npm - @neurcode-ai/cli - Versions diffs - 0.9.63 → 0.9.65 - Mend

@neurcode-ai/cli 0.9.63 → 0.9.65

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (308) hide show

package/dist/structural-rules/rules/SR002-unbounded-collection.js ADDED Viewed

@@ -0,0 +1,196 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SR002UnboundedCollection = void 0;
+const ts = __importStar(require("typescript"));
+function getLineAndCol(sf, pos) {
+    const lc = sf.getLineAndCharacterOfPosition(pos);
+    return { line: lc.line + 1, column: lc.character + 1 };
+}
+function getEvidenceLines(sourceText, line) {
+    const lines = sourceText.split('\n');
+    return (lines[line - 1] || '').slice(0, 120);
+}
+function typeTextIncludesMapOrSet(typeNode) {
+    const text = typeNode.getText();
+    return /\b(Map|Set)</.test(text);
+}
+function initializerIsMapOrSet(init) {
+    if (ts.isNewExpression(init) &&
+        ts.isIdentifier(init.expression)) {
+        const name = init.expression.text;
+        return name === 'Map' || name === 'Set';
+    }
+    return false;
+}
+function hasDeleteCallOnField(classNode, fieldName) {
+    let found = false;
+    const visitDelete = (node) => {
+        if (found)
+            return;
+        // Look for: this.fieldName.delete( or fieldName.delete(
+        if (ts.isCallExpression(node) &&
+            ts.isPropertyAccessExpression(node.expression) &&
+            node.expression.name.text === 'delete') {
+            const obj = node.expression.expression;
+            // this.fieldName.delete(
+            if (ts.isPropertyAccessExpression(obj) &&
+                obj.expression.kind === ts.SyntaxKind.ThisKeyword &&
+                obj.name.text === fieldName) {
+                found = true;
+                return;
+            }
+            // fieldName.delete( (direct reference)
+            if (ts.isIdentifier(obj) && obj.text === fieldName) {
+                found = true;
+                return;
+            }
+        }
+        ts.forEachChild(node, visitDelete);
+    };
+    ts.forEachChild(classNode, visitDelete);
+    return found;
+}
+function hasLruOrBoundComment(node, sf) {
+    const fullText = sf.getFullText();
+    const start = node.getFullStart();
+    const leadingTrivia = fullText.slice(start, node.getStart(sf));
+    const lruPattern = /lru|maxsize|max_size|capacity|bounded|evict|ttl/i;
+    return lruPattern.test(leadingTrivia);
+}
+function keyTypeIncludesString(typeText) {
+    // Map<K, V> — check if K contains 'string'
+    const inner = typeText.match(/(?:Map|Set)<([^,>]+)/);
+    if (!inner)
+        return false;
+    return /string/i.test(inner[1]);
+}
+class SR002UnboundedCollection {
+    id = 'SR002';
+    name = 'Unbounded collection';
+    policyRef = 'P006';
+    severity = 'BLOCKING';
+    languages = ['typescript', 'javascript'];
+    description = 'Class-level Map or Set fields with no size bound grow without limit, causing unbounded memory growth.';
+    check(filePath, sourceText) {
+        try {
+            const violations = [];
+            const ext = filePath.endsWith('.tsx')
+                ? ts.ScriptKind.TSX
+                : filePath.endsWith('.jsx')
+                    ? ts.ScriptKind.JSX
+                    : filePath.endsWith('.js')
+                        ? ts.ScriptKind.JS
+                        : ts.ScriptKind.TS;
+            const sf = ts.createSourceFile(filePath, sourceText, ts.ScriptTarget.Latest, true, ext);
+            const visitClass = (classNode) => {
+                for (const member of classNode.members) {
+                    if (!ts.isPropertyDeclaration(member))
+                        continue;
