npm - @neurcode-ai/cli - Versions diffs - 0.9.64 → 0.9.65 - Mend

@neurcode-ai/cli 0.9.64 → 0.9.65

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (252) hide show

package/dist/structural-rules/rules/SR005-halfopen-probe-gate.js ADDED Viewed

@@ -0,0 +1,150 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SR005HalfOpenProbeGate = void 0;
+const ts = __importStar(require("typescript"));
+function getLineAndCol(sf, pos) {
+    const lc = sf.getLineAndCharacterOfPosition(pos);
+    return { line: lc.line + 1, column: lc.character + 1 };
+}
+function getEvidenceLines(sourceText, line) {
+    const lines = sourceText.split('\n');
+    return (lines[line - 1] || '').slice(0, 120);
+}
+const PROBE_GATE_PATTERNS = [
+    /probeInFlight/,
+    /probe_in_flight/,
+    /\bprobing\b/,
+    /probeSemaphore/,
+    /probeToken/,
+    /singleProbe/,
+    /oneProbe/,
+    /maxProbe/,
+    /probeCount/,
+];
+function hasProbingGate(sourceText) {
+    return PROBE_GATE_PATTERNS.some(p => p.test(sourceText));
+}
+/** Find all nodes that reference HALF_OPEN as identifier or string literal */
+function findHalfOpenNodes(sf) {
+    const results = [];
+    const visit = (node) => {
+        if (ts.isIdentifier(node) && /HALF.?OPEN/i.test(node.text)) {
+            results.push(node);
+        }
+        if (ts.isStringLiteral(node) && /HALF.?OPEN/i.test(node.text)) {
+            results.push(node);
+        }
+        ts.forEachChild(node, visit);
+    };
+    ts.forEachChild(sf, visit);
+    return results;
+}
+/** Check if the HALF_OPEN node is inside a conditional expression */
+function isInsideConditional(node) {
+    let current = node.parent;
+    while (current) {
+        if (ts.isIfStatement(current) ||
+            ts.isSwitchStatement(current) ||
+            ts.isCaseClause(current) ||
+            ts.isConditionalExpression(current) ||
+            ts.isBinaryExpression(current)) {
+            return true;
+        }
+        current = current.parent;
+    }
+    return false;
+}
+class SR005HalfOpenProbeGate {
+    id = 'SR005';
+    name = 'Half-open circuit breaker without probe gate';
+    policyRef = 'P009';
+    severity = 'ADVISORY';
+    languages = ['typescript', 'javascript'];
+    description = 'Circuit breaker HALF_OPEN state with no probe-in-flight gate lets multiple concurrent requests probe downstream simultaneously.';
+    check(filePath, sourceText) {
+        try {
+            // Fast path: no HALF_OPEN in file
+            if (!/HALF.?OPEN/i.test(sourceText))
+                return [];
+            // If probe gating is present, no violation
+            if (hasProbingGate(sourceText))
+                return [];
+            const violations = [];
+            const ext = filePath.endsWith('.tsx')
+                ? ts.ScriptKind.TSX
+                : filePath.endsWith('.jsx')
+                    ? ts.ScriptKind.JSX
+                    : filePath.endsWith('.js')
+                        ? ts.ScriptKind.JS
+                        : ts.ScriptKind.TS;
+            const sf = ts.createSourceFile(filePath, sourceText, ts.ScriptTarget.Latest, true, ext);
+            const halfOpenNodes = findHalfOpenNodes(sf);
+            for (const node of halfOpenNodes) {
+                if (!isInsideConditional(node))
+                    continue;
+                const { line, column } = getLineAndCol(sf, node.getStart(sf));
+                const evidence = getEvidenceLines(sourceText, line);
+                violations.push({
+                    ruleId: this.id,
+                    ruleName: this.name,
+                    policyRef: this.policyRef,
+                    severity: this.severity,
+                    filePath,
+                    line,
+                    column,
+                    evidence,
+                    operationalRisk: 'Without a probe-in-flight flag, N concurrent requests in HALF_OPEN all become probes simultaneously. ' +
+                        'A slow downstream gets hammered, and a single success can trip the breaker back to CLOSED ' +
+                        'while others are still in-flight, masking persistent failures.',
+                    remediation: 'Add a boolean `probeInFlight` flag (or a Semaphore(1)). Gate the HALF_OPEN branch: ' +
+                        '`if (this.state === HALF_OPEN && !this.probeInFlight) { this.probeInFlight = true; ... }`' +
+                        ' and reset it in both success and failure handlers.',
+                    determinism: 'heuristic-advisory',
+                    confidence: 0.75,
+                    language: filePath.match(/\.(js|jsx)$/) ? 'javascript' : 'typescript',
+                });
+                // Report only the first occurrence per file to avoid noise
+                break;
+            }
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.SR005HalfOpenProbeGate = SR005HalfOpenProbeGate;
+//# sourceMappingURL=SR005-halfopen-probe-gate.js.map

