@opensip-cli/checks-typescript 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (404) hide show
  1. package/LICENSE +202 -0
  2. package/NOTICE +8 -0
  3. package/README.md +31 -0
  4. package/dist/__tests__/all-checks-execute.test.d.ts +12 -0
  5. package/dist/__tests__/all-checks-execute.test.d.ts.map +1 -0
  6. package/dist/__tests__/all-checks-execute.test.js +846 -0
  7. package/dist/__tests__/all-checks-execute.test.js.map +1 -0
  8. package/dist/__tests__/behavior-fixtures-2.test.d.ts +9 -0
  9. package/dist/__tests__/behavior-fixtures-2.test.d.ts.map +1 -0
  10. package/dist/__tests__/behavior-fixtures-2.test.js +625 -0
  11. package/dist/__tests__/behavior-fixtures-2.test.js.map +1 -0
  12. package/dist/__tests__/behavior-fixtures-3.test.d.ts +7 -0
  13. package/dist/__tests__/behavior-fixtures-3.test.d.ts.map +1 -0
  14. package/dist/__tests__/behavior-fixtures-3.test.js +658 -0
  15. package/dist/__tests__/behavior-fixtures-3.test.js.map +1 -0
  16. package/dist/__tests__/behavior-fixtures-4.test.d.ts +8 -0
  17. package/dist/__tests__/behavior-fixtures-4.test.d.ts.map +1 -0
  18. package/dist/__tests__/behavior-fixtures-4.test.js +590 -0
  19. package/dist/__tests__/behavior-fixtures-4.test.js.map +1 -0
  20. package/dist/__tests__/behavior-fixtures-5.test.d.ts +7 -0
  21. package/dist/__tests__/behavior-fixtures-5.test.d.ts.map +1 -0
  22. package/dist/__tests__/behavior-fixtures-5.test.js +548 -0
  23. package/dist/__tests__/behavior-fixtures-5.test.js.map +1 -0
  24. package/dist/__tests__/behavior-fixtures-6.test.d.ts +18 -0
  25. package/dist/__tests__/behavior-fixtures-6.test.d.ts.map +1 -0
  26. package/dist/__tests__/behavior-fixtures-6.test.js +1700 -0
  27. package/dist/__tests__/behavior-fixtures-6.test.js.map +1 -0
  28. package/dist/__tests__/behavior-fixtures.test.d.ts +10 -0
  29. package/dist/__tests__/behavior-fixtures.test.d.ts.map +1 -0
  30. package/dist/__tests__/behavior-fixtures.test.js +812 -0
  31. package/dist/__tests__/behavior-fixtures.test.js.map +1 -0
  32. package/dist/__tests__/branch-fixtures-2.test.d.ts +6 -0
  33. package/dist/__tests__/branch-fixtures-2.test.d.ts.map +1 -0
  34. package/dist/__tests__/branch-fixtures-2.test.js +1369 -0
  35. package/dist/__tests__/branch-fixtures-2.test.js.map +1 -0
  36. package/dist/__tests__/branch-fixtures-3.test.d.ts +7 -0
  37. package/dist/__tests__/branch-fixtures-3.test.d.ts.map +1 -0
  38. package/dist/__tests__/branch-fixtures-3.test.js +877 -0
  39. package/dist/__tests__/branch-fixtures-3.test.js.map +1 -0
  40. package/dist/__tests__/branch-fixtures.test.d.ts +6 -0
  41. package/dist/__tests__/branch-fixtures.test.d.ts.map +1 -0
  42. package/dist/__tests__/branch-fixtures.test.js +1072 -0
  43. package/dist/__tests__/branch-fixtures.test.js.map +1 -0
  44. package/dist/__tests__/checks.test.d.ts +2 -0
  45. package/dist/__tests__/checks.test.d.ts.map +1 -0
  46. package/dist/__tests__/checks.test.js +39 -0
  47. package/dist/__tests__/checks.test.js.map +1 -0
  48. package/dist/__tests__/fixture-coverage.allowlist.d.ts +19 -0
  49. package/dist/__tests__/fixture-coverage.allowlist.d.ts.map +1 -0
  50. package/dist/__tests__/fixture-coverage.allowlist.js +27 -0
  51. package/dist/__tests__/fixture-coverage.allowlist.js.map +1 -0
  52. package/dist/__tests__/fixture-coverage.test.d.ts +13 -0
  53. package/dist/__tests__/fixture-coverage.test.d.ts.map +1 -0
  54. package/dist/__tests__/fixture-coverage.test.js +57 -0
  55. package/dist/__tests__/fixture-coverage.test.js.map +1 -0
  56. package/dist/__tests__/no-bootstrap-tool-import.test.d.ts +2 -0
  57. package/dist/__tests__/no-bootstrap-tool-import.test.d.ts.map +1 -0
  58. package/dist/__tests__/no-bootstrap-tool-import.test.js +75 -0
  59. package/dist/__tests__/no-bootstrap-tool-import.test.js.map +1 -0
  60. package/dist/__tests__/phantom-dependency-detection.test.d.ts +12 -0
  61. package/dist/__tests__/phantom-dependency-detection.test.d.ts.map +1 -0
  62. package/dist/__tests__/phantom-dependency-detection.test.js +112 -0
  63. package/dist/__tests__/phantom-dependency-detection.test.js.map +1 -0
  64. package/dist/__tests__/typescript-frontend.test.d.ts +8 -0
  65. package/dist/__tests__/typescript-frontend.test.d.ts.map +1 -0
  66. package/dist/__tests__/typescript-frontend.test.js +57 -0
  67. package/dist/__tests__/typescript-frontend.test.js.map +1 -0
  68. package/dist/checks/architecture/circular-import-detection.d.ts +14 -0
  69. package/dist/checks/architecture/circular-import-detection.d.ts.map +1 -0
  70. package/dist/checks/architecture/circular-import-detection.js +55 -0
  71. package/dist/checks/architecture/circular-import-detection.js.map +1 -0
  72. package/dist/checks/architecture/contracts-schema-consistency.d.ts +11 -0
  73. package/dist/checks/architecture/contracts-schema-consistency.d.ts.map +1 -0
  74. package/dist/checks/architecture/contracts-schema-consistency.js +75 -0
  75. package/dist/checks/architecture/contracts-schema-consistency.js.map +1 -0
  76. package/dist/checks/architecture/drizzle-orm-migration-guardrails.d.ts +12 -0
  77. package/dist/checks/architecture/drizzle-orm-migration-guardrails.d.ts.map +1 -0
  78. package/dist/checks/architecture/drizzle-orm-migration-guardrails.js +92 -0
  79. package/dist/checks/architecture/drizzle-orm-migration-guardrails.js.map +1 -0
  80. package/dist/checks/architecture/index.d.ts +10 -0
  81. package/dist/checks/architecture/index.d.ts.map +1 -0
  82. package/dist/checks/architecture/index.js +10 -0
  83. package/dist/checks/architecture/index.js.map +1 -0
  84. package/dist/checks/architecture/missing-type-exports.d.ts +13 -0
  85. package/dist/checks/architecture/missing-type-exports.d.ts.map +1 -0
  86. package/dist/checks/architecture/missing-type-exports.js +245 -0
  87. package/dist/checks/architecture/missing-type-exports.js.map +1 -0
  88. package/dist/checks/architecture/module-coupling-fan-out.d.ts +20 -0
  89. package/dist/checks/architecture/module-coupling-fan-out.d.ts.map +1 -0
  90. package/dist/checks/architecture/module-coupling-fan-out.js +120 -0
  91. package/dist/checks/architecture/module-coupling-fan-out.js.map +1 -0
  92. package/dist/checks/architecture/no-bootstrap-tool-import.d.ts +38 -0
  93. package/dist/checks/architecture/no-bootstrap-tool-import.d.ts.map +1 -0
  94. package/dist/checks/architecture/no-bootstrap-tool-import.js +95 -0
  95. package/dist/checks/architecture/no-bootstrap-tool-import.js.map +1 -0
  96. package/dist/checks/architecture/package-json-exports-field.d.ts +10 -0
  97. package/dist/checks/architecture/package-json-exports-field.d.ts.map +1 -0
  98. package/dist/checks/architecture/package-json-exports-field.js +56 -0
  99. package/dist/checks/architecture/package-json-exports-field.js.map +1 -0
  100. package/dist/checks/architecture/phantom-dependency-detection.d.ts +22 -0
  101. package/dist/checks/architecture/phantom-dependency-detection.d.ts.map +1 -0
  102. package/dist/checks/architecture/phantom-dependency-detection.js +330 -0
  103. package/dist/checks/architecture/phantom-dependency-detection.js.map +1 -0
  104. package/dist/checks/architecture/tsconfig-extends-validation.d.ts +10 -0
  105. package/dist/checks/architecture/tsconfig-extends-validation.d.ts.map +1 -0
  106. package/dist/checks/architecture/tsconfig-extends-validation.js +78 -0
  107. package/dist/checks/architecture/tsconfig-extends-validation.js.map +1 -0
  108. package/dist/checks/index.d.ts +6 -0
  109. package/dist/checks/index.d.ts.map +1 -0
  110. package/dist/checks/index.js +6 -0
  111. package/dist/checks/index.js.map +1 -0
  112. package/dist/checks/quality/api/api-contract-validation.d.ts +15 -0
  113. package/dist/checks/quality/api/api-contract-validation.d.ts.map +1 -0
  114. package/dist/checks/quality/api/api-contract-validation.js +316 -0
  115. package/dist/checks/quality/api/api-contract-validation.js.map +1 -0
  116. package/dist/checks/quality/api/api-response-validation.d.ts +14 -0
  117. package/dist/checks/quality/api/api-response-validation.d.ts.map +1 -0
  118. package/dist/checks/quality/api/api-response-validation.js +209 -0
