@opensip-cli/checks-universal 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +202 -0
- package/NOTICE +8 -0
- package/README.md +31 -0
- package/dist/__tests__/all-checks-execute.test.d.ts +17 -0
- package/dist/__tests__/all-checks-execute.test.d.ts.map +1 -0
- package/dist/__tests__/all-checks-execute.test.js +452 -0
- package/dist/__tests__/all-checks-execute.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-10.test.d.ts +8 -0
- package/dist/__tests__/behavior-fixtures-10.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-10.test.js +200 -0
- package/dist/__tests__/behavior-fixtures-10.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-11.test.d.ts +8 -0
- package/dist/__tests__/behavior-fixtures-11.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-11.test.js +120 -0
- package/dist/__tests__/behavior-fixtures-11.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-12.test.d.ts +8 -0
- package/dist/__tests__/behavior-fixtures-12.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-12.test.js +157 -0
- package/dist/__tests__/behavior-fixtures-12.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-2.test.d.ts +8 -0
- package/dist/__tests__/behavior-fixtures-2.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-2.test.js +785 -0
- package/dist/__tests__/behavior-fixtures-2.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-3.test.d.ts +6 -0
- package/dist/__tests__/behavior-fixtures-3.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-3.test.js +663 -0
- package/dist/__tests__/behavior-fixtures-3.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-4.test.d.ts +5 -0
- package/dist/__tests__/behavior-fixtures-4.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-4.test.js +612 -0
- package/dist/__tests__/behavior-fixtures-4.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-5.test.d.ts +5 -0
- package/dist/__tests__/behavior-fixtures-5.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-5.test.js +469 -0
- package/dist/__tests__/behavior-fixtures-5.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-6.test.d.ts +8 -0
- package/dist/__tests__/behavior-fixtures-6.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-6.test.js +591 -0
- package/dist/__tests__/behavior-fixtures-6.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-7.test.d.ts +5 -0
- package/dist/__tests__/behavior-fixtures-7.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-7.test.js +662 -0
- package/dist/__tests__/behavior-fixtures-7.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-8.test.d.ts +11 -0
- package/dist/__tests__/behavior-fixtures-8.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-8.test.js +634 -0
- package/dist/__tests__/behavior-fixtures-8.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures-9.test.d.ts +11 -0
- package/dist/__tests__/behavior-fixtures-9.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures-9.test.js +271 -0
- package/dist/__tests__/behavior-fixtures-9.test.js.map +1 -0
- package/dist/__tests__/behavior-fixtures.test.d.ts +14 -0
- package/dist/__tests__/behavior-fixtures.test.d.ts.map +1 -0
- package/dist/__tests__/behavior-fixtures.test.js +1423 -0
- package/dist/__tests__/behavior-fixtures.test.js.map +1 -0
- package/dist/__tests__/checks.test.d.ts +2 -0
- package/dist/__tests__/checks.test.d.ts.map +1 -0
- package/dist/__tests__/checks.test.js +61 -0
- package/dist/__tests__/checks.test.js.map +1 -0
- package/dist/__tests__/env-var-validation.test.d.ts +14 -0
- package/dist/__tests__/env-var-validation.test.d.ts.map +1 -0
- package/dist/__tests__/env-var-validation.test.js +53 -0
- package/dist/__tests__/env-var-validation.test.js.map +1 -0
- package/dist/__tests__/file-length-limit.test.d.ts +2 -0
- package/dist/__tests__/file-length-limit.test.d.ts.map +1 -0
- package/dist/__tests__/file-length-limit.test.js +29 -0
- package/dist/__tests__/file-length-limit.test.js.map +1 -0
- package/dist/__tests__/fixture-coverage.allowlist.d.ts +18 -0
- package/dist/__tests__/fixture-coverage.allowlist.d.ts.map +1 -0
- package/dist/__tests__/fixture-coverage.allowlist.js +35 -0
- package/dist/__tests__/fixture-coverage.allowlist.js.map +1 -0
- package/dist/__tests__/fixture-coverage.test.d.ts +13 -0
- package/dist/__tests__/fixture-coverage.test.d.ts.map +1 -0
- package/dist/__tests__/fixture-coverage.test.js +57 -0
- package/dist/__tests__/fixture-coverage.test.js.map +1 -0
- package/dist/__tests__/iic.test.d.ts +15 -0
- package/dist/__tests__/iic.test.d.ts.map +1 -0
- package/dist/__tests__/iic.test.js +316 -0
- package/dist/__tests__/iic.test.js.map +1 -0
- package/dist/__tests__/no-skipped-tests.test.d.ts +14 -0
- package/dist/__tests__/no-skipped-tests.test.d.ts.map +1 -0
- package/dist/__tests__/no-skipped-tests.test.js +144 -0
- package/dist/__tests__/no-skipped-tests.test.js.map +1 -0
- package/dist/__tests__/no-todo-comments.test.d.ts +2 -0
- package/dist/__tests__/no-todo-comments.test.d.ts.map +1 -0
- package/dist/__tests__/no-todo-comments.test.js +31 -0
- package/dist/__tests__/no-todo-comments.test.js.map +1 -0
- package/dist/__tests__/no-unimplemented-markers.test.d.ts +2 -0
- package/dist/__tests__/no-unimplemented-markers.test.d.ts.map +1 -0
- package/dist/__tests__/no-unimplemented-markers.test.js +140 -0
- package/dist/__tests__/no-unimplemented-markers.test.js.map +1 -0
- package/dist/__tests__/public-api-jsdoc-scope.test.d.ts +10 -0
- package/dist/__tests__/public-api-jsdoc-scope.test.d.ts.map +1 -0
- package/dist/__tests__/public-api-jsdoc-scope.test.js +176 -0
- package/dist/__tests__/public-api-jsdoc-scope.test.js.map +1 -0
- package/dist/__tests__/resilience-fp.test.d.ts +14 -0
- package/dist/__tests__/resilience-fp.test.d.ts.map +1 -0
- package/dist/__tests__/resilience-fp.test.js +110 -0
- package/dist/__tests__/resilience-fp.test.js.map +1 -0
- package/dist/checks/architecture/__tests__/no-kebab-option-indexing.test.d.ts +2 -0
- package/dist/checks/architecture/__tests__/no-kebab-option-indexing.test.d.ts.map +1 -0
- package/dist/checks/architecture/__tests__/no-kebab-option-indexing.test.js +32 -0
- package/dist/checks/architecture/__tests__/no-kebab-option-indexing.test.js.map +1 -0
- package/dist/checks/architecture/__tests__/tool-has-manifest.test.d.ts +2 -0
- package/dist/checks/architecture/__tests__/tool-has-manifest.test.d.ts.map +1 -0
- package/dist/checks/architecture/__tests__/tool-has-manifest.test.js +152 -0
- package/dist/checks/architecture/__tests__/tool-has-manifest.test.js.map +1 -0
- package/dist/checks/architecture/__tests__/vitest-config-required-with-tests.test.d.ts +2 -0
- package/dist/checks/architecture/__tests__/vitest-config-required-with-tests.test.d.ts.map +1 -0
- package/dist/checks/architecture/__tests__/vitest-config-required-with-tests.test.js +129 -0
- package/dist/checks/architecture/__tests__/vitest-config-required-with-tests.test.js.map +1 -0
- package/dist/checks/architecture/_yaml-doc-bindings.d.ts +23 -0
- package/dist/checks/architecture/_yaml-doc-bindings.d.ts.map +1 -0
- package/dist/checks/architecture/_yaml-doc-bindings.js +29 -0
- package/dist/checks/architecture/_yaml-doc-bindings.js.map +1 -0
- package/dist/checks/architecture/dependencies/index.d.ts +2 -0
- package/dist/checks/architecture/dependencies/index.d.ts.map +1 -0
- package/dist/checks/architecture/dependencies/index.js +2 -0
- package/dist/checks/architecture/dependencies/index.js.map +1 -0
- package/dist/checks/architecture/dependencies/no-duplicate-packages.d.ts +11 -0
- package/dist/checks/architecture/dependencies/no-duplicate-packages.d.ts.map +1 -0
- package/dist/checks/architecture/dependencies/no-duplicate-packages.js +171 -0
- package/dist/checks/architecture/dependencies/no-duplicate-packages.js.map +1 -0
- package/dist/checks/architecture/docker-best-practices.d.ts +23 -0
- package/dist/checks/architecture/docker-best-practices.d.ts.map +1 -0
- package/dist/checks/architecture/docker-best-practices.js +427 -0
- package/dist/checks/architecture/docker-best-practices.js.map +1 -0
- package/dist/checks/architecture/docker-ignore-validation.d.ts +18 -0
- package/dist/checks/architecture/docker-ignore-validation.d.ts.map +1 -0
- package/dist/checks/architecture/docker-ignore-validation.js +117 -0
- package/dist/checks/architecture/docker-ignore-validation.js.map +1 -0
- package/dist/checks/architecture/docker-version-sync.d.ts +16 -0
- package/dist/checks/architecture/docker-version-sync.d.ts.map +1 -0
- package/dist/checks/architecture/docker-version-sync.js +193 -0
- package/dist/checks/architecture/docker-version-sync.js.map +1 -0
- package/dist/checks/architecture/env-var-validation.d.ts +14 -0
- package/dist/checks/architecture/env-var-validation.d.ts.map +1 -0