package/dist/structural-rules/rules/SR005-halfopen-probe-gate.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR005-halfopen-probe-gate.js","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR005-halfopen-probe-gate.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AAGjC,SAAS,aAAa,CAAC,EAAiB,EAAE,GAAW;IACnD,MAAM,EAAE,GAAG,EAAE,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,SAAS,gBAAgB,CAAC,UAAkB,EAAE,IAAY;IACxD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,mBAAmB,GAAG;IAC1B,eAAe;IACf,iBAAiB;IACjB,aAAa;IACb,gBAAgB;IAChB,YAAY;IACZ,aAAa;IACb,UAAU;IACV,UAAU;IACV,YAAY;CACb,CAAC;AAEF,SAAS,cAAc,CAAC,UAAkB;IACxC,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,8EAA8E;AAC9E,SAAS,iBAAiB,CAAC,EAAiB;IAC1C,MAAM,OAAO,GAAc,EAAE,CAAC;IAC9B,MAAM,KAAK,GAAG,CAAC,IAAa,EAAQ,EAAE;QACpC,IAAI,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;QACD,IAAI,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9D,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;QACD,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC,CAAC;IACF,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;IAC3B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,qEAAqE;AACrE,SAAS,mBAAmB,CAAC,IAAa;IACxC,IAAI,OAAO,GAAwB,IAAI,CAAC,MAAM,CAAC;IAC/C,OAAO,OAAO,EAAE,CAAC;QACf,IACE,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC;YACzB,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC;YAC7B,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC;YACxB,EAAE,CAAC,uBAAuB,CAAC,OAAO,CAAC;YACnC,EAAE,CAAC,kBAAkB,CAAC,OAAO,CAAC,EAC9B,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;IAC3B,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAa,sBAAsB;IACjC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,8CAA8C,CAAC;IACtD,SAAS,GAAG,MAAM,CAAC;IACnB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACzD,WAAW,GACT,iIAAiI,CAAC;IAEpI,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,kCAAkC;YAClC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC;gBAAE,OAAO,EAAE,CAAC;YAE/C,2CAA2C;YAC3C,IAAI,cAAc,CAAC,UAAU,CAAC;gBAAE,OAAO,EAAE,CAAC;YAE1C,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACnC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;gBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC3B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;oBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;wBAC1B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE;wBAClB,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;YAErB,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YACxF,MAAM,aAAa,GAAG,iBAAiB,CAAC,EAAE,CAAC,CAAC;YAE5C,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;gBACjC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;oBAAE,SAAS;gBAEzC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,EAAE,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC9D,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBAEpD,UAAU,CAAC,IAAI,CAAC;oBACd,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,QAAQ;oBACR,IAAI;oBACJ,MAAM;oBACN,QAAQ;oBACR,eAAe,EACb,uGAAuG;wBACvG,4FAA4F;wBAC5F,gEAAgE;oBAClE,WAAW,EACT,qFAAqF;wBACrF,2FAA2F;wBAC3F,qDAAqD;oBACvD,WAAW,EAAE,oBAAoB;oBACjC,UAAU,EAAE,IAAI;oBAChB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY;iBACtE,CAAC,CAAC;gBAEH,2DAA2D;gBAC3D,MAAM;YACR,CAAC;YAED,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAlED,wDAkEC"}

