npm - @neurcode-ai/cli - Versions diffs - 0.9.64 → 0.9.65 - Mend

@neurcode-ai/cli 0.9.64 → 0.9.65

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (252) hide show

package/dist/structural-rules/rules/SR013-missing-idempotency-key.js ADDED Viewed

@@ -0,0 +1,219 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SR013MissingIdempotencyKey = void 0;
+const ts = __importStar(require("typescript"));
+function getLineAndCol(sf, pos) {
+    const lc = sf.getLineAndCharacterOfPosition(pos);
+    return { line: lc.line + 1, column: lc.character + 1 };
+}
+function getEvidenceLines(sourceText, line, extra = 1) {
+    const lines = sourceText.split('\n');
+    return lines.slice(line - 1, Math.min(line - 1 + extra, lines.length)).map(l => l.slice(0, 120)).join('\n');
+}
+/** Payment/charge-related function name patterns. */
+const PAYMENT_FUNCTION_PATTERNS = [
+    'createcharge',
+    'processpayment',
+    'chargecustomer',
+    'createorder',
+    'placeorder',
+    'submitpayment',
+    'makepayment',
+    'initiatecharge',
+    'processcheckout',
+    'createsubscription',
+];
+/** Express-style route path patterns for payment routes. */
+const PAYMENT_ROUTE_PATTERNS = ['payment', 'charge', 'order', 'subscribe', 'checkout', 'billing'];
+/** HTTP mutation method names to detect router.post/put/patch calls. */
+const HTTP_MUTATION_METHODS = ['post', 'put', 'patch'];
+function isMutationRouteName(name) {
+    return HTTP_MUTATION_METHODS.includes(name.toLowerCase());
+}
+function isPaymentFunctionName(name) {
+    const lower = name.toLowerCase();
+    return PAYMENT_FUNCTION_PATTERNS.some(p => lower.includes(p));
+}
+function isPaymentRoutePath(pathText) {
+    const lower = pathText.toLowerCase();
+    return PAYMENT_ROUTE_PATTERNS.some(p => lower.includes(p));
+}
+function containsIdempotencyRef(bodyText) {
+    const lower = bodyText.toLowerCase();
+    return lower.includes('idempotency') || lower.includes('idempotent');
+}
+function isTestFile(filePath) {
+    return filePath.includes('.test.') || filePath.includes('.spec.');
+}
+/** Get the text of a function-like node body. */
+function getFunctionBodyText(node, sf) {
+    if (node.body) {
+        return node.body.getText(sf);
+    }
+    return '';
+}
+/** Extract string literal value from an expression, if it is one. */
+function tryGetStringLiteral(node) {
+    if (ts.isStringLiteral(node))
+        return node.text;
+    if (ts.isNoSubstitutionTemplateLiteral(node))
+        return node.text;
+    return undefined;
+}
+class SR013MissingIdempotencyKey {
+    id = 'SR013';
+    name = 'Missing idempotency key in payment handler';
+    policyRef = 'SR013';
+    severity = 'ADVISORY';
+    languages = ['typescript', 'javascript'];
+    description = 'HTTP mutation handlers for payment/charge/order operations that do not reference an idempotency key ' +
+        'risk duplicate charges on retry or double-submission.';
+    check(filePath, sourceText) {
+        try {
+            if (isTestFile(filePath))
+                return [];
+            const violations = [];
+            const ext = filePath.endsWith('.tsx')
+                ? ts.ScriptKind.TSX
+                : filePath.endsWith('.jsx')
+                    ? ts.ScriptKind.JSX
+                    : filePath.endsWith('.js')
+                        ? ts.ScriptKind.JS
+                        : ts.ScriptKind.TS;
+            const sf = ts.createSourceFile(filePath, sourceText, ts.ScriptTarget.Latest, true, ext);
+            const visit = (node) => {
+                // Pattern 1: Named function declarations/expressions with payment-related names
+                if ((ts.isFunctionDeclaration(node) || ts.isFunctionExpression(node) || ts.isArrowFunction(node)) &&
+                    ts.isFunctionLike(node)) {
+                    let funcName;
+                    if (ts.isFunctionDeclaration(node) && node.name) {
+                        funcName = node.name.text;
+                    }
+                    else if (ts.isFunctionExpression(node) && node.name) {
+                        funcName = node.name.text;
+                    }
+                    else {
+                        // Try to get name from variable declaration parent
+                        const parent = node.parent;
+                        if (ts.isVariableDeclaration(parent) && ts.isIdentifier(parent.name)) {
+                            funcName = parent.name.text;
+                        }
+                        else if (ts.isPropertyAssignment(parent) && ts.isIdentifier(parent.name)) {
+                            funcName = parent.name.text;
+                        }
+                        else if (ts.isMethodDeclaration(parent) && ts.isIdentifier(parent.name)) {