- package/dist/checks/architecture/env-var-validation.js +289 -0
- package/dist/checks/architecture/env-var-validation.js.map +1 -0
- package/dist/checks/architecture/heavy-import-detection.d.ts +11 -0
- package/dist/checks/architecture/heavy-import-detection.d.ts.map +1 -0
- package/dist/checks/architecture/heavy-import-detection.js +91 -0
- package/dist/checks/architecture/heavy-import-detection.js.map +1 -0
- package/dist/checks/architecture/index.d.ts +16 -0
- package/dist/checks/architecture/index.d.ts.map +1 -0
- package/dist/checks/architecture/index.js +16 -0
- package/dist/checks/architecture/index.js.map +1 -0
- package/dist/checks/architecture/modules/empty-package-detection.d.ts +11 -0
- package/dist/checks/architecture/modules/empty-package-detection.d.ts.map +1 -0
- package/dist/checks/architecture/modules/empty-package-detection.js +277 -0
- package/dist/checks/architecture/modules/empty-package-detection.js.map +1 -0
- package/dist/checks/architecture/modules/index.d.ts +3 -0
- package/dist/checks/architecture/modules/index.d.ts.map +1 -0
- package/dist/checks/architecture/modules/index.js +3 -0
- package/dist/checks/architecture/modules/index.js.map +1 -0
- package/dist/checks/architecture/modules/interface-implementation-consistency.d.ts +12 -0
- package/dist/checks/architecture/modules/interface-implementation-consistency.d.ts.map +1 -0
- package/dist/checks/architecture/modules/interface-implementation-consistency.js +555 -0
- package/dist/checks/architecture/modules/interface-implementation-consistency.js.map +1 -0
- package/dist/checks/architecture/no-custom-event-emitter.d.ts +11 -0
- package/dist/checks/architecture/no-custom-event-emitter.d.ts.map +1 -0
- package/dist/checks/architecture/no-custom-event-emitter.js +123 -0
- package/dist/checks/architecture/no-custom-event-emitter.js.map +1 -0
- package/dist/checks/architecture/no-kebab-option-indexing.d.ts +33 -0
- package/dist/checks/architecture/no-kebab-option-indexing.d.ts.map +1 -0
- package/dist/checks/architecture/no-kebab-option-indexing.js +81 -0
- package/dist/checks/architecture/no-kebab-option-indexing.js.map +1 -0
- package/dist/checks/architecture/node-version-consistency.d.ts +22 -0
- package/dist/checks/architecture/node-version-consistency.d.ts.map +1 -0
- package/dist/checks/architecture/node-version-consistency.js +225 -0
- package/dist/checks/architecture/node-version-consistency.js.map +1 -0
- package/dist/checks/architecture/project-readme-existence.d.ts +13 -0
- package/dist/checks/architecture/project-readme-existence.d.ts.map +1 -0
- package/dist/checks/architecture/project-readme-existence.js +55 -0
- package/dist/checks/architecture/project-readme-existence.js.map +1 -0
- package/dist/checks/architecture/stale-build-artifacts.d.ts +10 -0
- package/dist/checks/architecture/stale-build-artifacts.d.ts.map +1 -0
- package/dist/checks/architecture/stale-build-artifacts.js +55 -0
- package/dist/checks/architecture/stale-build-artifacts.js.map +1 -0
- package/dist/checks/architecture/tool-has-manifest.d.ts +27 -0
- package/dist/checks/architecture/tool-has-manifest.d.ts.map +1 -0
- package/dist/checks/architecture/tool-has-manifest.js +135 -0
- package/dist/checks/architecture/tool-has-manifest.js.map +1 -0
- package/dist/checks/architecture/vitest-config-extends-base.d.ts +15 -0
- package/dist/checks/architecture/vitest-config-extends-base.d.ts.map +1 -0
- package/dist/checks/architecture/vitest-config-extends-base.js +104 -0
- package/dist/checks/architecture/vitest-config-extends-base.js.map +1 -0
- package/dist/checks/architecture/vitest-config-required-with-tests.d.ts +49 -0
- package/dist/checks/architecture/vitest-config-required-with-tests.d.ts.map +1 -0
- package/dist/checks/architecture/vitest-config-required-with-tests.js +199 -0
- package/dist/checks/architecture/vitest-config-required-with-tests.js.map +1 -0
- package/dist/checks/documentation/_directives/eslint.d.ts +9 -0
- package/dist/checks/documentation/_directives/eslint.d.ts.map +1 -0
- package/dist/checks/documentation/_directives/eslint.js +168 -0
- package/dist/checks/documentation/_directives/eslint.js.map +1 -0
- package/dist/checks/documentation/_directives/fitness.d.ts +9 -0
- package/dist/checks/documentation/_directives/fitness.d.ts.map +1 -0
- package/dist/checks/documentation/_directives/fitness.js +64 -0
- package/dist/checks/documentation/_directives/fitness.js.map +1 -0
- package/dist/checks/documentation/_directives/graph.d.ts +10 -0
- package/dist/checks/documentation/_directives/graph.d.ts.map +1 -0
- package/dist/checks/documentation/_directives/graph.js +65 -0
- package/dist/checks/documentation/_directives/graph.js.map +1 -0
- package/dist/checks/documentation/_directives/graph.test.d.ts +2 -0
- package/dist/checks/documentation/_directives/graph.test.d.ts.map +1 -0
- package/dist/checks/documentation/_directives/graph.test.js +54 -0
- package/dist/checks/documentation/_directives/graph.test.js.map +1 -0
- package/dist/checks/documentation/_directives/semgrep.d.ts +8 -0
- package/dist/checks/documentation/_directives/semgrep.d.ts.map +1 -0
- package/dist/checks/documentation/_directives/semgrep.js +72 -0
- package/dist/checks/documentation/_directives/semgrep.js.map +1 -0
- package/dist/checks/documentation/_directives/types.d.ts +21 -0
- package/dist/checks/documentation/_directives/types.d.ts.map +1 -0
- package/dist/checks/documentation/_directives/types.js +9 -0
- package/dist/checks/documentation/_directives/types.js.map +1 -0
- package/dist/checks/documentation/_directives/typescript.d.ts +10 -0
- package/dist/checks/documentation/_directives/typescript.d.ts.map +1 -0
- package/dist/checks/documentation/_directives/typescript.js +54 -0
- package/dist/checks/documentation/_directives/typescript.js.map +1 -0
- package/dist/checks/documentation/_public-api-graph.d.ts +30 -0
- package/dist/checks/documentation/_public-api-graph.d.ts.map +1 -0
- package/dist/checks/documentation/_public-api-graph.js +304 -0
- package/dist/checks/documentation/_public-api-graph.js.map +1 -0
- package/dist/checks/documentation/directive-audit.d.ts +26 -0
- package/dist/checks/documentation/directive-audit.d.ts.map +1 -0
- package/dist/checks/documentation/directive-audit.js +144 -0
- package/dist/checks/documentation/directive-audit.js.map +1 -0
- package/dist/checks/documentation/index.d.ts +3 -0
- package/dist/checks/documentation/index.d.ts.map +1 -0
- package/dist/checks/documentation/index.js +3 -0
- package/dist/checks/documentation/index.js.map +1 -0
- package/dist/checks/documentation/public-api-jsdoc.d.ts +10 -0
- package/dist/checks/documentation/public-api-jsdoc.d.ts.map +1 -0
- package/dist/checks/documentation/public-api-jsdoc.js +131 -0
- package/dist/checks/documentation/public-api-jsdoc.js.map +1 -0
- package/dist/checks/file-length-limit.d.ts +16 -0
- package/dist/checks/file-length-limit.d.ts.map +1 -0
- package/dist/checks/file-length-limit.js +47 -0
- package/dist/checks/file-length-limit.js.map +1 -0
- package/dist/checks/index.d.ts +16 -0
- package/dist/checks/index.d.ts.map +1 -0
- package/dist/checks/index.js +16 -0
- package/dist/checks/index.js.map +1 -0
- package/dist/checks/no-todo-comments.d.ts +18 -0
- package/dist/checks/no-todo-comments.d.ts.map +1 -0
- package/dist/checks/no-todo-comments.js +79 -0
- package/dist/checks/no-todo-comments.js.map +1 -0
- package/dist/checks/no-unimplemented-markers.d.ts +24 -0
- package/dist/checks/no-unimplemented-markers.d.ts.map +1 -0
- package/dist/checks/no-unimplemented-markers.js +198 -0
- package/dist/checks/no-unimplemented-markers.js.map +1 -0
- package/dist/checks/quality/api/graphql-offset-pagination.d.ts +9 -0
- package/dist/checks/quality/api/graphql-offset-pagination.d.ts.map +1 -0
- package/dist/checks/quality/api/graphql-offset-pagination.js +63 -0
- package/dist/checks/quality/api/graphql-offset-pagination.js.map +1 -0
- package/dist/checks/quality/api/index.d.ts +3 -0
- package/dist/checks/quality/api/index.d.ts.map +1 -0
- package/dist/checks/quality/api/index.js +3 -0
- package/dist/checks/quality/api/index.js.map +1 -0
- package/dist/checks/quality/api/zod-openapi-sync.d.ts +13 -0
- package/dist/checks/quality/api/zod-openapi-sync.d.ts.map +1 -0
- package/dist/checks/quality/api/zod-openapi-sync.js +88 -0
- package/dist/checks/quality/api/zod-openapi-sync.js.map +1 -0
- package/dist/checks/quality/code-structure/dead-code.d.ts +12 -0
- package/dist/checks/quality/code-structure/dead-code.d.ts.map +1 -0
- package/dist/checks/quality/code-structure/dead-code.js +238 -0
- package/dist/checks/quality/code-structure/dead-code.js.map +1 -0
- package/dist/checks/quality/code-structure/index.d.ts +5 -0
- package/dist/checks/quality/code-structure/index.d.ts.map +1 -0