package/dist/structural-rules/rules/SR006-fanout-error-sanitization.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class SR006FanoutErrorSanitization implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "BLOCKING";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=SR006-fanout-error-sanitization.d.ts.map

package/dist/structural-rules/rules/SR006-fanout-error-sanitization.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR006-fanout-error-sanitization.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR006-fanout-error-sanitization.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAoE7E,qBAAa,4BAA6B,YAAW,cAAc;IACjE,EAAE,SAAW;IACb,IAAI,SAAwC;IAC5C,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAgC;IACzD,WAAW,SACoH;IAE/H,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CA0DnE"}

package/dist/structural-rules/rules/SR006-fanout-error-sanitization.js ADDED Viewed

@@ -0,0 +1,161 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SR006FanoutErrorSanitization = void 0;
+const ts = __importStar(require("typescript"));
+function getLineAndCol(sf, pos) {
+    const lc = sf.getLineAndCharacterOfPosition(pos);
+    return { line: lc.line + 1, column: lc.character + 1 };
+}
+function getEvidenceLines(sourceText, line) {
+    const lines = sourceText.split('\n');
+    return (lines[line - 1] || '').slice(0, 120);
+}
+/** Check if a node is a map.set(key, promise) call */
+function isMapSetCall(node, sf) {
+    if (!ts.isPropertyAccessExpression(node.expression))
+        return false;
+    if (node.expression.name.text !== 'set')
+        return false;
+    if (node.arguments.length < 2)
+        return false;
+    return true;
+}
+/**
+ * Walk a node tree and find all .catch( call nodes.
+ */
+function findCatchCallsInNode(node) {
+    const results = [];
+    const visit = (n) => {
+        if (ts.isCallExpression(n) &&
+            ts.isPropertyAccessExpression(n.expression) &&
+            n.expression.name.text === 'catch') {
+            results.push(n);
+        }
+        ts.forEachChild(n, visit);
+    };
+    ts.forEachChild(node, visit);
+    return results;
+}
+/**
+ * Returns true if the catch callback:
+ * - Has a non-empty body
+ * - Does NOT contain a throw statement
+ * - Does NOT wrap in new Error() or TRPCError()
+ * - Does NOT call reject()
+ */
+function catchSwallowsError(catchCall, sf) {
+    if (catchCall.arguments.length === 0)
+        return false;
+    const callback = catchCall.arguments[0];
+    if (!ts.isArrowFunction(callback) && !ts.isFunctionExpression(callback))
+        return false;
+    const body = callback.body;
+    // Empty body — explicit suppression, different pattern
+    if (ts.isBlock(body) && body.statements.length === 0)
+        return false;
+    const bodyText = body.getText(sf);
+    // If it throws or rejects, it's fine
+    if (/\bthrow\b/.test(bodyText))
+        return false;
+    if (/\breject\s*\(/.test(bodyText))
+        return false;
+    // If it wraps in a new Error or TRPCError, it's fine
+    if (/new\s+(Error|TRPCError)\s*\(/.test(bodyText))
+        return false;
+    return true;
+}
+class SR006FanoutErrorSanitization {
+    id = 'SR006';
+    name = 'Fanout promise error not sanitized';
+    policyRef = 'P010';
+    severity = 'BLOCKING';
+    languages = ['typescript', 'javascript'];
+    description = 'Promise stored in a coalescing Map with a .catch that returns a default value without re-throwing leaks failures silently.';
+    check(filePath, sourceText) {
+        try {
+            const violations = [];
+            const ext = filePath.endsWith('.tsx')
+                ? ts.ScriptKind.TSX
+                : filePath.endsWith('.jsx')
+                    ? ts.ScriptKind.JSX
+                    : filePath.endsWith('.js')
+                        ? ts.ScriptKind.JS
+                        : ts.ScriptKind.TS;
+            const sf = ts.createSourceFile(filePath, sourceText, ts.ScriptTarget.Latest, true, ext);
+            // Find all map.set(key, ...) calls
+            const visit = (node) => {
+                if (ts.isCallExpression(node) && isMapSetCall(node, sf)) {
+                    // The second argument is the value being stored — look for .catch on it
+                    const valueArg = node.arguments[1];
+                    const catchCalls = findCatchCallsInNode(valueArg);
+                    for (const catchCall of catchCalls) {
+                        if (catchSwallowsError(catchCall, sf)) {
+                            const { line, column } = getLineAndCol(sf, catchCall.getStart(sf));
+                            const evidence = getEvidenceLines(sourceText, line);
+                            violations.push({
+                                ruleId: this.id,
+                                ruleName: this.name,
+                                policyRef: this.policyRef,
+                                severity: this.severity,
+                                filePath,
+                                line,
+                                column,
+                                evidence,
+                                operationalRisk: 'When a promise stored in a coalescing Map resolves to a default/null value instead of ' +
+                                    'rejecting, all waiting callers receive a silent success. The original error is lost, ' +
+                                    'and callers proceed with invalid/empty data, causing silent data corruption.',
+                                remediation: 'In the .catch handler, either re-throw the error (`throw err`) or wrap it: ' +
+                                    '`throw new Error(`fanout failure: ${err.message}`)`. ' +
+                                    'Callers should handle rejection, not receive a disguised success.',
+                                determinism: 'deterministic-structural',
+                                confidence: 0.87,
+                                language: filePath.match(/\.(js|jsx)$/) ? 'javascript' : 'typescript',
+                            });
+                        }
+                    }
+                }
+                ts.forEachChild(node, visit);
+            };
+            ts.forEachChild(sf, visit);
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.SR006FanoutErrorSanitization = SR006FanoutErrorSanitization;
+//# sourceMappingURL=SR006-fanout-error-sanitization.js.map