+                    // Skip readonly
+                    if (member.modifiers?.some(m => m.kind === ts.SyntaxKind.ReadonlyKeyword)) {
+                        continue;
+                    }
+                    const typeNode = member.type;
+                    const initializer = member.initializer;
+                    let isMapOrSet = false;
+                    let typeText = '';
+                    if (typeNode) {
+                        typeText = typeNode.getText(sf);
+                        // Skip ReadonlyMap/ReadonlySet
+                        if (/Readonly(Map|Set)/.test(typeText))
+                            continue;
+                        if (typeTextIncludesMapOrSet(typeNode))
+                            isMapOrSet = true;
+                    }
+                    if (!isMapOrSet && initializer) {
+                        if (initializerIsMapOrSet(initializer)) {
+                            isMapOrSet = true;
+                            if (ts.isNewExpression(initializer) && ts.isIdentifier(initializer.expression)) {
+                                typeText = initializer.expression.text + '<string, unknown>';
+                            }
+                        }
+                    }
+                    if (!isMapOrSet)
+                        continue;
+                    // Only flag when key type contains 'string' (dynamic keys)
+                    if (!keyTypeIncludesString(typeText))
+                        continue;
+                    // Skip if there's a .delete( call on this field anywhere in the class
+                    const fieldName = ts.isIdentifier(member.name) ? member.name.text : '';
+                    if (!fieldName)
+                        continue;
+                    if (hasDeleteCallOnField(classNode, fieldName))
+                        continue;
+                    // Skip if LRU/capacity comment nearby
+                    if (hasLruOrBoundComment(member, sf))
+                        continue;
+                    const { line, column } = getLineAndCol(sf, member.getStart(sf));
+                    const evidence = getEvidenceLines(sourceText, line);
+                    violations.push({
+                        ruleId: this.id,
+                        ruleName: this.name,
+                        policyRef: this.policyRef,
+                        severity: this.severity,
+                        filePath,
+                        line,
+                        column,
+                        evidence,
+                        operationalRisk: 'Class-level Map/Set keyed by dynamic strings grows without bound under sustained load, ' +
+                            'leading to OOM crashes or gradual memory exhaustion in long-running services.',
+                        remediation: 'Replace with an LRU cache (e.g. `lru-cache`), add explicit eviction via `.delete()` calls, ' +
+                            'or cap size before each `.set()`. Document the bound with a comment.',
+                        determinism: 'deterministic-structural',
+                        confidence: 0.88,
+                        language: filePath.match(/\.(js|jsx)$/) ? 'javascript' : 'typescript',
+                    });
+                }
+            };
+            const visitNode = (node) => {
+                if (ts.isClassDeclaration(node)) {
+                    visitClass(node);
+                }
+                ts.forEachChild(node, visitNode);
+            };
+            ts.forEachChild(sf, visitNode);
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.SR002UnboundedCollection = SR002UnboundedCollection;
+//# sourceMappingURL=SR002-unbounded-collection.js.map