- package/dist/checks/quality/code-structure/index.js +5 -0
- package/dist/checks/quality/code-structure/index.js.map +1 -0
- package/dist/checks/quality/code-structure/no-ai-attribution.d.ts +25 -0
- package/dist/checks/quality/code-structure/no-ai-attribution.d.ts.map +1 -0
- package/dist/checks/quality/code-structure/no-ai-attribution.js +76 -0
- package/dist/checks/quality/code-structure/no-ai-attribution.js.map +1 -0
- package/dist/checks/quality/code-structure/no-console-log.d.ts +17 -0
- package/dist/checks/quality/code-structure/no-console-log.d.ts.map +1 -0
- package/dist/checks/quality/code-structure/no-console-log.js +106 -0
- package/dist/checks/quality/code-structure/no-console-log.js.map +1 -0
- package/dist/checks/quality/code-structure/no-process-artifacts.d.ts +25 -0
- package/dist/checks/quality/code-structure/no-process-artifacts.d.ts.map +1 -0
- package/dist/checks/quality/code-structure/no-process-artifacts.js +104 -0
- package/dist/checks/quality/code-structure/no-process-artifacts.js.map +1 -0
- package/dist/checks/quality/dependency-version-consistency.d.ts +20 -0
- package/dist/checks/quality/dependency-version-consistency.d.ts.map +1 -0
- package/dist/checks/quality/dependency-version-consistency.js +266 -0
- package/dist/checks/quality/dependency-version-consistency.js.map +1 -0
- package/dist/checks/quality/fitness-ignore-hygiene.d.ts +10 -0
- package/dist/checks/quality/fitness-ignore-hygiene.d.ts.map +1 -0
- package/dist/checks/quality/fitness-ignore-hygiene.js +93 -0
- package/dist/checks/quality/fitness-ignore-hygiene.js.map +1 -0
- package/dist/checks/quality/frontend/expo-vector-icons.d.ts +13 -0
- package/dist/checks/quality/frontend/expo-vector-icons.d.ts.map +1 -0
- package/dist/checks/quality/frontend/expo-vector-icons.js +80 -0
- package/dist/checks/quality/frontend/expo-vector-icons.js.map +1 -0
- package/dist/checks/quality/frontend/image-optimization.d.ts +13 -0
- package/dist/checks/quality/frontend/image-optimization.d.ts.map +1 -0
- package/dist/checks/quality/frontend/image-optimization.js +166 -0
- package/dist/checks/quality/frontend/image-optimization.js.map +1 -0
- package/dist/checks/quality/frontend/index.d.ts +4 -0
- package/dist/checks/quality/frontend/index.d.ts.map +1 -0
- package/dist/checks/quality/frontend/index.js +4 -0
- package/dist/checks/quality/frontend/index.js.map +1 -0
- package/dist/checks/quality/frontend/navigation-typing.d.ts +12 -0
- package/dist/checks/quality/frontend/navigation-typing.d.ts.map +1 -0
- package/dist/checks/quality/frontend/navigation-typing.js +77 -0
- package/dist/checks/quality/frontend/navigation-typing.js.map +1 -0
- package/dist/checks/quality/graph-ignore-hygiene.d.ts +10 -0
- package/dist/checks/quality/graph-ignore-hygiene.d.ts.map +1 -0
- package/dist/checks/quality/graph-ignore-hygiene.js +95 -0
- package/dist/checks/quality/graph-ignore-hygiene.js.map +1 -0
- package/dist/checks/quality/graph-ignore-hygiene.test.d.ts +14 -0
- package/dist/checks/quality/graph-ignore-hygiene.test.d.ts.map +1 -0
- package/dist/checks/quality/graph-ignore-hygiene.test.js +58 -0
- package/dist/checks/quality/graph-ignore-hygiene.test.js.map +1 -0
- package/dist/checks/quality/index.d.ts +16 -0
- package/dist/checks/quality/index.d.ts.map +1 -0
- package/dist/checks/quality/index.js +16 -0
- package/dist/checks/quality/index.js.map +1 -0
- package/dist/checks/quality/linting/eslint-justifications.d.ts +12 -0
- package/dist/checks/quality/linting/eslint-justifications.d.ts.map +1 -0
- package/dist/checks/quality/linting/eslint-justifications.js +328 -0
- package/dist/checks/quality/linting/eslint-justifications.js.map +1 -0
- package/dist/checks/quality/linting/index.d.ts +4 -0
- package/dist/checks/quality/linting/index.d.ts.map +1 -0
- package/dist/checks/quality/linting/index.js +4 -0
- package/dist/checks/quality/linting/index.js.map +1 -0
- package/dist/checks/quality/linting/semgrep-justifications.d.ts +16 -0
- package/dist/checks/quality/linting/semgrep-justifications.d.ts.map +1 -0
- package/dist/checks/quality/linting/semgrep-justifications.js +229 -0
- package/dist/checks/quality/linting/semgrep-justifications.js.map +1 -0
- package/dist/checks/quality/linting/typescript-directive-hygiene.d.ts +12 -0
- package/dist/checks/quality/linting/typescript-directive-hygiene.d.ts.map +1 -0
- package/dist/checks/quality/linting/typescript-directive-hygiene.js +142 -0
- package/dist/checks/quality/linting/typescript-directive-hygiene.js.map +1 -0
- package/dist/checks/quality/no-compatibility-layer-names.d.ts +13 -0
- package/dist/checks/quality/no-compatibility-layer-names.d.ts.map +1 -0
- package/dist/checks/quality/no-compatibility-layer-names.js +100 -0
- package/dist/checks/quality/no-compatibility-layer-names.js.map +1 -0
- package/dist/checks/quality/no-deprecated-tags.d.ts +11 -0
- package/dist/checks/quality/no-deprecated-tags.d.ts.map +1 -0
- package/dist/checks/quality/no-deprecated-tags.js +76 -0
- package/dist/checks/quality/no-deprecated-tags.js.map +1 -0
- package/dist/checks/quality/no-markdown-references.d.ts +16 -0
- package/dist/checks/quality/no-markdown-references.d.ts.map +1 -0
- package/dist/checks/quality/no-markdown-references.js +145 -0
- package/dist/checks/quality/no-markdown-references.js.map +1 -0
- package/dist/checks/quality/no-raw-regex-on-code.d.ts +9 -0
- package/dist/checks/quality/no-raw-regex-on-code.d.ts.map +1 -0
- package/dist/checks/quality/no-raw-regex-on-code.js +61 -0
- package/dist/checks/quality/no-raw-regex-on-code.js.map +1 -0
- package/dist/checks/quality/no-temporary-workarounds.d.ts +11 -0
- package/dist/checks/quality/no-temporary-workarounds.d.ts.map +1 -0
- package/dist/checks/quality/no-temporary-workarounds.js +69 -0
- package/dist/checks/quality/no-temporary-workarounds.js.map +1 -0
- package/dist/checks/quality/no-window-alert.d.ts +19 -0
- package/dist/checks/quality/no-window-alert.d.ts.map +1 -0
- package/dist/checks/quality/no-window-alert.js +74 -0
- package/dist/checks/quality/no-window-alert.js.map +1 -0
- package/dist/checks/quality/observability/index.d.ts +2 -0
- package/dist/checks/quality/observability/index.d.ts.map +1 -0
- package/dist/checks/quality/observability/index.js +2 -0
- package/dist/checks/quality/observability/index.js.map +1 -0
- package/dist/checks/quality/observability/pino-serializer-coverage.d.ts +15 -0
- package/dist/checks/quality/observability/pino-serializer-coverage.d.ts.map +1 -0
- package/dist/checks/quality/observability/pino-serializer-coverage.js +209 -0
- package/dist/checks/quality/observability/pino-serializer-coverage.js.map +1 -0
- package/dist/checks/quality/patterns/async-state-pattern.d.ts +14 -0
- package/dist/checks/quality/patterns/async-state-pattern.d.ts.map +1 -0
- package/dist/checks/quality/patterns/async-state-pattern.js +80 -0
- package/dist/checks/quality/patterns/async-state-pattern.js.map +1 -0
- package/dist/checks/quality/patterns/index.d.ts +4 -0
- package/dist/checks/quality/patterns/index.d.ts.map +1 -0
- package/dist/checks/quality/patterns/index.js +4 -0
- package/dist/checks/quality/patterns/index.js.map +1 -0
- package/dist/checks/quality/patterns/no-non-null-assertions.d.ts +10 -0
- package/dist/checks/quality/patterns/no-non-null-assertions.d.ts.map +1 -0
- package/dist/checks/quality/patterns/no-non-null-assertions.js +97 -0
- package/dist/checks/quality/patterns/no-non-null-assertions.js.map +1 -0
- package/dist/checks/quality/patterns/performance-anti-patterns.d.ts +16 -0
- package/dist/checks/quality/patterns/performance-anti-patterns.d.ts.map +1 -0
- package/dist/checks/quality/patterns/performance-anti-patterns.js +239 -0
- package/dist/checks/quality/patterns/performance-anti-patterns.js.map +1 -0
- package/dist/checks/resilience/_helpers/config-validation.d.ts +27 -0
- package/dist/checks/resilience/_helpers/config-validation.d.ts.map +1 -0
- package/dist/checks/resilience/_helpers/config-validation.js +61 -0
- package/dist/checks/resilience/_helpers/config-validation.js.map +1 -0
- package/dist/checks/resilience/batch-operations.d.ts +22 -0
- package/dist/checks/resilience/batch-operations.d.ts.map +1 -0
- package/dist/checks/resilience/batch-operations.js +422 -0
- package/dist/checks/resilience/batch-operations.js.map +1 -0
- package/dist/checks/resilience/cache-ttl-validation.d.ts +13 -0
- package/dist/checks/resilience/cache-ttl-validation.d.ts.map +1 -0
- package/dist/checks/resilience/cache-ttl-validation.js +222 -0
- package/dist/checks/resilience/cache-ttl-validation.js.map +1 -0
- package/dist/checks/resilience/catch-clause-safety.d.ts +12 -0
- package/dist/checks/resilience/catch-clause-safety.d.ts.map +1 -0
- package/dist/checks/resilience/catch-clause-safety.js +110 -0