package/dist/structural-rules/rules/SR006-fanout-error-sanitization.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR006-fanout-error-sanitization.js","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR006-fanout-error-sanitization.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AAGjC,SAAS,aAAa,CAAC,EAAiB,EAAE,GAAW;IACnD,MAAM,EAAE,GAAG,EAAE,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,SAAS,gBAAgB,CAAC,UAAkB,EAAE,IAAY;IACxD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,sDAAsD;AACtD,SAAS,YAAY,CAAC,IAAuB,EAAE,EAAiB;IAC9D,IAAI,CAAC,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC,UAAU,CAAC;QAAE,OAAO,KAAK,CAAC;IAClE,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IACtD,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC5C,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,IAAa;IACzC,MAAM,OAAO,GAAwB,EAAE,CAAC;IACxC,MAAM,KAAK,GAAG,CAAC,CAAU,EAAQ,EAAE;QACjC,IACE,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC;YACtB,EAAE,CAAC,0BAA0B,CAAC,CAAC,CAAC,UAAU,CAAC;YAC3C,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,EAClC,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC,CAAC;IACF,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC7B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,SAA4B,EAAE,EAAiB;IACzE,IAAI,SAAS,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAExC,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,oBAAoB,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IAEtF,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;IAE3B,uDAAuD;IACvD,IAAI,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAEnE,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAElC,qCAAqC;IACrC,IAAI,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7C,IAAI,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IACjD,qDAAqD;IACrD,IAAI,8BAA8B,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IAEhE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAa,4BAA4B;IACvC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,oCAAoC,CAAC;IAC5C,SAAS,GAAG,MAAM,CAAC;IACnB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACzD,WAAW,GACT,4HAA4H,CAAC;IAE/H,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACnC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;gBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC3B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;oBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;wBAC1B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE;wBAClB,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;YAErB,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YAExF,mCAAmC;YACnC,MAAM,KAAK,GAAG,CAAC,IAAa,EAAQ,EAAE;gBACpC,IAAI,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,YAAY,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC;oBACxD,wEAAwE;oBACxE,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oBACnC,MAAM,UAAU,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;oBAElD,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;wBACnC,IAAI,kBAAkB,CAAC,SAAS,EAAE,EAAE,CAAC,EAAE,CAAC;4BACtC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,EAAE,EAAE,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;4BACnE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;4BACpD,UAAU,CAAC,IAAI,CAAC;gCACd,MAAM,EAAE,IAAI,CAAC,EAAE;gCACf,QAAQ,EAAE,IAAI,CAAC,IAAI;gCACnB,SAAS,EAAE,IAAI,CAAC,SAAS;gCACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gCACvB,QAAQ;gCACR,IAAI;gCACJ,MAAM;gCACN,QAAQ;gCACR,eAAe,EACb,wFAAwF;oCACxF,uFAAuF;oCACvF,8EAA8E;gCAChF,WAAW,EACT,6EAA6E;oCAC7E,uDAAuD;oCACvD,mEAAmE;gCACrE,WAAW,EAAE,0BAA0B;gCACvC,UAAU,EAAE,IAAI;gCAChB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY;6BACtE,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC/B,CAAC,CAAC;YAEF,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;YAC3B,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAnED,oEAmEC"}