package/dist/structural-rules/rules/SR002-unbounded-collection.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR002-unbounded-collection.js","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR002-unbounded-collection.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AAGjC,SAAS,aAAa,CAAC,EAAiB,EAAE,GAAW;IACnD,MAAM,EAAE,GAAG,EAAE,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,SAAS,gBAAgB,CAAC,UAAkB,EAAE,IAAY;IACxD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,wBAAwB,CAAC,QAAqB;IACrD,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;IAChC,OAAO,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACnC,CAAC;AAED,SAAS,qBAAqB,CAAC,IAAmB;IAChD,IACE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QACxB,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,EAChC,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAClC,OAAO,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,CAAC;IAC1C,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,oBAAoB,CAAC,SAA8B,EAAE,SAAiB;IAC7E,IAAI,KAAK,GAAG,KAAK,CAAC;IAClB,MAAM,WAAW,GAAG,CAAC,IAAa,EAAQ,EAAE;QAC1C,IAAI,KAAK;YAAE,OAAO;QAClB,wDAAwD;QACxD,IACE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC;YACzB,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC,UAAU,CAAC;YAC9C,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,KAAK,QAAQ,EACtC,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;YACvC,yBAAyB;YACzB,IACE,EAAE,CAAC,0BAA0B,CAAC,GAAG,CAAC;gBAClC,GAAG,CAAC,UAAU,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,WAAW;gBACjD,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,SAAS,EAC3B,CAAC;gBACD,KAAK,GAAG,IAAI,CAAC;gBACb,OAAO;YACT,CAAC;YACD,uCAAuC;YACvC,IAAI,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBACnD,KAAK,GAAG,IAAI,CAAC;gBACb,OAAO;YACT,CAAC;QACH,CAAC;QACD,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACrC,CAAC,CAAC;IACF,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,WAAW,CAAC,CAAC;IACxC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAa,EAAE,EAAiB;IAC5D,MAAM,QAAQ,GAAG,EAAE,CAAC,WAAW,EAAE,CAAC;IAClC,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;IAClC,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/D,MAAM,UAAU,GAAG,kDAAkD,CAAC;IACtE,OAAO,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;AACxC,CAAC;AAED,SAAS,qBAAqB,CAAC,QAAgB;IAC7C,2CAA2C;IAC3C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;IACrD,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACzB,OAAO,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;AAClC,CAAC;AAED,MAAa,wBAAwB;IACnC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,sBAAsB,CAAC;IAC9B,SAAS,GAAG,MAAM,CAAC;IACnB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACzD,WAAW,GACT,uGAAuG,CAAC;IAE1G,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACnC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;gBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC3B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;oBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;wBAC1B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE;wBAClB,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;YAErB,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YAExF,MAAM,UAAU,GAAG,CAAC,SAA8B,EAAQ,EAAE;gBAC1D,KAAK,MAAM,MAAM,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;oBACvC,IAAI,CAAC,EAAE,CAAC,qBAAqB,CAAC,MAAM,CAAC;wBAAE,SAAS;oBAEhD,gBAAgB;oBAChB,IACE,MAAM,CAAC,SAAS,EAAE,IAAI,CACpB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,eAAe,CAC9C,EACD,CAAC;wBACD,SAAS;oBACX,CAAC;oBAED,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC;oBAC7B,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;oBAEvC,IAAI,UAAU,GAAG,KAAK,CAAC;oBACvB,IAAI,QAAQ,GAAG,EAAE,CAAC;oBAElB,IAAI,QAAQ,EAAE,CAAC;wBACb,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;wBAChC,+BAA+B;wBAC/B,IAAI,mBAAmB,CAAC,IAAI,CAAC,QAAQ,CAAC;4BAAE,SAAS;wBACjD,IAAI,wBAAwB,CAAC,QAAQ,CAAC;4BAAE,UAAU,GAAG,IAAI,CAAC;oBAC5D,CAAC;oBAED,IAAI,CAAC,UAAU,IAAI,WAAW,EAAE,CAAC;wBAC/B,IAAI,qBAAqB,CAAC,WAAW,CAAC,EAAE,CAAC;4BACvC,UAAU,GAAG,IAAI,CAAC;4BAClB,IAAI,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,YAAY,CAAC,WAAW,CAAC,UAAU,CAAC,EAAE,CAAC;gCAC/E,QAAQ,GAAG,WAAW,CAAC,UAAU,CAAC,IAAI,GAAG,mBAAmB,CAAC;4BAC/D,CAAC;wBACH,CAAC;oBACH,CAAC;oBAED,IAAI,CAAC,UAAU;wBAAE,SAAS;oBAE1B,2DAA2D;oBAC3D,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC;wBAAE,SAAS;oBAE/C,sEAAsE;oBACtE,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBACvE,IAAI,CAAC,SAAS;wBAAE,SAAS;oBAEzB,IAAI,oBAAoB,CAAC,SAAS,EAAE,SAAS,CAAC;wBAAE,SAAS;oBAEzD,sCAAsC;oBACtC,IAAI,oBAAoB,CAAC,MAAM,EAAE,EAAE,CAAC;wBAAE,SAAS;oBAE/C,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,EAAE,EAAE,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;oBAChE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;oBAEpD,UAAU,CAAC,IAAI,CAAC;wBACd,MAAM,EAAE,IAAI,CAAC,EAAE;wBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;wBACnB,SAAS,EAAE,IAAI,CAAC,SAAS;wBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,QAAQ;wBACR,IAAI;wBACJ,MAAM;wBACN,QAAQ;wBACR,eAAe,EACb,yFAAyF;4BACzF,+EAA+E;wBACjF,WAAW,EACT,6FAA6F;4BAC7F,sEAAsE;wBACxE,WAAW,EAAE,0BAA0B;wBACvC,UAAU,EAAE,IAAI;wBAChB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY;qBACtE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,CAAC;YAEF,MAAM,SAAS,GAAG,CAAC,IAAa,EAAQ,EAAE;gBACxC,IAAI,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAChC,UAAU,CAAC,IAAI,CAAC,CAAC;gBACnB,CAAC;gBACD,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;YACnC,CAAC,CAAC;YAEF,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;YAC/B,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AA7GD,4DA6GC"}