  119. package/dist/checks/quality/api/api-response-validation.js.map +1 -0
  120. package/dist/checks/quality/api/fastify-route-validation.d.ts +14 -0
  121. package/dist/checks/quality/api/fastify-route-validation.d.ts.map +1 -0
  122. package/dist/checks/quality/api/fastify-route-validation.js +298 -0
  123. package/dist/checks/quality/api/fastify-route-validation.js.map +1 -0
  124. package/dist/checks/quality/api/fastify-schema-coverage.d.ts +11 -0
  125. package/dist/checks/quality/api/fastify-schema-coverage.d.ts.map +1 -0
  126. package/dist/checks/quality/api/fastify-schema-coverage.js +261 -0
  127. package/dist/checks/quality/api/fastify-schema-coverage.js.map +1 -0
  128. package/dist/checks/quality/api/index.d.ts +5 -0
  129. package/dist/checks/quality/api/index.d.ts.map +1 -0
  130. package/dist/checks/quality/api/index.js +5 -0
  131. package/dist/checks/quality/api/index.js.map +1 -0
  132. package/dist/checks/quality/code-structure/duplicate-utility-functions.d.ts +32 -0
  133. package/dist/checks/quality/code-structure/duplicate-utility-functions.d.ts.map +1 -0
  134. package/dist/checks/quality/code-structure/duplicate-utility-functions.js +451 -0
  135. package/dist/checks/quality/code-structure/duplicate-utility-functions.js.map +1 -0
  136. package/dist/checks/quality/code-structure/index.d.ts +3 -0
  137. package/dist/checks/quality/code-structure/index.d.ts.map +1 -0
  138. package/dist/checks/quality/code-structure/index.js +3 -0
  139. package/dist/checks/quality/code-structure/index.js.map +1 -0
  140. package/dist/checks/quality/code-structure/no-any-types.d.ts +13 -0
  141. package/dist/checks/quality/code-structure/no-any-types.d.ts.map +1 -0
  142. package/dist/checks/quality/code-structure/no-any-types.js +116 -0
  143. package/dist/checks/quality/code-structure/no-any-types.js.map +1 -0
  144. package/dist/checks/quality/data-integrity/__tests__/null-safety-fp.test.d.ts +15 -0
  145. package/dist/checks/quality/data-integrity/__tests__/null-safety-fp.test.d.ts.map +1 -0
  146. package/dist/checks/quality/data-integrity/__tests__/null-safety-fp.test.js +51 -0
  147. package/dist/checks/quality/data-integrity/__tests__/null-safety-fp.test.js.map +1 -0
  148. package/dist/checks/quality/data-integrity/array-validation.d.ts +16 -0
  149. package/dist/checks/quality/data-integrity/array-validation.d.ts.map +1 -0
  150. package/dist/checks/quality/data-integrity/array-validation.js +508 -0
  151. package/dist/checks/quality/data-integrity/array-validation.js.map +1 -0
  152. package/dist/checks/quality/data-integrity/database-index-coverage.d.ts +14 -0
  153. package/dist/checks/quality/data-integrity/database-index-coverage.d.ts.map +1 -0
  154. package/dist/checks/quality/data-integrity/database-index-coverage.js +235 -0
  155. package/dist/checks/quality/data-integrity/database-index-coverage.js.map +1 -0
  156. package/dist/checks/quality/data-integrity/database-schema-validation.d.ts +16 -0
  157. package/dist/checks/quality/data-integrity/database-schema-validation.d.ts.map +1 -0
  158. package/dist/checks/quality/data-integrity/database-schema-validation.js +328 -0
  159. package/dist/checks/quality/data-integrity/database-schema-validation.js.map +1 -0
  160. package/dist/checks/quality/data-integrity/in-memory-repository-detection.d.ts +14 -0
  161. package/dist/checks/quality/data-integrity/in-memory-repository-detection.d.ts.map +1 -0
  162. package/dist/checks/quality/data-integrity/in-memory-repository-detection.js +157 -0
  163. package/dist/checks/quality/data-integrity/in-memory-repository-detection.js.map +1 -0
  164. package/dist/checks/quality/data-integrity/index.d.ts +8 -0
  165. package/dist/checks/quality/data-integrity/index.d.ts.map +1 -0
  166. package/dist/checks/quality/data-integrity/index.js +8 -0
  167. package/dist/checks/quality/data-integrity/index.js.map +1 -0
  168. package/dist/checks/quality/data-integrity/missing-input-validation.d.ts +12 -0
  169. package/dist/checks/quality/data-integrity/missing-input-validation.d.ts.map +1 -0
  170. package/dist/checks/quality/data-integrity/missing-input-validation.js +180 -0
  171. package/dist/checks/quality/data-integrity/missing-input-validation.js.map +1 -0
  172. package/dist/checks/quality/data-integrity/null-safety.d.ts +33 -0
  173. package/dist/checks/quality/data-integrity/null-safety.d.ts.map +1 -0
  174. package/dist/checks/quality/data-integrity/null-safety.js +766 -0
  175. package/dist/checks/quality/data-integrity/null-safety.js.map +1 -0
  176. package/dist/checks/quality/data-integrity/numeric-validation.d.ts +12 -0
  177. package/dist/checks/quality/data-integrity/numeric-validation.d.ts.map +1 -0
  178. package/dist/checks/quality/data-integrity/numeric-validation.js +409 -0
  179. package/dist/checks/quality/data-integrity/numeric-validation.js.map +1 -0
  180. package/dist/checks/quality/frontend/a11y-form-labels.d.ts +14 -0
  181. package/dist/checks/quality/frontend/a11y-form-labels.d.ts.map +1 -0
  182. package/dist/checks/quality/frontend/a11y-form-labels.js +93 -0
  183. package/dist/checks/quality/frontend/a11y-form-labels.js.map +1 -0
  184. package/dist/checks/quality/frontend/a11y-semantic-html.d.ts +14 -0
  185. package/dist/checks/quality/frontend/a11y-semantic-html.d.ts.map +1 -0
  186. package/dist/checks/quality/frontend/a11y-semantic-html.js +88 -0
  187. package/dist/checks/quality/frontend/a11y-semantic-html.js.map +1 -0
  188. package/dist/checks/quality/frontend/index.d.ts +4 -0
  189. package/dist/checks/quality/frontend/index.d.ts.map +1 -0
  190. package/dist/checks/quality/frontend/index.js +4 -0
  191. package/dist/checks/quality/frontend/index.js.map +1 -0
  192. package/dist/checks/quality/frontend/test-only-frontend-modules.d.ts +13 -0
  193. package/dist/checks/quality/frontend/test-only-frontend-modules.d.ts.map +1 -0
  194. package/dist/checks/quality/frontend/test-only-frontend-modules.js +159 -0
  195. package/dist/checks/quality/frontend/test-only-frontend-modules.js.map +1 -0
  196. package/dist/checks/quality/incomplete-regex-escaping.d.ts +13 -0
  197. package/dist/checks/quality/incomplete-regex-escaping.d.ts.map +1 -0
  198. package/dist/checks/quality/incomplete-regex-escaping.js +207 -0
  199. package/dist/checks/quality/incomplete-regex-escaping.js.map +1 -0
  200. package/dist/checks/quality/index.d.ts +11 -0
  201. package/dist/checks/quality/index.d.ts.map +1 -0
  202. package/dist/checks/quality/index.js +11 -0
  203. package/dist/checks/quality/index.js.map +1 -0
  204. package/dist/checks/quality/linting/index.d.ts +2 -0
  205. package/dist/checks/quality/linting/index.d.ts.map +1 -0
  206. package/dist/checks/quality/linting/index.js +2 -0
  207. package/dist/checks/quality/linting/index.js.map +1 -0
  208. package/dist/checks/quality/linting/typescript-frontend.d.ts +25 -0
  209. package/dist/checks/quality/linting/typescript-frontend.d.ts.map +1 -0
  210. package/dist/checks/quality/linting/typescript-frontend.js +159 -0
  211. package/dist/checks/quality/linting/typescript-frontend.js.map +1 -0
  212. package/dist/checks/quality/observability/index.d.ts +5 -0
  213. package/dist/checks/quality/observability/index.d.ts.map +1 -0
  214. package/dist/checks/quality/observability/index.js +5 -0
  215. package/dist/checks/quality/observability/index.js.map +1 -0
  216. package/dist/checks/quality/observability/logger-event-name-format.d.ts +12 -0
  217. package/dist/checks/quality/observability/logger-event-name-format.d.ts.map +1 -0
  218. package/dist/checks/quality/observability/logger-event-name-format.js +124 -0
  219. package/dist/checks/quality/observability/logger-event-name-format.js.map +1 -0
  220. package/dist/checks/quality/observability/no-hardcoded-correlation-id.d.ts +5 -0
  221. package/dist/checks/quality/observability/no-hardcoded-correlation-id.d.ts.map +1 -0
  222. package/dist/checks/quality/observability/no-hardcoded-correlation-id.js +77 -0
  223. package/dist/checks/quality/observability/no-hardcoded-correlation-id.js.map +1 -0
