+            .paths
+            .iter()
+            .find(|pattern| is_broad_source_pattern(pattern))
+        else {
+            continue;
+        };
+        let overlapping_layers = scan
+            .config
+            .layers
+            .iter()
+            .filter(|(other_name, other_layer)| {
+                other_name.as_str() != layer_name.as_str()
+                    && other_layer
+                        .paths
+                        .iter()
+                        .any(|pattern| pattern_is_narrower_than(pattern, broad_pattern))
+            })
+            .map(|(name, _)| name.clone())
+            .collect::<Vec<_>>();
+        if overlapping_layers.is_empty() {
+            continue;
+        }
+        findings.push(ArchitectureConfigFinding {
+            id: "arch.config.broad_layer_overlap".to_string(),
+            severity: "warning".to_string(),
+            subject: format!("layer:{layer_name}"),
+            message: format!(
+                "Layer {layer_name} uses broad path pattern {broad_pattern} while narrower layers also match inside it: {}.",
+                overlapping_layers.join(", ")
+            ),
+            suggestion: format!(
+                "Keep broad compatibility layers intentional and make allowed_dependencies explicit, or narrow {layer_name} so files do not inherit multiple architectural meanings by default."
+            ),
+            agent_instruction: format!(
+                "Do not rely on broad layer {layer_name} to hide architecture boundaries; prefer narrower layer paths or explicit allow rules."
+            ),
+        });
+    }
+    findings
+}
+fn catch_all_context_findings(scan: &ArchitectureScanReport) -> Vec<ArchitectureConfigFinding> {
+    if scan.config.contexts.len() <= 1 {
+        return Vec::new();
+    }
+    scan.config
+        .contexts
+        .iter()
+        .filter_map(|(context_name, context)| {
+            let broad_pattern = context
+                .paths
+                .iter()
+                .find(|pattern| is_broad_source_pattern(pattern))?;
+            let specific_contexts = scan
+                .config
+                .contexts
+                .iter()
+                .filter(|(other_name, other_context)| {
+                    other_name.as_str() != context_name.as_str()
+                        && other_context
+                            .paths
+                            .iter()
+                            .any(|pattern| pattern_is_narrower_than(pattern, broad_pattern))
+                })
+                .map(|(name, _)| name.clone())
+                .collect::<Vec<_>>();
+            if specific_contexts.is_empty() {
+                return None;
+            }
+            Some(ArchitectureConfigFinding {
+                id: "arch.config.catch_all_context_with_specific_contexts".to_string(),
+                severity: "warning".to_string(),
+                subject: format!("context:{context_name}"),
+                message: format!(
+                    "Context {context_name} uses catch-all path pattern {broad_pattern} alongside narrower contexts: {}.",
+                    specific_contexts.join(", ")
+                ),
+                suggestion: format!(
+                    "Treat {context_name} as a compatibility bucket only. Move shared code into explicit public APIs or replace the catch-all context with narrower bounded contexts."
+                ),
+                agent_instruction: format!(
+                    "Do not classify cross-context imports as safe only because {context_name} also matches them; model the real bounded context or public API."
+                ),
+            })
+        })
+        .collect()
+}
+fn is_broad_source_pattern(pattern: &str) -> bool {
+    matches!(pattern, "**" | "**/*" | "src/**" | "packages/**/src/**")
+}
+fn pattern_is_narrower_than(pattern: &str, broad_pattern: &str) -> bool {
+    if pattern == broad_pattern {
+        return false;
+    }
+    match broad_pattern {
+        "**" | "**/*" => true,
+        "src/**" => pattern.starts_with("src/") && pattern != "src/**",
+        "packages/**/src/**" => pattern.starts_with("packages/") && pattern.contains("/src/"),
+        _ => false,
+    }
+}

package/crates/naome-core/src/architecture/config_findings/configuration.rs ADDED Viewed

@@ -0,0 +1,12 @@
+mod coverage;
+mod overlap;
+use super::super::output::ArchitectureConfigFinding;
+use super::super::scan::ArchitectureScanReport;
+pub fn findings(scan: &ArchitectureScanReport) -> Vec<ArchitectureConfigFinding> {
+    let mut findings = Vec::new();
+    findings.extend(overlap::findings(scan));
+    findings.extend(coverage::findings(scan));
+    findings
+}

package/crates/naome-core/src/architecture/config_findings/imports.rs ADDED Viewed

@@ -0,0 +1,30 @@
+use super::super::output::ArchitectureConfigFinding;
+use super::super::scan::{ArchitectureScanReport, ImportTarget};
+pub fn findings(scan: &ArchitectureScanReport) -> Vec<ArchitectureConfigFinding> {
+    let mut findings = Vec::new();
+    for fact in scan.file_facts.values() {
+        for import in &fact.imports {
+            let ImportTarget::Unknown(specifier) = &import.target else {
+                continue;
+            };
+            findings.push(ArchitectureConfigFinding {
+                id: "arch.import.unresolved".to_string(),
+                severity: "warning".to_string(),
+                subject: format!("file:{}", fact.path),
+                message: format!(
+                    "{} imports {}, but NAOME could not resolve it to a repository file or external dependency.",
+                    fact.path, specifier
+                ),
+                suggestion: format!(
+                    "Resolve or remove import {specifier}, or add the missing resolver alias/manifest context if the import is valid."
+                ),
+                agent_instruction: format!(
+                    "Resolve or remove import {specifier} in {} before relying on architecture validation for this dependency edge.",
+                    fact.path
+                ),
+            });
+        }
+    }
+    findings
+}