package/dist/structural-rules/rules/SR003-timer-without-cleanup.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class SR003TimerWithoutCleanup implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "BLOCKING";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=SR003-timer-without-cleanup.d.ts.map

package/dist/structural-rules/rules/SR003-timer-without-cleanup.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR003-timer-without-cleanup.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR003-timer-without-cleanup.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAqD7E,qBAAa,wBAAyB,YAAW,cAAc;IAC7D,EAAE,SAAW;IACb,IAAI,SAA2B;IAC/B,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAgC;IACzD,WAAW,SAC8G;IAEzH,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CAsEnE"}

package/dist/structural-rules/rules/SR003-timer-without-cleanup.js ADDED Viewed

@@ -0,0 +1,148 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SR003TimerWithoutCleanup = void 0;
+const ts = __importStar(require("typescript"));
+function getLineAndCol(sf, pos) {
+    const lc = sf.getLineAndCharacterOfPosition(pos);
+    return { line: lc.line + 1, column: lc.character + 1 };
+}
+function getEvidenceLines(sourceText, line) {
+    const lines = sourceText.split('\n');
+    return (lines[line - 1] || '').slice(0, 120);
+}
+function isInsideClassDeclaration(node) {
+    let current = node.parent;
+    while (current) {
+        if (ts.isClassDeclaration(current) || ts.isClassExpression(current))
+            return true;
+        current = current.parent;
+    }
+    return false;
+}
+/** Returns true if the call expression is the RHS of a `this.xxx = ...` assignment. */
+function isAssignedToThisProperty(callNode) {
+    const parent = callNode.parent;
+    // Direct: this.x = setInterval(...)
+    if (ts.isBinaryExpression(parent) &&
+        parent.operatorToken.kind === ts.SyntaxKind.EqualsToken &&
+        parent.right === callNode &&
+        ts.isPropertyAccessExpression(parent.left) &&
+        parent.left.expression.kind === ts.SyntaxKind.ThisKeyword) {
+        return true;
+    }
+    // Variable declaration: const timer = setInterval(...), then check if timer is assigned to this.x
+    // We accept the simpler form: if stored in any local variable inside the same function body
+    // — we only require that it's NOT a bare ExpressionStatement
+    if (ts.isVariableDeclaration(parent)) {
+        // It's stored in a local variable. We accept this as "handled" to reduce false positives.
+        return true;
+    }
+    // Initializer of a property declaration: this.x = setInterval handled above;
+    // also handle PropertyDeclaration initializer
+    if (ts.isPropertyDeclaration(parent)) {
+        return true;
+    }
+    return false;
+}
+class SR003TimerWithoutCleanup {
+    id = 'SR003';
+    name = 'Timer without cleanup';
+    policyRef = 'P007';
+    severity = 'BLOCKING';
+    languages = ['typescript', 'javascript'];
+    description = 'setInterval/setTimeout inside a class method whose return value is not stored prevents cleanup, causing timer leaks.';
+    check(filePath, sourceText) {
+        try {
+            const violations = [];
+            const ext = filePath.endsWith('.tsx')
+                ? ts.ScriptKind.TSX
+                : filePath.endsWith('.jsx')
+                    ? ts.ScriptKind.JSX
+                    : filePath.endsWith('.js')
+                        ? ts.ScriptKind.JS
+                        : ts.ScriptKind.TS;
+            const sf = ts.createSourceFile(filePath, sourceText, ts.ScriptTarget.Latest, true, ext);
+            const visit = (node) => {
+                if (ts.isCallExpression(node) &&
+                    ts.isIdentifier(node.expression) &&
+                    (node.expression.text === 'setInterval' || node.expression.text === 'setTimeout')) {
+                    // Must be inside a class
+                    if (!isInsideClassDeclaration(node)) {
+                        ts.forEachChild(node, visit);
+                        return;
+                    }
+                    // If the call result is stored or assigned, it's fine
+                    if (isAssignedToThisProperty(node)) {
+                        ts.forEachChild(node, visit);
+                        return;
+                    }
+                    // The parent must be an ExpressionStatement (bare call — result discarded)
+                    if (!ts.isExpressionStatement(node.parent)) {
+                        ts.forEachChild(node, visit);
+                        return;
+                    }
+                    const { line, column } = getLineAndCol(sf, node.getStart(sf));
+                    const evidence = getEvidenceLines(sourceText, line);
+                    violations.push({
+                        ruleId: this.id,
+                        ruleName: this.name,
+                        policyRef: this.policyRef,
+                        severity: this.severity,
+                        filePath,
+                        line,
+                        column,
+                        evidence,
+                        operationalRisk: 'Timer handle is not stored, so it cannot be cleared in a destroy/stop method. ' +
+                            'Each instance or re-initialization leaks a timer, causing memory leaks and runaway callbacks.',
+                        remediation: 'Store the return value: `this.timer = setInterval(...)` and call `clearInterval(this.timer)` ' +
+                            'in the class destructor / stop() / dispose() method.',
+                        determinism: 'deterministic-structural',
+                        confidence: 0.91,
+                        language: filePath.match(/\.(js|jsx)$/) ? 'javascript' : 'typescript',
+                    });
+                }
+                ts.forEachChild(node, visit);
+            };
+            ts.forEachChild(sf, visit);
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.SR003TimerWithoutCleanup = SR003TimerWithoutCleanup;
+//# sourceMappingURL=SR003-timer-without-cleanup.js.map

