npm - @nitra/cursor - Versions diffs - 1.11.4 → 1.11.6 - Mend

@nitra/cursor 1.11.4 → 1.11.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/rules/docker/policy/lint_docker_yml/lint_docker_yml_test.rego DELETED Viewed

@@ -1,104 +0,0 @@
-# Тести для `docker.lint_docker_yml`. Запуск:
-#   conftest verify -p npm/policy/docker/lint_docker_yml
-package docker.lint_docker_yml_test
-import rego.v1
-import data.docker.lint_docker_yml
-hadolint_install_run := concat("", [
-	"curl -sSL -o /tmp/hadolint",
-	" https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64",
-])
-valid_wf := {
-	"name": "Lint Docker",
-	"on": {"push": {
-		"branches": ["dev", "main"],
-		"paths": ["**/Dockerfile", "**/*.Dockerfile", "**/*.dockerfile"],
-	}},
-	"jobs": {"lint-docker": {"steps": [
-		{"uses": "actions/checkout@v6"},
-		{"name": "Install hadolint", "run": hadolint_install_run},
-		{"uses": "./.github/actions/setup-bun-deps"},
-		{"name": "Lint Docker", "run": "bun run lint-docker"},
-	]}},
-}
-# ── happy path ────────────────────────────────────────────────────────────
-test_allow_canonical if {
-	count(lint_docker_yml.deny) == 0 with input as valid_wf
-}
-# ── deny: on.push.paths ──────────────────────────────────────────────────
-test_deny_missing_path_dockerfile if {
-	wf := json.patch(
-		valid_wf,
-		[{"op": "replace", "path": "/on/push/paths", "value": ["**/*.Dockerfile", "**/*.dockerfile"]}],
-	)
-	count(lint_docker_yml.deny) > 0 with input as wf
-}
-test_deny_missing_paths_field if {
-	wf := json.patch(valid_wf, [{"op": "remove", "path": "/on/push/paths"}])
-	count(lint_docker_yml.deny) > 0 with input as wf
-}
-# ── deny: hadolint version ──────────────────────────────────────────────
-test_deny_wrong_hadolint_version if {
-	wrong_version_run := concat("", [
-		"curl -sSL",
-		" https://github.com/hadolint/hadolint/releases/download/v2.11.0/hadolint-Linux-x86_64",
-	])
-	wf := json.patch(valid_wf, [{
-		"op": "replace",
-		"path": "/jobs/lint-docker/steps/1/run",
-		"value": wrong_version_run,
-	}])
-	count(lint_docker_yml.deny) > 0 with input as wf
-}
-test_deny_no_hadolint_install if {
-	wf := json.patch(valid_wf, [{
-		"op": "replace",
-		"path": "/jobs/lint-docker/steps/1",
-		"value": {"name": "Noop", "run": "echo ok"},
-	}])
-	count(lint_docker_yml.deny) > 0 with input as wf
-}
-# ── deny: composite setup-bun-deps ──────────────────────────────────────
-test_deny_inline_setup_bun_instead_of_composite if {
-	# Старий канон (НЕПРАВИЛЬНО per ga.mdc): пряме `oven-sh/setup-bun` замість composite.
-	wf := json.patch(valid_wf, [{
-		"op": "replace",
-		"path": "/jobs/lint-docker/steps/2",
-		"value": {"uses": "oven-sh/setup-bun@v2"},
-	}])
-	count(lint_docker_yml.deny) > 0 with input as wf
-}
-test_deny_no_setup_step if {
-	wf := json.patch(valid_wf, [{"op": "remove", "path": "/jobs/lint-docker/steps/2"}])
-	count(lint_docker_yml.deny) > 0 with input as wf
-}
-# ── deny: bun run lint-docker ──────────────────────────────────────────
-test_deny_missing_lint_docker_run if {
-	wf := json.patch(valid_wf, [{
-		"op": "replace",
-		"path": "/jobs/lint-docker/steps/3/run",
-		"value": "echo noop",
-	}])
-	count(lint_docker_yml.deny) > 0 with input as wf
-}
-test_deny_no_run_steps_at_all if {
-	wf := json.patch(valid_wf, [{"op": "replace", "path": "/jobs/lint-docker/steps", "value": []}])
-	count(lint_docker_yml.deny) > 0 with input as wf
-}

