@neurcode-ai/cli 0.9.64 → 0.9.65

package/dist/structural-rules/index.d.ts

@@ -0,0 +1,41 @@
+export { StructuralRuleEngine } from './engine';
+export type { StructuralRule, StructuralViolation, StructuralRuleResult, DeterminismLevel, RuleSeverity, } from './types';
+export { parseSuppressionDirectives, applySuppressions, } from './suppressions';
+export type { SuppressionDirective, SuppressedViolation, } from './suppressions';
+export { classifyFileContext, adjustViolationSeverity, applyContextualSeverity, } from './context-severity';
+export type { SeverityContext, SeverityAdjustment, } from './context-severity';
+export { SR001SwallowedAsyncRejection } from './rules/SR001-swallowed-async-rejection';
+export { SR002UnboundedCollection } from './rules/SR002-unbounded-collection';
+export { SR003TimerWithoutCleanup } from './rules/SR003-timer-without-cleanup';
+export { SR004RequestBoundaryNoValidation } from './rules/SR004-request-boundary-no-validation';
+export { SR005HalfOpenProbeGate } from './rules/SR005-halfopen-probe-gate';
+export { SR006FanoutErrorSanitization } from './rules/SR006-fanout-error-sanitization';
+export { SR007CrossRequestError } from './rules/SR007-cross-request-error';
+export { SR008BackgroundTaskOrphan } from './rules/SR008-background-task-orphan';
+export { SR009MissingRetryBackoff } from './rules/SR009-missing-retry-backoff';
+export { SR010RetryStorm } from './rules/SR010-retry-storm';
+export { PY001AsyncioTaskWithoutCancel } from './python/PY001-asyncio-task-without-cancel';
+export { PY002UnboundedDictSingleton } from './python/PY002-unbounded-dict-singleton';
+export { PY003BroadExceptClause } from './python/PY003-broad-except-clause';
+export { PY004SwallowedAsyncException } from './python/PY004-swallowed-async-exception';
+export { PY005FastAPIWithoutPydantic } from './python/PY005-fastapi-without-pydantic';
+export { PY006BlockingIOInAsync } from './python/PY006-blocking-io-in-async';
+export { PY007SQLAlchemySessionLeak } from './python/PY007-sqlalchemy-session-leak';
+export { PY008CeleryTaskWithoutRetry } from './python/PY008-celery-task-without-retry';
+export { PY009UnsafePickleDeserialization } from './python/PY009-unsafe-pickle-deserialization';
+export { PY010LeakedAiohttpSession } from './python/PY010-leaked-aiohttp-session';
+export { SR011EventListenerLeak } from './rules/SR011-event-listener-leak';
+export { SR012PromiseRaceLeak } from './rules/SR012-promise-race-leak';
+export { SR013MissingIdempotencyKey } from './rules/SR013-missing-idempotency-key';
+export { SR014MutableClosureAsync } from './rules/SR014-mutable-closure-async';
+export { SR015DanglingAbortController } from './rules/SR015-dangling-abort-controller';
+export { SR016UnsafeJSONParse } from './rules/SR016-unsafe-json-parse';
+export { DS001SagaRollbackAbsence } from './distributed/DS001-saga-rollback-absence';
+export { DS002MissingCorrelationId } from './distributed/DS002-missing-correlation-id';
+import { StructuralRuleEngine } from './engine';
+/**
+ * Creates and returns a pre-configured StructuralRuleEngine with all rules registered.
+ * This is the standard way to get a ready-to-use engine.
+ */
+export declare function createDefaultStructuralRuleEngine(): StructuralRuleEngine;
+//# sourceMappingURL=index.d.ts.map

package/dist/structural-rules/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/structural-rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAChD,YAAY,EACV,cAAc,EACd,mBAAmB,EACnB,oBAAoB,EACpB,gBAAgB,EAChB,YAAY,GACb,MAAM,SAAS,CAAC;AAEjB,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,GAClB,MAAM,gBAAgB,CAAC;AACxB,YAAY,EACV,oBAAoB,EACpB,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAExB,OAAO,EACL,mBAAmB,EACnB,uBAAuB,EACvB,uBAAuB,GACxB,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,eAAe,EACf,kBAAkB,GACnB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EAAE,4BAA4B,EAAE,MAAM,yCAAyC,CAAC;AACvF,OAAO,EAAE,wBAAwB,EAAE,MAAM,oCAAoC,CAAC;AAC9E,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,gCAAgC,EAAE,MAAM,8CAA8C,CAAC;AAChG,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,EAAE,4BAA4B,EAAE,MAAM,yCAAyC,CAAC;AACvF,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,EAAE,yBAAyB,EAAE,MAAM,sCAAsC,CAAC;AACjF,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAG5D,OAAO,EAAE,6BAA6B,EAAE,MAAM,4CAA4C,CAAC;AAC3F,OAAO,EAAE,2BAA2B,EAAE,MAAM,yCAAyC,CAAC;AACtF,OAAO,EAAE,sBAAsB,EAAE,MAAM,oCAAoC,CAAC;AAC5E,OAAO,EAAE,4BAA4B,EAAE,MAAM,0CAA0C,CAAC;AACxF,OAAO,EAAE,2BAA2B,EAAE,MAAM,yCAAyC,CAAC;AACtF,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAC7E,OAAO,EAAE,0BAA0B,EAAE,MAAM,wCAAwC,CAAC;AACpF,OAAO,EAAE,2BAA2B,EAAE,MAAM,0CAA0C,CAAC;AACvF,OAAO,EAAE,gCAAgC,EAAE,MAAM,8CAA8C,CAAC;AAChG,OAAO,EAAE,yBAAyB,EAAE,MAAM,uCAAuC,CAAC;AAGlF,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,EAAE,oBAAoB,EAAE,MAAM,iCAAiC,CAAC;AACvE,OAAO,EAAE,0BAA0B,EAAE,MAAM,uCAAuC,CAAC;AACnF,OAAO,EAAE,wBAAwB,EAAE,MAAM,qCAAqC,CAAC;AAC/E,OAAO,EAAE,4BAA4B,EAAE,MAAM,yCAAyC,CAAC;AACvF,OAAO,EAAE,oBAAoB,EAAE,MAAM,iCAAiC,CAAC;AAGvE,OAAO,EAAE,wBAAwB,EAAE,MAAM,2CAA2C,CAAC;AACrF,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AAEvF,OAAO,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AA8BhD;;;GAGG;AACH,wBAAgB,iCAAiC,IAAI,oBAAoB,CAiCxE"}

