@opencodereview/core 1.9.1

package/dist/detectors/logic-gap.js

@@ -0,0 +1,284 @@
+/**
+ * Logic Gap Detector (V3)
+ *
+ * Detects AI-generated code logic discontinuities:
+ * 1. Empty catch blocks (swallowed errors)
+ * 2. Unreachable code after return/throw
+ * 3. Missing else branches in critical conditions
+ * 4. Unused variables that suggest incomplete logic
+ * 5. TODO/FIXME markers left by AI (incomplete implementation)
+ * 6. Functions that declare parameters but never use them
+ *
+ * Implements the unified Detector interface.
+ *
+ * @since 0.2.0 (original)
+ * @since 0.3.0 (V3 unified interface)
+ */
+import { AIDefectCategory } from '../types.js';
+// ─── Internal Detection Functions ───
+function detectEmptyCatch(lines, filePath) {
+    const issues = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i].trim();
+        if (/catch\s*(\([^)]*\))?\s*\{/.test(line)) {
+            let j = i + 1;
+            let blockContent = '';
+            let braceDepth = 0;
+            let foundOpen = false;
+            for (const ch of line) {
+                if (ch === '{') {
+                    braceDepth++;
+                    foundOpen = true;
+                }
+                if (ch === '}')
+                    braceDepth--;
+            }
+            if (foundOpen && braceDepth === 0) {
+                const afterCatch = line.replace(/catch\s*(\([^)]*\))?\s*\{/, '').replace('}', '').trim();
+                if (!afterCatch) {
+                    issues.push({
+                        type: 'empty-catch',
+                        severity: 'warning',
+                        file: filePath,
+                        line: i + 1,
+                        message: 'Empty catch block — errors are silently swallowed',
+                        suggestion: 'Log the error or handle it explicitly. AI-generated code often leaves empty catch blocks.',
+                    });
+                    continue;
+                }
+            }
+            if (braceDepth > 0) {
+                while (j < lines.length && braceDepth > 0) {
+                    for (const ch of lines[j]) {
+                        if (ch === '{')
+                            braceDepth++;
+                        if (ch === '}')
+                            braceDepth--;
+                    }
+                    blockContent += lines[j].trim();
+                    j++;
+                }
+                blockContent = blockContent.replace(/}$/, '').trim();
+                if (!blockContent || blockContent === '// TODO' || blockContent === '// ignore') {
+                    issues.push({
+                        type: 'empty-catch',
+                        severity: 'warning',
+                        file: filePath,
+                        line: i + 1,
+                        message: 'Empty or trivial catch block — errors are silently swallowed',
+                        suggestion: 'Log the error or handle it explicitly.',
+                    });
+                }
+            }
+        }
+    }
+    return issues;
+}
+function detectIncompleteImpl(lines, filePath) {
+    const issues = [];
+    const markers = [
+        { pattern: /\/\/\s*TODO/i, label: 'TODO' },
+        { pattern: /\/\/\s*FIXME/i, label: 'FIXME' },
+        { pattern: /\/\/\s*HACK/i, label: 'HACK' },
+        { pattern: /\/\/\s*XXX/i, label: 'XXX' },
+        { pattern: /throw\s+new\s+Error\s*\(\s*['"]not\s+implemented['"]/i, label: 'Not implemented' },
+        { pattern: /throw\s+new\s+Error\s*\(\s*['"]todo['"]/i, label: 'TODO throw' },
+        { pattern: /\/\/\s*\.\.\./i, label: 'Ellipsis comment' },
+    ];
+    for (let i = 0; i < lines.length; i++) {
+        for (const marker of markers) {
+            if (marker.pattern.test(lines[i])) {
+                issues.push({
+                    type: 'incomplete-implementation',
+                    severity: 'warning',
+                    file: filePath,
+                    line: i + 1,
+                    message: `Incomplete implementation marker found: ${marker.label}`,
+                    suggestion: 'AI-generated code often leaves placeholder markers. Implement the missing logic.',
+                });
+                break;
+            }
+        }
+    }
+    return issues;
+}
+function detectUnreachableCode(lines, filePath) {
+    const issues = [];
+    for (let i = 0; i < lines.length - 1; i++) {
+        const line = lines[i].trim();
+        if (/^(return|throw)\s/.test(line) || /^(return|throw);?$/.test(line)) {
+            let j = i + 1;
+            while (j < lines.length) {
+                const next = lines[j].trim();
+                if (!next || next.startsWith('//') || next.startsWith('*')) {
+                    j++;
+                    continue;
+                }
+                if (next === '}' || next.startsWith('case ') || next.startsWith('default:'))
+                    break;
+                if (/^(function|class|export|const|let|var|interface|type|enum)/.test(next))
+                    break;
+                issues.push({
+                    type: 'unreachable-code',
+                    severity: 'warning',
+                    file: filePath,
+                    line: j + 1,
+                    message: 'Potentially unreachable code after return/throw statement',