package/rules/docker/policy/package_json/package_json_test.rego DELETED Viewed

@@ -1,42 +0,0 @@
-# Тести для `docker.package_json`. Запуск:
-#   conftest verify -p npm/policy/docker/package_json
-package docker.package_json_test
-import rego.v1
-import data.docker.package_json
-canonical_lint_docker := "bun ./npm/scripts/run-docker.mjs"
-# ── happy path ────────────────────────────────────────────────────────────
-test_allow_canonical if {
-	pkg := {"scripts": {"lint-docker": canonical_lint_docker}}
-	count(package_json.deny) == 0 with input as pkg
-}
-test_allow_lint_docker_absent if {
-	# rego не вимагає наявність — cross-file умовно вимагає `check-bun.mjs`.
-	count(package_json.deny) == 0 with input as {"scripts": {}}
-}
-test_allow_no_scripts_at_all if {
-	count(package_json.deny) == 0 with input as {"name": "x"}
-}
-test_allow_with_extra_whitespace if {
-	pkg := {"scripts": {"lint-docker": concat("", [" ", canonical_lint_docker, "  "])}}
-	count(package_json.deny) == 0 with input as pkg
-}
-# ── deny ──────────────────────────────────────────────────────────────────
-test_deny_lint_docker_wrong_value if {
-	pkg := {"scripts": {"lint-docker": "hadolint Dockerfile"}}
-	count(package_json.deny) > 0 with input as pkg
-}
-test_deny_lint_docker_old_npx_form if {
-	pkg := {"scripts": {"lint-docker": "npx hadolint ."}}
-	count(package_json.deny) > 0 with input as pkg
-}

package/rules/graphql/policy/vscode_extensions/vscode_extensions_test.rego DELETED Viewed

@@ -1,34 +0,0 @@
-# Тести для `graphql.vscode_extensions`. Запуск:
-#   conftest verify -p npm/policy/graphql/vscode_extensions
-package graphql.vscode_extensions_test
-import rego.v1
-import data.graphql.vscode_extensions
-test_allow_with_required_extension if {
-	cfg := {"recommendations": ["graphql.vscode-graphql"]}
-	count(vscode_extensions.deny) == 0 with input as cfg
-}
-test_allow_with_additional_extensions if {
-	cfg := {"recommendations": [
-		"dbaeumer.vscode-eslint",
-		"graphql.vscode-graphql",
-		"oxc.oxc-vscode",
-	]}
-	count(vscode_extensions.deny) == 0 with input as cfg
-}
-test_deny_missing_extension if {
-	cfg := {"recommendations": ["dbaeumer.vscode-eslint"]}
-	count(vscode_extensions.deny) > 0 with input as cfg
-}
-test_deny_empty_recommendations if {
-	count(vscode_extensions.deny) > 0 with input as {"recommendations": []}
-}
-test_deny_no_recommendations_field if {
-	count(vscode_extensions.deny) > 0 with input as {}
-}

package/rules/image-avif/policy/package_json/package_json_test.rego DELETED Viewed