package/dist/structural-rules/index.js

@@ -0,0 +1,141 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DS002MissingCorrelationId = exports.DS001SagaRollbackAbsence = exports.SR016UnsafeJSONParse = exports.SR015DanglingAbortController = exports.SR014MutableClosureAsync = exports.SR013MissingIdempotencyKey = exports.SR012PromiseRaceLeak = exports.SR011EventListenerLeak = exports.PY010LeakedAiohttpSession = exports.PY009UnsafePickleDeserialization = exports.PY008CeleryTaskWithoutRetry = exports.PY007SQLAlchemySessionLeak = exports.PY006BlockingIOInAsync = exports.PY005FastAPIWithoutPydantic = exports.PY004SwallowedAsyncException = exports.PY003BroadExceptClause = exports.PY002UnboundedDictSingleton = exports.PY001AsyncioTaskWithoutCancel = exports.SR010RetryStorm = exports.SR009MissingRetryBackoff = exports.SR008BackgroundTaskOrphan = exports.SR007CrossRequestError = exports.SR006FanoutErrorSanitization = exports.SR005HalfOpenProbeGate = exports.SR004RequestBoundaryNoValidation = exports.SR003TimerWithoutCleanup = exports.SR002UnboundedCollection = exports.SR001SwallowedAsyncRejection = exports.applyContextualSeverity = exports.adjustViolationSeverity = exports.classifyFileContext = exports.applySuppressions = exports.parseSuppressionDirectives = exports.StructuralRuleEngine = void 0;
+exports.createDefaultStructuralRuleEngine = createDefaultStructuralRuleEngine;
+var engine_1 = require("./engine");
+Object.defineProperty(exports, "StructuralRuleEngine", { enumerable: true, get: function () { return engine_1.StructuralRuleEngine; } });
+var suppressions_1 = require("./suppressions");
+Object.defineProperty(exports, "parseSuppressionDirectives", { enumerable: true, get: function () { return suppressions_1.parseSuppressionDirectives; } });
+Object.defineProperty(exports, "applySuppressions", { enumerable: true, get: function () { return suppressions_1.applySuppressions; } });
+var context_severity_1 = require("./context-severity");
+Object.defineProperty(exports, "classifyFileContext", { enumerable: true, get: function () { return context_severity_1.classifyFileContext; } });
+Object.defineProperty(exports, "adjustViolationSeverity", { enumerable: true, get: function () { return context_severity_1.adjustViolationSeverity; } });
+Object.defineProperty(exports, "applyContextualSeverity", { enumerable: true, get: function () { return context_severity_1.applyContextualSeverity; } });
+// TypeScript rules
+var SR001_swallowed_async_rejection_1 = require("./rules/SR001-swallowed-async-rejection");
+Object.defineProperty(exports, "SR001SwallowedAsyncRejection", { enumerable: true, get: function () { return SR001_swallowed_async_rejection_1.SR001SwallowedAsyncRejection; } });
+var SR002_unbounded_collection_1 = require("./rules/SR002-unbounded-collection");
+Object.defineProperty(exports, "SR002UnboundedCollection", { enumerable: true, get: function () { return SR002_unbounded_collection_1.SR002UnboundedCollection; } });
+var SR003_timer_without_cleanup_1 = require("./rules/SR003-timer-without-cleanup");
+Object.defineProperty(exports, "SR003TimerWithoutCleanup", { enumerable: true, get: function () { return SR003_timer_without_cleanup_1.SR003TimerWithoutCleanup; } });
+var SR004_request_boundary_no_validation_1 = require("./rules/SR004-request-boundary-no-validation");
+Object.defineProperty(exports, "SR004RequestBoundaryNoValidation", { enumerable: true, get: function () { return SR004_request_boundary_no_validation_1.SR004RequestBoundaryNoValidation; } });
+var SR005_halfopen_probe_gate_1 = require("./rules/SR005-halfopen-probe-gate");
+Object.defineProperty(exports, "SR005HalfOpenProbeGate", { enumerable: true, get: function () { return SR005_halfopen_probe_gate_1.SR005HalfOpenProbeGate; } });
+var SR006_fanout_error_sanitization_1 = require("./rules/SR006-fanout-error-sanitization");
+Object.defineProperty(exports, "SR006FanoutErrorSanitization", { enumerable: true, get: function () { return SR006_fanout_error_sanitization_1.SR006FanoutErrorSanitization; } });
+var SR007_cross_request_error_1 = require("./rules/SR007-cross-request-error");
+Object.defineProperty(exports, "SR007CrossRequestError", { enumerable: true, get: function () { return SR007_cross_request_error_1.SR007CrossRequestError; } });
+var SR008_background_task_orphan_1 = require("./rules/SR008-background-task-orphan");
+Object.defineProperty(exports, "SR008BackgroundTaskOrphan", { enumerable: true, get: function () { return SR008_background_task_orphan_1.SR008BackgroundTaskOrphan; } });
+var SR009_missing_retry_backoff_1 = require("./rules/SR009-missing-retry-backoff");
+Object.defineProperty(exports, "SR009MissingRetryBackoff", { enumerable: true, get: function () { return SR009_missing_retry_backoff_1.SR009MissingRetryBackoff; } });
+var SR010_retry_storm_1 = require("./rules/SR010-retry-storm");
+Object.defineProperty(exports, "SR010RetryStorm", { enumerable: true, get: function () { return SR010_retry_storm_1.SR010RetryStorm; } });
+// Python rules
+var PY001_asyncio_task_without_cancel_1 = require("./python/PY001-asyncio-task-without-cancel");
+Object.defineProperty(exports, "PY001AsyncioTaskWithoutCancel", { enumerable: true, get: function () { return PY001_asyncio_task_without_cancel_1.PY001AsyncioTaskWithoutCancel; } });
+var PY002_unbounded_dict_singleton_1 = require("./python/PY002-unbounded-dict-singleton");
+Object.defineProperty(exports, "PY002UnboundedDictSingleton", { enumerable: true, get: function () { return PY002_unbounded_dict_singleton_1.PY002UnboundedDictSingleton; } });
+var PY003_broad_except_clause_1 = require("./python/PY003-broad-except-clause");
+Object.defineProperty(exports, "PY003BroadExceptClause", { enumerable: true, get: function () { return PY003_broad_except_clause_1.PY003BroadExceptClause; } });
+var PY004_swallowed_async_exception_1 = require("./python/PY004-swallowed-async-exception");
+Object.defineProperty(exports, "PY004SwallowedAsyncException", { enumerable: true, get: function () { return PY004_swallowed_async_exception_1.PY004SwallowedAsyncException; } });
+var PY005_fastapi_without_pydantic_1 = require("./python/PY005-fastapi-without-pydantic");
+Object.defineProperty(exports, "PY005FastAPIWithoutPydantic", { enumerable: true, get: function () { return PY005_fastapi_without_pydantic_1.PY005FastAPIWithoutPydantic; } });
+var PY006_blocking_io_in_async_1 = require("./python/PY006-blocking-io-in-async");
+Object.defineProperty(exports, "PY006BlockingIOInAsync", { enumerable: true, get: function () { return PY006_blocking_io_in_async_1.PY006BlockingIOInAsync; } });
+var PY007_sqlalchemy_session_leak_1 = require("./python/PY007-sqlalchemy-session-leak");
+Object.defineProperty(exports, "PY007SQLAlchemySessionLeak", { enumerable: true, get: function () { return PY007_sqlalchemy_session_leak_1.PY007SQLAlchemySessionLeak; } });
+var PY008_celery_task_without_retry_1 = require("./python/PY008-celery-task-without-retry");
+Object.defineProperty(exports, "PY008CeleryTaskWithoutRetry", { enumerable: true, get: function () { return PY008_celery_task_without_retry_1.PY008CeleryTaskWithoutRetry; } });
+var PY009_unsafe_pickle_deserialization_1 = require("./python/PY009-unsafe-pickle-deserialization");
+Object.defineProperty(exports, "PY009UnsafePickleDeserialization", { enumerable: true, get: function () { return PY009_unsafe_pickle_deserialization_1.PY009UnsafePickleDeserialization; } });