package/dist/structural-rules/rules/SR007-cross-request-error.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class SR007CrossRequestError implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "ADVISORY";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=SR007-cross-request-error.d.ts.map

package/dist/structural-rules/rules/SR007-cross-request-error.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR007-cross-request-error.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR007-cross-request-error.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAgE7E,qBAAa,sBAAuB,YAAW,cAAc;IAC3D,EAAE,SAAW;IACb,IAAI,SAAyC;IAC7C,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAgC;IACzD,WAAW,SAC+G;IAE1H,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CA8FnE"}

package/dist/structural-rules/rules/SR007-cross-request-error.js ADDED Viewed

@@ -0,0 +1,175 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SR007CrossRequestError = void 0;
+const ts = __importStar(require("typescript"));
+function getLineAndCol(sf, pos) {
+    const lc = sf.getLineAndCharacterOfPosition(pos);
+    return { line: lc.line + 1, column: lc.character + 1 };
+}
+function getEvidenceLines(sourceText, line) {
+    const lines = sourceText.split('\n');
+    return (lines[line - 1] || '').slice(0, 120);
+}
+/** Check if the source text of a function scope contains a map.set( call */
+function containsMapSetInScope(text) {
+    return /\.\s*set\s*\(/.test(text);
+}
+/** Detect: throw err / throw error / reject(err) inside a .catch() handler */
+function findRawRethrowInCatch(catchCall, sf) {
+    const results = [];
+    if (catchCall.arguments.length === 0)
+        return results;
+    const callback = catchCall.arguments[0];
+    if (!ts.isArrowFunction(callback) && !ts.isFunctionExpression(callback))
+        return results;
+    const params = callback.parameters;
+    const errParamNames = new Set(params
+        .map(p => (ts.isIdentifier(p.name) ? p.name.text : ''))
+        .filter(n => n.length > 0));
+    const body = callback.body;
+    const visit = (node) => {
+        // throw err / throw error (raw re-throw of the caught variable)
+        if (ts.isThrowStatement(node) && node.expression) {
+            const expr = node.expression;
+            if (ts.isIdentifier(expr) && errParamNames.has(expr.text)) {
+                results.push(node);
+                return;
+            }
+        }
+        // reject(err) where err is the caught param
+        if (ts.isCallExpression(node) &&
+            ts.isIdentifier(node.expression) &&
+            node.expression.text === 'reject' &&
+            node.arguments.length === 1 &&
+            ts.isIdentifier(node.arguments[0]) &&
+            errParamNames.has(node.arguments[0].text)) {
+            results.push(node);
+            return;
+        }
+        ts.forEachChild(node, visit);
+    };
+    ts.forEachChild(body, visit);
+    return results;
+}
+class SR007CrossRequestError {
+    id = 'SR007';
+    name = 'Cross-request raw error propagation';
+    policyRef = 'P011';
+    severity = 'ADVISORY';
+    languages = ['typescript', 'javascript'];
+    description = 'Raw error re-thrown from a .catch inside a Map-coalesced promise propagates request-scoped data to unrelated waiters.';
+    check(filePath, sourceText) {
+        try {
+            // Fast check: file must have both .set( and .catch(
+            if (!containsMapSetInScope(sourceText))
+                return [];
+            if (!/.catch\s*\(/.test(sourceText))
+                return [];
+            const violations = [];
+            const ext = filePath.endsWith('.tsx')