@@ -1,69 +0,0 @@
-# Тести для `image_avif.package_json`. Запуск:
-#   conftest verify -p npm/policy/image_avif/package_json
-package image_avif.package_json_test
-import rego.v1
-import data.image_avif.package_json
-# ── happy path ────────────────────────────────────────────────────────────
-test_allow_no_field if {
-	count(package_json.deny) == 0 with input as {"name": "x"}
-}
-test_allow_canonical_opt_out if {
-	pkg := {"name": "x", "@nitra/minify-image": {"disable-avif": true}}
-	count(package_json.deny) == 0 with input as pkg
-}
-test_allow_disable_avif_false if {
-	pkg := {"name": "x", "@nitra/minify-image": {"disable-avif": false}}
-	count(package_json.deny) == 0 with input as pkg
-}
-test_allow_empty_config if {
-	pkg := {"name": "x", "@nitra/minify-image": {}}
-	count(package_json.deny) == 0 with input as pkg
-}
-test_allow_other_keys_inside if {
-	pkg := {"name": "x", "@nitra/minify-image": {"disable-avif": true, "future-flag": "y"}}
-	count(package_json.deny) == 0 with input as pkg
-}
-# ── deny: тип поля ───────────────────────────────────────────────────────
-test_deny_field_is_string if {
-	pkg := {"name": "x", "@nitra/minify-image": "disable-avif"}
-	count(package_json.deny) > 0 with input as pkg
-}
-test_deny_field_is_array if {
-	pkg := {"name": "x", "@nitra/minify-image": ["disable-avif"]}
-	count(package_json.deny) > 0 with input as pkg
-}
-test_deny_field_is_boolean if {
-	pkg := {"name": "x", "@nitra/minify-image": true}
-	count(package_json.deny) > 0 with input as pkg
-}
-# ── deny: тип disable-avif ──────────────────────────────────────────────
-test_deny_disable_avif_string if {
-	pkg := {"name": "x", "@nitra/minify-image": {"disable-avif": "yes"}}
-	count(package_json.deny) > 0 with input as pkg
-}
-test_deny_disable_avif_number if {
-	pkg := {"name": "x", "@nitra/minify-image": {"disable-avif": 1}}
-	count(package_json.deny) > 0 with input as pkg
-}
-# ── deny: typo disabled-avif ────────────────────────────────────────────
-test_deny_typo_disabled_avif if {
-	pkg := {"name": "x", "@nitra/minify-image": {"disabled-avif": true}}
-	count(package_json.deny) > 0 with input as pkg
-}