+                    suggestion: 'This code will never execute. AI may have added logic after a return statement.',
+                });
+                break;
+            }
+        }
+    }
+    return issues;
+}
+function detectMissingErrorHandling(lines, filePath) {
+    const issues = [];
+    const source = lines.join('\n');
+    const asyncFuncPattern = /async\s+(?:function\s+)?(\w+)?\s*\([^)]*\)\s*(?::\s*[^{]+)?\s*\{/g;
+    let match;
+    while ((match = asyncFuncPattern.exec(source)) !== null) {
+        const startIdx = match.index;
+        const lineNum = source.substring(0, startIdx).split('\n').length;
+        let braceDepth = 0;
+        let hasTryCatch = false;
+        let searchStart = source.indexOf('{', startIdx);
+        if (searchStart === -1)
+            continue;
+        for (let k = searchStart; k < source.length; k++) {
+            if (source[k] === '{')
+                braceDepth++;
+            if (source[k] === '}') {
+                braceDepth--;
+                if (braceDepth === 0)
+                    break;
+            }
+            if (braceDepth === 1 && source.substring(k).startsWith('try')) {
+                hasTryCatch = true;
+                break;
+            }
+        }
+        const funcBody = source.substring(searchStart, source.indexOf('}', searchStart + 1) + 1);
+        if (funcBody.includes('.catch(') || funcBody.includes('.catch (')) {
+            hasTryCatch = true;
+        }
+        if (!hasTryCatch) {
+            const funcName = match[1] || 'anonymous';
+            if (funcBody.includes('await ')) {
+                issues.push({
+                    type: 'missing-error-handling',
+                    severity: 'warning',
+                    file: filePath,
+                    line: lineNum,
+                    message: `Async function '${funcName}' lacks try-catch error handling`,
+                    suggestion: 'Wrap async operations in try-catch blocks. AI often generates happy-path-only code.',
+                });
+            }
+        }
+    }
+    return issues;
+}
+// ─── Severity & Category Mapping ───
+function mapSeverity(type) {
+    switch (type) {
+        case 'empty-catch':
+        case 'missing-error-handling':
+            return 'medium';
+        case 'unreachable-code':
+        case 'dead-code':
+            return 'low';
+        case 'incomplete-implementation':
+            return 'medium';
+        case 'unused-variable':
+            return 'low';
+        case 'missing-return':
+            return 'medium';
+        default:
+            return 'low';
+    }
+}
+function mapCategory(type) {
+    switch (type) {
+        case 'empty-catch':
+        case 'missing-error-handling':
+            return AIDefectCategory.ERROR_HANDLING;
+        case 'incomplete-implementation':
+        case 'missing-return':
+            return AIDefectCategory.INCOMPLETE_IMPL;
+        case 'unreachable-code':
+        case 'dead-code':
+        case 'unused-variable':
+            return AIDefectCategory.CONTEXT_LOSS;
+        default:
+            return AIDefectCategory.INCOMPLETE_IMPL;
+    }
+}
+function toUnifiedIssue(issue, index) {
+    return {
+        id: `logic-gap:${index}`,
+        detector: 'logic-gap',
+        category: mapCategory(issue.type),
+        severity: mapSeverity(issue.type),
+        message: issue.message,
+        file: issue.file,
+        line: issue.line,
+        fix: issue.suggestion ? {
+            description: issue.suggestion,
+            autoFixable: false,
+        } : undefined,
+    };
+}
+// ─── Main Detector ───
+/**
+ * LogicGapDetector — detects AI-generated code logic gaps.
+ *
+ * V3: Implements the unified Detector interface.
+ * V2 (deprecated): Old analyze() signature still works.
+ */
+export class LogicGapDetector {
+    name = 'logic-gap';
+    version = '2.0.0';
+    tier = 1;
+    // ─── V3 Unified Interface ───
+    /**
+     * V3 unified detect method.
+     */
+    async detect(files) {
+        const allIssues = [];
+        let globalIndex = 0;
+        for (const file of files) {
+            const result = this.analyze(file.path, file.content);
+            for (const issue of result.issues) {
+                allIssues.push(toUnifiedIssue(issue, globalIndex++));
+            }
+        }
+        return allIssues;
+    }
+    // ─── V2 Legacy Interface (Deprecated) ───
+    /**
+     * Analyze a single file for logic gap issues.
+     * @deprecated Use detect(files) instead. Will be removed in v0.4.0.
+     */
+    analyze(filePath, source) {
+        const lines = source.split('\n');
+        const rawIssues = [
+            ...detectEmptyCatch(lines, filePath),
+            ...detectIncompleteImpl(lines, filePath),
+            ...detectUnreachableCode(lines, filePath),
+            ...detectMissingErrorHandling(lines, filePath),
+        ];
+        const issues = rawIssues.filter(issue => {
+            if (issue.line <= 0)
+                return true;
+            const prevLine = lines[issue.line - 2] || '';
+            return !prevLine.includes('// ai-validator-ignore') && !prevLine.includes('// ai-validator-disable');
+        });
+        const errorCount = issues.filter(i => i.severity === 'error').length;