+var PY010_leaked_aiohttp_session_1 = require("./python/PY010-leaked-aiohttp-session");
+Object.defineProperty(exports, "PY010LeakedAiohttpSession", { enumerable: true, get: function () { return PY010_leaked_aiohttp_session_1.PY010LeakedAiohttpSession; } });
+// TypeScript rules — extended set
+var SR011_event_listener_leak_1 = require("./rules/SR011-event-listener-leak");
+Object.defineProperty(exports, "SR011EventListenerLeak", { enumerable: true, get: function () { return SR011_event_listener_leak_1.SR011EventListenerLeak; } });
+var SR012_promise_race_leak_1 = require("./rules/SR012-promise-race-leak");
+Object.defineProperty(exports, "SR012PromiseRaceLeak", { enumerable: true, get: function () { return SR012_promise_race_leak_1.SR012PromiseRaceLeak; } });
+var SR013_missing_idempotency_key_1 = require("./rules/SR013-missing-idempotency-key");
+Object.defineProperty(exports, "SR013MissingIdempotencyKey", { enumerable: true, get: function () { return SR013_missing_idempotency_key_1.SR013MissingIdempotencyKey; } });
+var SR014_mutable_closure_async_1 = require("./rules/SR014-mutable-closure-async");
+Object.defineProperty(exports, "SR014MutableClosureAsync", { enumerable: true, get: function () { return SR014_mutable_closure_async_1.SR014MutableClosureAsync; } });
+var SR015_dangling_abort_controller_1 = require("./rules/SR015-dangling-abort-controller");
+Object.defineProperty(exports, "SR015DanglingAbortController", { enumerable: true, get: function () { return SR015_dangling_abort_controller_1.SR015DanglingAbortController; } });
+var SR016_unsafe_json_parse_1 = require("./rules/SR016-unsafe-json-parse");
+Object.defineProperty(exports, "SR016UnsafeJSONParse", { enumerable: true, get: function () { return SR016_unsafe_json_parse_1.SR016UnsafeJSONParse; } });
+// Distributed rules
+var DS001_saga_rollback_absence_1 = require("./distributed/DS001-saga-rollback-absence");
+Object.defineProperty(exports, "DS001SagaRollbackAbsence", { enumerable: true, get: function () { return DS001_saga_rollback_absence_1.DS001SagaRollbackAbsence; } });
+var DS002_missing_correlation_id_1 = require("./distributed/DS002-missing-correlation-id");
+Object.defineProperty(exports, "DS002MissingCorrelationId", { enumerable: true, get: function () { return DS002_missing_correlation_id_1.DS002MissingCorrelationId; } });
+const engine_2 = require("./engine");
+const SR001_swallowed_async_rejection_2 = require("./rules/SR001-swallowed-async-rejection");
+const SR002_unbounded_collection_2 = require("./rules/SR002-unbounded-collection");
+const SR003_timer_without_cleanup_2 = require("./rules/SR003-timer-without-cleanup");
+const SR004_request_boundary_no_validation_2 = require("./rules/SR004-request-boundary-no-validation");
+const SR005_halfopen_probe_gate_2 = require("./rules/SR005-halfopen-probe-gate");
+const SR006_fanout_error_sanitization_2 = require("./rules/SR006-fanout-error-sanitization");
+const SR007_cross_request_error_2 = require("./rules/SR007-cross-request-error");
+const SR008_background_task_orphan_2 = require("./rules/SR008-background-task-orphan");
+const SR009_missing_retry_backoff_2 = require("./rules/SR009-missing-retry-backoff");
+const SR010_retry_storm_2 = require("./rules/SR010-retry-storm");
+const PY001_asyncio_task_without_cancel_2 = require("./python/PY001-asyncio-task-without-cancel");
+const PY002_unbounded_dict_singleton_2 = require("./python/PY002-unbounded-dict-singleton");
+const PY003_broad_except_clause_2 = require("./python/PY003-broad-except-clause");
+const PY004_swallowed_async_exception_2 = require("./python/PY004-swallowed-async-exception");
+const PY005_fastapi_without_pydantic_2 = require("./python/PY005-fastapi-without-pydantic");
+const PY006_blocking_io_in_async_2 = require("./python/PY006-blocking-io-in-async");
+const PY007_sqlalchemy_session_leak_2 = require("./python/PY007-sqlalchemy-session-leak");
+const PY008_celery_task_without_retry_2 = require("./python/PY008-celery-task-without-retry");
+const PY009_unsafe_pickle_deserialization_2 = require("./python/PY009-unsafe-pickle-deserialization");
+const PY010_leaked_aiohttp_session_2 = require("./python/PY010-leaked-aiohttp-session");
+const SR011_event_listener_leak_2 = require("./rules/SR011-event-listener-leak");
+const SR012_promise_race_leak_2 = require("./rules/SR012-promise-race-leak");
+const SR013_missing_idempotency_key_2 = require("./rules/SR013-missing-idempotency-key");
+const SR014_mutable_closure_async_2 = require("./rules/SR014-mutable-closure-async");
+const SR015_dangling_abort_controller_2 = require("./rules/SR015-dangling-abort-controller");
+const SR016_unsafe_json_parse_2 = require("./rules/SR016-unsafe-json-parse");
+const DS001_saga_rollback_absence_2 = require("./distributed/DS001-saga-rollback-absence");
+const DS002_missing_correlation_id_2 = require("./distributed/DS002-missing-correlation-id");
+/**
+ * Creates and returns a pre-configured StructuralRuleEngine with all rules registered.
+ * This is the standard way to get a ready-to-use engine.
+ */
+function createDefaultStructuralRuleEngine() {
+    const engine = new engine_2.StructuralRuleEngine();
+    engine.registerAll([
+        new SR001_swallowed_async_rejection_2.SR001SwallowedAsyncRejection(),
+        new SR002_unbounded_collection_2.SR002UnboundedCollection(),
+        new SR003_timer_without_cleanup_2.SR003TimerWithoutCleanup(),
+        new SR004_request_boundary_no_validation_2.SR004RequestBoundaryNoValidation(),
+        new SR005_halfopen_probe_gate_2.SR005HalfOpenProbeGate(),
+        new SR006_fanout_error_sanitization_2.SR006FanoutErrorSanitization(),
+        new SR007_cross_request_error_2.SR007CrossRequestError(),
+        new SR008_background_task_orphan_2.SR008BackgroundTaskOrphan(),
+        new SR009_missing_retry_backoff_2.SR009MissingRetryBackoff(),
+        new SR010_retry_storm_2.SR010RetryStorm(),
+        new PY001_asyncio_task_without_cancel_2.PY001AsyncioTaskWithoutCancel(),
+        new PY002_unbounded_dict_singleton_2.PY002UnboundedDictSingleton(),
+        new PY003_broad_except_clause_2.PY003BroadExceptClause(),
+        new PY004_swallowed_async_exception_2.PY004SwallowedAsyncException(),
+        new PY005_fastapi_without_pydantic_2.PY005FastAPIWithoutPydantic(),
+        new PY006_blocking_io_in_async_2.PY006BlockingIOInAsync(),
+        new PY007_sqlalchemy_session_leak_2.PY007SQLAlchemySessionLeak(),
+        new PY008_celery_task_without_retry_2.PY008CeleryTaskWithoutRetry(),
+        new PY009_unsafe_pickle_deserialization_2.PY009UnsafePickleDeserialization(),
+        new PY010_leaked_aiohttp_session_2.PY010LeakedAiohttpSession(),
+        new SR011_event_listener_leak_2.SR011EventListenerLeak(),
+        new SR012_promise_race_leak_2.SR012PromiseRaceLeak(),
+        new SR013_missing_idempotency_key_2.SR013MissingIdempotencyKey(),
+        new SR014_mutable_closure_async_2.SR014MutableClosureAsync(),
+        new SR015_dangling_abort_controller_2.SR015DanglingAbortController(),
+        new SR016_unsafe_json_parse_2.SR016UnsafeJSONParse(),
+        new DS001_saga_rollback_absence_2.DS001SagaRollbackAbsence(),
+        new DS002_missing_correlation_id_2.DS002MissingCorrelationId(),
+    ]);
+    return engine;
+}
+//# sourceMappingURL=index.js.map