  224. package/dist/checks/quality/observability/observability-coverage/__tests__/analyzer.test.d.ts +11 -0
  225. package/dist/checks/quality/observability/observability-coverage/__tests__/analyzer.test.d.ts.map +1 -0
  226. package/dist/checks/quality/observability/observability-coverage/__tests__/analyzer.test.js +107 -0
  227. package/dist/checks/quality/observability/observability-coverage/__tests__/analyzer.test.js.map +1 -0
  228. package/dist/checks/quality/observability/observability-coverage/__tests__/logger-detector.test.d.ts +12 -0
  229. package/dist/checks/quality/observability/observability-coverage/__tests__/logger-detector.test.d.ts.map +1 -0
  230. package/dist/checks/quality/observability/observability-coverage/__tests__/logger-detector.test.js +94 -0
  231. package/dist/checks/quality/observability/observability-coverage/__tests__/logger-detector.test.js.map +1 -0
  232. package/dist/checks/quality/observability/observability-coverage/analyzer.d.ts +13 -0
  233. package/dist/checks/quality/observability/observability-coverage/analyzer.d.ts.map +1 -0
  234. package/dist/checks/quality/observability/observability-coverage/analyzer.js +117 -0
  235. package/dist/checks/quality/observability/observability-coverage/analyzer.js.map +1 -0
  236. package/dist/checks/quality/observability/observability-coverage/index.d.ts +4 -0
  237. package/dist/checks/quality/observability/observability-coverage/index.d.ts.map +1 -0
  238. package/dist/checks/quality/observability/observability-coverage/index.js +4 -0
  239. package/dist/checks/quality/observability/observability-coverage/index.js.map +1 -0
  240. package/dist/checks/quality/observability/observability-coverage/logger-detector.d.ts +29 -0
  241. package/dist/checks/quality/observability/observability-coverage/logger-detector.d.ts.map +1 -0
  242. package/dist/checks/quality/observability/observability-coverage/logger-detector.js +111 -0
  243. package/dist/checks/quality/observability/observability-coverage/logger-detector.js.map +1 -0
  244. package/dist/checks/quality/observability/observability-coverage/types.d.ts +64 -0
  245. package/dist/checks/quality/observability/observability-coverage/types.d.ts.map +1 -0
  246. package/dist/checks/quality/observability/observability-coverage/types.js +6 -0
  247. package/dist/checks/quality/observability/observability-coverage/types.js.map +1 -0
  248. package/dist/checks/quality/observability/pii-exposure-in-logs.d.ts +22 -0
  249. package/dist/checks/quality/observability/pii-exposure-in-logs.d.ts.map +1 -0
  250. package/dist/checks/quality/observability/pii-exposure-in-logs.js +212 -0
  251. package/dist/checks/quality/observability/pii-exposure-in-logs.js.map +1 -0
  252. package/dist/checks/quality/observability/pii-exposure-in-logs.test.d.ts +11 -0
  253. package/dist/checks/quality/observability/pii-exposure-in-logs.test.d.ts.map +1 -0
  254. package/dist/checks/quality/observability/pii-exposure-in-logs.test.js +46 -0
  255. package/dist/checks/quality/observability/pii-exposure-in-logs.test.js.map +1 -0
  256. package/dist/checks/quality/patterns/__tests__/toctou-fp.test.d.ts +14 -0
  257. package/dist/checks/quality/patterns/__tests__/toctou-fp.test.d.ts.map +1 -0
  258. package/dist/checks/quality/patterns/__tests__/toctou-fp.test.js +61 -0
  259. package/dist/checks/quality/patterns/__tests__/toctou-fp.test.js.map +1 -0
  260. package/dist/checks/quality/patterns/async-waterfall-detection.d.ts +26 -0
  261. package/dist/checks/quality/patterns/async-waterfall-detection.d.ts.map +1 -0
  262. package/dist/checks/quality/patterns/async-waterfall-detection.js +410 -0
  263. package/dist/checks/quality/patterns/async-waterfall-detection.js.map +1 -0
  264. package/dist/checks/quality/patterns/dispose-pattern-completeness.d.ts +13 -0
  265. package/dist/checks/quality/patterns/dispose-pattern-completeness.d.ts.map +1 -0
  266. package/dist/checks/quality/patterns/dispose-pattern-completeness.js +220 -0
  267. package/dist/checks/quality/patterns/dispose-pattern-completeness.js.map +1 -0
  268. package/dist/checks/quality/patterns/error-handling-quality.d.ts +17 -0
  269. package/dist/checks/quality/patterns/error-handling-quality.d.ts.map +1 -0
  270. package/dist/checks/quality/patterns/error-handling-quality.js +335 -0
  271. package/dist/checks/quality/patterns/error-handling-quality.js.map +1 -0
  272. package/dist/checks/quality/patterns/index.d.ts +10 -0
  273. package/dist/checks/quality/patterns/index.d.ts.map +1 -0
  274. package/dist/checks/quality/patterns/index.js +10 -0
  275. package/dist/checks/quality/patterns/index.js.map +1 -0
  276. package/dist/checks/quality/patterns/lifecycle-cleanup-enforcement.d.ts +16 -0
  277. package/dist/checks/quality/patterns/lifecycle-cleanup-enforcement.d.ts.map +1 -0
  278. package/dist/checks/quality/patterns/lifecycle-cleanup-enforcement.js +205 -0
  279. package/dist/checks/quality/patterns/lifecycle-cleanup-enforcement.js.map +1 -0
  280. package/dist/checks/quality/patterns/result-pattern-consistency.d.ts +16 -0
  281. package/dist/checks/quality/patterns/result-pattern-consistency.d.ts.map +1 -0
  282. package/dist/checks/quality/patterns/result-pattern-consistency.js +328 -0
  283. package/dist/checks/quality/patterns/result-pattern-consistency.js.map +1 -0
  284. package/dist/checks/quality/patterns/silent-early-returns.d.ts +23 -0
  285. package/dist/checks/quality/patterns/silent-early-returns.d.ts.map +1 -0
  286. package/dist/checks/quality/patterns/silent-early-returns.js +266 -0
  287. package/dist/checks/quality/patterns/silent-early-returns.js.map +1 -0
  288. package/dist/checks/quality/patterns/stream-buffer-size-limits.d.ts +13 -0
  289. package/dist/checks/quality/patterns/stream-buffer-size-limits.d.ts.map +1 -0
  290. package/dist/checks/quality/patterns/stream-buffer-size-limits.js +163 -0
  291. package/dist/checks/quality/patterns/stream-buffer-size-limits.js.map +1 -0
  292. package/dist/checks/quality/patterns/throws-documentation.d.ts +23 -0
  293. package/dist/checks/quality/patterns/throws-documentation.d.ts.map +1 -0
  294. package/dist/checks/quality/patterns/throws-documentation.js +519 -0
  295. package/dist/checks/quality/patterns/throws-documentation.js.map +1 -0
  296. package/dist/checks/quality/patterns/toctou-race-condition.d.ts +48 -0
  297. package/dist/checks/quality/patterns/toctou-race-condition.d.ts.map +1 -0
  298. package/dist/checks/quality/patterns/toctou-race-condition.js +639 -0
  299. package/dist/checks/quality/patterns/toctou-race-condition.js.map +1 -0
  300. package/dist/checks/quality/stubbed-implementation-detection.d.ts +24 -0
  301. package/dist/checks/quality/stubbed-implementation-detection.d.ts.map +1 -0
  302. package/dist/checks/quality/stubbed-implementation-detection.js +355 -0
  303. package/dist/checks/quality/stubbed-implementation-detection.js.map +1 -0
  304. package/dist/checks/quality/unused-config-options.d.ts +12 -0
  305. package/dist/checks/quality/unused-config-options.d.ts.map +1 -0
  306. package/dist/checks/quality/unused-config-options.js +245 -0
  307. package/dist/checks/quality/unused-config-options.js.map +1 -0
  308. package/dist/checks/resilience/__tests__/callback-invocation-safe.test.d.ts +2 -0
  309. package/dist/checks/resilience/__tests__/callback-invocation-safe.test.d.ts.map +1 -0
  310. package/dist/checks/resilience/__tests__/callback-invocation-safe.test.js +79 -0
  311. package/dist/checks/resilience/__tests__/callback-invocation-safe.test.js.map +1 -0
  312. package/dist/checks/resilience/__tests__/context-leakage-fp.test.d.ts +12 -0
  313. package/dist/checks/resilience/__tests__/context-leakage-fp.test.d.ts.map +1 -0
  314. package/dist/checks/resilience/__tests__/context-leakage-fp.test.js +34 -0
  315. package/dist/checks/resilience/__tests__/context-leakage-fp.test.js.map +1 -0
  316. package/dist/checks/resilience/__tests__/context-mutation.test.d.ts +11 -0
  317. package/dist/checks/resilience/__tests__/context-mutation.test.d.ts.map +1 -0
  318. package/dist/checks/resilience/__tests__/context-mutation.test.js +54 -0