+                ? ts.ScriptKind.TSX
+                : filePath.endsWith('.jsx')
+                    ? ts.ScriptKind.JSX
+                    : filePath.endsWith('.js')
+                        ? ts.ScriptKind.JS
+                        : ts.ScriptKind.TS;
+            const sf = ts.createSourceFile(filePath, sourceText, ts.ScriptTarget.Latest, true, ext);
+            // Find function bodies that contain map.set(
+            // then find .catch( inside those + raw rethrows
+            const checkFunction = (funcNode) => {
+                const body = funcNode.body;
+                if (!body)
+                    return;
+                const funcText = body.getText(sf);
+                if (!containsMapSetInScope(funcText))
+                    return;
+                // Find all .catch calls in this function body
+                const catchCalls = [];
+                const findCatches = (node) => {
+                    if (ts.isCallExpression(node) &&
+                        ts.isPropertyAccessExpression(node.expression) &&
+                        node.expression.name.text === 'catch') {
+                        catchCalls.push(node);
+                    }
+                    ts.forEachChild(node, findCatches);
+                };
+                ts.forEachChild(body, findCatches);
+                for (const catchCall of catchCalls) {
+                    const rethrows = findRawRethrowInCatch(catchCall, sf);
+                    for (const rethrow of rethrows) {
+                        const { line, column } = getLineAndCol(sf, rethrow.getStart(sf));
+                        const evidence = getEvidenceLines(sourceText, line);
+                        violations.push({
+                            ruleId: this.id,
+                            ruleName: this.name,
+                            policyRef: this.policyRef,
+                            severity: this.severity,
+                            filePath,
+                            line,
+                            column,
+                            evidence,
+                            operationalRisk: 'The raw error object (potentially containing request-scoped data: auth tokens, user IDs, ' +
+                                'PII) is passed to all callers waiting on the same Map entry. One request\'s error ' +
+                                'becomes another request\'s rejection reason, leaking data across request boundaries.',
+                            remediation: 'Wrap the error before re-throwing: `throw new Error(err.message)` or ' +
+                                '`throw new SanitizedError(err)`. Strip request-scoped properties before the throw ' +
+                                'propagates to other waiters.',
+                            determinism: 'heuristic-advisory',
+                            confidence: 0.70,
+                            language: filePath.match(/\.(js|jsx)$/) ? 'javascript' : 'typescript',
+                        });
+                    }
+                }
+            };
+            const visit = (node) => {
+                if (ts.isFunctionDeclaration(node) ||
+                    ts.isFunctionExpression(node) ||
+                    ts.isArrowFunction(node) ||
+                    ts.isMethodDeclaration(node)) {
+                    checkFunction(node);
+                }
+                ts.forEachChild(node, visit);
+            };
+            ts.forEachChild(sf, visit);
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.SR007CrossRequestError = SR007CrossRequestError;
+//# sourceMappingURL=SR007-cross-request-error.js.map