+        const warningCount = issues.filter(i => i.severity === 'warning').length;
+        const deductions = (errorCount * 15) + (warningCount * 5);
+        const score = Math.max(0, 100 - deductions);
+        return { file: filePath, issues, score };
+    }
+}
+export default LogicGapDetector;
+//# sourceMappingURL=logic-gap.js.map

package/dist/detectors/logic-gap.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logic-gap.js","sourceRoot":"","sources":["../../src/detectors/logic-gap.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAgC/C,uCAAuC;AAEvC,SAAS,gBAAgB,CAAC,KAAe,EAAE,QAAgB;IACzD,MAAM,MAAM,GAAoB,EAAE,CAAC;IAEnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAE7B,IAAI,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3C,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACd,IAAI,YAAY,GAAG,EAAE,CAAC;YACtB,IAAI,UAAU,GAAG,CAAC,CAAC;YACnB,IAAI,SAAS,GAAG,KAAK,CAAC;YAEtB,KAAK,MAAM,EAAE,IAAI,IAAI,EAAE,CAAC;gBACtB,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;oBAAC,UAAU,EAAE,CAAC;oBAAC,SAAS,GAAG,IAAI,CAAC;gBAAC,CAAC;gBACnD,IAAI,EAAE,KAAK,GAAG;oBAAE,UAAU,EAAE,CAAC;YAC/B,CAAC;YAED,IAAI,SAAS,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;gBAClC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACzF,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,aAAa;wBACnB,QAAQ,EAAE,SAAS;wBACnB,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,GAAG,CAAC;wBACX,OAAO,EAAE,mDAAmD;wBAC5D,UAAU,EAAE,2FAA2F;qBACxG,CAAC,CAAC;oBACH,SAAS;gBACX,CAAC;YACH,CAAC;YAED,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;gBACnB,OAAO,CAAC,GAAG,KAAK,CAAC,MAAM,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;oBAC1C,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;wBAC1B,IAAI,EAAE,KAAK,GAAG;4BAAE,UAAU,EAAE,CAAC;wBAC7B,IAAI,EAAE,KAAK,GAAG;4BAAE,UAAU,EAAE,CAAC;oBAC/B,CAAC;oBACD,YAAY,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBAChC,CAAC,EAAE,CAAC;gBACN,CAAC;gBACD,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACrD,IAAI,CAAC,YAAY,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,WAAW,EAAE,CAAC;oBAChF,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,aAAa;wBACnB,QAAQ,EAAE,SAAS;wBACnB,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,GAAG,CAAC;wBACX,OAAO,EAAE,8DAA8D;wBACvE,UAAU,EAAE,wCAAwC;qBACrD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAe,EAAE,QAAgB;IAC7D,MAAM,MAAM,GAAoB,EAAE,CAAC;IACnC,MAAM,OAAO,GAAG;QACd,EAAE,OAAO,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,EAAE;QAC1C,EAAE,OAAO,EAAE,eAAe,EAAE,KAAK,EAAE,OAAO,EAAE;QAC5C,EAAE,OAAO,EAAE,cAAc,EAAE,KAAK,EAAE,MAAM,EAAE;QAC1C,EAAE,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,KAAK,EAAE;QACxC,EAAE,OAAO,EAAE,uDAAuD,EAAE,KAAK,EAAE,iBAAiB,EAAE;QAC9F,EAAE,OAAO,EAAE,0CAA0C,EAAE,KAAK,EAAE,YAAY,EAAE;QAC5E,EAAE,OAAO,EAAE,gBAAgB,EAAE,KAAK,EAAE,kBAAkB,EAAE;KACzD,CAAC;IAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClC,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,2BAA2B;oBACjC,QAAQ,EAAE,SAAS;oBACnB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,2CAA2C,MAAM,CAAC,KAAK,EAAE;oBAClE,UAAU,EAAE,kFAAkF;iBAC/F,CAAC,CAAC;gBACH,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAe,EAAE,QAAgB;IAC9D,MAAM,MAAM,GAAoB,EAAE,CAAC;IAEnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC1C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAE7B,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtE,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACd,OAAO,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;gBACxB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC7B,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBAAC,CAAC,EAAE,CAAC;oBAAC,SAAS;gBAAC,CAAC;gBAC9E,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;oBAAE,MAAM;gBACnF,IAAI,4DAA4D,CAAC,IAAI,CAAC,IAAI,CAAC;oBAAE,MAAM;gBACnF,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,kBAAkB;oBACxB,QAAQ,EAAE,SAAS;oBACnB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,2DAA2D;oBACpE,UAAU,EAAE,iFAAiF;iBAC9F,CAAC,CAAC;gBACH,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,0BAA0B,CAAC,KAAe,EAAE,QAAgB;IACnE,MAAM,MAAM,GAAoB,EAAE,CAAC;IACnC,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEhC,MAAM,gBAAgB,GAAG,mEAAmE,CAAC;IAC7F,IAAI,KAA6B,CAAC;IAElC,OAAO,CAAC,KAAK,GAAG,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACxD,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC;QAC7B,MAAM,OAAO,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;QAEjE,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,IAAI,WAAW,GAAG,KAAK,CAAC;QACxB,IAAI,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAEhD,IAAI,WAAW,KAAK,CAAC,CAAC;YAAE,SAAS;QAEjC,KAAK,IAAI,CAAC,GAAG,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACjD,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG;gBAAE,UAAU,EAAE,CAAC;YACpC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;gBACtB,UAAU,EAAE,CAAC;gBACb,IAAI,UAAU,KAAK,CAAC;oBAAE,MAAM;YAC9B,CAAC;YACD,IAAI,UAAU,KAAK,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9D,WAAW,GAAG,IAAI,CAAC;gBACnB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACzF,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAClE,WAAW,GAAG,IAAI,CAAC;QACrB,CAAC;QAED,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC;YACzC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAChC,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