package/rules/js-lint/policy/package_json/package_json_test.rego DELETED Viewed

@@ -1,130 +0,0 @@
-# Тести для `js_lint.package_json`. Запуск:
-#   conftest verify -p npm/policy/js_lint/package_json
-package js_lint.package_json_test
-import rego.v1
-import data.js_lint.package_json
-canonical_lint_js := "bunx oxlint --fix && bunx eslint --fix . && bunx jscpd . && bunx knip --no-config-hints"
-valid_pkg := {
-	"type": "module",
-	"scripts": {"lint-js": canonical_lint_js},
-	"engines": {"node": ">=24", "bun": ">=1.3"},
-	"devDependencies": {"@nitra/eslint-config": "^3.9.2"},
-}
-# ── happy path ────────────────────────────────────────────────────────────
-test_allow_canonical if {
-	count(package_json.deny) == 0 with input as valid_pkg
-}
-test_allow_workspace_eslint_config if {
-	pkg := json.patch(
-		valid_pkg,
-		[{"op": "replace", "path": "/devDependencies/@nitra~1eslint-config", "value": "workspace:*"}],
-	)
-	count(package_json.deny) == 0 with input as pkg
-}
-# ── lint-js ───────────────────────────────────────────────────────────────
-test_deny_missing_lint_js if {
-	pkg := json.patch(valid_pkg, [{"op": "remove", "path": "/scripts/lint-js"}])
-	count(package_json.deny) > 0 with input as pkg
-}
-test_deny_lint_js_without_knip if {
-	pkg := json.patch(
-		valid_pkg,
-		[{"op": "replace", "path": "/scripts/lint-js", "value": "bunx oxlint --fix && bunx eslint --fix . && bunx jscpd ."}],
-	)
-	count(package_json.deny) > 0 with input as pkg
-}
-test_deny_lint_js_without_no_config_hints if {
-	without_flag := "bunx oxlint --fix && bunx eslint --fix . && bunx jscpd . && bunx knip"
-	pkg := json.patch(valid_pkg, [{"op": "replace", "path": "/scripts/lint-js", "value": without_flag}])
-	count(package_json.deny) > 0 with input as pkg
-}
-test_deny_lint_js_wrong_order if {
-	wrong_order := "bunx eslint --fix . && bunx oxlint --fix && bunx jscpd . && bunx knip --no-config-hints"
-	pkg := json.patch(valid_pkg, [{"op": "replace", "path": "/scripts/lint-js", "value": wrong_order}])
-	count(package_json.deny) > 0 with input as pkg
-}
-test_allow_lint_js_with_extra_whitespace if {
-	pkg := json.patch(
-		valid_pkg,
-		[{"op": "replace", "path": "/scripts/lint-js", "value": concat("  ", ["", canonical_lint_js, ""])}],
-	)
-	count(package_json.deny) == 0 with input as pkg
-}
-# ── type: module ──────────────────────────────────────────────────────────
-test_deny_type_not_module if {
-	pkg := json.patch(valid_pkg, [{"op": "replace", "path": "/type", "value": "commonjs"}])
-	count(package_json.deny) > 0 with input as pkg
-}
-test_deny_type_missing if {
-	pkg := json.patch(valid_pkg, [{"op": "remove", "path": "/type"}])
-	count(package_json.deny) > 0 with input as pkg
-}
-# ── engines ──────────────────────────────────────────────────────────────
-test_deny_node_below_24 if {
-	pkg := json.patch(valid_pkg, [{"op": "replace", "path": "/engines/node", "value": ">=22"}])
-	count(package_json.deny) > 0 with input as pkg
-}
-test_allow_node_above_24 if {
-	pkg := json.patch(valid_pkg, [{"op": "replace", "path": "/engines/node", "value": ">=25"}])
-	count(package_json.deny) == 0 with input as pkg
-}
-test_deny_bun_below_1_3 if {
-	pkg := json.patch(valid_pkg, [{"op": "replace", "path": "/engines/bun", "value": ">=1.2"}])
-	count(package_json.deny) > 0 with input as pkg
-}
-test_allow_bun_2_x if {
-	pkg := json.patch(valid_pkg, [{"op": "replace", "path": "/engines/bun", "value": "^2.0.0"}])
-	count(package_json.deny) == 0 with input as pkg
-}
-# ── @nitra/eslint-config ─────────────────────────────────────────────────
-test_deny_eslint_config_below_3_9_2 if {
-	cases := [
-		"^3.9.1",
-		"^3.8.0",
-		"^3.6.12",
-		"^3.4.3",
-	]
-	some bad in cases
-	pkg := json.patch(valid_pkg, [{"op": "replace", "path": "/devDependencies/@nitra~1eslint-config", "value": bad}])
-	count(package_json.deny) > 0 with input as pkg
-}
-test_allow_eslint_config_above_3_9_2 if {
-	cases := [
-		"^3.9.2",
-		"^3.9.10",
-		"^3.10.0",
-		"^4.0.0",
-	]
-	some good in cases
-	pkg := json.patch(valid_pkg, [{"op": "replace", "path": "/devDependencies/@nitra~1eslint-config", "value": good}])
-	count(package_json.deny) == 0 with input as pkg
-}
-test_deny_missing_eslint_config if {
-	pkg := json.patch(valid_pkg, [{"op": "remove", "path": "/devDependencies/@nitra~1eslint-config"}])
-	count(package_json.deny) > 0 with input as pkg
-}