- package/dist/checks/resilience/catch-clause-safety.js.map +1 -0
- package/dist/checks/resilience/dangerous-config-defaults.d.ts +11 -0
- package/dist/checks/resilience/dangerous-config-defaults.d.ts.map +1 -0
- package/dist/checks/resilience/dangerous-config-defaults.js +304 -0
- package/dist/checks/resilience/dangerous-config-defaults.js.map +1 -0
- package/dist/checks/resilience/error-code-registration.d.ts +11 -0
- package/dist/checks/resilience/error-code-registration.d.ts.map +1 -0
- package/dist/checks/resilience/error-code-registration.js +88 -0
- package/dist/checks/resilience/error-code-registration.js.map +1 -0
- package/dist/checks/resilience/event-patterns.d.ts +21 -0
- package/dist/checks/resilience/event-patterns.d.ts.map +1 -0
- package/dist/checks/resilience/event-patterns.js +232 -0
- package/dist/checks/resilience/event-patterns.js.map +1 -0
- package/dist/checks/resilience/exit-code-correctness.d.ts +12 -0
- package/dist/checks/resilience/exit-code-correctness.d.ts.map +1 -0
- package/dist/checks/resilience/exit-code-correctness.js +107 -0
- package/dist/checks/resilience/exit-code-correctness.js.map +1 -0
- package/dist/checks/resilience/index.d.ts +18 -0
- package/dist/checks/resilience/index.d.ts.map +1 -0
- package/dist/checks/resilience/index.js +18 -0
- package/dist/checks/resilience/index.js.map +1 -0
- package/dist/checks/resilience/no-hardcoded-timeouts.d.ts +10 -0
- package/dist/checks/resilience/no-hardcoded-timeouts.d.ts.map +1 -0
- package/dist/checks/resilience/no-hardcoded-timeouts.js +291 -0
- package/dist/checks/resilience/no-hardcoded-timeouts.js.map +1 -0
- package/dist/checks/resilience/no-process-exit-in-finally.d.ts +11 -0
- package/dist/checks/resilience/no-process-exit-in-finally.d.ts.map +1 -0
- package/dist/checks/resilience/no-process-exit-in-finally.js +89 -0
- package/dist/checks/resilience/no-process-exit-in-finally.js.map +1 -0
- package/dist/checks/resilience/readline-cleanup.d.ts +11 -0
- package/dist/checks/resilience/readline-cleanup.d.ts.map +1 -0
- package/dist/checks/resilience/readline-cleanup.js +107 -0
- package/dist/checks/resilience/readline-cleanup.js.map +1 -0
- package/dist/checks/resilience/recovery-patterns.d.ts +25 -0
- package/dist/checks/resilience/recovery-patterns.d.ts.map +1 -0
- package/dist/checks/resilience/recovery-patterns.js +273 -0
- package/dist/checks/resilience/recovery-patterns.js.map +1 -0
- package/dist/checks/resilience/reentrancy-guard.d.ts +12 -0
- package/dist/checks/resilience/reentrancy-guard.d.ts.map +1 -0
- package/dist/checks/resilience/reentrancy-guard.js +86 -0
- package/dist/checks/resilience/reentrancy-guard.js.map +1 -0
- package/dist/checks/resilience/retry-config-validation.d.ts +13 -0
- package/dist/checks/resilience/retry-config-validation.d.ts.map +1 -0
- package/dist/checks/resilience/retry-config-validation.js +159 -0
- package/dist/checks/resilience/retry-config-validation.js.map +1 -0
- package/dist/checks/resilience/sentry/_helpers/sentry.d.ts +25 -0
- package/dist/checks/resilience/sentry/_helpers/sentry.d.ts.map +1 -0
- package/dist/checks/resilience/sentry/_helpers/sentry.js +68 -0
- package/dist/checks/resilience/sentry/_helpers/sentry.js.map +1 -0
- package/dist/checks/resilience/sentry/index.d.ts +8 -0
- package/dist/checks/resilience/sentry/index.d.ts.map +1 -0
- package/dist/checks/resilience/sentry/index.js +8 -0
- package/dist/checks/resilience/sentry/index.js.map +1 -0
- package/dist/checks/resilience/sentry/sentry-dsn-configured.d.ts +12 -0
- package/dist/checks/resilience/sentry/sentry-dsn-configured.d.ts.map +1 -0
- package/dist/checks/resilience/sentry/sentry-dsn-configured.js +55 -0
- package/dist/checks/resilience/sentry/sentry-dsn-configured.js.map +1 -0
- package/dist/checks/resilience/sentry/sentry-environment-set.d.ts +12 -0
- package/dist/checks/resilience/sentry/sentry-environment-set.d.ts.map +1 -0
- package/dist/checks/resilience/sentry/sentry-environment-set.js +51 -0
- package/dist/checks/resilience/sentry/sentry-environment-set.js.map +1 -0
- package/dist/checks/resilience/sentry/sentry-error-boundary.d.ts +12 -0
- package/dist/checks/resilience/sentry/sentry-error-boundary.d.ts.map +1 -0
- package/dist/checks/resilience/sentry/sentry-error-boundary.js +75 -0
- package/dist/checks/resilience/sentry/sentry-error-boundary.js.map +1 -0
- package/dist/checks/resilience/sentry/sentry-pii-scrubbing.d.ts +13 -0
- package/dist/checks/resilience/sentry/sentry-pii-scrubbing.d.ts.map +1 -0
- package/dist/checks/resilience/sentry/sentry-pii-scrubbing.js +125 -0
- package/dist/checks/resilience/sentry/sentry-pii-scrubbing.js.map +1 -0
- package/dist/checks/resilience/sentry/sentry-release-set.d.ts +12 -0
- package/dist/checks/resilience/sentry/sentry-release-set.d.ts.map +1 -0
- package/dist/checks/resilience/sentry/sentry-release-set.js +51 -0
- package/dist/checks/resilience/sentry/sentry-release-set.js.map +1 -0
- package/dist/checks/resilience/sentry/sentry-sample-rate.d.ts +12 -0
- package/dist/checks/resilience/sentry/sentry-sample-rate.d.ts.map +1 -0
- package/dist/checks/resilience/sentry/sentry-sample-rate.js +78 -0
- package/dist/checks/resilience/sentry/sentry-sample-rate.js.map +1 -0
- package/dist/checks/resilience/sentry/sentry-source-maps.d.ts +12 -0
- package/dist/checks/resilience/sentry/sentry-source-maps.d.ts.map +1 -0
- package/dist/checks/resilience/sentry/sentry-source-maps.js +83 -0
- package/dist/checks/resilience/sentry/sentry-source-maps.js.map +1 -0
- package/dist/checks/resilience/service-patterns.d.ts +18 -0
- package/dist/checks/resilience/service-patterns.d.ts.map +1 -0
- package/dist/checks/resilience/service-patterns.js +230 -0
- package/dist/checks/resilience/service-patterns.js.map +1 -0
- package/dist/checks/resilience/timer-lifecycle.d.ts +10 -0
- package/dist/checks/resilience/timer-lifecycle.d.ts.map +1 -0
- package/dist/checks/resilience/timer-lifecycle.js +78 -0
- package/dist/checks/resilience/timer-lifecycle.js.map +1 -0
- package/dist/checks/resilience/transaction-patterns.d.ts +21 -0
- package/dist/checks/resilience/transaction-patterns.d.ts.map +1 -0
- package/dist/checks/resilience/transaction-patterns.js +258 -0
- package/dist/checks/resilience/transaction-patterns.js.map +1 -0
- package/dist/checks/security/__tests__/no-hardcoded-secrets.test.d.ts +9 -0
- package/dist/checks/security/__tests__/no-hardcoded-secrets.test.d.ts.map +1 -0
- package/dist/checks/security/__tests__/no-hardcoded-secrets.test.js +37 -0
- package/dist/checks/security/__tests__/no-hardcoded-secrets.test.js.map +1 -0
- package/dist/checks/security/__tests__/package-supply-chain-policy.test.d.ts +2 -0
- package/dist/checks/security/__tests__/package-supply-chain-policy.test.d.ts.map +1 -0
- package/dist/checks/security/__tests__/package-supply-chain-policy.test.js +128 -0
- package/dist/checks/security/__tests__/package-supply-chain-policy.test.js.map +1 -0
- package/dist/checks/security/api-key-rotation.d.ts +10 -0
- package/dist/checks/security/api-key-rotation.d.ts.map +1 -0
- package/dist/checks/security/api-key-rotation.js +186 -0
- package/dist/checks/security/api-key-rotation.js.map +1 -0
- package/dist/checks/security/auth-middleware-coverage.d.ts +11 -0
- package/dist/checks/security/auth-middleware-coverage.d.ts.map +1 -0
- package/dist/checks/security/auth-middleware-coverage.js +210 -0
- package/dist/checks/security/auth-middleware-coverage.js.map +1 -0
- package/dist/checks/security/auth-route-guard.d.ts +12 -0
- package/dist/checks/security/auth-route-guard.d.ts.map +1 -0
- package/dist/checks/security/auth-route-guard.js +70 -0
- package/dist/checks/security/auth-route-guard.js.map +1 -0
- package/dist/checks/security/cors-configuration.d.ts +11 -0
- package/dist/checks/security/cors-configuration.d.ts.map +1 -0
- package/dist/checks/security/cors-configuration.js +126 -0
- package/dist/checks/security/cors-configuration.js.map +1 -0
- package/dist/checks/security/csp-headers.d.ts +11 -0
- package/dist/checks/security/csp-headers.d.ts.map +1 -0
- package/dist/checks/security/csp-headers.js +192 -0
- package/dist/checks/security/csp-headers.js.map +1 -0
- package/dist/checks/security/dependency-vulnerability-audit.d.ts +15 -0
- package/dist/checks/security/dependency-vulnerability-audit.d.ts.map +1 -0
- package/dist/checks/security/dependency-vulnerability-audit.js +184 -0
- package/dist/checks/security/dependency-vulnerability-audit.js.map +1 -0
- package/dist/checks/security/env-secret-exposure.d.ts +11 -0
- package/dist/checks/security/env-secret-exposure.d.ts.map +1 -0
- package/dist/checks/security/env-secret-exposure.js +127 -0
- package/dist/checks/security/env-secret-exposure.js.map +1 -0