  319. package/dist/checks/resilience/__tests__/context-mutation.test.js.map +1 -0
  320. package/dist/checks/resilience/callback-invocation-safe.d.ts +34 -0
  321. package/dist/checks/resilience/callback-invocation-safe.d.ts.map +1 -0
  322. package/dist/checks/resilience/callback-invocation-safe.js +247 -0
  323. package/dist/checks/resilience/callback-invocation-safe.js.map +1 -0
  324. package/dist/checks/resilience/context-leakage.d.ts +25 -0
  325. package/dist/checks/resilience/context-leakage.d.ts.map +1 -0
  326. package/dist/checks/resilience/context-leakage.js +435 -0
  327. package/dist/checks/resilience/context-leakage.js.map +1 -0
  328. package/dist/checks/resilience/context-mutation.d.ts +21 -0
  329. package/dist/checks/resilience/context-mutation.d.ts.map +1 -0
  330. package/dist/checks/resilience/context-mutation.js +368 -0
  331. package/dist/checks/resilience/context-mutation.js.map +1 -0
  332. package/dist/checks/resilience/detached-promises.d.ts +40 -0
  333. package/dist/checks/resilience/detached-promises.d.ts.map +1 -0
  334. package/dist/checks/resilience/detached-promises.js +646 -0
  335. package/dist/checks/resilience/detached-promises.js.map +1 -0
  336. package/dist/checks/resilience/index.d.ts +7 -0
  337. package/dist/checks/resilience/index.d.ts.map +1 -0
  338. package/dist/checks/resilience/index.js +7 -0
  339. package/dist/checks/resilience/index.js.map +1 -0
  340. package/dist/checks/resilience/no-raw-fetch.d.ts +11 -0
  341. package/dist/checks/resilience/no-raw-fetch.d.ts.map +1 -0
  342. package/dist/checks/resilience/no-raw-fetch.js +110 -0
  343. package/dist/checks/resilience/no-raw-fetch.js.map +1 -0
  344. package/dist/checks/resilience/no-unbounded-concurrency.d.ts +11 -0
  345. package/dist/checks/resilience/no-unbounded-concurrency.d.ts.map +1 -0
  346. package/dist/checks/resilience/no-unbounded-concurrency.js +117 -0
  347. package/dist/checks/resilience/no-unbounded-concurrency.js.map +1 -0
  348. package/dist/checks/security/__tests__/sql-injection.test.d.ts +17 -0
  349. package/dist/checks/security/__tests__/sql-injection.test.d.ts.map +1 -0
  350. package/dist/checks/security/__tests__/sql-injection.test.js +97 -0
  351. package/dist/checks/security/__tests__/sql-injection.test.js.map +1 -0
  352. package/dist/checks/security/index.d.ts +4 -0
  353. package/dist/checks/security/index.d.ts.map +1 -0
  354. package/dist/checks/security/index.js +4 -0
  355. package/dist/checks/security/index.js.map +1 -0
  356. package/dist/checks/security/input-sanitization.d.ts +20 -0
  357. package/dist/checks/security/input-sanitization.d.ts.map +1 -0
  358. package/dist/checks/security/input-sanitization.js +255 -0
  359. package/dist/checks/security/input-sanitization.js.map +1 -0
  360. package/dist/checks/security/sql-injection.d.ts +24 -0
  361. package/dist/checks/security/sql-injection.d.ts.map +1 -0
  362. package/dist/checks/security/sql-injection.js +330 -0
  363. package/dist/checks/security/sql-injection.js.map +1 -0
  364. package/dist/checks/security/unsafe-secret-comparison.d.ts +17 -0
  365. package/dist/checks/security/unsafe-secret-comparison.d.ts.map +1 -0
  366. package/dist/checks/security/unsafe-secret-comparison.js +227 -0
  367. package/dist/checks/security/unsafe-secret-comparison.js.map +1 -0
  368. package/dist/checks/testing/index.d.ts +2 -0
  369. package/dist/checks/testing/index.d.ts.map +1 -0
  370. package/dist/checks/testing/index.js +2 -0
  371. package/dist/checks/testing/index.js.map +1 -0
  372. package/dist/checks/testing/mock-implementations-in-production.d.ts +12 -0
  373. package/dist/checks/testing/mock-implementations-in-production.d.ts.map +1 -0
  374. package/dist/checks/testing/mock-implementations-in-production.js +211 -0
  375. package/dist/checks/testing/mock-implementations-in-production.js.map +1 -0
  376. package/dist/display/architecture.d.ts +9 -0
  377. package/dist/display/architecture.d.ts.map +1 -0
  378. package/dist/display/architecture.js +18 -0
  379. package/dist/display/architecture.js.map +1 -0
  380. package/dist/display/index.d.ts +20 -0
  381. package/dist/display/index.d.ts.map +1 -0
  382. package/dist/display/index.js +30 -0
  383. package/dist/display/index.js.map +1 -0
  384. package/dist/display/quality.d.ts +7 -0
  385. package/dist/display/quality.d.ts.map +1 -0
  386. package/dist/display/quality.js +39 -0
  387. package/dist/display/quality.js.map +1 -0
  388. package/dist/display/resilience.d.ts +7 -0
  389. package/dist/display/resilience.d.ts.map +1 -0
  390. package/dist/display/resilience.js +13 -0
  391. package/dist/display/resilience.js.map +1 -0
  392. package/dist/display/security-testing.d.ts +9 -0
  393. package/dist/display/security-testing.d.ts.map +1 -0
  394. package/dist/display/security-testing.js +14 -0
  395. package/dist/display/security-testing.js.map +1 -0
  396. package/dist/display/types.d.ts +6 -0
  397. package/dist/display/types.d.ts.map +1 -0
  398. package/dist/display/types.js +6 -0
  399. package/dist/display/types.js.map +1 -0
  400. package/dist/index.d.ts +19 -0
  401. package/dist/index.d.ts.map +1 -0
  402. package/dist/index.js +21 -0
  403. package/dist/index.js.map +1 -0
  404. package/package.json +55 -0
@@ -0,0 +1,51 @@
1
+ /**
2
+ * @fileoverview Regression tests for two `null-safety` FP fixes.
3
+ *
4
+ * 1. Cross-line guard: a property access guarded by an enclosing `if` / `&&`
5
+ * on a PREVIOUS line (e.g. `if (candidates.length === 1 && candidates[0])
6
+ * { … candidates[0].bodyHash … }`) was flagged because the safety scan was
7
+ * line-local. The fix walks enclosing conditions.
8
+ * 2. Immutable combinators: `.merge(...)` chained on a factory result
9
+ * (e.g. OTel `detectResources(...).merge(...)`) returns a non-null value
10
+ * and is now a known-safe fluent method.
11
+ *
12
+ * Genuine unguarded access on a call/element result must still fire.
13
+ */
14
+ import { describe, expect, it } from 'vitest';
15
+ import { analyzeNullSafety } from '../null-safety.js';
16
+ function analyze(src) {
17
+ return analyzeNullSafety(src, 'src/svc/sample.ts');
18
+ }
19
+ describe('null-safety — FP regression suite', () => {
20
+ it('does NOT flag element access guarded by an enclosing if on a previous line', () => {
21
+ const src = `
22
+ function pick(candidates: { bodyHash: string }[]) {
23
+ if (candidates.length === 1 && candidates[0]) {
24
+ return [candidates[0].bodyHash];
25
+ }
26
+ return [];
27
+ }
28
+ `;
29
+ expect(analyze(src)).toHaveLength(0);
30
+ });
31
+ it('does NOT flag `.merge(...)` chained on a factory call result', () => {
32
+ const src = `
33
+ function build() {
34
+ const resource = detectResources({ detectors: [envDetector] }).merge(
35
+ resourceFromAttributes({ name: 'svc' }),
36
+ );
37
+ return resource;
38
+ }
39
+ `;
40
+ expect(analyze(src)).toHaveLength(0);
41
+ });
42
+ it('STILL flags an unguarded property access on an element-access result', () => {
43
+ const src = `
44
+ function firstHash(rows: { bodyHash: string }[]) {
45
+ return rows[0].bodyHash;
46
+ }
47
+ `;
48
+ expect(analyze(src).length).toBeGreaterThan(0);
49
+ });
50
+ });
51
+ //# sourceMappingURL=null-safety-fp.test.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"null-safety-fp.test.js","sourceRoot":"","sources":["../../../../../src/checks/quality/data-integrity/__tests__/null-safety-fp.test.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAE9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,SAAS,OAAO,CAAC,GAAW;IAC1B,OAAO,iBAAiB,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;AACrD,CAAC;AAED,QAAQ,CAAC,mCAAmC,EAAE,GAAG,EAAE;IACjD,EAAE,CAAC,4EAA4E,EAAE,GAAG,EAAE;QACpF,MAAM,GAAG,GAAG;;;;;;;KAOX,CAAC;QACF,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8DAA8D,EAAE,GAAG,EAAE;QACtE,MAAM,GAAG,GAAG;;;;;;;KAOX,CAAC;QACF,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sEAAsE,EAAE,GAAG,EAAE;QAC9E,MAAM,GAAG,GAAG;;;;KAIX,CAAC;QACF,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
@@ -0,0 +1,16 @@
1
+ /**
2
+ * @fileoverview Array Parameter Validation Check
3
+ *
4
+ * Detects array parameters without proper validation.