,wBAAwB;oBAC9B,QAAQ,EAAE,SAAS;oBACnB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,mBAAmB,QAAQ,kCAAkC;oBACtE,UAAU,EAAE,qFAAqF;iBAClG,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,sCAAsC;AAEtC,SAAS,WAAW,CAAC,IAA2B;IAC9C,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,aAAa,CAAC;QACnB,KAAK,wBAAwB;YAC3B,OAAO,QAAQ,CAAC;QAClB,KAAK,kBAAkB,CAAC;QACxB,KAAK,WAAW;YACd,OAAO,KAAK,CAAC;QACf,KAAK,2BAA2B;YAC9B,OAAO,QAAQ,CAAC;QAClB,KAAK,iBAAiB;YACpB,OAAO,KAAK,CAAC;QACf,KAAK,gBAAgB;YACnB,OAAO,QAAQ,CAAC;QAClB;YACE,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,IAA2B;IAC9C,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,aAAa,CAAC;QACnB,KAAK,wBAAwB;YAC3B,OAAO,gBAAgB,CAAC,cAAc,CAAC;QACzC,KAAK,2BAA2B,CAAC;QACjC,KAAK,gBAAgB;YACnB,OAAO,gBAAgB,CAAC,eAAe,CAAC;QAC1C,KAAK,kBAAkB,CAAC;QACxB,KAAK,WAAW,CAAC;QACjB,KAAK,iBAAiB;YACpB,OAAO,gBAAgB,CAAC,YAAY,CAAC;QACvC;YACE,OAAO,gBAAgB,CAAC,eAAe,CAAC;IAC5C,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,KAAoB,EAAE,KAAa;IACzD,OAAO;QACL,EAAE,EAAE,aAAa,KAAK,EAAE;QACxB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC;QACjC,QAAQ,EAAE,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC;QACjC,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,GAAG,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC;YACtB,WAAW,EAAE,KAAK,CAAC,UAAU;YAC7B,WAAW,EAAE,KAAK;SACnB,CAAC,CAAC,CAAC,SAAS;KACd,CAAC;AACJ,CAAC;AAED,wBAAwB;AAExB;;;;;GAKG;AACH,MAAM,OAAO,gBAAgB;IAClB,IAAI,GAAG,WAAW,CAAC;IACnB,OAAO,GAAG,OAAO,CAAC;IAClB,IAAI,GAAG,CAAU,CAAC;IAE3B,+BAA+B;IAE/B;;OAEG;IACH,KAAK,CAAC,MAAM,CAAC,KAAqB;QAChC,MAAM,SAAS,GAAmB,EAAE,CAAC;QACrC,IAAI,WAAW,GAAG,CAAC,CAAC;QAEpB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YACrD,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;gBAClC,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,2CAA2C;IAE3C;;;OAGG;IACH,OAAO,CAAC,QAAgB,EAAE,MAAc;QACtC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACjC,MAAM,SAAS,GAAoB;YACjC,GAAG,gBAAgB,CAAC,KAAK,EAAE,QAAQ,CAAC;YACpC,GAAG,oBAAoB,CAAC,KAAK,EAAE,QAAQ,CAAC;YACxC,GAAG,qBAAqB,CAAC,KAAK,EAAE,QAAQ,CAAC;YACzC,GAAG,0BAA0B,CAAC,KAAK,EAAE,QAAQ,CAAC;SAC/C,CAAC;QAEF,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE;YACtC,IAAI,KAAK,CAAC,IAAI,IAAI,CAAC;gBAAE,OAAO,IAAI,CAAC;YACjC,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YAC7C,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,wBAAwB,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC;QACvG,CAAC,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM,CAAC;QACrE,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;QACzE,MAAM,UAAU,GAAG,CAAC,UAAU,GAAG,EAAE,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,CAAC,CAAC;QAC1D,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,UAAU,CAAC,CAAC;QAE5C,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC3C,CAAC;CACF;AAED,eAAe,gBAAgB,CAAC"}

package/dist/detectors/over-engineering.d.ts

@@ -0,0 +1,44 @@
+/**
+ * Over-Engineering Detector (V3)
+ *
+ * Detects overly complex code patterns commonly generated by AI models.
+ * AI tends to produce unnecessarily complex solutions with:
+ * - High cyclomatic complexity
+ * - Excessively long functions
+ * - Deep nesting
+ * - Too many function parameters
+ *
+ * Uses pure text/regex analysis (no AST required).
+ *
+ * Implements the unified Detector interface.
+ *
+ * @since 0.3.0
+ */
+import type { Detector, UnifiedIssue, FileAnalysis } from '../types.js';
+/** Extracted function metadata for over-engineering analysis. */
+export interface FunctionInfo {
+    name: string;
+    startLine: number;
+    endLine: number;
+    paramCount: number;
+    lines: string[];
+}
+/**
+ * OverEngineeringDetector — detects overly complex AI-generated code.
+ *
+ * Analyzes:
+ * - Cyclomatic complexity per function
+ * - Function length (line count)
+ * - Maximum nesting depth
+ * - Parameter count
+ */
+export declare class OverEngineeringDetector implements Detector {
+    readonly name = "over-engineering";
+    readonly version = "1.0.0";
+    readonly tier: 1;
+    detect(files: FileAnalysis[]): Promise<UnifiedIssue[]>;
+    private analyzeFile;
+    private makeIssue;
+}
+export default OverEngineeringDetector;
+//# sourceMappingURL=over-engineering.d.ts.map

package/dist/detectors/over-engineering.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"over-engineering.d.ts","sourceRoot":"","sources":["../../src/detectors/over-engineering.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAY,MAAM,aAAa,CAAC;AAKlF,iEAAiE;AACjE,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAwKD;;;;;;;;GAQG;AACH,qBAAa,uBAAwB,YAAW,QAAQ;IACtD,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,OAAO,WAAW;IAC3B,QAAQ,CAAC,IAAI,EAAG,CAAC,CAAU;IAIrB,MAAM,CAAC,KAAK,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAiB5D,OAAO,CAAC,WAAW;IAyEnB,OAAO,CAAC,SAAS;CA2BlB;AAED,eAAe,uBAAuB,CAAC"}

package/dist/detectors/over-engineering.js

@@ -0,0 +1,257 @@
+/**
+ * Over-Engineering Detector (V3)
+ *
+ * Detects overly complex code patterns commonly generated by AI models.
+ * AI tends to produce unnecessarily complex solutions with:
+ * - High cyclomatic complexity
+ * - Excessively long functions
+ * - Deep nesting
+ * - Too many function parameters
+ *
+ * Uses pure text/regex analysis (no AST required).
+ *
+ * Implements the unified Detector interface.