package/dist/structural-rules/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/structural-rules/index.ts"],"names":[],"mappings":";;;AAkGA,8EAiCC;AAnID,mCAAgD;AAAvC,8GAAA,oBAAoB,OAAA;AAS7B,+CAGwB;AAFtB,0HAAA,0BAA0B,OAAA;AAC1B,iHAAA,iBAAiB,OAAA;AAOnB,uDAI4B;AAH1B,uHAAA,mBAAmB,OAAA;AACnB,2HAAA,uBAAuB,OAAA;AACvB,2HAAA,uBAAuB,OAAA;AAOzB,mBAAmB;AACnB,2FAAuF;AAA9E,+IAAA,4BAA4B,OAAA;AACrC,iFAA8E;AAArE,sIAAA,wBAAwB,OAAA;AACjC,mFAA+E;AAAtE,uIAAA,wBAAwB,OAAA;AACjC,qGAAgG;AAAvF,wJAAA,gCAAgC,OAAA;AACzC,+EAA2E;AAAlE,mIAAA,sBAAsB,OAAA;AAC/B,2FAAuF;AAA9E,+IAAA,4BAA4B,OAAA;AACrC,+EAA2E;AAAlE,mIAAA,sBAAsB,OAAA;AAC/B,qFAAiF;AAAxE,yIAAA,yBAAyB,OAAA;AAClC,mFAA+E;AAAtE,uIAAA,wBAAwB,OAAA;AACjC,+DAA4D;AAAnD,oHAAA,eAAe,OAAA;AAExB,eAAe;AACf,gGAA2F;AAAlF,kJAAA,6BAA6B,OAAA;AACtC,0FAAsF;AAA7E,6IAAA,2BAA2B,OAAA;AACpC,gFAA4E;AAAnE,mIAAA,sBAAsB,OAAA;AAC/B,4FAAwF;AAA/E,+IAAA,4BAA4B,OAAA;AACrC,0FAAsF;AAA7E,6IAAA,2BAA2B,OAAA;AACpC,kFAA6E;AAApE,oIAAA,sBAAsB,OAAA;AAC/B,wFAAoF;AAA3E,2IAAA,0BAA0B,OAAA;AACnC,4FAAuF;AAA9E,8IAAA,2BAA2B,OAAA;AACpC,oGAAgG;AAAvF,uJAAA,gCAAgC,OAAA;AACzC,sFAAkF;AAAzE,yIAAA,yBAAyB,OAAA;AAElC,kCAAkC;AAClC,+EAA2E;AAAlE,mIAAA,sBAAsB,OAAA;AAC/B,2EAAuE;AAA9D,+HAAA,oBAAoB,OAAA;AAC7B,uFAAmF;AAA1E,2IAAA,0BAA0B,OAAA;AACnC,mFAA+E;AAAtE,uIAAA,wBAAwB,OAAA;AACjC,2FAAuF;AAA9E,+IAAA,4BAA4B,OAAA;AACrC,2EAAuE;AAA9D,+HAAA,oBAAoB,OAAA;AAE7B,oBAAoB;AACpB,yFAAqF;AAA5E,uIAAA,wBAAwB,OAAA;AACjC,2FAAuF;AAA9E,yIAAA,yBAAyB,OAAA;AAElC,qCAAgD;AAChD,6FAAuF;AACvF,mFAA8E;AAC9E,qFAA+E;AAC/E,uGAAgG;AAChG,iFAA2E;AAC3E,6FAAuF;AACvF,iFAA2E;AAC3E,uFAAiF;AACjF,qFAA+E;AAC/E,iEAA4D;AAC5D,kGAA2F;AAC3F,4FAAsF;AACtF,kFAA4E;AAC5E,8FAAwF;AACxF,4FAAsF;AACtF,oFAA6E;AAC7E,0FAAoF;AACpF,8FAAuF;AACvF,sGAAgG;AAChG,wFAAkF;AAClF,iFAA2E;AAC3E,6EAAuE;AACvE,yFAAmF;AACnF,qFAA+E;AAC/E,6FAAuF;AACvF,6EAAuE;AACvE,2FAAqF;AACrF,6FAAuF;AAEvF;;;GAGG;AACH,SAAgB,iCAAiC;IAC/C,MAAM,MAAM,GAAG,IAAI,6BAAoB,EAAE,CAAC;IAC1C,MAAM,CAAC,WAAW,CAAC;QACjB,IAAI,8DAA4B,EAAE;QAClC,IAAI,qDAAwB,EAAE;QAC9B,IAAI,sDAAwB,EAAE;QAC9B,IAAI,uEAAgC,EAAE;QACtC,IAAI,kDAAsB,EAAE;QAC5B,IAAI,8DAA4B,EAAE;QAClC,IAAI,kDAAsB,EAAE;QAC5B,IAAI,wDAAyB,EAAE;QAC/B,IAAI,sDAAwB,EAAE;QAC9B,IAAI,mCAAe,EAAE;QACrB,IAAI,iEAA6B,EAAE;QACnC,IAAI,4DAA2B,EAAE;QACjC,IAAI,kDAAsB,EAAE;QAC5B,IAAI,8DAA4B,EAAE;QAClC,IAAI,4DAA2B,EAAE;QACjC,IAAI,mDAAsB,EAAE;QAC5B,IAAI,0DAA0B,EAAE;QAChC,IAAI,6DAA2B,EAAE;QACjC,IAAI,sEAAgC,EAAE;QACtC,IAAI,wDAAyB,EAAE;QAC/B,IAAI,kDAAsB,EAAE;QAC5B,IAAI,8CAAoB,EAAE;QAC1B,IAAI,0DAA0B,EAAE;QAChC,IAAI,sDAAwB,EAAE;QAC9B,IAAI,8DAA4B,EAAE;QAClC,IAAI,8CAAoB,EAAE;QAC1B,IAAI,sDAAwB,EAAE;QAC9B,IAAI,wDAAyB,EAAE;KAChC,CAAC,CAAC;IACH,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/structural-rules/python/PY001-asyncio-task-without-cancel.d.ts