5
+ * Ensures arrays are validated for length, type, and content before processing.
6
+ *
7
+ */
8
+ /**
9
+ * Check: quality/array-validation
10
+ *
11
+ * Detects array parameters without proper validation to prevent
12
+ * runtime errors from unvalidated array inputs.
13
+ *
14
+ */
15
+ export declare const arrayValidation: import("@opensip-cli/fitness").Check;
16
+ //# sourceMappingURL=array-validation.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"array-validation.d.ts","sourceRoot":"","sources":["../../../../src/checks/quality/data-integrity/array-validation.ts"],"names":[],"mappings":"AACA;;;;;;GAMG;AAqgBH;;;;;;GAMG;AACH,eAAO,MAAM,eAAe,sCA4B1B,CAAC"}
@@ -0,0 +1,508 @@
1
+ // @fitness-ignore-file file-length-limit -- cohesive single-check module; splitting risks breaking the detector contract
2
+ /**
3
+ * @fileoverview Array Parameter Validation Check
4
+ *
5
+ * Detects array parameters without proper validation.
6
+ * Ensures arrays are validated for length, type, and content before processing.
7
+ *
8
+ */
9
+ import { defineCheck, isTestFile } from '@opensip-cli/fitness';
10
+ import { getSharedSourceFile } from '@opensip-cli/lang-typescript';
11
+ import * as ts from 'typescript';
12
+ /**
13
+ * Quick filter keywords for array validation patterns
14
+ */
15
+ const QUICK_FILTER_KEYWORDS = [
16
+ '[]',
17
+ 'Array',
18
+ 'array',
19
+ '.length',
20
+ '.push',
21
+ '.pop',
22
+ '.map(',
23
+ '.filter(',
24
+ ];
25
+ /**
26
+ * Paths where array validation requirements are relaxed
27
+ */
28
+ const RELAXED_VALIDATION_PATHS = [
29
+ /\/internal\//,
30
+ /\/utils\//,
31
+ /\/helpers\//,
32
+ /\/cli\//,
33
+ /\/scripts\//,
34
+ ];
35
+ /**
36
+ * Type patterns that indicate complex/nested types where validation is harder to detect
37
+ */
38
+ const COMPLEX_TYPE_PATTERNS = [
39
+ 'Record<',
40
+ 'Map<',
41
+ '=> ', // Function type
42
+ ': (', // Function type with parens
43
+ 'Promise<', // Async wrappers
44
+ 'Observable<',
45
+ ];
46
+ /**
47
+ * Check whether a parameter's type is a top-level array type (e.g. `string[]`, `Array<T>`)
48
+ * as opposed to an object/interface/intersection type that merely _contains_ array-typed
49
+ * properties (e.g. `{ items: string[] }`, `Foo & { tags: string[] }`).
50
+ *
51
+ * This uses the TypeScript AST node kind rather than text matching, eliminating false
52
+ * positives for object parameters whose nested properties happen to be arrays.
53
+ */
54
+ function isTopLevelArrayType(typeNode) {
55
+ // Direct array type: `string[]`, `Foo[]`
56
+ if (ts.isArrayTypeNode(typeNode)) {
57
+ return true;
58
+ }
59
+ // Generic Array reference: `Array<string>`, `ReadonlyArray<Foo>`
60
+ if (ts.isTypeReferenceNode(typeNode)) {
61
+ const typeName = typeNode.typeName;
62
+ if (ts.isIdentifier(typeName)) {
63
+ const name = typeName.text;
64
+ if (name === 'Array' || name === 'ReadonlyArray') {
65
+ return true;
66
+ }
67
+ }
68
+ }
69
+ // Union type: check if ALL branches are arrays (e.g. `string[] | number[]`)
70
+ if (ts.isUnionTypeNode(typeNode)) {
71
+ return typeNode.types.length > 0 && typeNode.types.every((t) => isTopLevelArrayType(t));
72
+ }
73
+ // Parenthesized type: unwrap `(string[])`
74
+ if (ts.isParenthesizedTypeNode(typeNode)) {
75
+ return isTopLevelArrayType(typeNode.type);
76
+ }
77
+ // Everything else (object literals, intersection types, type references to interfaces,
78
+ // mapped types, conditional types, etc.) is NOT a top-level array even if the type
79
+ // text contains `[]` in nested positions.
80
+ return false;
81
+ }
82
+ /**
83
+ * Check if a file path is in a relaxed validation context
84
+ */
85
+ function isRelaxedValidationPath(filePath) {
86
+ return RELAXED_VALIDATION_PATHS.some((pattern) => pattern.test(filePath));
87
+ }
88
+ /**
89
+ * Check if a type is a complex nested type where validation detection is unreliable
90
+ */
91
+ function isComplexNestedType(typeText) {
92
+ return COMPLEX_TYPE_PATTERNS.some((pattern) => typeText.includes(pattern));
93
+ }
94
+ /**
95
+ * Check if node is a .length access on the parameter
96
+ * @param node - The TypeScript AST node to check
97
+ * @param paramName - The name of the parameter to check for
98
+ * @param sourceFile - The TypeScript source file for text extraction
99
+ * @returns True if the node is a .length access on the specified parameter
100
+ */
101
+ function isLengthAccess(node, paramName, sourceFile) {
102
+ if (!ts.isPropertyAccessExpression(node))
103
+ return false;
104
+ const objName = node.expression.getText(sourceFile);
105
+ const propName = node.name.getText(sourceFile);
106
+ return objName === paramName && propName === 'length';
107
+ }
108
+ /**
109
+ * Check if node is an Array.isArray() call on the parameter
110
+ * @param node - The TypeScript AST node to check
111
+ * @param paramName - The name of the parameter to check for
112
+ * @param sourceFile - The TypeScript source file for text extraction
113
+ * @returns True if the node is an Array.isArray() call on the specified parameter
114
+ */
115
+ function isArrayIsArrayCall(node, paramName, sourceFile) {
116
+ if (!ts.isCallExpression(node))
117
+ return false;
118
+ const callText = node.expression.getText(sourceFile);
119
+ if (callText !== 'Array.isArray')
120
+ return false;
121
+ const arg = node.arguments[0]?.getText(sourceFile);
122
+ return arg === paramName;
123
+ }
124
+ /**
125
+ * Check if node is a Zod schema validation call
126
+ * @param node - The TypeScript AST node to check
127
+ * @param sourceFile - The TypeScript source file for text extraction
128
+ * @returns True if the node is a Zod .parse() or .safeParse() call
129
+ */
130
+ function isZodValidationCall(node, sourceFile) {
131
+ if (!ts.isCallExpression(node))
132
+ return false;
133
+ if (!ts.isPropertyAccessExpression(node.expression))
134
+ return false;
135
+ const methodName = node.expression.name.getText(sourceFile);
136
+ return methodName === 'parse' || methodName === 'safeParse';
137
+ }
138
+ /**
139
+ * Check if node is a validation function call
140
+ * @param node - The TypeScript AST node to check
141
+ * @returns True if the node is a call to a function with 'validate' or 'check' in its name
142
+ */
143
+ function isValidationFunctionCall(node) {
144
+ if (!ts.isCallExpression(node))
145
+ return false;
146
+ if (!ts.isIdentifier(node.expression))
147
+ return false;
148
+ const funcName = node.expression.text.toLowerCase();
149
+ return funcName.includes('validate') || funcName.includes('check');
150
+ }
151
+ /**
152
+ * Check if node is an iteration over the parameter (for...of, forEach, map, filter,
153
+ * slice, includes, join, indexOf, concat, flat, etc.)
154
+ *
155
+ * Iteration implies validation because it handles empty arrays gracefully and
156
+ * cannot blow up the runtime — the worst case is no work done.
157
+ */
158
+ function isIterationOverParam(node, paramName, sourceFile) {
159
+ // for...of statement
160
+ if (ts.isForOfStatement(node)) {
161
+ const iterableText = node.expression.getText(sourceFile);
162
+ if (iterableText === paramName || iterableText.startsWith(`${paramName}.`)) {
163
+ return true;
164
+ }
165
+ }
166
+ // Array prototype methods that internally iterate (and therefore handle empty
167
+ // arrays gracefully) or otherwise produce a bounded view. These are
168
+ // validation-equivalent because they don't crash on empty/short input.
169
+ if (ts.isCallExpression(node) && ts.isPropertyAccessExpression(node.expression)) {
170
+ const objText = node.expression.expression.getText(sourceFile);
171
+ const methodName = node.expression.name.getText(sourceFile);
172
+ const iterationMethods = [
173
+ 'forEach',
174
+ 'map',
175
+ 'filter',
176
+ 'some',
177
+ 'every',
178
+ 'find',
179
+ 'findIndex',
180
+ 'findLast',
181
+ 'findLastIndex',
182
+ 'reduce',
183
+ 'reduceRight',
184
+ 'flatMap',
185
+ 'flat',
186
+ 'slice',
187
+ 'includes',
188
+ 'indexOf',
189
+ 'lastIndexOf',
190
+ 'join',
191
+ 'concat',
192
+ 'entries',
193
+ 'values',
194
+ 'keys',
195
+ 'at',
196
+ 'toSorted',
197
+ 'toReversed',
198
+ 'toSpliced',
199
+ 'with',
200
+ ];
201
+ if (objText === paramName && iterationMethods.includes(methodName)) {
202
+ return true;
203
+ }
204
+ }
205
+ return false;
206
+ }
207
+ /**
208
+ * Check if node is a write-only sink usage of the parameter.