+                            funcName = parent.name.text;
+                        }
+                    }
+                    if (funcName && isPaymentFunctionName(funcName)) {
+                        const bodyText = getFunctionBodyText(node, sf);
+                        if (bodyText && !containsIdempotencyRef(bodyText)) {
+                            const { line, column } = getLineAndCol(sf, node.getStart(sf));
+                            const evidence = getEvidenceLines(sourceText, line, 2);
+                            violations.push({
+                                ruleId: this.id,
+                                ruleName: this.name,
+                                policyRef: this.policyRef,
+                                severity: this.severity,
+                                filePath,
+                                line,
+                                column,
+                                evidence,
+                                operationalRisk: 'Duplicate network requests (retries, double-clicks, load balancer replays) trigger ' +
+                                    'duplicate charges. Without idempotency keys, a payment processor receives two identical ' +
+                                    'requests and processes both.',
+                                remediation: 'Generate and pass an idempotency key per operation. For Stripe: ' +
+                                    '`stripe.charges.create(params, { idempotencyKey: uuidv4() })`. ' +
+                                    'Store used keys to detect and short-circuit duplicates.',
+                                determinism: 'heuristic-advisory',
+                                confidence: 0.72,
+                                language: filePath.match(/\.(js|jsx)$/) ? 'javascript' : 'typescript',
+                            });
+                        }
+                    }
+                }
+                // Pattern 2: Express-style route handlers: router.post('/payment', handler)
+                if (ts.isCallExpression(node) && ts.isPropertyAccessExpression(node.expression)) {
+                    const methodName = node.expression.name.text;
+                    if (isMutationRouteName(methodName) && node.arguments.length >= 2) {
+                        const pathArg = node.arguments[0];
+                        const pathStr = tryGetStringLiteral(pathArg);
+                        if (pathStr && isPaymentRoutePath(pathStr)) {
+                            // Get the last argument as the handler
+                            const handlerArg = node.arguments[node.arguments.length - 1];
+                            if (ts.isFunctionLike(handlerArg) ||
+                                ts.isArrowFunction(handlerArg) ||
+                                ts.isFunctionExpression(handlerArg)) {
+                                const bodyText = getFunctionBodyText(handlerArg, sf);
+                                if (bodyText && !containsIdempotencyRef(bodyText)) {
+                                    const { line, column } = getLineAndCol(sf, node.expression.name.getStart(sf));
+                                    const evidence = getEvidenceLines(sourceText, line, 2);
+                                    violations.push({
+                                        ruleId: this.id,
+                                        ruleName: this.name,
+                                        policyRef: this.policyRef,
+                                        severity: this.severity,
+                                        filePath,
+                                        line,
+                                        column,
+                                        evidence,
+                                        operationalRisk: 'Duplicate network requests (retries, double-clicks, load balancer replays) trigger ' +
+                                            'duplicate charges. Without idempotency keys, a payment processor receives two identical ' +
+                                            'requests and processes both.',
+                                        remediation: 'Generate and pass an idempotency key per operation. For Stripe: ' +
+                                            '`stripe.charges.create(params, { idempotencyKey: uuidv4() })`. ' +
+                                            'Store used keys to detect and short-circuit duplicates.',
+                                        determinism: 'heuristic-advisory',
+                                        confidence: 0.72,
+                                        language: filePath.match(/\.(js|jsx)$/) ? 'javascript' : 'typescript',
+                                    });