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class PY001AsyncioTaskWithoutCancel implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "ADVISORY";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=PY001-asyncio-task-without-cancel.d.ts.map

package/dist/structural-rules/python/PY001-asyncio-task-without-cancel.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PY001-asyncio-task-without-cancel.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/python/PY001-asyncio-task-without-cancel.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAM7E,qBAAa,6BAA8B,YAAW,cAAc;IAClE,EAAE,SAAW;IACb,IAAI,SAA+C;IACnD,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAc;IACvC,WAAW,SACyG;IAEpH,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CAoDnE"}

package/dist/structural-rules/python/PY001-asyncio-task-without-cancel.js

@@ -0,0 +1,66 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PY001AsyncioTaskWithoutCancel = void 0;
+function getLineNumber(lines, index) {
+    return index + 1;
+}
+class PY001AsyncioTaskWithoutCancel {
+    id = 'PY001';
+    name = 'asyncio.create_task without cancel handle';
+    policyRef = 'P015';
+    severity = 'ADVISORY';
+    languages = ['python'];
+    description = 'asyncio.create_task() whose return value is not stored cannot be cancelled, causing orphaned tasks on shutdown.';
+    check(filePath, sourceText) {
+        try {
+            const violations = [];
+            const lines = sourceText.split('\n');
+            for (let i = 0; i < lines.length; i++) {
+                const line = lines[i];
+                const trimmed = line.trimStart();
+                // Check if line contains asyncio.create_task(
+                if (!trimmed.includes('asyncio.create_task('))
+                    continue;
+                // Skip if the line starts with an assignment: varname = asyncio.create_task(
+                // or self.xxx = asyncio.create_task(
+                if (/^\s*\w[\w.]*\s*=\s*asyncio\.create_task\s*\(/.test(line))
+                    continue;
+                // Also skip augmented assignment
+                if (/^\s*\w[\w.]*\s*\+=/.test(line))
+                    continue;
+                // Skip if appended to a list: tasks.append(asyncio.create_task(
+                if (/\.append\s*\(\s*asyncio\.create_task\s*\(/.test(line))
+                    continue;
+                // Skip if stored in list literal context: [asyncio.create_task(...)]
+                // (heuristic: line contains = [...asyncio)
+                if (/=\s*\[.*asyncio\.create_task/.test(line))
+                    continue;
+                const evidence = line.slice(0, 120);
+                violations.push({
+                    ruleId: this.id,
+                    ruleName: this.name,
+                    policyRef: this.policyRef,
+                    severity: this.severity,
+                    filePath,
+                    line: getLineNumber(lines, i),
+                    column: line.indexOf('asyncio.create_task') + 1,
+                    evidence,
+                    operationalRisk: 'Tasks whose handles are discarded cannot be awaited or cancelled. ' +
+                        'On application shutdown, these tasks are abandoned mid-execution, ' +
+                        'potentially leaving resources locked or writes incomplete.',
+                    remediation: 'Store the task handle: `task = asyncio.create_task(...)` and cancel it on cleanup: ' +
+                        '`task.cancel(); await asyncio.gather(task, return_exceptions=True)`.',
+                    determinism: 'deterministic-structural',
+                    confidence: 0.80,
+                    language: 'python',
+                });
+            }
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.PY001AsyncioTaskWithoutCancel = PY001AsyncioTaskWithoutCancel;
+//# sourceMappingURL=PY001-asyncio-task-without-cancel.js.map

package/dist/structural-rules/python/PY001-asyncio-task-without-cancel.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"PY001-asyncio-task-without-cancel.js","sourceRoot":"","sources":["../../../src/structural-rules/python/PY001-asyncio-task-without-cancel.ts"],"names":[],"mappings":";;;AAEA,SAAS,aAAa,CAAC,KAAe,EAAE,KAAa;IACnD,OAAO,KAAK,GAAG,CAAC,CAAC;AACnB,CAAC;AAED,MAAa,6BAA6B;IACxC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,2CAA2C,CAAC;IACnD,SAAS,GAAG,MAAM,CAAC;IACnB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,QAAQ,CAAC,CAAC;IACvC,WAAW,GACT,iHAAiH,CAAC;IAEpH,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAErC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBACtB,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBAEjC,8CAA8C;gBAC9C,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAC;oBAAE,SAAS;gBAExD,6EAA6E;gBAC7E,qCAAqC;gBACrC,IAAI,8CAA8C,CAAC,IAAI,CAAC,IAAI,CAAC;oBAAE,SAAS;gBACxE,iCAAiC;gBACjC,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC;oBAAE,SAAS;gBAC9C,gEAAgE;gBAChE,IAAI,2CAA2C,CAAC,IAAI,CAAC,IAAI,CAAC;oBAAE,SAAS;gBACrE,qEAAqE;gBACrE,2CAA2C;gBAC3C,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC;oBAAE,SAAS;gBAExD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBAEpC,UAAU,CAAC,IAAI,CAAC;oBACd,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,QAAQ;oBACR,IAAI,EAAE,aAAa,CAAC,KAAK,EAAE,CAAC,CAAC;oBAC7B,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC;oBAC/C,QAAQ;oBACR,eAAe,EACb,oEAAoE;wBACpE,oEAAoE;wBACpE,4DAA4D;oBAC9D,WAAW,EACT,qFAAqF;wBACrF,sEAAsE;oBACxE,WAAW,EAAE,0BAA0B;oBACvC,UAAU,EAAE,IAAI;oBAChB,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC;YAED,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AA7DD,sEA6DC"}