+ *
+ * @since 0.3.0
+ */
+import { AIDefectCategory } from '../types.js';
+// ─── Function Extraction ───
+/**
+ * Extract function boundaries from source code using brace matching.
+ * Handles: function declarations, arrow functions, methods.
+ */
+function extractFunctions(source) {
+    const functions = [];
+    const lines = source.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        // Match function/method declarations
+        const funcMatch = line.match(/(?:(?:export\s+)?(?:default\s+)?(?:async\s+)?function\s+(\w+)|(?:(?:public|private|protected|static|async|override|get|set)\s+)*(\w+)\s*\([^)]*\)\s*(?::\s*[^{]+)?\s*\{|(?:const|let|var)\s+(\w+)\s*=\s*(?:async\s*)?\([^)]*\)\s*(?::\s*[^{=]+)?\s*=>)/);
+        if (!funcMatch)
+            continue;
+        const name = funcMatch[1] || funcMatch[2] || funcMatch[3] || 'anonymous';
+        // Skip destructuring assignments or simple variable declarations
+        if (/(?:const|let|var)\s*[\[{]/.test(line))
+            continue;
+        if (/(?:const|let|var)\s+\w+\s*=\s*(?:['"`\d\[{]|new\s|null|undefined|true|false)/.test(line) && !line.includes('=>'))
+            continue;
+        // Count parameters
+        const paramMatch = line.match(/\(([^)]*)\)/);
+        let paramCount = 0;
+        if (paramMatch && paramMatch[1].trim()) {
+            paramCount = paramMatch[1].split(',').length;
+        }
+        // Find function body end using brace matching
+        let braceDepth = 0;
+        let started = false;
+        let endLine = i;
+        // For arrow functions without braces, it's a single expression
+        if (line.includes('=>') && !line.includes('{')) {
+            // Single-expression arrow function
+            endLine = i;
+            // Check if it spans multiple lines (parenthesized expression)
+            let parenDepth = 0;
+            for (let j = i; j < lines.length; j++) {
+                for (const ch of lines[j]) {
+                    if (ch === '(')
+                        parenDepth++;
+                    if (ch === ')')
+                        parenDepth--;
+                }
+                endLine = j;
+                if (parenDepth <= 0 && j > i)
+                    break;
+                if (j === i && !lines[j].includes('('))
+                    break;
+            }
+        }
+        else {
+            // Brace-delimited function body
+            for (let j = i; j < lines.length; j++) {
+                for (const ch of lines[j]) {
+                    if (ch === '{') {
+                        braceDepth++;
+                        started = true;
+                    }
+                    if (ch === '}')
+                        braceDepth--;
+                }
+                if (started && braceDepth === 0) {
+                    endLine = j;
+                    break;
+                }
+            }
+        }
+        if (endLine > i) {
+            functions.push({
+                name,
+                startLine: i + 1,
+                endLine: endLine + 1,
+                paramCount,
+                lines: lines.slice(i, endLine + 1),
+            });
+        }
+    }
+    return functions;
+}
+// ─── Complexity Metrics ───
+/**
+ * Compute cyclomatic complexity for a function body.
+ * CC = 1 + count of decision points.
+ */
+function computeCyclomaticComplexity(bodyLines) {
+    let cc = 1;
+    const body = bodyLines.join('\n');
+    // Count branching keywords
+    const patterns = [
+        /\bif\s*\(/g,
+        /\belse\s+if\s*\(/g,
+        /\bfor\s*\(/g,
+        /\bfor\s+(?:const|let|var)\s+\w+\s+(?:of|in)\b/g,
+        /\bwhile\s*\(/g,
+        /\bdo\s*\{/g,
+        /\bcase\s+[^:]+:/g,
+        /\bcatch\s*\(/g,
+        /\?\s*(?![:.])/g, // ternary operator (but not ?. or ?:)
+        /&&/g,
+        /\|\|/g,
+        /\?\?/g,
+    ];
+    for (const pattern of patterns) {
+        const matches = body.match(pattern);
+        if (matches) {
+            cc += matches.length;
+        }
+    }
+    // Subtract double-counted 'else if' (already counted by 'if')
+    const elseIfMatches = body.match(/\belse\s+if\s*\(/g);
+    if (elseIfMatches) {
+        cc -= elseIfMatches.length;
+    }
+    return cc;
+}
+/**
+ * Compute maximum nesting depth for a function body.
+ */
+function computeMaxNesting(bodyLines) {
+    let maxDepth = 0;
+    let currentDepth = 0;
+    // Start at -1 to account for the function's own opening brace
+    let functionBrace = true;
+    for (const line of bodyLines) {
+        const trimmed = line.trim();
+        // Skip comments
+        if (trimmed.startsWith('//') || trimmed.startsWith('*') || trimmed.startsWith('/*'))
+            continue;
+        for (const ch of line) {
+            if (ch === '{') {
+                if (functionBrace) {
+                    functionBrace = false;
+                    continue;
+                }
+                currentDepth++;
+                maxDepth = Math.max(maxDepth, currentDepth);
+            }
+            if (ch === '}') {
+                currentDepth = Math.max(0, currentDepth - 1);
+            }
+        }
+    }
+    return maxDepth;
+}
+// ─── Thresholds ───
+const THRESHOLDS = {
+    complexity: { medium: 15, high: 25 },
+    functionLength: { low: 80, medium: 150 },
+    nestingDepth: { medium: 4, high: 6 },
+    paramCount: { low: 5, medium: 8 },
+};
+// ─── Main Detector ───
+/**
+ * OverEngineeringDetector — detects overly complex AI-generated code.