package/rules/js-run/policy/jsconfig/jsconfig_test.rego DELETED Viewed

@@ -1,88 +0,0 @@
-# Тести для `js_run.jsconfig`. Запуск:
-#   conftest verify -p npm/policy/js_run/jsconfig
-package js_run.jsconfig_test
-import rego.v1
-import data.js_run.jsconfig
-valid_cfg := {
-	"compilerOptions": {
-		"lib": ["esnext"],
-		"module": "NodeNext",
-		"moduleResolution": "NodeNext",
-		"target": "esnext",
-		"checkJs": false,
-	},
-	"include": ["src/**/*"],
-}
-# ── happy path ────────────────────────────────────────────────────────────
-test_allow_canonical if {
-	count(jsconfig.deny) == 0 with input as valid_cfg
-}
-# ── compilerOptions.lib ───────────────────────────────────────────────────
-test_deny_lib_not_array if {
-	cfg := json.patch(valid_cfg, [{"op": "replace", "path": "/compilerOptions/lib", "value": "esnext"}])
-	count(jsconfig.deny) > 0 with input as cfg
-}
-test_deny_lib_wrong_value if {
-	cfg := json.patch(valid_cfg, [{"op": "replace", "path": "/compilerOptions/lib", "value": ["es2022"]}])
-	count(jsconfig.deny) > 0 with input as cfg
-}
-test_deny_lib_missing if {
-	cfg := json.patch(valid_cfg, [{"op": "remove", "path": "/compilerOptions/lib"}])
-	count(jsconfig.deny) > 0 with input as cfg
-}
-# ── compilerOptions.module / moduleResolution / target / checkJs ──────────
-test_deny_module_not_nodenext if {
-	cfg := json.patch(valid_cfg, [{"op": "replace", "path": "/compilerOptions/module", "value": "esnext"}])
-	count(jsconfig.deny) > 0 with input as cfg
-}
-test_deny_module_resolution_not_nodenext if {
-	cfg := json.patch(
-		valid_cfg,
-		[{"op": "replace", "path": "/compilerOptions/moduleResolution", "value": "node"}],
-	)
-	count(jsconfig.deny) > 0 with input as cfg
-}
-test_deny_target_not_esnext if {
-	cfg := json.patch(valid_cfg, [{"op": "replace", "path": "/compilerOptions/target", "value": "es2022"}])
-	count(jsconfig.deny) > 0 with input as cfg
-}
-test_deny_check_js_true if {
-	cfg := json.patch(valid_cfg, [{"op": "replace", "path": "/compilerOptions/checkJs", "value": true}])
-	count(jsconfig.deny) > 0 with input as cfg
-}
-test_deny_check_js_missing if {
-	cfg := json.patch(valid_cfg, [{"op": "remove", "path": "/compilerOptions/checkJs"}])
-	count(jsconfig.deny) > 0 with input as cfg
-}
-# ── include ──────────────────────────────────────────────────────────────
-test_deny_include_not_array if {
-	cfg := json.patch(valid_cfg, [{"op": "replace", "path": "/include", "value": "src/**/*"}])
-	count(jsconfig.deny) > 0 with input as cfg
-}
-test_deny_include_wrong_value if {
-	cfg := json.patch(valid_cfg, [{"op": "replace", "path": "/include", "value": ["lib/**/*"]}])
-	count(jsconfig.deny) > 0 with input as cfg
-}
-test_deny_include_missing if {
-	cfg := json.patch(valid_cfg, [{"op": "remove", "path": "/include"}])
-	count(jsconfig.deny) > 0 with input as cfg
-}

package/rules/k8s/policy/base_kustomization/base_kustomization_test.rego DELETED Viewed

@@ -1,73 +0,0 @@
-# Тести для `k8s.base_kustomization`. Запуск:
-#   conftest verify -p npm/policy/k8s/base_kustomization --namespace k8s.base_kustomization
-package k8s.base_kustomization_test
-import rego.v1
-import data.k8s.base_kustomization
-base_kust := {
-	"apiVersion": "kustomize.config.k8s.io/v1beta1",
-	"kind": "Kustomization",
-}
-test_deny_missing_namespace if {
-	count(base_kustomization.deny) > 0 with input as base_kust
-}
-test_deny_empty_namespace if {
-	count(base_kustomization.deny) > 0 with input as object.union(base_kust, {"namespace": ""})
-}
-test_deny_whitespace_namespace if {
-	count(base_kustomization.deny) > 0 with input as object.union(base_kust, {"namespace": "   "})
-}
-test_allow_with_namespace if {
-	count(base_kustomization.deny) == 0 with input as object.union(base_kust, {"namespace": "dev"})
-}
-test_allow_non_kustomization if {
-	count(base_kustomization.deny) == 0 with input as {
-		"apiVersion": "v1",
-		"kind": "ConfigMap",
-		"metadata": {"name": "cm"},
-	}
-}
-base_kust_ok := object.union(base_kust, {"namespace": "dev"})
-test_deny_hpa_yaml_in_resources if {
-	count(base_kustomization.deny) > 0 with input as object.union(
-		base_kust_ok,
-		{"resources": ["deployment.yaml", "hpa.yaml"]},
-	)
-}
-test_deny_pdb_yaml_in_resources if {
-	count(base_kustomization.deny) > 0 with input as object.union(
-		base_kust_ok,
-		{"resources": ["pdb.yaml"]},
-	)
-}
-test_deny_hpa_yml_in_subdir if {
-	count(base_kustomization.deny) > 0 with input as object.union(
-		base_kust_ok,
-		{"resources": ["nested/dir/hpa.yml"]},
-	)
-}
-test_allow_resources_without_hpa_pdb if {
-	count(base_kustomization.deny) == 0 with input as object.union(
-		base_kust_ok,
-		{"resources": ["deployment.yaml", "service.yaml", "configmap.yaml"]},
-	)
-}
-test_allow_lookalike_basename if {
-	count(base_kustomization.deny) == 0 with input as object.union(
-		base_kust_ok,
-		{"resources": ["myhpa.yaml", "pdb-extra.yaml"]},
-	)
-}