package/dist/structural-rules/python/PY002-unbounded-dict-singleton.d.ts

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class PY002UnboundedDictSingleton implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "ADVISORY";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=PY002-unbounded-dict-singleton.d.ts.map

package/dist/structural-rules/python/PY002-unbounded-dict-singleton.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PY002-unbounded-dict-singleton.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/python/PY002-unbounded-dict-singleton.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAU7E,qBAAa,2BAA4B,YAAW,cAAc;IAChE,EAAE,SAAW;IACb,IAAI,SAA4C;IAChD,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAc;IACvC,WAAW,SAC4G;IAEvH,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CA4GnE"}

package/dist/structural-rules/python/PY002-unbounded-dict-singleton.js

@@ -0,0 +1,135 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PY002UnboundedDictSingleton = void 0;
+const CACHE_LIKE_NAMES = /cache|store|pending|registry|pool|map|queue|buffer|index/i;
+// Match self.<name> = {} or self.<name> = [] inside __init__ or class methods
+const SELF_ASSIGN_RE = /^(\s*)self\.(\w+)\s*=\s*(\{\}|\[\])\s*$/;
+// Match class-level dict/list (top-level inside class, indented once)
+const CLASS_FIELD_RE = /^(\s+)(\w+)\s*:\s*(Dict|List|dict|list|Set|set)[\[<]?/;
+class PY002UnboundedDictSingleton {
+    id = 'PY002';
+    name = 'Unbounded dict/list singleton in class';
+    policyRef = 'P016';
+    severity = 'ADVISORY';
+    languages = ['python'];
+    description = 'Class-level dicts or lists used as caches/registries with cache-like names but no maxsize or TTL grow unboundedly.';
+    check(filePath, sourceText) {
+        try {
+            const violations = [];
+            const lines = sourceText.split('\n');
+            // Track if we're inside a class
+            let insideClass = false;
+            let classIndent = '';
+            let insideInit = false;
+            let initIndent = '';
+            for (let i = 0; i < lines.length; i++) {
+                const line = lines[i];
+                const trimmed = line.trimStart();
+                // Detect class definition
+                if (/^class\s+\w+/.test(trimmed)) {
+                    insideClass = true;
+                    classIndent = line.match(/^(\s*)/)?.[1] ?? '';
+                    insideInit = false;
+                    continue;
+                }
+                if (!insideClass)
+                    continue;
+                // Detect __init__ method
+                if (/def\s+__init__\s*\(/.test(trimmed)) {
+                    insideInit = true;
+                    initIndent = line.match(/^(\s*)/)?.[1] ?? '';
+                    continue;
+                }
+                // Track leaving __init__: next def at same indent level
+                if (insideInit &&
+                    /^\s+def\s+\w+/.test(line) &&
+                    !line.startsWith(initIndent + '    ')) {
+                    insideInit = false;
+                }
+                // Check self.xxx = {} or self.xxx = [] inside __init__
+                const selfMatch = SELF_ASSIGN_RE.exec(line);
+                if (selfMatch && insideInit) {
+                    const fieldName = selfMatch[2];
+                    if (CACHE_LIKE_NAMES.test(fieldName)) {
+                        // Check if there's any maxsize/TTL reference in the whole class source
+                        const evidence = line.slice(0, 120);
+                        if (!hasBoundIndicator(sourceText, fieldName)) {
+                            violations.push({
+                                ruleId: this.id,
+                                ruleName: this.name,
+                                policyRef: this.policyRef,
+                                severity: this.severity,
+                                filePath,
+                                line: i + 1,
+                                column: line.indexOf('self.') + 1,
+                                evidence,
+                                operationalRisk: 'Instance-level cache/registry with no size bound grows indefinitely under load. ' +
+                                    'Long-running services accumulate entries without eviction, causing OOM.',
+                                remediation: 'Replace with `functools.lru_cache`, `cachetools.TTLCache(maxsize=1000, ttl=300)`, ' +
+                                    'or add explicit eviction logic with a max size check before each insert.',
+                                determinism: 'heuristic-advisory',
+                                confidence: 0.75,
+                                language: 'python',
+                            });
+                        }
+                    }
+                }
+                // Also check class-level type-annotated fields (outside __init__)
+                const classFieldMatch = CLASS_FIELD_RE.exec(line);
+                if (classFieldMatch && !insideInit) {
+                    const fieldName = classFieldMatch[2];
+                    if (CACHE_LIKE_NAMES.test(fieldName)) {
+                        const evidence = line.slice(0, 120);
+                        if (!hasBoundIndicator(sourceText, fieldName)) {
+                            violations.push({
+                                ruleId: this.id,
+                                ruleName: this.name,
+                                policyRef: this.policyRef,
+                                severity: this.severity,
+                                filePath,
+                                line: i + 1,
+                                column: (line.match(/^(\s*)/)?.[1].length ?? 0) + 1,
+                                evidence,
+                                operationalRisk: 'Class-level collection with a cache-like name has no visible size bound or TTL. ' +
+                                    'Unbounded growth causes OOM in long-running services.',
+                                remediation: 'Add maxsize enforcement or replace with `cachetools.TTLCache` / `lru_cache`. ' +
+                                    'Document the intended bound with a comment.',
+                                determinism: 'heuristic-advisory',
+                                confidence: 0.75,
+                                language: 'python',
+                            });
+                        }
+                    }
+                }
+            }
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.PY002UnboundedDictSingleton = PY002UnboundedDictSingleton;
+function hasBoundIndicator(sourceText, fieldName) {
+    const indicators = [
+        /maxsize/i,
+        /max_size/i,
+        /\bttl\b/i,
+        /lru_cache/i,
+        /TTLCache/i,
+        /LRUCache/i,
+        /bounded/i,
+        /evict/i,
+        /capacity/i,
+    ];
+    // Check near the field name or anywhere in the file
+    const fieldPattern = new RegExp(`${fieldName}.*(?:maxsize|max_size|ttl|lru|evict|capacity)`, 'i');
+    if (fieldPattern.test(sourceText))
+        return true;
+    // Or if the file imports cachetools
+    if (/\bcachetools\b/.test(sourceText))
+        return true;
+    // Check for general indicators nearby
+    return indicators.some(p => p.test(sourceText));
+}
+//# sourceMappingURL=PY002-unbounded-dict-singleton.js.map