package/dist/structural-rules/rules/SR003-timer-without-cleanup.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR003-timer-without-cleanup.js","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR003-timer-without-cleanup.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AAGjC,SAAS,aAAa,CAAC,EAAiB,EAAE,GAAW;IACnD,MAAM,EAAE,GAAG,EAAE,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,SAAS,gBAAgB,CAAC,UAAkB,EAAE,IAAY;IACxD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,wBAAwB,CAAC,IAAa;IAC7C,IAAI,OAAO,GAAwB,IAAI,CAAC,MAAM,CAAC;IAC/C,OAAO,OAAO,EAAE,CAAC;QACf,IAAI,EAAE,CAAC,kBAAkB,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;QACjF,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;IAC3B,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,uFAAuF;AACvF,SAAS,wBAAwB,CAAC,QAA2B;IAC3D,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;IAE/B,oCAAoC;IACpC,IACE,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC;QAC7B,MAAM,CAAC,aAAa,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,WAAW;QACvD,MAAM,CAAC,KAAK,KAAK,QAAQ;QACzB,EAAE,CAAC,0BAA0B,CAAC,MAAM,CAAC,IAAI,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,WAAW,EACzD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,kGAAkG;IAClG,4FAA4F;IAC5F,6DAA6D;IAC7D,IAAI,EAAE,CAAC,qBAAqB,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,0FAA0F;QAC1F,OAAO,IAAI,CAAC;IACd,CAAC;IAED,6EAA6E;IAC7E,8CAA8C;IAC9C,IAAI,EAAE,CAAC,qBAAqB,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAa,wBAAwB;IACnC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,uBAAuB,CAAC;IAC/B,SAAS,GAAG,MAAM,CAAC;IACnB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACzD,WAAW,GACT,sHAAsH,CAAC;IAEzH,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACnC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;gBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC3B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;oBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;wBAC1B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE;wBAClB,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;YAErB,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YAExF,MAAM,KAAK,GAAG,CAAC,IAAa,EAAQ,EAAE;gBACpC,IACE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC;oBACzB,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC;oBAChC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,KAAK,aAAa,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,KAAK,YAAY,CAAC,EACjF,CAAC;oBACD,yBAAyB;oBACzB,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,EAAE,CAAC;wBACpC,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;wBAC7B,OAAO;oBACT,CAAC;oBAED,sDAAsD;oBACtD,IAAI,wBAAwB,CAAC,IAAI,CAAC,EAAE,CAAC;wBACnC,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;wBAC7B,OAAO;oBACT,CAAC;oBAED,2EAA2E;oBAC3E,IAAI,CAAC,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;wBAC3C,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;wBAC7B,OAAO;oBACT,CAAC;oBAED,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,EAAE,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;oBAC9D,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;oBAEpD,UAAU,CAAC,IAAI,CAAC;wBACd,MAAM,EAAE,IAAI,CAAC,EAAE;wBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;wBACnB,SAAS,EAAE,IAAI,CAAC,SAAS;wBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,QAAQ;wBACR,IAAI;wBACJ,MAAM;wBACN,QAAQ;wBACR,eAAe,EACb,gFAAgF;4BAChF,+FAA+F;wBACjG,WAAW,EACT,+FAA+F;4BAC/F,sDAAsD;wBACxD,WAAW,EAAE,0BAA0B;wBACvC,UAAU,EAAE,IAAI;wBAChB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY;qBACtE,CAAC,CAAC;gBACL,CAAC;gBAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC/B,CAAC,CAAC;YAEF,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;YAC3B,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AA/ED,4DA+EC"}