+ *
+ * Analyzes:
+ * - Cyclomatic complexity per function
+ * - Function length (line count)
+ * - Maximum nesting depth
+ * - Parameter count
+ */
+export class OverEngineeringDetector {
+    name = 'over-engineering';
+    version = '1.0.0';
+    tier = 1;
+    // ─── V3 Unified Interface ───
+    async detect(files) {
+        const allIssues = [];
+        let globalIndex = 0;
+        for (const file of files) {
+            const issues = this.analyzeFile(file.path, file.content);
+            for (const issue of issues) {
+                issue.id = `over-engineering:${globalIndex++}`;
+                allIssues.push(issue);
+            }
+        }
+        return allIssues;
+    }
+    // ─── Internal Analysis ───
+    analyzeFile(filePath, source) {
+        const issues = [];
+        const functions = extractFunctions(source);
+        for (const fn of functions) {
+            const functionLength = fn.endLine - fn.startLine + 1;
+            // 1. Cyclomatic Complexity
+            const cc = computeCyclomaticComplexity(fn.lines);
+            if (cc > THRESHOLDS.complexity.high) {
+                issues.push(this.makeIssue(filePath, fn, 'high-complexity', 'high', `Function '${fn.name}' has cyclomatic complexity of ${cc} (threshold: ${THRESHOLDS.complexity.high})`, `Refactor into smaller functions. AI often generates monolithic functions with too many branches.`));
+            }
+            else if (cc > THRESHOLDS.complexity.medium) {
+                issues.push(this.makeIssue(filePath, fn, 'high-complexity', 'medium', `Function '${fn.name}' has cyclomatic complexity of ${cc} (threshold: ${THRESHOLDS.complexity.medium})`, `Consider breaking this function into smaller, more focused functions.`));
+            }
+            // 2. Function Length
+            if (functionLength > THRESHOLDS.functionLength.medium) {
+                issues.push(this.makeIssue(filePath, fn, 'long-function', 'medium', `Function '${fn.name}' is ${functionLength} lines long (threshold: ${THRESHOLDS.functionLength.medium})`, `Break into smaller functions. AI tends to generate long, monolithic functions.`));
+            }
+            else if (functionLength > THRESHOLDS.functionLength.low) {
+                issues.push(this.makeIssue(filePath, fn, 'long-function', 'low', `Function '${fn.name}' is ${functionLength} lines long (threshold: ${THRESHOLDS.functionLength.low})`, `Consider extracting some logic into helper functions.`));
+            }
+            // 3. Nesting Depth
+            const depth = computeMaxNesting(fn.lines);
+            if (depth > THRESHOLDS.nestingDepth.high) {
+                issues.push(this.makeIssue(filePath, fn, 'deep-nesting', 'high', `Function '${fn.name}' has nesting depth of ${depth} (threshold: ${THRESHOLDS.nestingDepth.high})`, `Use early returns, guard clauses, or extract nested blocks into separate functions.`));
+            }
+            else if (depth > THRESHOLDS.nestingDepth.medium) {
+                issues.push(this.makeIssue(filePath, fn, 'deep-nesting', 'medium', `Function '${fn.name}' has nesting depth of ${depth} (threshold: ${THRESHOLDS.nestingDepth.medium})`, `Consider using early returns or extracting deeply nested logic.`));
+            }
+            // 4. Parameter Count
+            if (fn.paramCount > THRESHOLDS.paramCount.medium) {
+                issues.push(this.makeIssue(filePath, fn, 'too-many-params', 'medium', `Function '${fn.name}' has ${fn.paramCount} parameters (threshold: ${THRESHOLDS.paramCount.medium})`, `Use an options object pattern: function ${fn.name}(options: Options) instead.`));
+            }
+            else if (fn.paramCount > THRESHOLDS.paramCount.low) {
+                issues.push(this.makeIssue(filePath, fn, 'too-many-params', 'low', `Function '${fn.name}' has ${fn.paramCount} parameters (threshold: ${THRESHOLDS.paramCount.low})`, `Consider using an options object to group related parameters.`));
+            }
+        }
+        return issues;
+    }
+    makeIssue(filePath, fn, type, severity, message, suggestion) {
+        return {
+            id: '', // set in detect()
+            detector: this.name,
+            type,
+            category: AIDefectCategory.OVER_ENGINEERING,
+            severity,
+            message,
+            file: filePath,
+            line: fn.startLine,
+            endLine: fn.endLine,
+            suggestion,
+            fix: {
+                description: suggestion,
+                autoFixable: false,
+            },
+            confidence: 0.85,
+            detectionSource: 'static',
+        };
+    }
+}
+export default OverEngineeringDetector;
+//# sourceMappingURL=over-engineering.js.map