package/dist/structural-rules/python/PY002-unbounded-dict-singleton.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"PY002-unbounded-dict-singleton.js","sourceRoot":"","sources":["../../../src/structural-rules/python/PY002-unbounded-dict-singleton.ts"],"names":[],"mappings":";;;AAEA,MAAM,gBAAgB,GAAG,2DAA2D,CAAC;AAErF,8EAA8E;AAC9E,MAAM,cAAc,GAAG,yCAAyC,CAAC;AAEjE,sEAAsE;AACtE,MAAM,cAAc,GAAG,uDAAuD,CAAC;AAE/E,MAAa,2BAA2B;IACtC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,wCAAwC,CAAC;IAChD,SAAS,GAAG,MAAM,CAAC;IACnB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,QAAQ,CAAC,CAAC;IACvC,WAAW,GACT,oHAAoH,CAAC;IAEvH,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAErC,gCAAgC;YAChC,IAAI,WAAW,GAAG,KAAK,CAAC;YACxB,IAAI,WAAW,GAAG,EAAE,CAAC;YACrB,IAAI,UAAU,GAAG,KAAK,CAAC;YACvB,IAAI,UAAU,GAAG,EAAE,CAAC;YAEpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBACtB,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBAEjC,0BAA0B;gBAC1B,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACjC,WAAW,GAAG,IAAI,CAAC;oBACnB,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBAC9C,UAAU,GAAG,KAAK,CAAC;oBACnB,SAAS;gBACX,CAAC;gBAED,IAAI,CAAC,WAAW;oBAAE,SAAS;gBAE3B,yBAAyB;gBACzB,IAAI,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACxC,UAAU,GAAG,IAAI,CAAC;oBAClB,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBAC7C,SAAS;gBACX,CAAC;gBAED,wDAAwD;gBACxD,IACE,UAAU;oBACV,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;oBAC1B,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,GAAG,MAAM,CAAC,EACrC,CAAC;oBACD,UAAU,GAAG,KAAK,CAAC;gBACrB,CAAC;gBAED,uDAAuD;gBACvD,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC5C,IAAI,SAAS,IAAI,UAAU,EAAE,CAAC;oBAC5B,MAAM,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;oBAC/B,IAAI,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;wBACrC,uEAAuE;wBACvE,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;wBACpC,IAAI,CAAC,iBAAiB,CAAC,UAAU,EAAE,SAAS,CAAC,EAAE,CAAC;4BAC9C,UAAU,CAAC,IAAI,CAAC;gCACd,MAAM,EAAE,IAAI,CAAC,EAAE;gCACf,QAAQ,EAAE,IAAI,CAAC,IAAI;gCACnB,SAAS,EAAE,IAAI,CAAC,SAAS;gCACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gCACvB,QAAQ;gCACR,IAAI,EAAE,CAAC,GAAG,CAAC;gCACX,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC;gCACjC,QAAQ;gCACR,eAAe,EACb,kFAAkF;oCAClF,yEAAyE;gCAC3E,WAAW,EACT,oFAAoF;oCACpF,0EAA0E;gCAC5E,WAAW,EAAE,oBAAoB;gCACjC,UAAU,EAAE,IAAI;gCAChB,QAAQ,EAAE,QAAQ;6BACnB,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,kEAAkE;gBAClE,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClD,IAAI,eAAe,IAAI,CAAC,UAAU,EAAE,CAAC;oBACnC,MAAM,SAAS,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;oBACrC,IAAI,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;wBACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;wBACpC,IAAI,CAAC,iBAAiB,CAAC,UAAU,EAAE,SAAS,CAAC,EAAE,CAAC;4BAC9C,UAAU,CAAC,IAAI,CAAC;gCACd,MAAM,EAAE,IAAI,CAAC,EAAE;gCACf,QAAQ,EAAE,IAAI,CAAC,IAAI;gCACnB,SAAS,EAAE,IAAI,CAAC,SAAS;gCACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gCACvB,QAAQ;gCACR,IAAI,EAAE,CAAC,GAAG,CAAC;gCACX,MAAM,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC;gCACnD,QAAQ;gCACR,eAAe,EACb,kFAAkF;oCAClF,uDAAuD;gCACzD,WAAW,EACT,+EAA+E;oCAC/E,6CAA6C;gCAC/C,WAAW,EAAE,oBAAoB;gCACjC,UAAU,EAAE,IAAI;gCAChB,QAAQ,EAAE,QAAQ;6BACnB,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AArHD,kEAqHC;AAED,SAAS,iBAAiB,CAAC,UAAkB,EAAE,SAAiB;IAC9D,MAAM,UAAU,GAAG;QACjB,UAAU;QACV,WAAW;QACX,UAAU;QACV,YAAY;QACZ,WAAW;QACX,WAAW;QACX,UAAU;QACV,QAAQ;QACR,WAAW;KACZ,CAAC;IACF,oDAAoD;IACpD,MAAM,YAAY,GAAG,IAAI,MAAM,CAAC,GAAG,SAAS,+CAA+C,EAAE,GAAG,CAAC,CAAC;IAClG,IAAI,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IAC/C,oCAAoC;IACpC,IAAI,gBAAgB,CAAC,IAAI,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IACnD,sCAAsC;IACtC,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;AAClD,CAAC"}

package/dist/structural-rules/python/PY003-broad-except-clause.d.ts

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class PY003BroadExceptClause implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "BLOCKING";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=PY003-broad-except-clause.d.ts.map

package/dist/structural-rules/python/PY003-broad-except-clause.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PY003-broad-except-clause.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/python/PY003-broad-except-clause.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAQ7E,qBAAa,sBAAuB,YAAW,cAAc;IAC3D,EAAE,SAAW;IACb,IAAI,SAA2C;IAC/C,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAc;IACvC,WAAW,SACyG;IAEpH,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CA8EnE"}

