npm - @mmnto/totem - Versions diffs - 1.8.3 → 1.8.5 - Mend

@mmnto/totem 1.8.3 → 1.8.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

package/dist/compile-lesson.d.ts +2 -0
package/dist/compile-lesson.d.ts.map +1 -1
package/dist/compile-lesson.js +58 -2
package/dist/compile-lesson.js.map +1 -1
package/dist/compile-lesson.test.js +143 -0
package/dist/compile-lesson.test.js.map +1 -1
package/dist/eslint-adapter.d.ts +18 -0
package/dist/eslint-adapter.d.ts.map +1 -0
package/dist/eslint-adapter.js +173 -0
package/dist/eslint-adapter.js.map +1 -0
package/dist/eslint-adapter.test.d.ts +2 -0
package/dist/eslint-adapter.test.d.ts.map +1 -0
package/dist/eslint-adapter.test.js +110 -0
package/dist/eslint-adapter.test.js.map +1 -0
package/dist/index.d.ts +9 -2
package/dist/index.d.ts.map +1 -1
package/dist/index.js +6 -1
package/dist/index.js.map +1 -1
package/dist/lesson-linter.d.ts.map +1 -1
package/dist/lesson-linter.js +50 -1
package/dist/lesson-linter.js.map +1 -1
package/dist/lesson-linter.test.js +63 -0
package/dist/lesson-linter.test.js.map +1 -1
package/dist/lesson-pattern.d.ts +9 -0
package/dist/lesson-pattern.d.ts.map +1 -1
package/dist/lesson-pattern.js +30 -0
package/dist/lesson-pattern.js.map +1 -1
package/dist/lesson-pattern.test.js +91 -1
package/dist/lesson-pattern.test.js.map +1 -1
package/dist/pipeline-observation.d.ts +36 -0
package/dist/pipeline-observation.d.ts.map +1 -0
package/dist/pipeline-observation.js +100 -0
package/dist/pipeline-observation.js.map +1 -0
package/dist/pipeline-observation.test.d.ts +2 -0
package/dist/pipeline-observation.test.d.ts.map +1 -0
package/dist/pipeline-observation.test.js +172 -0
package/dist/pipeline-observation.test.js.map +1 -0
package/dist/regex-utils.d.ts +24 -0
package/dist/regex-utils.d.ts.map +1 -0
package/dist/regex-utils.js +39 -0
package/dist/regex-utils.js.map +1 -0
package/dist/regex-utils.test.d.ts +2 -0
package/dist/regex-utils.test.d.ts.map +1 -0
package/dist/regex-utils.test.js +73 -0
package/dist/regex-utils.test.js.map +1 -0
package/dist/semgrep-adapter.d.ts +15 -0
package/dist/semgrep-adapter.d.ts.map +1 -0
package/dist/semgrep-adapter.js +133 -0
package/dist/semgrep-adapter.js.map +1 -0
package/dist/semgrep-adapter.test.d.ts +2 -0
package/dist/semgrep-adapter.test.d.ts.map +1 -0
package/dist/semgrep-adapter.test.js +136 -0
package/dist/semgrep-adapter.test.js.map +1 -0
package/package.json +1 -1