+                                }
+                            }
+                        }
+                    }
+                }
+                ts.forEachChild(node, visit);
+            };
+            ts.forEachChild(sf, visit);
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.SR013MissingIdempotencyKey = SR013MissingIdempotencyKey;
+//# sourceMappingURL=SR013-missing-idempotency-key.js.map

package/dist/structural-rules/rules/SR013-missing-idempotency-key.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR013-missing-idempotency-key.js","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR013-missing-idempotency-key.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AAGjC,SAAS,aAAa,CAAC,EAAiB,EAAE,GAAW;IACnD,MAAM,EAAE,GAAG,EAAE,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,SAAS,gBAAgB,CAAC,UAAkB,EAAE,IAAY,EAAE,KAAK,GAAG,CAAC;IACnE,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC9G,CAAC;AAED,qDAAqD;AACrD,MAAM,yBAAyB,GAAG;IAChC,cAAc;IACd,gBAAgB;IAChB,gBAAgB;IAChB,aAAa;IACb,YAAY;IACZ,eAAe;IACf,aAAa;IACb,gBAAgB;IAChB,iBAAiB;IACjB,oBAAoB;CACrB,CAAC;AAEF,4DAA4D;AAC5D,MAAM,sBAAsB,GAAG,CAAC,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;AAElG,wEAAwE;AACxE,MAAM,qBAAqB,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;AAEvD,SAAS,mBAAmB,CAAC,IAAY;IACvC,OAAO,qBAAqB,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;AAC5D,CAAC;AAED,SAAS,qBAAqB,CAAC,IAAY;IACzC,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IACjC,OAAO,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;AAChE,CAAC;AAED,SAAS,kBAAkB,CAAC,QAAgB;IAC1C,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAgB;IAC9C,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,OAAO,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;AACvE,CAAC;AAED,SAAS,UAAU,CAAC,QAAgB;IAClC,OAAO,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACpE,CAAC;AAED,iDAAiD;AACjD,SAAS,mBAAmB,CAAC,IAAgC,EAAE,EAAiB;IAC9E,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC/B,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,qEAAqE;AACrE,SAAS,mBAAmB,CAAC,IAAmB;IAC9C,IAAI,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC,IAAI,CAAC;IAC/C,IAAI,EAAE,CAAC,+BAA+B,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC,IAAI,CAAC;IAC/D,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAa,0BAA0B;IACrC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,4CAA4C,CAAC;IACpD,SAAS,GAAG,OAAO,CAAC;IACpB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACzD,WAAW,GACT,sGAAsG;QACtG,uDAAuD,CAAC;IAE1D,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,IAAI,UAAU,CAAC,QAAQ,CAAC;gBAAE,OAAO,EAAE,CAAC;YAEpC,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACnC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;gBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC3B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;oBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;wBAC1B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE;wBAClB,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;YAErB,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YAExF,MAAM,KAAK,GAAG,CAAC,IAAa,EAAQ,EAAE;gBACpC,gFAAgF;gBAChF,IACE,CAAC,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;oBAC7F,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,EACvB,CAAC;oBACD,IAAI,QAA4B,CAAC;oBAEjC,IAAI,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;wBAChD,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;oBAC5B,CAAC;yBAAM,IAAI,EAAE,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;wBACtD,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;oBAC5B,CAAC;yBAAM,CAAC;wBACN,mDAAmD;wBACnD,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;wBAC3B,IAAI,EAAE,CAAC,qBAAqB,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;4BACrE,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;wBAC9B,CAAC;6BAAM,IAAI,EAAE,CAAC,oBAAoB,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;4BAC3E,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;wBAC9B,CAAC;6BAAM,IAAI,EAAE,CAAC,mBAAmB,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;4BAC1E,QAAQ,GAAI,MAAM,CAAC,IAAsB,CAAC,IAAI,CAAC;wBACjD,CAAC;oBACH,CAAC;oBAED,IAAI,QAAQ,IAAI,qBAAqB,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAChD,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;wBAC/C,IAAI,QAAQ,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC;4BAClD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,EAAE,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;4BAC9D,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;4BACvD,UAAU,CAAC,IAAI,CAAC;gCACd,MAAM,EAAE,IAAI,CAAC,EAAE;gCACf,QAAQ,EAAE,IAAI,CAAC,IAAI;gCACnB,SAAS,EAAE,IAAI,CAAC,SAAS;gCACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gCACvB,QAAQ;gCACR,IAAI;gCACJ,MAAM;gCACN,QAAQ;gCACR,eAAe,EACb,qFAAqF;oCACrF,0FAA0F;oCAC1F,8BAA8B;gCAChC,WAAW,EACT,kEAAkE;oCAClE,iEAAiE;oCACjE,yDAAyD;gCAC3D,WAAW,EAAE,oBAAoB;gCACjC,UAAU,EAAE,IAAI;gCAChB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY;6BACtE,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,4EAA4E;gBAC5E,IAAI,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;oBAChF,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC;oBAC7C,IAAI,mBAAmB,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;wBAClE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;wBAClC,MAAM,OAAO,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;wBAC7C,IAAI,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;4BAC3C,uCAAuC;4BACvC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;4BAC7D,IACE,EAAE,CAAC,cAAc,CAAC,UAAU,CAAC;gCAC7B,EAAE,CAAC,eAAe,CAAC,UAAU,CAAC;gCAC9B,EAAE,CAAC,oBAAoB,CAAC,UAAU,CAAC,EACnC,CAAC;gCACD,MAAM,QAAQ,GAAG,mBAAmB,CAAC,UAAwC,EAAE,EAAE,CAAC,CAAC;gCACnF,IAAI,QAAQ,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC;oCAClD,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,EAAE,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;oCAC9E,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;oCACvD,UAAU,CAAC,IAAI,CAAC;wCACd,MAAM,EAAE,IAAI,CAAC,EAAE;wCACf,QAAQ,EAAE,IAAI,CAAC,IAAI;wCACnB,SAAS,EAAE,IAAI,CAAC,SAAS;wCACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wCACvB,QAAQ;wCACR,IAAI;wCACJ,MAAM;wCACN,QAAQ;wCACR,eAAe,EACb,qFAAqF;4CACrF,0FAA0F;4CAC1F,8BAA8B;wCAChC,WAAW,EACT,kEAAkE;4CAClE,iEAAiE;4CACjE,yDAAyD;wCAC3D,WAAW,EAAE,oBAAoB;wCACjC,UAAU,EAAE,IAAI;wCAChB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY;qCACtE,CAAC,CAAC;gCACL,CAAC;4BACH,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC/B,CAAC,CAAC;YAEF,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;YAC3B,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AArID,gEAqIC"}

package/dist/structural-rules/rules/SR014-mutable-closure-async.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class SR014MutableClosureAsync implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "ADVISORY";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=SR014-mutable-closure-async.d.ts.map

package/dist/structural-rules/rules/SR014-mutable-closure-async.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR014-mutable-closure-async.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR014-mutable-closure-async.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AA8G7E,qBAAa,wBAAyB,YAAW,cAAc;IAC7D,EAAE,SAAW;IACb,IAAI,SAAiE;IACrE,SAAS,SAAW;IACpB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAgC;IACzD,WAAW,SAEyF;IAEpG,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CAsFnE"}

package/dist/structural-rules/rules/SR014-mutable-closure-async.js ADDED Viewed

@@ -0,0 +1,208 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SR014MutableClosureAsync = void 0;
+const ts = __importStar(require("typescript"));
+function getLineAndCol(sf, pos) {
+    const lc = sf.getLineAndCharacterOfPosition(pos);
+    return { line: lc.line + 1, column: lc.character + 1 };
+}
+function getEvidenceLines(sourceText, line, extra = 1) {
+    const lines = sourceText.split('\n');
+    return lines.slice(line - 1, Math.min(line - 1 + extra, lines.length)).map(l => l.slice(0, 120)).join('\n');
+}
+/** Variable names to exclude (common single-use sequential patterns). */
+const EXCLUDED_VAR_NAMES = new Set(['result', 'error', 'err', 'res', 'response']);
+/** Async callback parent method names (promise chaining). */
+const ASYNC_CALLBACK_METHODS = new Set(['then', 'catch', 'setTimeout', 'setInterval']);
+/** Check if a node is an async arrow function or async function expression. */
+function isAsyncFunction(node) {
+    if (ts.isArrowFunction(node) || ts.isFunctionExpression(node)) {
+        return !!(node.modifiers?.some(m => m.kind === ts.SyntaxKind.AsyncKeyword));
+    }
+    return false;
+}
+/**
+ * Check if a node is a callback passed to .then(), .catch(), setTimeout(), setInterval().
+ */
+function isAsyncCallbackArg(node) {
+    const parent = node.parent;
+    if (!ts.isCallExpression(parent))
+        return false;
+    const callExpr = parent;
+    // Is this node one of the arguments?
+    if (!callExpr.arguments.includes(node))
+        return false;
+    const callExprExpr = callExpr.expression;
+    if (ts.isPropertyAccessExpression(callExprExpr)) {
+        const methodName = callExprExpr.name.text;
+        if (ASYNC_CALLBACK_METHODS.has(methodName))
+            return true;
+    }
+    if (ts.isIdentifier(callExprExpr)) {
+        if (ASYNC_CALLBACK_METHODS.has(callExprExpr.text))
+            return true;
+    }
+    return false;
+}
+/**
+ * Collect all `let` variable names declared directly in a function body (top-level of the block).