package/dist/structural-rules/rules/SR004-request-boundary-no-validation.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class SR004RequestBoundaryNoValidation implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "BLOCKING";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=SR004-request-boundary-no-validation.d.ts.map

package/dist/structural-rules/rules/SR004-request-boundary-no-validation.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR004-request-boundary-no-validation.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR004-request-boundary-no-validation.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAuE7E,qBAAa,gCAAiC,YAAW,cAAc;IACrE,EAAE,SAAW;IACb,IAAI,SAA+C;IACnD,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAgC;IACzD,WAAW,SACiH;IAE5H,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CA+EnE"}

package/dist/structural-rules/rules/SR004-request-boundary-no-validation.js ADDED Viewed

@@ -0,0 +1,162 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SR004RequestBoundaryNoValidation = void 0;
+const ts = __importStar(require("typescript"));
+function getLineAndCol(sf, pos) {
+    const lc = sf.getLineAndCharacterOfPosition(pos);
+    return { line: lc.line + 1, column: lc.character + 1 };
+}
+function getEvidenceLines(sourceText, line) {
+    const lines = sourceText.split('\n');
+    return (lines[line - 1] || '').slice(0, 120);
+}
+function isTestFile(filePath) {
+    return /\.(test|spec)\.(ts|js|tsx|jsx)$/.test(filePath);
+}
+/** Collect all text in a node (recursive) */
+function collectNodeText(node, sf) {
+    return node.getText(sf);
+}
+/** Check if function body text contains validation indicators */
+function hasValidation(bodyText) {
+    return (/\.parse\s*\(/.test(bodyText) ||
+        /\.safeParse\s*\(/.test(bodyText) ||
+        /\bz\s*\./.test(bodyText) ||
+        /\bschema\s*\./.test(bodyText) ||
+        /\bvalidate\s*\(/.test(bodyText) ||
+        /\bjoi\b/.test(bodyText) ||
+        /\byup\b/.test(bodyText));
+}
+/** Collect req.body / request.body access nodes inside a function body */
+function findReqBodyAccess(node, sf) {
+    const results = [];
+    const visit = (n) => {
+        // req.body / request.body
+        if (ts.isPropertyAccessExpression(n) &&
+            n.name.text === 'body' &&
+            ts.isIdentifier(n.expression) &&
+            (n.expression.text === 'req' || n.expression.text === 'request')) {
+            results.push(n);
+        }
+        // ctx.input (tRPC)
+        if (ts.isPropertyAccessExpression(n) &&
+            n.name.text === 'input' &&
+            ts.isIdentifier(n.expression) &&
+            n.expression.text === 'ctx') {
+            results.push(n);
+        }
+        ts.forEachChild(n, visit);
+    };
+    ts.forEachChild(node, visit);
+    return results;
+}
+function getFunctionBodyNode(node) {
+    return node.body;
+}
+class SR004RequestBoundaryNoValidation {
+    id = 'SR004';
+    name = 'Request boundary without input validation';
+    policyRef = 'P008';
+    severity = 'BLOCKING';
+    languages = ['typescript', 'javascript'];
+    description = 'Route handlers accessing req.body or ctx.input without schema validation allow malformed input to reach business logic.';
+    check(filePath, sourceText) {
+        try {
+            if (isTestFile(filePath))
+                return [];
+            const violations = [];
+            const ext = filePath.endsWith('.tsx')
+                ? ts.ScriptKind.TSX
+                : filePath.endsWith('.jsx')
+                    ? ts.ScriptKind.JSX
+                    : filePath.endsWith('.js')
+                        ? ts.ScriptKind.JS
+                        : ts.ScriptKind.TS;
+            const sf = ts.createSourceFile(filePath, sourceText, ts.ScriptTarget.Latest, true, ext);
+            const checkFunctionBody = (funcNode) => {
+                const body = getFunctionBodyNode(funcNode);
+                if (!body)
+                    return;
+                const bodyText = collectNodeText(body, sf);
+                // Only flag if body accesses req.body / request.body / ctx.input
+                const accesses = findReqBodyAccess(body, sf);
+                if (accesses.length === 0)
+                    return;
+                // If there's validation, skip
+                if (hasValidation(bodyText))
+                    return;
+                // Report on first access
+                const firstAccess = accesses[0];
+                const { line, column } = getLineAndCol(sf, firstAccess.getStart(sf));
+                const evidence = getEvidenceLines(sourceText, line);
+                violations.push({
+                    ruleId: this.id,
+                    ruleName: this.name,
+                    policyRef: this.policyRef,
+                    severity: this.severity,
+                    filePath,
+                    line,
+                    column,
+                    evidence,
+                    operationalRisk: 'Unvalidated request input reaches business logic. Attackers can inject unexpected types, ' +
+                        'missing fields, or oversized payloads that cause runtime crashes or data corruption.',
+                    remediation: 'Parse input with a schema before use: `const data = MySchema.parse(req.body)` ' +
+                        '(Zod) or `const { error, value } = schema.validate(req.body)` (Joi). ' +
+                        'Use the parsed/validated value, not req.body directly.',
+                    determinism: 'deterministic-structural',
+                    confidence: 0.85,
+                    language: filePath.match(/\.(js|jsx)$/) ? 'javascript' : 'typescript',
+                });
+            };
+            const visit = (node) => {
+                if (ts.isFunctionDeclaration(node) ||
+                    ts.isFunctionExpression(node) ||
+                    ts.isArrowFunction(node) ||
+                    ts.isMethodDeclaration(node)) {
+                    checkFunctionBody(node);
+                }
+                ts.forEachChild(node, visit);
+            };
+            ts.forEachChild(sf, visit);
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.SR004RequestBoundaryNoValidation = SR004RequestBoundaryNoValidation;
+//# sourceMappingURL=SR004-request-boundary-no-validation.js.map