package/dist/semgrep-adapter.js ADDED Viewed

@@ -0,0 +1,133 @@
+/**
+ * Semgrep YAML rule importer (Pipeline 4).
+ * Parses Semgrep rule files and produces CompiledRule objects.
+ */
+import { parse as parseYaml } from 'yaml';
+import { hashLesson, validateRegex } from './compiler.js';
+// ─── Language-to-glob mapping ───────────────────────
+const LANGUAGE_GLOBS = {
+    javascript: ['**/*.js', '**/*.jsx'],
+    typescript: ['**/*.ts', '**/*.tsx'],
+    js: ['**/*.js', '**/*.jsx'],
+    ts: ['**/*.ts', '**/*.tsx'],
+    python: ['**/*.py'],
+    rust: ['**/*.rs'],
+    go: ['**/*.go'],
+    java: ['**/*.java'],
+    ruby: ['**/*.rb'],
+    c: ['**/*.c', '**/*.h'],
+    cpp: ['**/*.cpp', '**/*.hpp', '**/*.cc'],
+};
+function languagesToGlobs(languages) {
+    if (!languages || languages.length === 0)
+        return undefined;
+    const globs = [];
+    for (const lang of languages) {
+        const mapped = LANGUAGE_GLOBS[lang.toLowerCase()];
+        if (mapped)
+            globs.push(...mapped);
+    }
+    return globs.length > 0 ? globs : undefined;
+}
+// ─── Parser ─────────────────────────────────────────
+/** Parse Semgrep YAML rules into CompiledRule objects. */
+export function parseSemgrepRules(yamlContent) {
+    const rules = [];
+    const skipped = [];
+    let doc;
+    try {
+        doc = parseYaml(yamlContent);
+    }
+    catch {
+        return { rules, skipped: [{ id: '(root)', reason: 'Invalid YAML' }] };
+    }
+    if (!doc ||
+        typeof doc !== 'object' ||
+        !('rules' in doc) ||
+        !Array.isArray(doc.rules)) {
+        return { rules, skipped: [{ id: '(root)', reason: 'No "rules" array found in YAML' }] };
+    }
+    const now = new Date().toISOString();
+    for (const entry of doc.rules) {
+        if (!entry || typeof entry !== 'object')
+            continue;
+        const rule = entry;
+        const id = typeof rule.id === 'string' ? rule.id : undefined;
+        if (!id) {
+            skipped.push({ id: '(unknown)', reason: 'Missing rule id' });
+            continue;
+        }
+        // Extract pattern — prefer pattern-regex, fall back to simple string pattern
+        let pattern;
+        if (typeof rule['pattern-regex'] === 'string') {
+            pattern = rule['pattern-regex'];
+        }
+        else if (typeof rule.pattern === 'string' && !rule.patterns && !rule['pattern-either']) {
+            // Simple string patterns like "eval(...)" — convert to regex
+            // 1. Replace metavariables with placeholder before escaping
+            // 2. Escape regex special chars
+            // 3. Restore metavariable placeholders and `...` wildcards
+            const METAVAR_PLACEHOLDER = '\x00METAVAR\x00';
+            const withPlaceholders = rule.pattern.replace(/\$\w+/g, METAVAR_PLACEHOLDER);
+            const escaped = withPlaceholders.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+            pattern = escaped
+                .replace(/\\\.\\\.\\\./g, '.*')
+                .replace(new RegExp(METAVAR_PLACEHOLDER.replace(/\x00/g, '\\x00'), 'g'), '\\w+');
+        }
+        if (!pattern) {
+            const reason = rule.patterns
+                ? 'Compound pattern (patterns/pattern-either)'
+                : 'No pattern or pattern-regex field';
+            skipped.push({ id, reason });
+            continue;
+        }
+        // Validate regex for syntax and ReDoS safety
+        const validation = validateRegex(pattern);
+        if (!validation.valid) {
+            skipped.push({ id, reason: `Invalid regex: ${validation.reason}` });
+            continue;
+        }
+        const message = typeof rule.message === 'string' ? rule.message : `[semgrep] ${id}`;
+        // Severity
+        const sevRaw = typeof rule.severity === 'string' ? rule.severity.toUpperCase() : 'WARNING';
+        const severity = sevRaw === 'ERROR' ? 'error' : 'warning';
+        // File globs from languages + paths
+        const languages = Array.isArray(rule.languages)
+            ? rule.languages.filter((l) => typeof l === 'string')
+            : undefined;
+        const langGlobs = languagesToGlobs(languages);
+        const paths = rule.paths;
+        const includeGlobs = paths && Array.isArray(paths.include)
+            ? paths.include.filter((p) => typeof p === 'string')
+            : [];
+        const excludeGlobs = paths && Array.isArray(paths.exclude)
+            ? paths.exclude.filter((p) => typeof p === 'string').map((p) => `!${p}`)
+            : [];
+        const fileGlobs = [
+            ...(includeGlobs.length > 0 ? includeGlobs : (langGlobs ?? [])),
+            ...excludeGlobs,
+        ];
+        // Category from metadata (validate against allowed values)
+        const VALID_CATEGORIES = new Set(['security', 'architecture', 'style', 'performance']);
+        const metadata = rule.metadata;
+        const rawCategory = metadata && typeof metadata.category === 'string' ? metadata.category : undefined;
+        const category = rawCategory && VALID_CATEGORIES.has(rawCategory)
+            ? rawCategory
+            : undefined;
+        const heading = `[semgrep] ${id}`;
+        rules.push({
+            lessonHash: hashLesson(heading, message),
+            lessonHeading: heading,
+            pattern,
+            message,
+            engine: 'regex',
+            severity,
+            compiledAt: now,
+            createdAt: now,
+            ...(fileGlobs.length > 0 ? { fileGlobs } : {}),
+            ...(category ? { category } : {}),
+        });
+    }
+    return { rules, skipped };
+}
+//# sourceMappingURL=semgrep-adapter.js.map