package/dist/detectors/over-engineering.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"over-engineering.js","sourceRoot":"","sources":["../../src/detectors/over-engineering.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAGH,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAa/C,8BAA8B;AAE9B;;;GAGG;AACH,SAAS,gBAAgB,CAAC,MAAc;IACtC,MAAM,SAAS,GAAmB,EAAE,CAAC;IACrC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,qCAAqC;QACrC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAC1B,wPAAwP,CACzP,CAAC;QAEF,IAAI,CAAC,SAAS;YAAE,SAAS;QAEzB,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC;QAEzE,iEAAiE;QACjE,IAAI,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QACrD,IAAI,8EAA8E,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,SAAS;QAEhI,mBAAmB;QACnB,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;QAC7C,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,IAAI,UAAU,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YACvC,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;QAC/C,CAAC;QAED,8CAA8C;QAC9C,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,IAAI,OAAO,GAAG,CAAC,CAAC;QAEhB,+DAA+D;QAC/D,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,mCAAmC;YACnC,OAAO,GAAG,CAAC,CAAC;YACZ,8DAA8D;YAC9D,IAAI,UAAU,GAAG,CAAC,CAAC;YACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC1B,IAAI,EAAE,KAAK,GAAG;wBAAE,UAAU,EAAE,CAAC;oBAC7B,IAAI,EAAE,KAAK,GAAG;wBAAE,UAAU,EAAE,CAAC;gBAC/B,CAAC;gBACD,OAAO,GAAG,CAAC,CAAC;gBACZ,IAAI,UAAU,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;oBAAE,MAAM;gBACpC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;oBAAE,MAAM;YAChD,CAAC;QACH,CAAC;aAAM,CAAC;YACN,gCAAgC;YAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC1B,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;wBAAC,UAAU,EAAE,CAAC;wBAAC,OAAO,GAAG,IAAI,CAAC;oBAAC,CAAC;oBACjD,IAAI,EAAE,KAAK,GAAG;wBAAE,UAAU,EAAE,CAAC;gBAC/B,CAAC;gBACD,IAAI,OAAO,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;oBAChC,OAAO,GAAG,CAAC,CAAC;oBACZ,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;YAChB,SAAS,CAAC,IAAI,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,CAAC,GAAG,CAAC;gBAChB,OAAO,EAAE,OAAO,GAAG,CAAC;gBACpB,UAAU;gBACV,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,GAAG,CAAC,CAAC;aACnC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,6BAA6B;AAE7B;;;GAGG;AACH,SAAS,2BAA2B,CAAC,SAAmB;IACtD,IAAI,EAAE,GAAG,CAAC,CAAC;IACX,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAElC,2BAA2B;IAC3B,MAAM,QAAQ,GAAa;QACzB,YAAY;QACZ,mBAAmB;QACnB,aAAa;QACb,gDAAgD;QAChD,eAAe;QACf,YAAY;QACZ,kBAAkB;QAClB,eAAe;QACf,gBAAgB,EAAM,sCAAsC;QAC5D,KAAK;QACL,OAAO;QACP,OAAO;KACR,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACpC,IAAI,OAAO,EAAE,CAAC;YACZ,EAAE,IAAI,OAAO,CAAC,MAAM,CAAC;QACvB,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IACtD,IAAI,aAAa,EAAE,CAAC;QAClB,EAAE,IAAI,aAAa,CAAC,MAAM,CAAC;IAC7B,CAAC;IAED,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,SAAmB;IAC5C,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,8DAA8D;IAC9D,IAAI,aAAa,GAAG,IAAI,CAAC;IAEzB,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,gBAAgB;QAChB,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,SAAS;QAE9F,KAAK,MAAM,EAAE,IAAI,IAAI,EAAE,CAAC;YACtB,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;gBACf,IAAI,aAAa,EAAE,CAAC;oBAClB,aAAa,GAAG,KAAK,CAAC;oBACtB,SAAS;gBACX,CAAC;gBACD,YAAY,EAAE,CAAC;gBACf,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;YAC9C,CAAC;YACD,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;gBACf,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,YAAY,GAAG,CAAC,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,qBAAqB;AAErB,MAAM,UAAU,GAAG;IACjB,UAAU,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACpC,cAAc,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE;IACxC,YAAY,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;IACpC,UAAU,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE;CACzB,CAAC;AAEX,wBAAwB;AAExB;;;;;;;;GAQG;AACH,MAAM,OAAO,uBAAuB;IACzB,IAAI,GAAG,kBAAkB,CAAC;IAC1B,OAAO,GAAG,OAAO,CAAC;IAClB,IAAI,GAAG,CAAU,CAAC;IAE3B,+BAA+B;IAE/B,KAAK,CAAC,MAAM,CAAC,KAAqB;QAChC,MAAM,SAAS,GAAmB,EAAE,CAAC;QACrC,IAAI,WAAW,GAAG,CAAC,CAAC;QAEpB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;YACzD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;gBAC3B,KAAK,CAAC,EAAE,GAAG,oBAAoB,WAAW,EAAE,EAAE,CAAC;gBAC/C,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,4BAA4B;IAEpB,WAAW,CAAC,QAAgB,EAAE,MAAc;QAClD,MAAM,MAAM,GAAmB,EAAE,CAAC;QAClC,MAAM,SAAS,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAE3C,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;YAC3B,MAAM,cAAc,GAAG,EAAE,CAAC,OAAO,GAAG,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;YAErD,2BAA2B;YAC3B,MAAM,EAAE,GAAG,2BAA2B,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;YACjD,IAAI,EAAE,GAAG,UAAU,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CACxB,QAAQ,EAAE,EAAE,EAAE,iBAAiB,EAAE,MAAM,EACvC,aAAa,EAAE,CAAC,IAAI,kCAAkC,EAAE,gBAAgB,UAAU,CAAC,UAAU,CAAC,IAAI,GAAG,EACrG,kGAAkG,CACnG,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,EAAE,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;gBAC7C,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CACxB,QAAQ,EAAE,EAAE,EAAE,iBAAiB,EAAE,QAAQ,EACzC,aAAa,EAAE,CAAC,IAAI,kCAAkC,EAAE,gBAAgB,