209
+ *
210
+ * Out-array sinks (`bucket.push(...)`, `bucket.unshift(...)`) flag the param
211
+ * as a producer target — the function isn't *consuming* the array, it's
212
+ * writing into it. Validation belongs at the consumer, not the producer.
213
+ */
214
+ function isOutSinkUsage(node, paramName, sourceFile) {
215
+ if (!ts.isCallExpression(node))
216
+ return false;
217
+ if (!ts.isPropertyAccessExpression(node.expression))
218
+ return false;
219
+ const objText = node.expression.expression.getText(sourceFile);
220
+ if (objText !== paramName)
221
+ return false;
222
+ const methodName = node.expression.name.getText(sourceFile);
223
+ // Mutating sink methods — caller is producing into the array.
224
+ return methodName === 'push' || methodName === 'unshift' || methodName === 'splice';
225
+ }
226
+ /**
227
+ * Check if node is indexed access on the parameter (`param[i]`).
228
+ *
229
+ * Indexed access on a typed array yields `T | undefined` under
230
+ * `noUncheckedIndexedAccess`; under any reasonable consumer it implies
231
+ * defensive use and cannot crash on empty/short input the way an
232
+ * unconditional `.length`-less iteration would. Practically: if the body
233
+ * does `param[i]`, the author has already structured the access around
234
+ * length (or expects undefined).
235
+ */
236
+ function isIndexedAccess(node, paramName, sourceFile) {
237
+ if (!ts.isElementAccessExpression(node))
238
+ return false;
239
+ return node.expression.getText(sourceFile) === paramName;
240
+ }
241
+ /**
242
+ * Check if node is a spread of the parameter (`...param`) inside a call
243
+ * argument list, array literal, or object literal.
244
+ *
245
+ * Spread iterates the array — equivalent to `for...of`.
246
+ */
247
+ function isSpreadOfParam(node, paramName, sourceFile) {
248
+ if (ts.isSpreadElement(node) || ts.isSpreadAssignment(node)) {
249
+ return node.expression.getText(sourceFile) === paramName;
250
+ }
251
+ return false;
252
+ }
253
+ /**
254
+ * Check if node passes the parameter through to another function call.
255
+ *
256
+ * A pure pass-through forwarder (`return otherFn(..., param, ...)`) defers
257
+ * validation to the destination function — flagging the forwarder is a false
258
+ * positive, since the wrapper has nothing to validate against. The destination
259
+ * function (which actually consumes the array) is the meaningful validation
260
+ * site.
261
+ *
262
+ * Restricted to call-argument position (not the callee position) so we don't
263
+ * match the param being treated as a function.
264
+ */
265
+ function isForwardedToCall(node, paramName, _sourceFile) {
266
+ if (!ts.isCallExpression(node) && !ts.isNewExpression(node))
267
+ return false;
268
+ const args = node.arguments;
269
+ /* v8 ignore next -- defensive AST/type guard */
270
+ if (!args)
271
+ return false;
272
+ for (const arg of args) {
273
+ if (ts.isIdentifier(arg) && arg.text === paramName) {
274
+ return true;
275
+ }
276
+ // `Array.from(param)`, `[...param]`, etc. handled by isSpreadOfParam.
277
+ // Type-cast forwards: `someFn(param as Foo)` or `someFn(param satisfies Foo)`.
278
+ if (ts.isAsExpression(arg) || ts.isSatisfiesExpression(arg)) {
279
+ const inner = arg.expression;
280
+ if (ts.isIdentifier(inner) && inner.text === paramName) {
281
+ return true;
282
+ }
283
+ }
284
+ }
285
+ return false;
286
+ }
287
+ /**
288
+ * Check if node is a property-shorthand reference to the parameter inside
289
+ * an object literal (`return { param }`).
290
+ *
291
+ * The param value is being copied by reference into a result object — no
292
+ * iteration, no boundary crossing, the consumer of the returned object is
293
+ * the meaningful validation site (same logic as `isForwardedToCall`).
294
+ */
295
+ function isShorthandPropertyReference(node, paramName) {
296
+ if (!ts.isShorthandPropertyAssignment(node))
297
+ return false;
298
+ return node.name.text === paramName;
299
+ }
300
+ /**
301
+ * Check if node is an optional chaining or nullish coalescing on the parameter
302
+ */
303
+ function isOptionalHandling(node, paramName, sourceFile) {
304
+ const nodeText = node.getText(sourceFile);
305
+ // Optional chaining: param?.length, param?.map
306
+ if (nodeText.includes(`${paramName}?.`)) {
307
+ return true;
308
+ }
309
+ /* v8 ignore next -- defensive nullish fallback */
310
+ // Nullish coalescing: param ?? []
311
+ if (ts.isBinaryExpression(node) &&
312
+ node.operatorToken.kind === ts.SyntaxKind.QuestionQuestionToken) {
313
+ const leftText = node.left.getText(sourceFile);
314
+ if (leftText === paramName) {
315
+ return true;
316
+ }
317
+ }
318
+ return false;
319
+ }
320
+ /**
321
+ * Check if function body contains array validation for the parameter
322
+ * @param node - The function declaration, method, or arrow function node
323
+ * @param param - The parameter declaration to check for validation
324
+ * @param sourceFile - The TypeScript source file for text extraction
325
+ * @returns True if the function body contains validation for the array parameter
326
+ */
327
+ function checkForArrayValidation(node, param, sourceFile) {
328
+ /* v8 ignore next -- defensive guard */
329
+ if (!node.body)
330
+ return false;
331
+ const paramName = ts.isIdentifier(param.name) ? param.name.text : null;
332
+ /* v8 ignore next -- defensive AST/type guard */
333
+ if (!paramName)
334
+ return true; // Destructured params are harder to track, assume validated
335
+ // Underscore-prefixed params are an established TS convention for
336
+ // "intentionally unused" — the body does not consume them, so demanding
337
+ // validation is meaningless.
338
+ if (paramName.startsWith('_'))
339
+ return true;
340
+ let hasValidation = false;
341
+ const visit = (n) => {
342
+ if (isLengthAccess(n, paramName, sourceFile)) {
343
+ hasValidation = true;
344
+ }
345
+ if (isArrayIsArrayCall(n, paramName, sourceFile)) {
346
+ hasValidation = true;
347
+ }
348
+ if (isZodValidationCall(n, sourceFile)) {
349
+ hasValidation = true;
350
+ }
351
+ if (isValidationFunctionCall(n)) {
352
+ hasValidation = true;
353
+ }
354
+ // Iteration patterns imply graceful handling of arrays
355
+ if (isIterationOverParam(n, paramName, sourceFile)) {
356
+ hasValidation = true;
357
+ }
358
+ // Optional chaining/nullish coalescing implies null safety
359
+ if (isOptionalHandling(n, paramName, sourceFile)) {
360
+ hasValidation = true;
361
+ }
362
+ // Out-array sinks (param.push(...)) — param is a producer target, not a
363
+ // consumer input. Validation belongs at the consumer.
364
+ if (isOutSinkUsage(n, paramName, sourceFile)) {
365
+ hasValidation = true;
366
+ }
367
+ // Indexed access (param[i]) — defensive, bounded by author intent.
368
+ if (isIndexedAccess(n, paramName, sourceFile)) {
369
+ hasValidation = true;
370
+ }
371
+ // Spread (...param) — iterates the array, equivalent to for...of.
372
+ if (isSpreadOfParam(n, paramName, sourceFile)) {
373
+ hasValidation = true;
374
+ }
375
+ // Forwarded to another call — destination owns validation.
376
+ if (isForwardedToCall(n, paramName, sourceFile)) {
377
+ hasValidation = true;
378
+ }
379
+ // Property-shorthand reference ({ param }) — pass-through into a result
380
+ // object; consumer of the result owns validation.
381
+ if (isShorthandPropertyReference(n, paramName)) {
382
+ hasValidation = true;
383
+ }
384
+ if (!hasValidation) {
385
+ ts.forEachChild(n, visit);
386
+ }
387
+ };
388
+ visit(node.body);
389
+ return hasValidation;
390
+ }
391
+ /**
392
+ * Check function parameters for unvalidated arrays
393
+ * Note: Ignore directives are handled at the framework level in defineCheck()
394
+ * @param {CheckFunctionArrayParamsOptions} options - The check options
395
+ * @returns Array of violations
396
+ */
397
+ function checkFunctionArrayParams(options) {
398
+ const { node, sourceFile, absolutePath } = options;
399
+ const violations = [];
400
+ // Skip files in relaxed validation paths
401
+ if (isRelaxedValidationPath(absolutePath)) {
402
+ return violations;
403
+ }
404
+ // Skip abstract methods (can't have validation in body)
405
+ if (ts.isMethodDeclaration(node) &&
406
+ node.modifiers?.some((m) => m.kind === ts.SyntaxKind.AbstractKeyword)) {
407
+ return violations;
408
+ }
409
+ // Filter to array parameters without validation
410
+ const unvalidatedArrayParams = node.parameters.filter((param) => {
411
+ if (!param.type)
412
+ return false;
413
+ // Primary gate: use AST to determine if the parameter's type is a top-level
414
+ // array type. Object/interface/intersection types whose *properties* are
415
+ // arrays will correctly return false here, eliminating the largest category
416
+ // of false positives.