package/dist/semgrep-adapter.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"semgrep-adapter.js","sourceRoot":"","sources":["../src/semgrep-adapter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,KAAK,IAAI,SAAS,EAAE,MAAM,MAAM,CAAC;AAE1C,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAG1D,uDAAuD;AAEvD,MAAM,cAAc,GAA6B;IAC/C,UAAU,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;IACnC,UAAU,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;IACnC,EAAE,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;IAC3B,EAAE,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;IAC3B,MAAM,EAAE,CAAC,SAAS,CAAC;IACnB,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,EAAE,EAAE,CAAC,SAAS,CAAC;IACf,IAAI,EAAE,CAAC,WAAW,CAAC;IACnB,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;IACvB,GAAG,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC;CACzC,CAAC;AAEF,SAAS,gBAAgB,CAAC,SAAoB;IAC5C,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAC3D,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;QAClD,IAAI,MAAM;YAAE,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAC9C,CAAC;AASD,uDAAuD;AAEvD,0DAA0D;AAC1D,MAAM,UAAU,iBAAiB,CAAC,WAAmB;IACnD,MAAM,KAAK,GAAmB,EAAE,CAAC;IACjC,MAAM,OAAO,GAAqC,EAAE,CAAC;IAErD,IAAI,GAAY,CAAC;IACjB,IAAI,CAAC;QACH,GAAG,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC,EAAE,CAAC;IACxE,CAAC;IAED,IACE,CAAC,GAAG;QACJ,OAAO,GAAG,KAAK,QAAQ;QACvB,CAAC,CAAC,OAAO,IAAI,GAAG,CAAC;QACjB,CAAC,KAAK,CAAC,OAAO,CAAE,GAA+B,CAAC,KAAK,CAAC,EACtD,CAAC;QACD,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,gCAAgC,EAAE,CAAC,EAAE,CAAC;IAC1F,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,KAAK,MAAM,KAAK,IAAK,GAA4B,CAAC,KAAK,EAAE,CAAC;QACxD,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ;YAAE,SAAS;QAClD,MAAM,IAAI,GAAG,KAAgC,CAAC;QAE9C,MAAM,EAAE,GAAG,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;QAC7D,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,WAAW,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAAC,CAAC;YAC7D,SAAS;QACX,CAAC;QAED,6EAA6E;QAC7E,IAAI,OAA2B,CAAC;QAChC,IAAI,OAAO,IAAI,CAAC,eAAe,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC9C,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC,CAAC;QAClC,CAAC;aAAM,IAAI,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACzF,6DAA6D;YAC7D,4DAA4D;YAC5D,gCAAgC;YAChC,2DAA2D;YAC3D,MAAM,mBAAmB,GAAG,iBAAiB,CAAC;YAC9C,MAAM,gBAAgB,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC;YAC7E,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;YACxE,OAAO,GAAG,OAAO;iBACd,OAAO,CAAC,eAAe,EAAE,IAAI,CAAC;iBAC9B,OAAO,CAAC,IAAI,MAAM,CAAC,mBAAmB,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC;QACrF,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ;gBAC1B,CAAC,CAAC,4CAA4C;gBAC9C,CAAC,CAAC,mCAAmC,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;YAC7B,SAAS;QACX,CAAC;QAED,6CAA6C;QAC7C,MAAM,UAAU,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QAC1C,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;YACtB,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,kBAAkB,UAAU,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YACpE,SAAS;QACX,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,EAAE,EAAE,CAAC;QAEpF,WAAW;QACX,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;QAC3F,MAAM,QAAQ,GAAwB,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;QAE/E,oCAAoC;QACpC,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC;YAC7C,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;YAClE,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,SAAS,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;QAE9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAA4C,CAAC;QAChE,MAAM,YAAY,GAChB,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC;YACnC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC;YACjE,CAAC,CAAC,EAAE,CAAC;QACT,MAAM,YAAY,GAChB,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC;YACnC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;YACrF,CAAC,CAAC,EAAE,CAAC;QAET,MAAM,SAAS,GAAG;YAChB,GAAG,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;YAC/D,GAAG,YAAY;SAChB,CAAC;QAEF,2DAA2D;QAC3D,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,cAAc,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;QACvF,MAAM,QAAQ,GAAG,IAAI,CAAC,QAA+C,CAAC;QACtE,MAAM,WAAW,GACf,QAAQ,IAAI,OAAO,QAAQ,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QACpF,MAAM,QAAQ,GACZ,WAAW,IAAI,gBAAgB,CAAC,GAAG,CAAC,WAAW,CAAC;YAC9C,CAAC,CAAE,WAAwC;YAC3C,CAAC,CAAC,SAAS,CAAC;QAEhB,MAAM,OAAO,GAAG,aAAa,EAAE,EAAE,CAAC;QAClC,KAAK,CAAC,IAAI,CAAC;YACT,UAAU,EAAE,UAAU,CAAC,OAAO,EAAE,OAAO,CAAC;YACxC,aAAa,EAAE,OAAO;YACtB,OAAO;YACP,OAAO;YACP,MAAM,EAAE,OAAO;YACf,QAAQ;YACR,UAAU,EAAE,GAAG;YACf,SAAS,EAAE,GAAG;YACd,GAAG,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9C,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAClC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AAC5B,CAAC"}