package/dist/structural-rules/rules/SR004-request-boundary-no-validation.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR004-request-boundary-no-validation.js","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR004-request-boundary-no-validation.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AAGjC,SAAS,aAAa,CAAC,EAAiB,EAAE,GAAW;IACnD,MAAM,EAAE,GAAG,EAAE,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,SAAS,gBAAgB,CAAC,UAAkB,EAAE,IAAY;IACxD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,UAAU,CAAC,QAAgB;IAClC,OAAO,iCAAiC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAC1D,CAAC;AAED,6CAA6C;AAC7C,SAAS,eAAe,CAAC,IAAa,EAAE,EAAiB;IACvD,OAAO,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;AAC1B,CAAC;AAED,iEAAiE;AACjE,SAAS,aAAa,CAAC,QAAgB;IACrC,OAAO,CACL,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC;QAC7B,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC;QACjC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;QACzB,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC;QAC9B,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC;QAChC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC;QACxB,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CACzB,CAAC;AACJ,CAAC;AAED,0EAA0E;AAC1E,SAAS,iBAAiB,CACxB,IAAa,EACb,EAAiB;IAEjB,MAAM,OAAO,GAAkC,EAAE,CAAC;IAClD,MAAM,KAAK,GAAG,CAAC,CAAU,EAAQ,EAAE;QACjC,0BAA0B;QAC1B,IACE,EAAE,CAAC,0BAA0B,CAAC,CAAC,CAAC;YAChC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM;YACtB,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,UAAU,CAAC;YAC7B,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,KAAK,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,SAAS,CAAC,EAChE,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,mBAAmB;QACnB,IACE,EAAE,CAAC,0BAA0B,CAAC,CAAC,CAAC;YAChC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO;YACvB,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,UAAU,CAAC;YAC7B,CAAC,CAAC,UAAU,CAAC,IAAI,KAAK,KAAK,EAC3B,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC,CAAC;IACF,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC7B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,mBAAmB,CAC1B,IAA8F;IAE9F,OAAO,IAAI,CAAC,IAAI,CAAC;AACnB,CAAC;AAED,MAAa,gCAAgC;IAC3C,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,2CAA2C,CAAC;IACnD,SAAS,GAAG,MAAM,CAAC;IACnB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACzD,WAAW,GACT,yHAAyH,CAAC;IAE5H,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,IAAI,UAAU,CAAC,QAAQ,CAAC;gBAAE,OAAO,EAAE,CAAC;YAEpC,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACnC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;gBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC3B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;oBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;wBAC1B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE;wBAClB,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;YAErB,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YAExF,MAAM,iBAAiB,GAAG,CACxB,QAIwB,EAClB,EAAE;gBACR,MAAM,IAAI,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBAC3C,IAAI,CAAC,IAAI;oBAAE,OAAO;gBAElB,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;gBAE3C,iEAAiE;gBACjE,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;gBAC7C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO;gBAElC,8BAA8B;gBAC9B,IAAI,aAAa,CAAC,QAAQ,CAAC;oBAAE,OAAO;gBAEpC,yBAAyB;gBACzB,MAAM,WAAW,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;gBAChC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,EAAE,EAAE,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;gBACrE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBAEpD,UAAU,CAAC,IAAI,CAAC;oBACd,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,QAAQ;oBACR,IAAI;oBACJ,MAAM;oBACN,QAAQ;oBACR,eAAe,EACb,2FAA2F;wBAC3F,sFAAsF;oBACxF,WAAW,EACT,gFAAgF;wBAChF,uEAAuE;wBACvE,wDAAwD;oBAC1D,WAAW,EAAE,0BAA0B;oBACvC,UAAU,EAAE,IAAI;oBAChB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY;iBACtE,CAAC,CAAC;YACL,CAAC,CAAC;YAEF,MAAM,KAAK,GAAG,CAAC,IAAa,EAAQ,EAAE;gBACpC,IACE,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC;oBAC9B,EAAE,CAAC,oBAAoB,CAAC,IAAI,CAAC;oBAC7B,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;oBACxB,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAC5B,CAAC;oBACD,iBAAiB,CAAC,IAAI,CAAC,CAAC;gBAC1B,CAAC;gBACD,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC/B,CAAC,CAAC;YAEF,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;YAC3B,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAxFD,4EAwFC"}

package/dist/structural-rules/rules/SR005-halfopen-probe-gate.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class SR005HalfOpenProbeGate implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "ADVISORY";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=SR005-halfopen-probe-gate.d.ts.map

package/dist/structural-rules/rules/SR005-halfopen-probe-gate.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR005-halfopen-probe-gate.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR005-halfopen-probe-gate.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AA8D7E,qBAAa,sBAAuB,YAAW,cAAc;IAC3D,EAAE,SAAW;IACb,IAAI,SAAkD;IACtD,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAgC;IACzD,WAAW,SACyH;IAEpI,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CAyDnE"}