- package/dist/checks/security/hasura-production-config.d.ts +11 -0
- package/dist/checks/security/hasura-production-config.d.ts.map +1 -0
- package/dist/checks/security/hasura-production-config.js +122 -0
- package/dist/checks/security/hasura-production-config.js.map +1 -0
- package/dist/checks/security/index.d.ts +17 -0
- package/dist/checks/security/index.d.ts.map +1 -0
- package/dist/checks/security/index.js +17 -0
- package/dist/checks/security/index.js.map +1 -0
- package/dist/checks/security/jwt-validation.d.ts +11 -0
- package/dist/checks/security/jwt-validation.d.ts.map +1 -0
- package/dist/checks/security/jwt-validation.js +294 -0
- package/dist/checks/security/jwt-validation.js.map +1 -0
- package/dist/checks/security/no-eval.d.ts +16 -0
- package/dist/checks/security/no-eval.d.ts.map +1 -0
- package/dist/checks/security/no-eval.js +83 -0
- package/dist/checks/security/no-eval.js.map +1 -0
- package/dist/checks/security/no-hardcoded-secrets.d.ts +28 -0
- package/dist/checks/security/no-hardcoded-secrets.d.ts.map +1 -0
- package/dist/checks/security/no-hardcoded-secrets.js +209 -0
- package/dist/checks/security/no-hardcoded-secrets.js.map +1 -0
- package/dist/checks/security/package-supply-chain-policy.d.ts +12 -0
- package/dist/checks/security/package-supply-chain-policy.d.ts.map +1 -0
- package/dist/checks/security/package-supply-chain-policy.js +534 -0
- package/dist/checks/security/package-supply-chain-policy.js.map +1 -0
- package/dist/checks/security/rate-limit-coverage.d.ts +10 -0
- package/dist/checks/security/rate-limit-coverage.d.ts.map +1 -0
- package/dist/checks/security/rate-limit-coverage.js +143 -0
- package/dist/checks/security/rate-limit-coverage.js.map +1 -0
- package/dist/checks/security/semgrep-scan.d.ts +13 -0
- package/dist/checks/security/semgrep-scan.d.ts.map +1 -0
- package/dist/checks/security/semgrep-scan.js +86 -0
- package/dist/checks/security/semgrep-scan.js.map +1 -0
- package/dist/checks/security/use-centralized-crypto.d.ts +11 -0
- package/dist/checks/security/use-centralized-crypto.d.ts.map +1 -0
- package/dist/checks/security/use-centralized-crypto.js +129 -0
- package/dist/checks/security/use-centralized-crypto.js.map +1 -0
- package/dist/checks/security/webhook-signature-verification.d.ts +10 -0
- package/dist/checks/security/webhook-signature-verification.d.ts.map +1 -0
- package/dist/checks/security/webhook-signature-verification.js +183 -0
- package/dist/checks/security/webhook-signature-verification.js.map +1 -0
- package/dist/checks/testing/index.d.ts +6 -0
- package/dist/checks/testing/index.d.ts.map +1 -0
- package/dist/checks/testing/index.js +6 -0
- package/dist/checks/testing/index.js.map +1 -0
- package/dist/checks/testing/no-skipped-tests.d.ts +40 -0
- package/dist/checks/testing/no-skipped-tests.d.ts.map +1 -0
- package/dist/checks/testing/no-skipped-tests.js +174 -0
- package/dist/checks/testing/no-skipped-tests.js.map +1 -0
- package/dist/checks/testing/no-stub-tests.d.ts +11 -0
- package/dist/checks/testing/no-stub-tests.d.ts.map +1 -0
- package/dist/checks/testing/no-stub-tests.js +103 -0
- package/dist/checks/testing/no-stub-tests.js.map +1 -0
- package/dist/checks/testing/test-convention-consistency.d.ts +14 -0
- package/dist/checks/testing/test-convention-consistency.d.ts.map +1 -0
- package/dist/checks/testing/test-convention-consistency.js +93 -0
- package/dist/checks/testing/test-convention-consistency.js.map +1 -0
- package/dist/checks/testing/test-file-naming.d.ts +13 -0
- package/dist/checks/testing/test-file-naming.d.ts.map +1 -0
- package/dist/checks/testing/test-file-naming.js +218 -0
- package/dist/checks/testing/test-file-naming.js.map +1 -0
- package/dist/checks/testing/test-file-pairing.d.ts +13 -0
- package/dist/checks/testing/test-file-pairing.d.ts.map +1 -0
- package/dist/checks/testing/test-file-pairing.js +274 -0
- package/dist/checks/testing/test-file-pairing.js.map +1 -0
- package/dist/display/architecture.d.ts +9 -0
- package/dist/display/architecture.d.ts.map +1 -0
- package/dist/display/architecture.js +29 -0
- package/dist/display/architecture.js.map +1 -0
- package/dist/display/index.d.ts +20 -0
- package/dist/display/index.d.ts.map +1 -0
- package/dist/display/index.js +30 -0
- package/dist/display/index.js.map +1 -0
- package/dist/display/quality.d.ts +7 -0
- package/dist/display/quality.d.ts.map +1 -0
- package/dist/display/quality.js +34 -0
- package/dist/display/quality.js.map +1 -0
- package/dist/display/resilience.d.ts +7 -0
- package/dist/display/resilience.d.ts.map +1 -0
- package/dist/display/resilience.js +36 -0
- package/dist/display/resilience.js.map +1 -0
- package/dist/display/security-testing.d.ts +9 -0
- package/dist/display/security-testing.d.ts.map +1 -0
- package/dist/display/security-testing.js +31 -0
- package/dist/display/security-testing.js.map +1 -0
- package/dist/display/types.d.ts +6 -0
- package/dist/display/types.d.ts.map +1 -0
- package/dist/display/types.js +6 -0
- package/dist/display/types.js.map +1 -0
- package/dist/index.d.ts +19 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +21 -0
- package/dist/index.js.map +1 -0
- package/package.json +52 -0
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Detect missing or dangerous tracesSampleRate in Sentry.init()
|
|
3
|
+
* @module checks-builtin/checks/resilience/sentry/sentry-sample-rate
|
|
4
|
+
*/
|
|
5
|
+
import { defineCheck, getLineNumber } from '@opensip-cli/fitness';
|
|
6
|
+
import { hasSentryInit, extractSentryInitBlock } from './_helpers/sentry.js';
|
|
7
|
+
function analyze(content, filePath) {
|
|
8
|
+
if (!hasSentryInit(content))
|
|
9
|
+
return [];
|
|
10
|
+
const initBlock = extractSentryInitBlock(content);
|
|
11
|
+
if (!initBlock)
|
|
12
|
+
return [];
|
|
13
|
+
const violations = [];
|
|
14
|
+
// Check for tracesSampleRate: 1.0 (or 1) — expensive in production
|
|
15
|
+
const rateMatch = /tracesSampleRate\s*:\s*([\d.]+)/.exec(initBlock.block);
|
|
16
|
+
if (rateMatch) {
|
|
17
|
+
const rate = Number.parseFloat(rateMatch[1] ?? '0');
|
|
18
|
+
if (rate === 1) {
|
|
19
|
+
const absoluteIndex = content.indexOf('tracesSampleRate', content.indexOf('Sentry.init'));
|
|
20
|
+
violations.push({
|
|
21
|
+
line: absoluteIndex === -1 ? initBlock.startLine + 1 : getLineNumber(content, absoluteIndex),
|
|
22
|
+
message: 'tracesSampleRate is 1.0 — every transaction is traced, which is expensive at scale',
|
|
23
|
+
severity: 'warning',
|
|
24
|
+
suggestion: 'Set tracesSampleRate to a lower value in production (e.g., 0.1 for 10% sampling). Use environment checks: tracesSampleRate: process.env.NODE_ENV === "production" ? 0.1 : 1.0',
|
|
25
|
+
type: 'sentry-full-sample-rate',
|
|
26
|
+
match: rateMatch[0],
|
|
27
|
+
filePath,
|
|
28
|
+
});
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
// Check for missing tracesSampleRate entirely
|
|
32
|
+
if (!initBlock.block.includes('tracesSampleRate') && !initBlock.block.includes('tracesSampler')) {
|
|
33
|
+
// Only flag if the project appears to use Sentry tracing (has performance imports)
|
|
34
|
+
const hasTracingImport = content.includes('BrowserTracing') ||
|
|
35
|
+
content.includes('browserTracingIntegration') ||
|
|
36
|
+
content.includes('@sentry/tracing') ||
|
|
37
|
+
content.includes('httpIntegration') ||
|
|
38
|
+
content.includes('expressIntegration');
|
|
39
|
+
if (hasTracingImport) {
|
|
40
|
+
violations.push({
|
|
41
|
+
line: initBlock.startLine + 1,
|
|
42
|
+
message: 'Sentry tracing integration imported but no tracesSampleRate or tracesSampler set — tracing may be silently disabled',
|
|
43
|
+
severity: 'warning',
|
|
44
|
+
suggestion: 'Add tracesSampleRate to Sentry.init(): Sentry.init({ tracesSampleRate: 0.1, ... }). Without it, the default is 0 (no traces captured).',
|
|
45
|
+
type: 'sentry-missing-sample-rate',
|
|
46
|
+
filePath,
|
|
47
|
+
});
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
return violations;
|
|
51
|
+
}
|
|
52
|
+
/**
|
|
53
|
+
* Check: sentry-sample-rate
|
|
54
|
+
*
|
|
55
|
+
* Detects missing or problematic tracesSampleRate in Sentry.init().
|
|
56
|
+
* Catches both "too high" (1.0 in production) and "not set" (tracing silently off).
|
|
57
|
+
*/
|
|
58
|
+
export const sentrySampleRate = defineCheck({
|
|
59
|
+
id: 'a7c3e9f6-0b8d-4e4a-f567-d9c1a3b5e8f0',
|
|
60
|
+
slug: 'sentry-sample-rate',
|
|
61
|
+
scope: { languages: ['typescript', 'javascript'], concerns: ['backend', 'frontend'] },
|
|
62
|
+
contentFilter: 'strip-strings-and-comments',
|
|
63
|
+
description: 'Detects missing or 1.0 tracesSampleRate — tracing disabled or too expensive',
|
|
64
|
+
longDescription: `**Purpose:** Ensures Sentry performance tracing is configured with an appropriate sample rate.