+ */
+function collectLetDeclarations(block) {
+    const letVars = new Map();
+    for (const stmt of block.statements) {
+        if (ts.isVariableStatement(stmt)) {
+            if (stmt.declarationList.flags & ts.NodeFlags.Let) {
+                for (const decl of stmt.declarationList.declarations) {
+                    if (ts.isIdentifier(decl.name)) {
+                        letVars.set(decl.name.text, decl);
+                    }
+                }
+            }
+        }
+    }
+    return letVars;
+}
+/**
+ * Find all assignments (varName = ...) inside an async callback or .then/.catch callback.
+ * Returns the set of variable names mutated inside such callbacks.
+ */
+function findMutationsInAsyncCallbacks(block, letVarNames) {
+    const mutations = new Map();
+    function visitForMutation(node, insideAsyncCallback) {
+        const enterAsync = insideAsyncCallback ||
+            ((ts.isArrowFunction(node) || ts.isFunctionExpression(node)) &&
+                (isAsyncFunction(node) || isAsyncCallbackArg(node)));
+        if (insideAsyncCallback &&
+            ts.isBinaryExpression(node) &&
+            node.operatorToken.kind === ts.SyntaxKind.EqualsToken &&
+            ts.isIdentifier(node.left) &&
+            letVarNames.has(node.left.text)) {
+            mutations.set(node.left.text, node);
+        }
+        // Don't descend into nested function bodies that are NOT async callbacks of our outer function
+        if (!insideAsyncCallback &&
+            (ts.isFunctionDeclaration(node) || ts.isClassDeclaration(node) || ts.isClassExpression(node))) {
+            return;
+        }
+        ts.forEachChild(node, child => visitForMutation(child, enterAsync));
+    }
+    ts.forEachChild(block, child => visitForMutation(child, false));
+    return mutations;
+}
+class SR014MutableClosureAsync {
+    id = 'SR014';
+    name = 'Mutable closure captured in async callback (race condition)';
+    policyRef = 'SR014';
+    severity = 'ADVISORY';
+    languages = ['typescript', 'javascript'];
+    description = '`let` variables declared in function scope and mutated inside async callbacks (.then, .catch, ' +
+        'setTimeout, setInterval) create race conditions when the outer function is called concurrently.';
+    check(filePath, sourceText) {
+        try {
+            const violations = [];
+            const ext = filePath.endsWith('.tsx')
+                ? ts.ScriptKind.TSX
+                : filePath.endsWith('.jsx')
+                    ? ts.ScriptKind.JSX
+                    : filePath.endsWith('.js')
+                        ? ts.ScriptKind.JS
+                        : ts.ScriptKind.TS;
+            const sf = ts.createSourceFile(filePath, sourceText, ts.ScriptTarget.Latest, true, ext);
+            const visit = (node) => {
+                // Only look at function bodies (function declarations, expressions, arrow functions, methods)
+                const isFuncLike = ts.isFunctionDeclaration(node) ||
+                    ts.isFunctionExpression(node) ||
+                    ts.isArrowFunction(node) ||
+                    ts.isMethodDeclaration(node) ||
+                    ts.isConstructorDeclaration(node);
+                if (isFuncLike && ts.isFunctionLike(node) && node.body && ts.isBlock(node.body)) {
+                    const block = node.body;
+                    const letVars = collectLetDeclarations(block);
+                    if (letVars.size === 0) {
+                        ts.forEachChild(node, visit);
+                        return;
+                    }
+                    // Filter out excluded names
+                    const candidateNames = new Set();
+                    for (const name of letVars.keys()) {
+                        if (!EXCLUDED_VAR_NAMES.has(name)) {
+                            candidateNames.add(name);
+                        }
+                    }
+                    if (candidateNames.size === 0) {
+                        ts.forEachChild(node, visit);
+                        return;
+                    }
+                    const mutations = findMutationsInAsyncCallbacks(block, candidateNames);
+                    for (const [varName, mutationNode] of mutations) {
+                        const decl = letVars.get(varName);
+                        const { line, column } = getLineAndCol(sf, mutationNode.getStart(sf));
+                        const evidenceLine = getLineAndCol(sf, decl.getStart(sf)).line;
+                        const evidence = getEvidenceLines(sourceText, evidenceLine, 1) +
+                            '\n' +