417
+ if (!isTopLevelArrayType(param.type))
418
+ return false;
419
+ const typeText = param.type.getText(sourceFile);
420
+ // Secondary gate: skip complex/nested types where validation detection is
421
+ // unreliable (Map values, Record values, function types, Promises, etc.)
422
+ /* v8 ignore next -- defensive AST/type guard */
423
+ if (isComplexNestedType(typeText))
424
+ return false;
425
+ return !checkForArrayValidation(node, param, sourceFile);
426
+ });
427
+ for (const param of unvalidatedArrayParams) {
428
+ const paramName = ts.isIdentifier(param.name) ? param.name.text : '<destructured>';
429
+ const { line: lineIdx, character } = sourceFile.getLineAndCharacterOfPosition(param.getStart());
430
+ const line = lineIdx + 1;
431
+ const paramText = param.getText(sourceFile);
432
+ violations.push({
433
+ line,
434
+ column: character + 1,
435
+ message: `Array parameter '${paramName}' lacks validation`,
436
+ severity: 'warning',
437
+ suggestion: `Add validation for '${paramName}' array: check Array.isArray(), validate .length bounds, and/or use Zod schema for content validation`,
438
+ type: 'missing-array-validation',
439
+ match: paramText,
440
+ });
441
+ }
442
+ return violations;
443
+ }
444
+ /**
445
+ * Analyze a file for array validation issues
446
+ * @param content - The file content as a string
447
+ * @param absolutePath - The absolute path to the file being analyzed
448
+ * @returns Array of violations found in the file
449
+ */
450
+ function analyzeFile(content, absolutePath) {
451
+ const violations = [];
452
+ // Quick filter: skip files without array-related patterns
453
+ if (!QUICK_FILTER_KEYWORDS.some((kw) => content.includes(kw))) {
454
+ return violations;
455
+ }
456
+ // Note: Ignore directives are handled at the framework level in defineCheck()
457
+ const sourceFile = getSharedSourceFile(absolutePath, content);
458
+ /* v8 ignore next -- defensive guard */
459
+ if (!sourceFile)
460
+ return [];
461
+ const visit = (node) => {
462
+ // Check function parameters with array types
463
+ if (ts.isFunctionDeclaration(node) ||
464
+ ts.isMethodDeclaration(node) ||
465
+ ts.isArrowFunction(node)) {
466
+ violations.push(...checkFunctionArrayParams({ node, sourceFile, absolutePath }));
467
+ }
468
+ ts.forEachChild(node, visit);
469
+ };
470
+ visit(sourceFile);
471
+ return violations;
472
+ }
473
+ /**
474
+ * Check: quality/array-validation
475
+ *
476
+ * Detects array parameters without proper validation to prevent
477
+ * runtime errors from unvalidated array inputs.
478
+ *
479
+ */
480
+ export const arrayValidation = defineCheck({
481
+ id: 'a9e0e70c-a4af-42e6-bbd7-4c87a72cb7d4',
482
+ slug: 'array-validation',
483
+ scope: { languages: ['typescript'], concerns: ['backend', 'server'] },
484
+ contentFilter: 'strip-strings',
485
+ confidence: 'high',
486
+ description: 'Detect array parameters without proper validation',
487
+ longDescription: `**Purpose:** Ensures function parameters with array types are validated before use, preventing runtime errors from malformed or unexpected array inputs.
488
+
489
+ **Detects:**
490
+ - Function/method/arrow-function parameters whose top-level type is an array (\`string[]\`, \`Array<T>\`) and whose body lacks validation
491
+ - Missing \`Array.isArray()\` checks, \`.length\` bounds checks, Zod \`.parse()\`/\`.safeParse()\` calls, or calls to functions named \`validate\`/\`check\`
492
+ - Uses TypeScript AST node kinds (not text matching) to distinguish true array parameters from object/interface/intersection types that merely contain array-typed properties
493
+ - Skips parameters with complex nested types (\`Record<\`, \`Map<\`, \`Promise<\`, function types)
494
+ - Excludes files under \`/internal/\`, \`/utils/\`, \`/helpers/\`, \`/cli/\`, \`/scripts/\`
495
+
496
+ **Why it matters:** Unvalidated arrays can cause silent data corruption, out-of-bounds errors, or type mismatches at runtime that TypeScript's type system alone cannot prevent.
497
+
498
+ **Scope:** General best practice. Analyzes each file individually.`,
499
+ tags: ['quality', 'validation', 'type-safety', 'arrays'],
500
+ fileTypes: ['ts'],
501
+ analyze(content, filePath) {
502
+ // Skip test files — array parameter validation in tests is low-risk due to controlled inputs
503
+ if (isTestFile(filePath))
504
+ return [];
505
+ return analyzeFile(content, filePath);
506
+ },
507
+ });
508
+ //# sourceMappingURL=array-validation.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"array-validation.js","sourceRoot":"","sources":["../../../../src/checks/quality/data-integrity/array-validation.ts"],"names":[],"mappings":"AAAA,yHAAyH;AACzH;;;;;;GAMG;AAEH,OAAO,EAAE,WAAW,EAAE,UAAU,EAAuB,MAAM,sBAAsB,CAAC;AACpF,OAAO,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AACnE,OAAO,KAAK,EAAE,MAAM,YAAY,CAAC;AAEjC;;GAEG;AACH,MAAM,qBAAqB,GAAG;IAC5B,IAAI;IACJ,OAAO;IACP,OAAO;IACP,SAAS;IACT,OAAO;IACP,MAAM;IACN,OAAO;IACP,UAAU;CACX,CAAC;AAEF;;GAEG;AACH,MAAM,wBAAwB,GAAG;IAC/B,cAAc;IACd,WAAW;IACX,aAAa;IACb,SAAS;IACT,aAAa;CACd,CAAC;AAEF;;GAEG;AACH,MAAM,qBAAqB,GAAG;IAC5B,SAAS;IACT,MAAM;IACN,KAAK,EAAE,gBAAgB;IACvB,KAAK,EAAE,4BAA4B;IACnC,UAAU,EAAE,iBAAiB;IAC7B,aAAa;CACd,CAAC;AAEF;;;;;;;GAOG;AACH,SAAS,mBAAmB,CAAC,QAAqB;IAChD,yCAAyC;IACzC,IAAI,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,iEAAiE;IACjE,IAAI,EAAE,CAAC,mBAAmB,CAAC,QAAQ,CAAC,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC;QACnC,IAAI,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC3B,IAAI,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,eAAe,EAAE,CAAC;gBACjD,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,IAAI,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjC,OAAO,QAAQ,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1F,CAAC;IAED,0CAA0C;IAC1C,IAAI,EAAE,CAAC,uBAAuB,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzC,OAAO,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC5C,CAAC;IAED,uFAAuF;IACvF,mFAAmF;IACnF,0CAA0C;IAC1C,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAAC,QAAgB;IAC/C,OAAO,wBAAwB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,QAAgB;IAC3C,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;AAC7E,CAAC;AAED;;;;;;GAMG;AACH,SAAS,cAAc,CAAC,IAAa,EAAE,SAAiB,EAAE,UAAyB;IACjF,IAAI,CAAC,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IACvD,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC/C,OAAO,OAAO,KAAK,SAAS,IAAI,QAAQ,KAAK,QAAQ,CAAC;AACxD,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,IAAa,EAAE,SAAiB,EAAE,UAAyB;IACrF,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACrD,IAAI,QAAQ,KAAK,eAAe;QAAE,OAAO,KAAK,CAAC;IAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IACnD,OAAO,GAAG,KAAK,SAAS,CAAC;AAC3B,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,IAAa,EAAE,UAAyB;IACnE,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7C,IAAI,CAAC,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC,UAAU,CAAC;QAAE,OAAO,KAAK,CAAC;IAClE,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC5D,OAAO,UAAU,KAAK,OAAO,IAAI,UAAU,KAAK,WAAW,CAAC;AAC9D,CAAC;AAED;;;;GAIG;AACH,SAAS,wBAAwB,CAAC,IAAa;IAC7C,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7C,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC;QAAE,OAAO,KAAK,CAAC;IACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;IACpD,OAAO,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACrE,CAAC;AAED;;;;;;GAMG;AACH,SAAS,oBAAoB,CAC3B,IAAa,EACb,SAAiB,EACjB,UAAyB;IAEzB,qBAAqB;IACrB,IAAI,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QACzD,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,CAAC,UAAU,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC;YAC3E,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,oEAAoE;IACpE,uEAAuE;IACvE,IAAI,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QAChF,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC/D,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC5D,MAAM,gBAAgB,GAAG;YACvB,SAAS;YACT,KAAK;YACL,QAAQ;YACR,MAAM;YACN,OAAO;YACP,MAAM;YACN,WAAW;YACX,UAAU;YACV,eAAe;YACf,QAAQ;YACR,aAAa;YACb,SAAS;YACT,MAAM;YACN,OAAO;YACP,UAAU;YACV,SAAS;YACT,aAAa;YACb,MAAM;YACN,QAAQ;YACR,SAAS;YACT,QAAQ;YACR,MAAM;YACN,IAAI;YACJ,UAAU;YACV,YAAY;YACZ,WAAW;YACX,MAAM;SACP,CAAC;QACF,IAAI,OAAO,KAAK,SAAS,IAAI,