|
|
65
|
+
|
|
66
|
+
**Detects:**
|
|
67
|
+
- \`tracesSampleRate: 1.0\` — capturing every transaction is expensive at scale and can significantly increase Sentry costs
|
|
68
|
+
- Tracing integrations imported (BrowserTracing, @sentry/tracing, etc.) but no \`tracesSampleRate\` or \`tracesSampler\` configured — tracing defaults to 0 (disabled)
|
|
69
|
+
|
|
70
|
+
**Why it matters:** A sample rate of 1.0 in production sends every transaction to Sentry, which can be prohibitively expensive and may cause rate limiting. Conversely, importing tracing integrations without setting a sample rate means tracing is silently disabled — the integration runs but captures nothing.
|
|
71
|
+
|
|
72
|
+
**Scope:** Any file that calls \`Sentry.init()\`. Analyzes each file individually.`,
|
|
73
|
+
tags: ['sentry', 'resilience', 'performance', 'observability'],
|
|
74
|
+
fileTypes: ['ts', 'js', 'tsx', 'jsx', 'mjs'],
|
|
75
|
+
confidence: 'high',
|
|
76
|
+
analyze,
|
|
77
|
+
});
|
|
78
|
+
//# sourceMappingURL=sentry-sample-rate.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sentry-sample-rate.js","sourceRoot":"","sources":["../../../../src/checks/resilience/sentry/sentry-sample-rate.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,WAAW,EAAuB,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAEvF,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAE7E,SAAS,OAAO,CAAC,OAAe,EAAE,QAAgB;IAChD,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;QAAE,OAAO,EAAE,CAAC;IAEvC,MAAM,SAAS,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;IAClD,IAAI,CAAC,SAAS;QAAE,OAAO,EAAE,CAAC;IAE1B,MAAM,UAAU,GAAqB,EAAE,CAAC;IAExC,mEAAmE;IACnE,MAAM,SAAS,GAAG,iCAAiC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IAC1E,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC;QACpD,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;YACf,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,kBAAkB,EAAE,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;YAC1F,UAAU,CAAC,IAAI,CAAC;gBACd,IAAI,EACF,aAAa,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,EAAE,aAAa,CAAC;gBACxF,OAAO,EACL,oFAAoF;gBACtF,QAAQ,EAAE,SAAS;gBACnB,UAAU,EACR,+KAA+K;gBACjL,IAAI,EAAE,yBAAyB;gBAC/B,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC;gBACnB,QAAQ;aACT,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8CAA8C;IAC9C,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QAChG,mFAAmF;QACnF,MAAM,gBAAgB,GACpB,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YAClC,OAAO,CAAC,QAAQ,CAAC,2BAA2B,CAAC;YAC7C,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC;YACnC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC;YACnC,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;QAEzC,IAAI,gBAAgB,EAAE,CAAC;YACrB,UAAU,CAAC,IAAI,CAAC;gBACd,IAAI,EAAE,SAAS,CAAC,SAAS,GAAG,CAAC;gBAC7B,OAAO,EACL,qHAAqH;gBACvH,QAAQ,EAAE,SAAS;gBACnB,UAAU,EACR,wIAAwI;gBAC1I,IAAI,EAAE,4BAA4B;gBAClC,QAAQ;aACT,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,WAAW,CAAC;IAC1C,EAAE,EAAE,sCAAsC;IAC1C,IAAI,EAAE,oBAAoB;IAC1B,KAAK,EAAE,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC,EAAE;IACrF,aAAa,EAAE,4BAA4B;IAC3C,WAAW,EAAE,6EAA6E;IAC1F,eAAe,EAAE;;;;;;;;mFAQgE;IACjF,IAAI,EAAE,CAAC,QAAQ,EAAE,YAAY,EAAE,aAAa,EAAE,eAAe,CAAC;IAC9D,SAAS,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;IAC5C,UAAU,EAAE,MAAM;IAClB,OAAO;CACR,CAAC,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Detect missing Sentry source map upload in bundler configs
|
|
3
|
+
* @module checks-builtin/checks/resilience/sentry/sentry-source-maps
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* Check: sentry-source-maps
|
|
7
|
+
*
|
|
8
|
+
* Detects bundler configs that reference Sentry but don't include
|
|
9
|
+
* a source map upload plugin.
|
|
10
|
+
*/
|
|
11
|
+
export declare const sentrySourceMaps: import("@opensip-cli/fitness").Check;
|
|
12
|
+
//# sourceMappingURL=sentry-source-maps.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sentry-source-maps.d.ts","sourceRoot":"","sources":["../../../../src/checks/resilience/sentry/sentry-source-maps.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAgEH;;;;;GAKG;AACH,eAAO,MAAM,gBAAgB,sCAiB3B,CAAC"}
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Detect missing Sentry source map upload in bundler configs
|
|
3
|
+
* @module checks-builtin/checks/resilience/sentry/sentry-source-maps
|
|
4
|
+
*/
|
|
5
|
+
import { defineCheck } from '@opensip-cli/fitness';
|
|
6
|
+
import { hasSentryUsage } from './_helpers/sentry.js';
|
|
7
|
+
// Sentry bundler plugins that handle source map upload
|
|
8
|
+
const SOURCE_MAP_PLUGINS = [
|
|
9
|
+
'@sentry/webpack-plugin',
|
|
10
|
+
'@sentry/vite-plugin',
|
|
11
|
+
'@sentry/esbuild-plugin',
|
|
12
|
+
'@sentry/rollup-plugin',
|
|
13
|
+
'@sentry/nextjs',
|
|
14
|
+
'@sentry/nuxt',
|
|
15
|
+
'@sentry/astro',
|
|
16
|
+
'sentryWebpackPlugin',
|
|
17
|
+
'sentryVitePlugin',
|
|
18
|
+
'sentryEsbuildPlugin',
|
|
19
|
+
'sentryRollupPlugin',
|
|
20
|
+
];
|
|
21
|
+
// File name patterns that indicate a bundler config
|
|
22
|
+
const BUNDLER_CONFIG_PATTERNS = [
|
|
23
|
+
'webpack.config',
|
|
24
|
+
'vite.config',
|
|
25
|
+
'rollup.config',
|
|
26
|
+
'esbuild.config',
|
|
27
|
+
'next.config',
|
|
28
|
+
'nuxt.config',
|
|
29
|
+
'astro.config',
|
|
30
|
+
];
|
|
31
|
+
function isBundlerConfig(filePath) {
|
|
32
|
+
const lower = filePath.toLowerCase();
|
|
33
|
+
return BUNDLER_CONFIG_PATTERNS.some((pattern) => lower.includes(pattern));
|
|
34
|
+
}
|
|
35
|
+
function analyze(content, filePath) {
|
|
36
|
+
// Only check bundler config files
|
|
37
|
+
if (!isBundlerConfig(filePath))
|
|
38
|
+
return [];
|
|
39
|
+
// Only relevant if the project uses Sentry (SDK import in this file or
|
|
40
|
+
// Sentry plugin reference)
|
|
41
|
+
if (!hasSentryUsage(content) && !content.includes('sentry'))
|
|
42
|
+
return [];
|
|
43
|
+
// Check if any Sentry source map plugin is configured
|
|
44
|
+
const hasSourceMapPlugin = SOURCE_MAP_PLUGINS.some((plugin) => content.includes(plugin));
|
|
45
|
+
if (hasSourceMapPlugin)
|
|
46
|
+
return [];
|
|
47
|
+
// The file mentions Sentry but has no source map plugin
|
|
48
|
+
return [
|
|
49
|
+
{
|
|
50
|
+
line: 1,
|
|
51
|
+
message: 'Bundler config references Sentry but no source map upload plugin is configured — stack traces will be unreadable',
|
|
52
|
+
severity: 'warning',
|
|
53
|
+
suggestion: 'Add a Sentry source map plugin: npm install @sentry/vite-plugin (or @sentry/webpack-plugin) and add it to your plugins array. This uploads source maps at build time so Sentry can show readable stack traces.',
|
|
54
|
+
type: 'sentry-missing-source-maps',
|
|
55
|
+
filePath,
|
|
56
|
+
},
|
|
57
|
+
];
|
|
58
|
+
}
|
|
59
|
+
/**
|
|
60
|
+
* Check: sentry-source-maps
|
|
61
|
+
*
|
|
62
|
+
* Detects bundler configs that reference Sentry but don't include
|
|
63
|
+
* a source map upload plugin.
|
|
64
|
+
*/
|
|
65
|
+
export const sentrySourceMaps = defineCheck({
|
|
66
|
+
id: 'e5a1c7d4-8f6b-4c2e-d345-b7a9e1f3c6d8',
|
|
67
|
+
slug: 'sentry-source-maps',
|
|
68
|
+
scope: { languages: ['typescript', 'javascript'], concerns: ['backend', 'frontend'] },
|
|
69
|
+
description: 'Detects missing Sentry source map upload — stack traces will be unreadable',
|
|
70
|
+
longDescription: `**Purpose:** Ensures bundler configurations include a Sentry source map upload plugin so production stack traces are readable.
|
|
71
|
+
|
|
72
|
+
**Detects:**
|
|
73
|
+
- Webpack, Vite, Rollup, esbuild, Next.js, Nuxt, or Astro config files that reference Sentry but don't include a Sentry source map plugin (@sentry/webpack-plugin, @sentry/vite-plugin, etc.)
|
|
74
|
+
|
|
75
|
+
**Why it matters:** Without source maps, Sentry shows minified stack traces (single-character variable names, collapsed files). Developers can't identify the actual source of errors, making Sentry significantly less useful. The Sentry SDK alone doesn't upload source maps — a bundler plugin is required.