package/rules/k8s/policy/base_manifest/base_manifest_test.rego DELETED Viewed

@@ -1,94 +0,0 @@
-# Тести для `k8s.base_manifest`. Запуск:
-#   conftest verify -p npm/policy/k8s/base_manifest --namespace k8s.base_manifest
-package k8s.base_manifest_test
-import rego.v1
-import data.k8s.base_manifest
-# ── metadata.namespace required ─────────────────────────────────────────
-test_deny_namespaced_kind_without_metadata if {
-	count(base_manifest.deny) > 0 with input as {
-		"apiVersion": "v1",
-		"kind": "ConfigMap",
-	}
-}
-test_deny_namespaced_kind_empty_namespace if {
-	count(base_manifest.deny) > 0 with input as {
-		"apiVersion": "v1",
-		"kind": "ConfigMap",
-		"metadata": {"name": "cm", "namespace": ""},
-	}
-}
-test_allow_cluster_scoped_kind_without_namespace if {
-	count(base_manifest.deny) == 0 with input as {
-		"apiVersion": "v1",
-		"kind": "Namespace",
-		"metadata": {"name": "dev"},
-	}
-}
-test_allow_namespaced_kind_with_namespace if {
-	count(base_manifest.deny) == 0 with input as {
-		"apiVersion": "v1",
-		"kind": "ConfigMap",
-		"metadata": {"name": "cm", "namespace": "dev"},
-	}
-}
-# ── base canon resources ─────────────────────────────────────────────────
-test_deny_deployment_cpu_not_base_canon if {
-	count(base_manifest.deny) > 0 with input as {
-		"apiVersion": "apps/v1",
-		"kind": "Deployment",
-		"metadata": {"name": "api", "namespace": "dev"},
-		"spec": {"template": {"spec": {"containers": [{
-			"name": "main",
-			"image": "x",
-			"resources": {"requests": {"cpu": "100m", "memory": "128Mi"}},
-		}]}}},
-	}
-}
-test_deny_deployment_memory_not_base_canon if {
-	count(base_manifest.deny) > 0 with input as {
-		"apiVersion": "apps/v1",
-		"kind": "Deployment",
-		"metadata": {"name": "api", "namespace": "dev"},
-		"spec": {"template": {"spec": {"containers": [{
-			"name": "main",
-			"image": "x",
-			"resources": {"requests": {"cpu": "0.02", "memory": "256Mi"}},
-		}]}}},
-	}
-}
-test_allow_deployment_with_base_canon_string if {
-	count(base_manifest.deny) == 0 with input as {
-		"apiVersion": "apps/v1",
-		"kind": "Deployment",
-		"metadata": {"name": "api", "namespace": "dev"},
-		"spec": {"template": {"spec": {"containers": [{
-			"name": "main",
-			"image": "x",
-			"resources": {"requests": {"cpu": "0.02", "memory": "128Mi"}},
-		}]}}},
-	}
-}
-test_allow_deployment_with_base_canon_number_cpu if {
-	count(base_manifest.deny) == 0 with input as {
-		"apiVersion": "apps/v1",
-		"kind": "Deployment",
-		"metadata": {"name": "api", "namespace": "dev"},
-		"spec": {"template": {"spec": {"containers": [{
-			"name": "main",
-			"image": "x",
-			"resources": {"requests": {"cpu": 0.02, "memory": "128mi"}},
-		}]}}},
-	}
-}