package/dist/semgrep-adapter.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=semgrep-adapter.test.d.ts.map

package/dist/semgrep-adapter.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"semgrep-adapter.test.d.ts","sourceRoot":"","sources":["../src/semgrep-adapter.test.ts"],"names":[],"mappings":""}

package/dist/semgrep-adapter.test.js ADDED Viewed

@@ -0,0 +1,136 @@
+import { describe, expect, it } from 'vitest';
+import { parseSemgrepRules } from './semgrep-adapter.js';
+describe('parseSemgrepRules', () => {
+    it('parses rule with pattern-regex', () => {
+        const yaml = `
+rules:
+  - id: no-eval
+    pattern-regex: "\\\\beval\\\\s*\\\\("
+    message: Do not use eval()
+    severity: ERROR
+    languages: [javascript, typescript]
+`;
+        const result = parseSemgrepRules(yaml);
+        expect(result.rules).toHaveLength(1);
+        expect(result.rules[0].lessonHeading).toBe('[semgrep] no-eval');
+        expect(result.rules[0].pattern).toBe('\\beval\\s*\\(');
+        expect(result.rules[0].severity).toBe('error');
+        expect(result.rules[0].engine).toBe('regex');
+        expect(result.rules[0].fileGlobs).toEqual(['**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx']);
+    });
+    it('parses rule with simple string pattern', () => {
+        const yaml = `
+rules:
+  - id: no-print
+    pattern: "print(...)"
+    message: Use logging module instead of print
+    severity: WARNING
+    languages: [python]
+`;
+        const result = parseSemgrepRules(yaml);
+        expect(result.rules).toHaveLength(1);
+        expect(result.rules[0].pattern).toContain('print');
+        expect(result.rules[0].pattern).toContain('.*'); // ... converted to .*
+        expect(result.rules[0].severity).toBe('warning');
+    });
+    it('maps severity correctly', () => {
+        const yaml = `
+rules:
+  - id: rule-error
+    pattern-regex: "err"
+    message: Error rule
+    severity: ERROR
+  - id: rule-warn
+    pattern-regex: "warn"
+    message: Warn rule
+    severity: WARNING
+  - id: rule-info
+    pattern-regex: "info"
+    message: Info rule
+    severity: INFO
+`;
+        const result = parseSemgrepRules(yaml);
+        expect(result.rules[0].severity).toBe('error');
+        expect(result.rules[1].severity).toBe('warning');
+        expect(result.rules[2].severity).toBe('warning'); // INFO maps to warning
+    });
+    it('handles paths.include and paths.exclude', () => {
+        const yaml = `
+rules:
+  - id: scoped-rule
+    pattern-regex: "TODO"
+    message: No TODOs
+    severity: WARNING
+    paths:
+      include:
+        - "src/**/*.ts"
+      exclude:
+        - "**/*.test.ts"
+`;
+        const result = parseSemgrepRules(yaml);
+        expect(result.rules[0].fileGlobs).toEqual(['src/**/*.ts', '!**/*.test.ts']);
+    });
+    it('skips compound patterns and reports them', () => {
+        const yaml = `
+rules:
+  - id: compound-rule
+    patterns:
+      - pattern: "eval(...)"
+      - pattern-not: "safe_eval(...)"
+    message: Compound rule
+    severity: ERROR
+`;
+        const result = parseSemgrepRules(yaml);
+        expect(result.rules).toHaveLength(0);
+        expect(result.skipped).toHaveLength(1);
+        expect(result.skipped[0].id).toBe('compound-rule');
+        expect(result.skipped[0].reason).toContain('Compound');
+    });
+    it('skips rules without pattern fields', () => {
+        const yaml = `
+rules:
+  - id: no-pattern
+    message: No pattern
+    severity: WARNING
+`;
+        const result = parseSemgrepRules(yaml);
+        expect(result.rules).toHaveLength(0);
+        expect(result.skipped).toHaveLength(1);
+    });
+    it('handles invalid YAML gracefully', () => {
+        const result = parseSemgrepRules('{{{{not yaml');
+        expect(result.rules).toHaveLength(0);
+        expect(result.skipped[0].reason).toContain('Invalid YAML');
+    });
+    it('handles missing rules array', () => {
+        const result = parseSemgrepRules('other: value');
+        expect(result.rules).toHaveLength(0);
+        expect(result.skipped[0].reason).toContain('No "rules" array');
+    });
+    it('produces deterministic lessonHash', () => {
+        const yaml = `
+rules:
+  - id: deterministic
+    pattern-regex: "test"
+    message: Test rule
+    severity: WARNING
+`;
+        const r1 = parseSemgrepRules(yaml);
+        const r2 = parseSemgrepRules(yaml);
+        expect(r1.rules[0].lessonHash).toBe(r2.rules[0].lessonHash);
+    });
+    it('maps metadata.category', () => {
+        const yaml = `
+rules:
+  - id: sec-rule
+    pattern-regex: "secret"
+    message: Secret detected
+    severity: ERROR
+    metadata:
+      category: security
+`;
+        const result = parseSemgrepRules(yaml);
+        expect(result.rules[0].category).toBe('security');
+    });
+});
+//# sourceMappingURL=semgrep-adapter.test.js.map

package/dist/semgrep-adapter.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"semgrep-adapter.test.js","sourceRoot":"","sources":["../src/semgrep-adapter.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAE9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAEzD,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,IAAI,GAAG;;;;;;;CAOhB,CAAC;QACE,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACjE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QACxD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9C,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC,CAAC;IAC7F,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,IAAI,GAAG;;;;;;;CAOhB,CAAC;QACE,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,sBAAsB;QACxE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;QACjC,MAAM,IAAI,GAAG;;;;;;;;;;;;;;CAchB,CAAC;QACE,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,uBAAuB;IAC5E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,IAAI,GAAG;;;;;;;;;;;CAWhB,CAAC;QACE,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC,CAAC;IAC/E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;QAClD,MAAM,IAAI,GAAG;;;;;;;;CAQhB,CAAC;QACE,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,IAAI,GAAG;;;;;CAKhB,CAAC;QACE,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,MAAM,GAAG,iBAAiB,CAAC,cAAc,CAAC,CAAC;QACjD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACrC,MAAM,MAAM,GAAG,iBAAiB,CAAC,cAAc,CAAC,CAAC;QACjD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,IAAI,GAAG;;;;;;CAMhB,CAAC;QACE,MAAM,EAAE,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACnC,MAAM,EAAE,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACnC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,IAAI,GAAG;;;;;;;;CAQhB,CAAC;QACE,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@mmnto/totem",
-  "version": "1.8.3",
+  "version": "1.8.5",
   "description": "Persistent memory and context layer for AI agents",
   "type": "module",
   "main": "./dist/index.js",