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,EACvG,uEAAuE,CACxE,CAAC,CAAC;YACL,CAAC;YAED,qBAAqB;YACrB,IAAI,cAAc,GAAG,UAAU,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;gBACtD,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CACxB,QAAQ,EAAE,EAAE,EAAE,eAAe,EAAE,QAAQ,EACvC,aAAa,EAAE,CAAC,IAAI,QAAQ,cAAc,2BAA2B,UAAU,CAAC,cAAc,CAAC,MAAM,GAAG,EACxG,gFAAgF,CACjF,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,cAAc,GAAG,UAAU,CAAC,cAAc,CAAC,GAAG,EAAE,CAAC;gBAC1D,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CACxB,QAAQ,EAAE,EAAE,EAAE,eAAe,EAAE,KAAK,EACpC,aAAa,EAAE,CAAC,IAAI,QAAQ,cAAc,2BAA2B,UAAU,CAAC,cAAc,CAAC,GAAG,GAAG,EACrG,uDAAuD,CACxD,CAAC,CAAC;YACL,CAAC;YAED,mBAAmB;YACnB,MAAM,KAAK,GAAG,iBAAiB,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC;YAC1C,IAAI,KAAK,GAAG,UAAU,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;gBACzC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CACxB,QAAQ,EAAE,EAAE,EAAE,cAAc,EAAE,MAAM,EACpC,aAAa,EAAE,CAAC,IAAI,0BAA0B,KAAK,gBAAgB,UAAU,CAAC,YAAY,CAAC,IAAI,GAAG,EAClG,qFAAqF,CACtF,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,KAAK,GAAG,UAAU,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;gBAClD,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CACxB,QAAQ,EAAE,EAAE,EAAE,cAAc,EAAE,QAAQ,EACtC,aAAa,EAAE,CAAC,IAAI,0BAA0B,KAAK,gBAAgB,UAAU,CAAC,YAAY,CAAC,MAAM,GAAG,EACpG,iEAAiE,CAClE,CAAC,CAAC;YACL,CAAC;YAED,qBAAqB;YACrB,IAAI,EAAE,CAAC,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;gBACjD,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CACxB,QAAQ,EAAE,EAAE,EAAE,iBAAiB,EAAE,QAAQ,EACzC,aAAa,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC,UAAU,2BAA2B,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,EACpG,2CAA2C,EAAE,CAAC,IAAI,6BAA6B,CAChF,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,EAAE,CAAC,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC;gBACrD,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CACxB,QAAQ,EAAE,EAAE,EAAE,iBAAiB,EAAE,KAAK,EACtC,aAAa,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC,UAAU,2BAA2B,UAAU,CAAC,UAAU,CAAC,GAAG,GAAG,EACjG,+DAA+D,CAChE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,SAAS,CACf,QAAgB,EAChB,EAAgB,EAChB,IAAY,EACZ,QAAkB,EAClB,OAAe,EACf,UAAkB;QAElB,OAAO;YACL,EAAE,EAAE,EAAE,EAAE,kBAAkB;YAC1B,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,IAAI;YACJ,QAAQ,EAAE,gBAAgB,CAAC,gBAAgB;YAC3C,QAAQ;YACR,OAAO;YACP,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,EAAE,CAAC,SAAS;YAClB,OAAO,EAAE,EAAE,CAAC,OAAO;YACnB,UAAU;YACV,GAAG,EAAE;gBACH,WAAW,EAAE,UAAU;gBACvB,WAAW,EAAE,KAAK;aACnB;YACD,UAAU,EAAE,IAAI;YAChB,eAAe,EAAE,QAAQ;SAC1B,CAAC;IACJ,CAAC;CACF;AAED,eAAe,uBAAuB,CAAC"}

package/dist/detectors/security-pattern.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Security Pattern Detector (V3)
+ *
+ * Detects AI-generated security anti-patterns:
+ * 1. Hardcoded secrets/credentials (CWE-798)
+ * 2. eval/Function constructor usage (CWE-95)
+ * 3. SQL injection via string concatenation/template literals (CWE-89)
+ * 4. Insecure cryptography: Math.random(), MD5/SHA1 for passwords (CWE-328/338)
+ * 5. Insecure defaults: cors origin '*', disabled security headers (CWE-942)
+ *
+ * AI models frequently generate code with these patterns from training data.
+ *
+ * Implements the unified Detector interface.
+ *
+ * @since 0.3.0
+ */
+import type { Detector, UnifiedIssue, FileAnalysis, Severity } from '../types.js';
+/** Security pattern definition for detecting vulnerabilities in code. */
+export interface SecurityPattern {
+    type: string;
+    regex: RegExp;
+    severity: Severity;
+    message: string;
+    suggestion: string;
+    cweId?: string;
+    /** Skip in test files */
+    skipTests?: boolean;
+}
+/**
+ * SecurityPatternDetector — detects common security anti-patterns in AI-generated code.
+ *
+ * Scans source code with regex patterns for 5 categories:
+ * hardcoded secrets, eval usage, SQL injection, insecure crypto, insecure defaults.
+ */
+export declare class SecurityPatternDetector implements Detector {
+    readonly name = "security-pattern";
+    readonly version = "1.0.0";
+    readonly tier: 1;
+    detect(files: FileAnalysis[]): Promise<UnifiedIssue[]>;
+    private analyzeFile;
+}
+export default SecurityPatternDetector;
+//# sourceMappingURL=security-pattern.d.ts.map

package/dist/detectors/security-pattern.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-pattern.d.ts","sourceRoot":"","sources":["../../src/detectors/security-pattern.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAKlF,yEAAyE;AACzE,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,QAAQ,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,yBAAyB;IACzB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAwID;;;;;GAKG;AACH,qBAAa,uBAAwB,YAAW,QAAQ;IACtD,QAAQ,CAAC,IAAI,sBAAsB;IACnC,QAAQ,CAAC,OAAO,WAAW;IAC3B,QAAQ,CAAC,IAAI,EAAG,CAAC,CAAU;IAIrB,MAAM,CAAC,KAAK,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAiB5D,OAAO,CAAC,WAAW;CAgFpB;AAED,eAAe,uBAAuB,CAAC"}