|
|
76
|
+
|
|
77
|
+
**Scope:** Bundler configuration files only (webpack.config.*, vite.config.*, next.config.*, etc.). Analyzes each file individually.`,
|
|
78
|
+
tags: ['sentry', 'quality', 'observability', 'build'],
|
|
79
|
+
fileTypes: ['ts', 'js', 'mjs', 'cjs'],
|
|
80
|
+
confidence: 'high',
|
|
81
|
+
analyze,
|
|
82
|
+
});
|
|
83
|
+
//# sourceMappingURL=sentry-source-maps.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sentry-source-maps.js","sourceRoot":"","sources":["../../../../src/checks/resilience/sentry/sentry-source-maps.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,WAAW,EAAuB,MAAM,sBAAsB,CAAC;AAExE,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,uDAAuD;AACvD,MAAM,kBAAkB,GAAG;IACzB,wBAAwB;IACxB,qBAAqB;IACrB,wBAAwB;IACxB,uBAAuB;IACvB,gBAAgB;IAChB,cAAc;IACd,eAAe;IACf,qBAAqB;IACrB,kBAAkB;IAClB,qBAAqB;IACrB,oBAAoB;CACrB,CAAC;AAEF,oDAAoD;AACpD,MAAM,uBAAuB,GAAG;IAC9B,gBAAgB;IAChB,aAAa;IACb,eAAe;IACf,gBAAgB;IAChB,aAAa;IACb,aAAa;IACb,cAAc;CACf,CAAC;AAEF,SAAS,eAAe,CAAC,QAAgB;IACvC,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACrC,OAAO,uBAAuB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED,SAAS,OAAO,CAAC,OAAe,EAAE,QAAgB;IAChD,kCAAkC;IAClC,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;QAAE,OAAO,EAAE,CAAC;IAE1C,uEAAuE;IACvE,2BAA2B;IAC3B,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAAE,OAAO,EAAE,CAAC;IAEvE,sDAAsD;IACtD,MAAM,kBAAkB,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;IACzF,IAAI,kBAAkB;QAAE,OAAO,EAAE,CAAC;IAElC,wDAAwD;IACxD,OAAO;QACL;YACE,IAAI,EAAE,CAAC;YACP,OAAO,EACL,kHAAkH;YACpH,QAAQ,EAAE,SAAS;YACnB,UAAU,EACR,gNAAgN;YAClN,IAAI,EAAE,4BAA4B;YAClC,QAAQ;SACT;KACF,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,WAAW,CAAC;IAC1C,EAAE,EAAE,sCAAsC;IAC1C,IAAI,EAAE,oBAAoB;IAC1B,KAAK,EAAE,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC,EAAE;IACrF,WAAW,EAAE,4EAA4E;IACzF,eAAe,EAAE;;;;;;;qIAOkH;IACnI,IAAI,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,OAAO,CAAC;IACrD,SAAS,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC;IACrC,UAAU,EAAE,MAAM;IAClB,OAAO;CACR,CAAC,CAAC"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Service communication and infrastructure resilience checks
|
|
3
|
+
*/
|
|
4
|
+
/**
|
|
5
|
+
* Check: resilience/graceful-shutdown
|
|
6
|
+
*
|
|
7
|
+
* Validates services implement proper graceful shutdown handling.
|
|
8
|
+
* Ensures in-flight requests complete and resources are cleaned up.
|
|
9
|
+
*/
|
|
10
|
+
export declare const gracefulShutdown: import("@opensip-cli/fitness").Check;
|
|
11
|
+
/**
|
|
12
|
+
* Check: resilience/rate-limiting-coverage
|
|
13
|
+
*
|
|
14
|
+
* Validates API endpoints have rate limiting configured,
|
|
15
|
+
* especially for sensitive operations.
|
|
16
|
+
*/
|
|
17
|
+
export declare const rateLimitingCoverage: import("@opensip-cli/fitness").Check;
|
|
18
|
+
//# sourceMappingURL=service-patterns.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"service-patterns.d.ts","sourceRoot":"","sources":["../../../src/checks/resilience/service-patterns.ts"],"names":[],"mappings":"AAAA;;GAEG;AAqIH;;;;;GAKG;AACH,eAAO,MAAM,gBAAgB,sCA2D3B,CAAC;AAMH;;;;;GAKG;AACH,eAAO,MAAM,oBAAoB,sCAuD/B,CAAC"}
|
|
@@ -0,0 +1,230 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Service communication and infrastructure resilience checks
|
|
3
|
+
*/
|
|
4
|
+
import { logger } from '@opensip-cli/core';
|
|
5
|
+
import { defineCheck, isTestFile, getLineNumber } from '@opensip-cli/fitness';
|
|
6
|
+
// =============================================================================
|
|
7
|
+
// PRE-COMPILED REGEX PATTERNS (Safe for static code analysis)
|
|
8
|
+
// =============================================================================
|
|
9
|
+
// Service entry patterns (bounded quantifiers to prevent slow regex)
|
|
10
|
+
const LISTEN_PATTERN = /\.listen\s{0,5}\(/;
|
|
11
|
+
const FASTIFY_PATTERN = /fastify\s{0,5}\(\)/;
|
|
12
|
+
const EXPRESS_PATTERN = /express\s{0,5}\(\)/;
|
|
13
|
+
const CREATE_SERVER_PATTERN = /createServer\s{0,5}\(/;
|
|
14
|
+
// Shutdown patterns (bounded quantifiers to prevent slow regex)
|
|
15
|
+
const SIGTERM_PATTERN = /process\.on\s{0,5}\(\s{0,5}['"]SIGTERM['"]/;
|
|
16
|
+
const SIGINT_PATTERN = /process\.on\s{0,5}\(\s{0,5}['"]SIGINT['"]/;
|
|
17
|
+
const CLOSE_PATTERN = /\.close\s{0,5}\(\s{0,5}\)/;
|
|
18
|
+
const GRACEFUL_PATTERN = /graceful(?:Shutdown|Stop)/i;
|
|
19
|
+
// API endpoint patterns
|
|
20
|
+
const GET_ENDPOINT_PATTERN = /\.get\s*\(\s*['"][^'"]{1,200}['"]/;
|
|
21
|
+
const POST_ENDPOINT_PATTERN = /\.post\s*\(\s*['"][^'"]{1,200}['"]/;
|
|
22
|
+
const PUT_ENDPOINT_PATTERN = /\.put\s*\(\s*['"][^'"]{1,200}['"]/;
|
|
23
|
+
const DELETE_ENDPOINT_PATTERN = /\.delete\s*\(\s*['"][^'"]{1,200}['"]/;
|
|
24
|
+
const PATCH_ENDPOINT_PATTERN = /\.patch\s*\(\s*['"][^'"]{1,200}['"]/;
|
|
25
|
+
// Rate limiting patterns
|
|
26
|
+
const RATE_LIMIT_PATTERN = /rateLimit/i;
|
|
27
|
+
const RATE_LIMITER_PATTERN = /rateLimiter/i;
|
|
28
|
+
const THROTTLE_PATTERN = /throttle/i;
|
|
29
|
+
const RATE_LIMIT_DECORATOR_PATTERN = /@RateLimit/;
|
|
30
|
+
// Sensitive endpoints
|
|
31
|
+
const AUTH_ENDPOINT_PATTERN = /\/auth\//i;
|
|
32
|
+
const LOGIN_ENDPOINT_PATTERN = /\/login/i;
|
|
33
|
+
const REGISTER_ENDPOINT_PATTERN = /\/register/i;
|
|
34
|
+
const PASSWORD_ENDPOINT_PATTERN = /\/password/i;
|
|
35
|
+
const PAYMENT_ENDPOINT_PATTERN = /\/payment/i;
|
|
36
|
+
// =============================================================================
|
|
37
|
+
// PATTERN ARRAYS (Using pre-compiled patterns)
|
|
38
|
+
// =============================================================================
|
|
39
|
+
const SERVICE_ENTRY_PATTERNS = [
|
|
40
|
+
LISTEN_PATTERN,
|
|
41
|
+
FASTIFY_PATTERN,
|
|
42
|
+
EXPRESS_PATTERN,
|
|
43
|
+
CREATE_SERVER_PATTERN,
|
|
44
|
+
];
|
|
45
|
+
const SHUTDOWN_PATTERNS = [SIGTERM_PATTERN, SIGINT_PATTERN, CLOSE_PATTERN, GRACEFUL_PATTERN];
|
|
46
|
+
const API_ENDPOINT_PATTERNS = [
|
|
47
|
+
GET_ENDPOINT_PATTERN,
|
|
48
|
+
POST_ENDPOINT_PATTERN,
|
|
49
|
+
PUT_ENDPOINT_PATTERN,
|
|
50
|
+
DELETE_ENDPOINT_PATTERN,
|
|
51
|
+
PATCH_ENDPOINT_PATTERN,
|
|
52
|
+
];
|
|
53
|
+
const RATE_LIMITING_PATTERNS = [
|
|
54
|
+
RATE_LIMIT_PATTERN,
|
|
55
|
+
RATE_LIMITER_PATTERN,
|
|
56
|
+
THROTTLE_PATTERN,
|
|
57
|
+
RATE_LIMIT_DECORATOR_PATTERN,
|
|
58
|
+
];
|
|
59
|
+
const SENSITIVE_ENDPOINTS = [
|
|
60
|
+
AUTH_ENDPOINT_PATTERN,
|
|
61
|
+
LOGIN_ENDPOINT_PATTERN,
|
|
62
|
+
REGISTER_ENDPOINT_PATTERN,
|
|
63
|
+
PASSWORD_ENDPOINT_PATTERN,
|
|
64
|
+
PAYMENT_ENDPOINT_PATTERN,
|
|
65
|
+
];
|
|
66
|
+
// =============================================================================
|
|
67
|
+
// HELPER FUNCTIONS
|
|
68
|
+
// =============================================================================
|
|
69
|
+
function isServiceEntryPoint(content) {
|
|
70
|
+
logger.debug({
|
|
71
|
+
evt: 'fitness.checks.service_patterns.is_service_entry_point',
|
|
72
|
+
msg: 'Checking if content is a service entry point',
|
|
73
|
+
});
|
|
74
|
+
return SERVICE_ENTRY_PATTERNS.some((pattern) => pattern.test(content));
|
|
75
|
+
}
|
|
76
|
+
function hasShutdownHandler(content) {
|
|
77
|
+
logger.debug({
|
|
78
|
+
evt: 'fitness.checks.service_patterns.has_shutdown_handler',
|
|
79
|
+
msg: 'Checking if content has shutdown handler',
|
|
80
|
+
});
|
|
81
|
+
return SHUTDOWN_PATTERNS.some((pattern) => pattern.test(content));
|
|
82
|
+
}
|
|
83
|
+
function hasApiEndpoints(content) {
|
|
84
|
+
logger.debug({
|
|
85
|
+
evt: 'fitness.checks.service_patterns.has_api_endpoints',
|
|
86
|
+
msg: 'Checking if content has API endpoints',
|
|
87
|
+
});
|
|
88
|
+
return API_ENDPOINT_PATTERNS.some((pattern) => pattern.test(content));
|
|
89
|
+
}
|
|
90
|
+
function matchesRateLimitingPatterns(content) {
|
|
91
|
+
logger.debug({
|
|
92
|
+
evt: 'fitness.checks.service_patterns.matches_rate_limiting_patterns',
|
|
93
|
+
msg: 'Checking if content matches rate limiting patterns',
|
|
94
|
+
});
|
|
95
|
+
return RATE_LIMITING_PATTERNS.some((pattern) => pattern.test(content));
|
|
96
|
+
}
|
|
97
|
+
function isSensitiveEndpoint(line) {
|
|
98
|
+
logger.debug({
|
|
99
|
+
evt: 'fitness.checks.service_patterns.is_sensitive_endpoint',
|
|
100
|
+
msg: 'Checking if line contains a sensitive endpoint',
|
|
101
|
+
});
|
|
102
|
+
return SENSITIVE_ENDPOINTS.some((pattern) => pattern.test(line));
|
|
103
|
+
}
|
|
104
|
+
function isApiEndpoint(line) {
|
|
105
|
+
logger.debug({
|
|
106
|
+
evt: 'fitness.checks.service_patterns.is_api_endpoint',
|
|
107
|
+
msg: 'Checking if line contains an API endpoint',
|
|
108
|
+
});
|
|
109
|
+
return API_ENDPOINT_PATTERNS.some((pattern) => pattern.test(line));
|
|
110
|
+
}
|
|
111
|
+
// =============================================================================
|
|
112
|
+
// GRACEFUL SHUTDOWN
|
|
113
|
+
// =============================================================================
|
|
114
|
+
/**
|
|
115
|
+
* Check: resilience/graceful-shutdown
|
|
116
|
+
*
|
|
117
|
+
* Validates services implement proper graceful shutdown handling.