package/dist/structural-rules/rules/SR007-cross-request-error.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR007-cross-request-error.js","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR007-cross-request-error.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AAGjC,SAAS,aAAa,CAAC,EAAiB,EAAE,GAAW;IACnD,MAAM,EAAE,GAAG,EAAE,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,SAAS,gBAAgB,CAAC,UAAkB,EAAE,IAAY;IACxD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,4EAA4E;AAC5E,SAAS,qBAAqB,CAAC,IAAY;IACzC,OAAO,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACpC,CAAC;AAED,8EAA8E;AAC9E,SAAS,qBAAqB,CAAC,SAA4B,EAAE,EAAiB;IAC5E,MAAM,OAAO,GAAc,EAAE,CAAC;IAC9B,IAAI,SAAS,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC;IAErD,MAAM,QAAQ,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IACxC,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,oBAAoB,CAAC,QAAQ,CAAC;QAAE,OAAO,OAAO,CAAC;IAExF,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,CAAC;IACnC,MAAM,aAAa,GAAG,IAAI,GAAG,CAC3B,MAAM;SACH,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SACtD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAC7B,CAAC;IAEF,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;IAE3B,MAAM,KAAK,GAAG,CAAC,IAAa,EAAQ,EAAE;QACpC,gEAAgE;QAChE,IAAI,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACjD,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;YAC7B,IAAI,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1D,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACnB,OAAO;YACT,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,IACE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC;YACzB,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC;YAChC,IAAI,CAAC,UAAU,CAAC,IAAI,KAAK,QAAQ;YACjC,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC;YAC3B,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;YAClC,aAAa,CAAC,GAAG,CAAE,IAAI,CAAC,SAAS,CAAC,CAAC,CAAmB,CAAC,IAAI,CAAC,EAC5D,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnB,OAAO;QACT,CAAC;QAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC,CAAC;IAEF,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC7B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAa,sBAAsB;IACjC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,qCAAqC,CAAC;IAC7C,SAAS,GAAG,MAAM,CAAC;IACnB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACzD,WAAW,GACT,uHAAuH,CAAC;IAE1H,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,oDAAoD;YACpD,IAAI,CAAC,qBAAqB,CAAC,UAAU,CAAC;gBAAE,OAAO,EAAE,CAAC;YAClD,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC;gBAAE,OAAO,EAAE,CAAC;YAE/C,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACnC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;gBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC3B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;oBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;wBAC1B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE;wBAClB,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;YAErB,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YAExF,6CAA6C;YAC7C,gDAAgD;YAChD,MAAM,aAAa,GAAG,CACpB,QAIwB,EAClB,EAAE;gBACR,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;gBAC3B,IAAI,CAAC,IAAI;oBAAE,OAAO;gBAElB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBAClC,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC;oBAAE,OAAO;gBAE7C,8CAA8C;gBAC9C,MAAM,UAAU,GAAwB,EAAE,CAAC;gBAC3C,MAAM,WAAW,GAAG,CAAC,IAAa,EAAQ,EAAE;oBAC1C,IACE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC;wBACzB,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC,UAAU,CAAC;wBAC9C,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,EACrC,CAAC;wBACD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACxB,CAAC;oBACD,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;gBACrC,CAAC,CAAC;gBACF,EAAE,CAAC,YAAY,CAAC,IAAe,EAAE,WAAW,CAAC,CAAC;gBAE9C,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;oBACnC,MAAM,QAAQ,GAAG,qBAAqB,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;oBACtD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;wBAC/B,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,EAAE,EAAE,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;wBACjE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;wBACpD,UAAU,CAAC,IAAI,CAAC;4BACd,MAAM,EAAE,IAAI,CAAC,EAAE;4BACf,QAAQ,EAAE,IAAI,CAAC,IAAI;4BACnB,SAAS,EAAE,IAAI,CAAC,SAAS;4BACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;4BACvB,QAAQ;4BACR,IAAI;4BACJ,MAAM;4BACN,QAAQ;4BACR,eAAe,EACb,2FAA2F;gCAC3F,oFAAoF;gCACpF,sFAAsF;4BACxF,WAAW,EACT,uEAAuE;gCACvE,oFAAoF;gCACpF,8BAA8B;4BAChC,WAAW,EAAE,oBAAoB;4BACjC,UAAU,EAAE,IAAI;4BAChB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY;yBACtE,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC,CAAC;YAEF,MAAM,KAAK,GAAG,CAAC,IAAa,EAAQ,EAAE;gBACpC,IACE,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC;oBAC9B,EAAE,CAAC,oBAAoB,CAAC,IAAI,CAAC;oBAC7B,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;oBACxB,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAC5B,CAAC;oBACD,aAAa,CAAC,IAAI,CAAC,CAAC;gBACtB,CAAC;gBACD,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC/B,CAAC,CAAC;YAEF,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;YAC3B,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAvGD,wDAuGC"}

package/dist/structural-rules/rules/SR008-background-task-orphan.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class SR008BackgroundTaskOrphan implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "ADVISORY";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=SR008-background-task-orphan.d.ts.map

package/dist/structural-rules/rules/SR008-background-task-orphan.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR008-background-task-orphan.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR008-background-task-orphan.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAsF7E,qBAAa,yBAA0B,YAAW,cAAc;IAC9D,EAAE,SAAW;IACb,IAAI,SAAyD;IAC7D,SAAS,SAAU;IACnB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAgC;IACzD,WAAW,SACyG;IAEpH,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CAgEnE"}