+                            getEvidenceLines(sourceText, line, 1);
+                        violations.push({
+                            ruleId: this.id,
+                            ruleName: this.name,
+                            policyRef: this.policyRef,
+                            severity: this.severity,
+                            filePath,
+                            line,
+                            column,
+                            evidence: evidence.slice(0, 240),
+                            operationalRisk: 'Two concurrent requests share a captured `let` variable; the second request\'s assignment ' +
+                                'overwrites the first\'s value before the first async operation completes, producing wrong ' +
+                                'data silently.',
+                            remediation: 'Move the variable inside the async callback, or use a const defined before the async ' +
+                                'boundary, or use a WeakMap keyed by the request context.',
+                            determinism: 'heuristic-advisory',
+                            confidence: 0.70,
+                            language: filePath.match(/\.(js|jsx)$/) ? 'javascript' : 'typescript',
+                        });
+                    }
+                }
+                ts.forEachChild(node, visit);
+            };
+            ts.forEachChild(sf, visit);
+            return violations;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.SR014MutableClosureAsync = SR014MutableClosureAsync;
+//# sourceMappingURL=SR014-mutable-closure-async.js.map

package/dist/structural-rules/rules/SR014-mutable-closure-async.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR014-mutable-closure-async.js","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR014-mutable-closure-async.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,+CAAiC;AAGjC,SAAS,aAAa,CAAC,EAAiB,EAAE,GAAW;IACnD,MAAM,EAAE,GAAG,EAAE,CAAC,6BAA6B,CAAC,GAAG,CAAC,CAAC;IACjD,OAAO,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,EAAE,MAAM,EAAE,EAAE,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,SAAS,gBAAgB,CAAC,UAAkB,EAAE,IAAY,EAAE,KAAK,GAAG,CAAC;IACnE,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACrC,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,GAAG,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC9G,CAAC;AAED,yEAAyE;AACzE,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;AAElF,6DAA6D;AAC7D,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC,CAAC;AAEvF,+EAA+E;AAC/E,SAAS,eAAe,CAAC,IAAa;IACpC,IAAI,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9D,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC;IAC9E,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,IAAa;IACvC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IAC3B,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,MAAM,CAAC;QAAE,OAAO,KAAK,CAAC;IAE/C,MAAM,QAAQ,GAAG,MAAM,CAAC;IACxB,qCAAqC;IACrC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAqB,CAAC;QAAE,OAAO,KAAK,CAAC;IAEtE,MAAM,YAAY,GAAG,QAAQ,CAAC,UAAU,CAAC;IACzC,IAAI,EAAE,CAAC,0BAA0B,CAAC,YAAY,CAAC,EAAE,CAAC;QAChD,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;QAC1C,IAAI,sBAAsB,CAAC,GAAG,CAAC,UAAU,CAAC;YAAE,OAAO,IAAI,CAAC;IAC1D,CAAC;IACD,IAAI,EAAE,CAAC,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;QAClC,IAAI,sBAAsB,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;IACjE,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,KAAe;IAC7C,MAAM,OAAO,GAAG,IAAI,GAAG,EAAkC,CAAC;IAC1D,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QACpC,IAAI,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;YACjC,IACE,IAAI,CAAC,eAAe,CAAC,KAAK,GAAG,EAAE,CAAC,SAAS,CAAC,GAAG,EAC7C,CAAC;gBACD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE,CAAC;oBACrD,IAAI,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC/B,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;oBACpC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,SAAS,6BAA6B,CACpC,KAAe,EACf,WAAwB;IAExB,MAAM,SAAS,GAAG,IAAI,GAAG,EAA+B,CAAC;IAEzD,SAAS,gBAAgB,CAAC,IAAa,EAAE,mBAA4B;QACnE,MAAM,UAAU,GACd,mBAAmB;YACnB,CAAC,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;gBAC1D,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAEzD,IACE,mBAAmB;YACnB,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;YAC3B,IAAI,CAAC,aAAa,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,WAAW;YACrD,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;YAC1B,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAC/B,CAAC;YACD,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACtC,CAAC;QAED,+FAA+F;QAC/F,IACE,CAAC,mBAAmB;YACpB,CAAC,