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACnE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;GAMG;AACH,SAAS,cAAc,CAAC,IAAa,EAAE,SAAiB,EAAE,UAAyB;IACjF,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7C,IAAI,CAAC,EAAE,CAAC,0BAA0B,CAAC,IAAI,CAAC,UAAU,CAAC;QAAE,OAAO,KAAK,CAAC;IAClE,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC/D,IAAI,OAAO,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IACxC,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC5D,8DAA8D;IAC9D,OAAO,UAAU,KAAK,MAAM,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,KAAK,QAAQ,CAAC;AACtF,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,eAAe,CAAC,IAAa,EAAE,SAAiB,EAAE,UAAyB;IAClF,IAAI,CAAC,EAAE,CAAC,yBAAyB,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IACtD,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,SAAS,CAAC;AAC3D,CAAC;AAED;;;;;GAKG;AACH,SAAS,eAAe,CAAC,IAAa,EAAE,SAAiB,EAAE,UAAyB;IAClF,IAAI,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5D,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,SAAS,CAAC;IAC3D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAS,iBAAiB,CAAC,IAAa,EAAE,SAAiB,EAAE,WAA0B;IACrF,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1E,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;IAC5B,gDAAgD;IAChD,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IACxB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YACnD,OAAO,IAAI,CAAC;QACd,CAAC;QACD,sEAAsE;QACtE,+EAA+E;QAC/E,IAAI,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5D,MAAM,KAAK,GAAG,GAAG,CAAC,UAAU,CAAC;YAC7B,IAAI,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBACvD,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,4BAA4B,CAAC,IAAa,EAAE,SAAiB;IACpE,IAAI,CAAC,EAAE,CAAC,6BAA6B,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1D,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,IAAa,EAAE,SAAiB,EAAE,UAAyB;IACrF,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC1C,+CAA+C;IAC/C,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,SAAS,IAAI,CAAC,EAAE,CAAC;QACxC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,kDAAkD;IAClD,kCAAkC;IAClC,IACE,EAAE,CAAC,kBAAkB,CAAC,IAAI,CAAC;QAC3B,IAAI,CAAC,aAAa,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,qBAAqB,EAC/D,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC/C,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;GAMG;AACH,SAAS,uBAAuB,CAC9B,IAAsE,EACtE,KAA8B,EAC9B,UAAyB;IAEzB,uCAAuC;IACvC,IAAI,CAAC,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IAE7B,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IACvE,gDAAgD;IAChD,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC,CAAC,4DAA4D;IAEzF,kEAAkE;IAClE,wEAAwE;IACxE,6BAA6B;IAC7B,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3C,IAAI,aAAa,GAAG,KAAK,CAAC;IAE1B,MAAM,KAAK,GAAG,CAAC,CAAU,EAAE,EAAE;QAC3B,IAAI,cAAc,CAAC,CAAC,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,CAAC;YAC7C,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,IAAI,kBAAkB,CAAC,CAAC,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,CAAC;YACjD,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,IAAI,mBAAmB,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,CAAC;YACvC,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,IAAI,wBAAwB,CAAC,CAAC,CAAC,EAAE,CAAC;YAChC,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,uDAAuD;QACvD,IAAI,oBAAoB,CAAC,CAAC,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,CAAC;YACnD,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,2DAA2D;QAC3D,IAAI,kBAAkB,CAAC,CAAC,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,CAAC;YACjD,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,wEAAwE;QACxE,sDAAsD;QACtD,IAAI,cAAc,CAAC,CAAC,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,CAAC;YAC7C,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,mEAAmE;QACnE,IAAI,eAAe,CAAC,CAAC,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,CAAC;YAC9C,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,kEAAkE;QAClE,IAAI,eAAe,CAAC,CAAC,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,CAAC;YAC9C,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,2DAA2D;QAC3D,IAAI,iBAAiB,CAAC,CAAC,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,CAAC;YAChD,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QACD,wEAAwE;QACxE,kDAAkD;QAClD,IAAI,4BAA4B,CAAC,CAAC,EAAE,SAAS,CAAC,EAAE,CAAC;YAC/C,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;QAED,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC,CAAC;IAEF,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjB,OAAO,aAAa,CAAC;AACvB,CAAC;AAWD;;;;;GAKG;AACH,SAAS,wBAAwB,CAAC,OAAwC;IACxE,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC;IACnD,MAAM,UAAU,GAAqB,EAAE,CAAC;IAExC,yCAAyC;IACzC,IAAI,uBAAuB,CAAC,YAAY,CAAC,EAAE,CAAC;QAC1C,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,wDAAwD;IACxD,IACE,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC;QAC5B,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EACrE,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,gDAAgD;IAChD,MAAM,sBAAsB,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QAC9D,IAAI,CAAC,KAAK,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAE9B,4EAA4E;QAC5E,0EAA0E;QAC1E,4EAA4E;QAC5E,sBAAsB;QACtB,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC;QAEnD,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAEhD,0EAA0E;QAC1E,yEAAyE;QACzE,gDAAgD;QAChD,IAAI,mBAAmB,CAAC,QAAQ,CAAC;YAAE,OAAO,KAAK,CAAC;QAEhD,OAAO,CAAC,uBAAuB,CAAC,IAAI,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,KAAK,MAAM,KAAK,IAAI,sBAAsB,EAAE,CAAC;QAC3C,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,gBAAgB,CAAC;QACnF,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,UAAU,CAAC,6BAA6B,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAChG,MAAM,IAAI,GAAG,OAAO,GAAG,CAAC,CAAC;QAEzB,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAE5C,UAAU,CAAC,IAAI,CAAC;YACd,IAAI;YACJ,MAAM,EAAE,SAAS,GAAG,CAAC;YACrB,OAAO,EAAE,oBAAoB,SAAS,oBAAoB;YAC1D,QAAQ,EAAE,SAAS;YACnB,UAAU,EAAE,uBAAuB,SAAS,uGAAuG;YACnJ,IAAI,EAAE,0BAA0B;YAChC,KAAK,EAAE,SAAS;SACjB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;;;GAKG;AACH,SAAS,WAAW,CAAC,OAAe,EAAE,YAAoB;IACxD,MAAM,UAAU,GAAqB,EAAE,CAAC;IAExC,0DAA0D;IAC1D,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;QAC9D,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,8EAA8E;IAE9E,MAAM,UAAU,GAAG,mBAAmB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAC9D,uCAAuC;IACvC,IAAI,CAAC,UAAU;QAAE,OAAO,EAAE,CAAC;IAE3B,MAAM,KAAK,GAAG,CAAC,IAAa,EAAE,EAAE;QAC9B,6CAA6C;QAC7C,IACE,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC;YAC9B,EAAE,CAAC,mBAAmB,CAAC,IAAI,CAAC;YAC5B,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,EACxB,CAAC;YACD,UAAU,CAAC,IAAI,CAAC,GAAG,wBAAwB,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC;QACnF,CAAC;QACD,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC,CAAC;IAEF,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,WAAW,CAAC;IACzC,EAAE,EAAE,sCAAsC;IAC1C,IAAI,EAAE,kBAAkB;IACxB,KAAK,EAAE,EAAE,SAAS,EAAE,CAAC,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;IACrE,aAAa,EAAE,eAAe;IAE9B,UAAU,EAAE,MAAM;IAClB,WAAW,EAAE,mDAAmD;IAChE,eAAe,EAAE;;;;;;;;;;;mEAWgD;IACjE,IAAI,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,QAAQ,CAAC;IACxD,SAAS,EAAE,CAAC,IAAI,CAAC;IAEjB,OAAO,CAAC,OAAe,EAAE,QAAgB;QACvC,6FAA6F;QAC7F,IAAI,UAAU,CAAC,QAAQ,CAAC;YAAE,OAAO,EAAE,CAAC;QACpC,OAAO,WAAW,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACxC,CAAC;CACF,CAAC,CAAC"}
@@ -0,0 +1,14 @@
1
+ /**
2
+ * @fileoverview Database Index Coverage check
3
+ *
4
+ * Validates that database queries have appropriate indexes.
5
+ * Detects queries that may cause full table scans.
6
+ */
7
+ /**
8
+ * Check: quality/database-index-coverage
9
+ *
10
+ * Validates that database queries reference indexed columns
11
+ * to prevent performance issues from full table scans.
12
+ */
13
+ export declare const databaseIndexCoverage: import("@opensip-cli/fitness").Check;
14
+ //# sourceMappingURL=database-index-coverage.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"database-index-coverage.d.ts","sourceRoot":"","sources":["../../../../src/checks/quality/data-integrity/database-index-coverage.ts"],"names":[],"mappings":"AACA;;;;;GAKG;AAiRH;;;;;GAKG;AACH,eAAO,MAAM,qBAAqB,sCAsBhC,CAAC"}