package/dist/structural-rules/python/PY003-broad-except-clause.js

@@ -0,0 +1,86 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PY003BroadExceptClause = void 0;
+// Matches: except Exception: or except Exception as e:
+const BROAD_EXCEPT_RE = /^(\s*)except\s+Exception(\s+as\s+\w+)?\s*:/;
+// Logging/reporting call patterns
+const LOGGING_RE = /\b(?:log|logger|logging|error|warn|warning|report|track|capture|sentry|bugsnag|rollbar|print)\s*[\.(]/i;
+class PY003BroadExceptClause {
+    id = 'PY003';
+    name = 'Broad except clause swallowing errors';
+    policyRef = 'P017';
+    severity = 'BLOCKING';
+    languages = ['python'];
+    description = 'except Exception: blocks that neither re-raise nor log silently swallow all exceptions including system errors.';
+    check(filePath, sourceText) {
+        try {
+            const violations = [];
+            const lines = sourceText.split('\n');
+            for (let i = 0; i < lines.length; i++) {
+                const line = lines[i];
+                const match = BROAD_EXCEPT_RE.exec(line);
+                if (!match)
+                    continue;
+                const exceptIndent = match[1].length;
+                // Collect the except block body (lines more indented than the except statement)
+                const bodyLines = [];
+                let j = i + 1;
+                while (j < lines.length) {
+                    const bodyLine = lines[j];
+                    const bodyTrimmed = bodyLine.trimStart();
+                    // Empty line — continue collecting
+                    if (bodyTrimmed.length === 0) {
+                        j++;
+                        continue;
+                    }
+                    const bodyIndent = bodyLine.length - bodyLine.trimStart().length;
+                    // If indent is less than or equal to the except indent, block ended
+                    if (bodyIndent <= exceptIndent)
+                        break;
+                    bodyLines.push(bodyLine);
+                    j++;
+                }
+                if (bodyLines.length === 0)
+                    continue;
+                const bodyText = bodyLines.join('\n');
+                // Check for re-raise
+                const hasReraise = /^\s*raise\b/.test(bodyText) || /\braise\b/.test(bodyText);
+                if (hasReraise)
+                    continue;
+                // Check for logging
+                if (LOGGING_RE.test(bodyText))
+                    continue;
+                // Skip if body only contains pass
+                const nonEmpty = bodyLines
+                    .map(l => l.trim())
+                    .filter(l => l.length > 0 && l !== 'pass' && !l.startsWith('#'));
+                // If the body is just `pass` or empty meaningful statements, it's swallowing
+                // If it has actual work (return something, set variable), still flag it
+                const evidence = line.slice(0, 120);
+                violations.push({
+                    ruleId: this.id,
+                    ruleName: this.name,
+                    policyRef: this.policyRef,
+                    severity: this.severity,
+                    filePath,
+                    line: i + 1,
+                    column: exceptIndent + 1,
+                    evidence,
+                    operationalRisk: 'Catches ALL exceptions (including SystemExit, KeyboardInterrupt, MemoryError) without ' +
+                        'logging or re-raising. Silent failures make debugging impossible and hide operational issues.',
+                    remediation: 'Either re-raise after handling: `except Exception as e: logger.error(e); raise` ' +
+                        'or narrow the exception type. Avoid bare `except Exception` without at minimum logging.',
+                    determinism: 'deterministic-structural',
+                    confidence: nonEmpty.length === 0 ? 0.95 : 0.85,
+                    language: 'python',
+                });
+            }
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.PY003BroadExceptClause = PY003BroadExceptClause;
+//# sourceMappingURL=PY003-broad-except-clause.js.map

package/dist/structural-rules/python/PY003-broad-except-clause.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"PY003-broad-except-clause.js","sourceRoot":"","sources":["../../../src/structural-rules/python/PY003-broad-except-clause.ts"],"names":[],"mappings":";;;AAEA,uDAAuD;AACvD,MAAM,eAAe,GAAG,4CAA4C,CAAC;AAErE,kCAAkC;AAClC,MAAM,UAAU,GAAG,wGAAwG,CAAC;AAE5H,MAAa,sBAAsB;IACjC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,uCAAuC,CAAC;IAC/C,SAAS,GAAG,MAAM,CAAC;IACnB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,QAAQ,CAAC,CAAC;IACvC,WAAW,GACT,iHAAiH,CAAC;IAEpH,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAErC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBACtB,MAAM,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACzC,IAAI,CAAC,KAAK;oBAAE,SAAS;gBAErB,MAAM,YAAY,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;gBACrC,gFAAgF;gBAChF,MAAM,SAAS,GAAa,EAAE,CAAC;gBAC/B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,OAAO,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;oBACxB,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBAC1B,MAAM,WAAW,GAAG,QAAQ,CAAC,SAAS,EAAE,CAAC;oBAEzC,mCAAmC;oBACnC,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC7B,CAAC,EAAE,CAAC;wBACJ,SAAS;oBACX,CAAC;oBAED,MAAM,UAAU,GAAG,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC,SAAS,EAAE,CAAC,MAAM,CAAC;oBACjE,oEAAoE;oBACpE,IAAI,UAAU,IAAI,YAAY;wBAAE,MAAM;oBAEtC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;oBACzB,CAAC,EAAE,CAAC;gBACN,CAAC;gBAED,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;oBAAE,SAAS;gBAErC,MAAM,QAAQ,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEtC,qBAAqB;gBACrB,MAAM,UAAU,GAAG,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAC9E,IAAI,UAAU;oBAAE,SAAS;gBAEzB,oBAAoB;gBACpB,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;oBAAE,SAAS;gBAExC,kCAAkC;gBAClC,MAAM,QAAQ,GAAG,SAAS;qBACvB,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;qBAClB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,MAAM,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;gBAEnE,6EAA6E;gBAC7E,wEAAwE;gBACxE,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;gBAEpC,UAAU,CAAC,IAAI,CAAC;oBACd,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,QAAQ;oBACR,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,YAAY,GAAG,CAAC;oBACxB,QAAQ;oBACR,eAAe,EACb,wFAAwF;wBACxF,+FAA+F;oBACjG,WAAW,EACT,kFAAkF;wBAClF,yFAAyF;oBAC3F,WAAW,EAAE,0BAA0B;oBACvC,UAAU,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;oBAC/C,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC;YAED,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAvFD,wDAuFC"}

package/dist/structural-rules/python/PY004-swallowed-async-exception.d.ts

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class PY004SwallowedAsyncException implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "ADVISORY";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=PY004-swallowed-async-exception.d.ts.map

package/dist/structural-rules/python/PY004-swallowed-async-exception.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PY004-swallowed-async-exception.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/python/PY004-swallowed-async-exception.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAc7E,qBAAa,4BAA6B,YAAW,cAAc;IACjE,EAAE,SAAW;IACb,IAAI,SAAiC;IACrC,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAc;IACvC,WAAW,SAEsE;IAEjF,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CAkJnE"}