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,EAC7F,CAAC;YACD,OAAO;QACT,CAAC;QAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;IACtE,CAAC;IAED,EAAE,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,CAAC,gBAAgB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;IAChE,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAa,wBAAwB;IACnC,EAAE,GAAG,OAAO,CAAC;IACb,IAAI,GAAG,6DAA6D,CAAC;IACrE,SAAS,GAAG,OAAO,CAAC;IACpB,QAAQ,GAAG,UAAmB,CAAC;IAC/B,SAAS,GAAmB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IACzD,WAAW,GACT,gGAAgG;QAChG,iGAAiG,CAAC;IAEpG,KAAK,CAAC,QAAgB,EAAE,UAAkB;QACxC,IAAI,CAAC;YACH,MAAM,UAAU,GAA0B,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACnC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;gBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC3B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG;oBACnB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC;wBAC1B,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE;wBAClB,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;YAErB,MAAM,EAAE,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;YAExF,MAAM,KAAK,GAAG,CAAC,IAAa,EAAQ,EAAE;gBACpC,8FAA8F;gBAC9F,MAAM,UAAU,GACd,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC;oBAC9B,EAAE,CAAC,oBAAoB,CAAC,IAAI,CAAC;oBAC7B,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;oBACxB,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC;oBAC5B,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC;gBAEpC,IAAI,UAAU,IAAI,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAChF,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC;oBACxB,MAAM,OAAO,GAAG,sBAAsB,CAAC,KAAK,CAAC,CAAC;oBAE9C,IAAI,OAAO,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;wBACvB,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;wBAC7B,OAAO;oBACT,CAAC;oBAED,4BAA4B;oBAC5B,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAC;oBACzC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;wBAClC,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;4BAClC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;wBAC3B,CAAC;oBACH,CAAC;oBAED,IAAI,cAAc,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;wBAC9B,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;wBAC7B,OAAO;oBACT,CAAC;oBAED,MAAM,SAAS,GAAG,6BAA6B,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;oBAEvE,KAAK,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,IAAI,SAAS,EAAE,CAAC;wBAChD,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAE,CAAC;wBACnC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,EAAE,EAAE,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;wBACtE,MAAM,YAAY,GAAG,aAAa,CAAC,EAAE,EAAE,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;wBAC/D,MAAM,QAAQ,GAAG,gBAAgB,CAAC,UAAU,EAAE,YAAY,EAAE,CAAC,CAAC;4BAC5D,IAAI;4BACJ,gBAAgB,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;wBAExC,UAAU,CAAC,IAAI,CAAC;4BACd,MAAM,EAAE,IAAI,CAAC,EAAE;4BACf,QAAQ,EAAE,IAAI,CAAC,IAAI;4BACnB,SAAS,EAAE,IAAI,CAAC,SAAS;4BACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;4BACvB,QAAQ;4BACR,IAAI;4BACJ,MAAM;4BACN,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;4BAChC,eAAe,EACb,4FAA4F;gCAC5F,4FAA4F;gCAC5F,gBAAgB;4BAClB,WAAW,EACT,uFAAuF;gCACvF,0DAA0D;4BAC5D,WAAW,EAAE,oBAAoB;4BACjC,UAAU,EAAE,IAAI;4BAChB,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,YAAY;yBACtE,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC/B,CAAC,CAAC;YAEF,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;YAC3B,OAAO,UAAU,CAAC;QACpB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AAhGD,4DAgGC"}

package/dist/structural-rules/rules/SR015-dangling-abort-controller.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { StructuralRule, StructuralViolation, RuleLanguage } from '../types';
+export declare class SR015DanglingAbortController implements StructuralRule {
+    id: string;
+    name: string;
+    policyRef: string;
+    severity: "ADVISORY";
+    languages: RuleLanguage[];
+    description: string;
+    check(filePath: string, sourceText: string): StructuralViolation[];
+}
+//# sourceMappingURL=SR015-dangling-abort-controller.d.ts.map

package/dist/structural-rules/rules/SR015-dangling-abort-controller.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"SR015-dangling-abort-controller.d.ts","sourceRoot":"","sources":["../../../src/structural-rules/rules/SR015-dangling-abort-controller.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAyF7E,qBAAa,4BAA6B,YAAW,cAAc;IACjE,EAAE,SAAW;IACb,IAAI,SAAqD;IACzD,SAAS,SAAW;IACpB,QAAQ,EAAG,UAAU,CAAU;IAC/B,SAAS,EAAE,YAAY,EAAE,CAAgC;IACzD,WAAW,SAEuE;IAElF,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB,EAAE;CAgFnE"}