|
|
118
|
+
* Ensures in-flight requests complete and resources are cleaned up.
|
|
119
|
+
*/
|
|
120
|
+
export const gracefulShutdown = defineCheck({
|
|
121
|
+
id: '3e98b441-1ec9-4963-bb97-6f5b0bce0fbe',
|
|
122
|
+
slug: 'graceful-shutdown',
|
|
123
|
+
scope: { languages: ['typescript'], concerns: ['backend', 'server'] },
|
|
124
|
+
contentFilter: 'strip-strings',
|
|
125
|
+
confidence: 'medium',
|
|
126
|
+
description: 'Validate services implement graceful shutdown handling',
|
|
127
|
+
longDescription: `**Purpose:** Ensures service entry points implement graceful shutdown to allow in-flight requests to complete before termination.
|
|
128
|
+
|
|
129
|
+
**Detects:**
|
|
130
|
+
- Files containing service entry patterns (\`.listen(\`, \`fastify()\`, \`express()\`, \`createServer(\`) without shutdown handlers
|
|
131
|
+
- Checks for \`process.on('SIGTERM'\`, \`process.on('SIGINT'\`, \`.close()\`, or \`gracefulShutdown\`/\`gracefulStop\` patterns
|
|
132
|
+
|
|
133
|
+
**Why it matters:** Without graceful shutdown, deploys and restarts drop in-flight requests, corrupt transactions, and leak resources.
|
|
134
|
+
|
|
135
|
+
**Scope:** General best practice. Analyzes each file individually via regex.`,
|
|
136
|
+
tags: ['resilience', 'infrastructure', 'shutdown'],
|
|
137
|
+
fileTypes: ['ts'],
|
|
138
|
+
analyze(content, filePath) {
|
|
139
|
+
const violations = [];
|
|
140
|
+
if (!isServiceEntryPoint(content)) {
|
|
141
|
+
return violations;
|
|
142
|
+
}
|
|
143
|
+
if (hasShutdownHandler(content)) {
|
|
144
|
+
return violations;
|
|
145
|
+
}
|
|
146
|
+
// Find service entry violation
|
|
147
|
+
for (const pattern of SERVICE_ENTRY_PATTERNS) {
|
|
148
|
+
// @fitness-ignore-next-line performance-anti-patterns -- false positive: keyword in comment text below, not an async call
|
|
149
|
+
// @lazy-ok -- 'await' appears in suggestion string literal, not actual await
|
|
150
|
+
pattern.lastIndex = 0;
|
|
151
|
+
const match = pattern.exec(content);
|
|
152
|
+
if (!match) {
|
|
153
|
+
continue;
|
|
154
|
+
}
|
|
155
|
+
const lineNumber = getLineNumber(content, match.index);
|
|
156
|
+
violations.push({
|
|
157
|
+
line: lineNumber,
|
|
158
|
+
column: 0,
|
|
159
|
+
message: 'Service entry point missing graceful shutdown handler',
|
|
160
|
+
severity: 'warning',
|
|
161
|
+
suggestion: 'Add SIGTERM/SIGINT handlers to gracefully close connections. Example: process.on("SIGTERM", async () => { await server.close(); process.exit(0); })',
|
|
162
|
+
match: match[0],
|
|
163
|
+
type: 'missing-shutdown-handler',
|
|
164
|
+
filePath,
|
|
165
|
+
});
|
|
166
|
+
// Found one violation, exit loop
|
|
167
|
+
break;
|
|
168
|
+
}
|
|
169
|
+
return violations;
|
|
170
|
+
},
|
|
171
|
+
});
|
|
172
|
+
// =============================================================================
|
|
173
|
+
// RATE LIMITING COVERAGE
|
|
174
|
+
// =============================================================================
|
|
175
|
+
/**
|
|
176
|
+
* Check: resilience/rate-limiting-coverage
|
|
177
|
+
*
|
|
178
|
+
* Validates API endpoints have rate limiting configured,
|
|
179
|
+
* especially for sensitive operations.
|
|
180
|
+
*/
|
|
181
|
+
export const rateLimitingCoverage = defineCheck({
|
|
182
|
+
id: '4648cce9-f8de-47fe-9350-5f49953c8edc',
|
|
183
|
+
slug: 'rate-limiting-coverage',
|
|
184
|
+
scope: { languages: ['typescript'], concerns: ['backend', 'server'] },
|
|
185
|
+
description: 'Validate API endpoints have rate limiting',
|
|
186
|
+
longDescription: `**Purpose:** Ensures sensitive API endpoints have rate limiting configured to prevent abuse.
|
|
187
|
+
|
|
188
|
+
**Detects:**
|
|
189
|
+
- API endpoint definitions (\`.get(\`, \`.post(\`, \`.put(\`, \`.delete(\`, \`.patch(\` with string path) that match sensitive paths (\`/auth/\`, \`/login\`, \`/register\`, \`/password\`, \`/payment\`)
|
|
190
|
+
- Flags when the file lacks any rate limiting indicator: \`rateLimit\`, \`rateLimiter\`, \`throttle\`, \`@RateLimit\`
|
|
191
|
+
|
|
192
|
+
**Why it matters:** Unprotected auth, login, and payment endpoints are vulnerable to brute-force attacks, credential stuffing, and payment fraud.
|
|
193
|
+
|
|
194
|
+
**Scope:** General best practice. Analyzes each file individually via regex.`,
|
|
195
|
+
tags: ['resilience', 'security', 'rate-limiting'],
|
|
196
|
+
analyze(content, filePath) {
|
|
197
|
+
const violations = [];
|
|
198
|
+
// Test files routinely embed endpoint shapes inline as fixtures
|
|
199
|
+
// for this very check; production rate-limiting is the contract,
|
|
200
|
+
// not test scaffolding.
|
|
201
|
+
if (isTestFile(filePath))
|
|
202
|
+
return violations;
|
|
203
|
+
if (!hasApiEndpoints(content)) {
|
|
204
|
+
return violations;
|
|
205
|
+
}
|
|
206
|
+
const hasRateLimitingInFile = matchesRateLimitingPatterns(content);
|
|
207
|
+
const lines = content.split('\n');
|
|
208
|
+
for (const [i, line] of lines.entries()) {
|
|
209
|
+
if (!line)
|
|
210
|
+
continue;
|
|
211
|
+
const isEndpoint = isApiEndpoint(line);
|
|
212
|
+
const isSensitive = isSensitiveEndpoint(line);
|
|
213
|
+
if (isEndpoint && isSensitive && !hasRateLimitingInFile) {
|
|
214
|
+
const lineNumber = i + 1;
|
|
215
|
+
violations.push({
|
|
216
|
+
line: lineNumber,
|
|
217
|
+
column: 0,
|
|
218
|
+
message: 'Sensitive endpoint without rate limiting',
|
|
219
|
+
severity: 'warning',
|
|
220
|
+
suggestion: 'Add rate limiting to prevent abuse. Use a shared rate limiter middleware or apply a @RateLimit decorator to protect auth, login, and payment endpoints.',
|
|
221
|
+
match: line.trim(),
|
|
222
|
+
type: 'sensitive-endpoint-no-rate-limit',
|
|
223
|
+
filePath,
|
|
224
|
+
});
|
|
225
|
+
}
|
|
226
|
+
}
|
|
227
|
+
return violations;
|
|
228
|
+
},
|
|
229
|
+
});
|
|
230
|
+
//# sourceMappingURL=service-patterns.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"service-patterns.js","sourceRoot":"","sources":["../../../src/checks/resilience/service-patterns.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,UAAU,EAAuB,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAEnG,gFAAgF;AAChF,8DAA8D;AAC9D,gFAAgF;AAEhF,qEAAqE;AACrE,MAAM,cAAc,GAAG,mBAAmB,CAAC;AAC3C,MAAM,eAAe,GAAG,oBAAoB,CAAC;AAC7C,MAAM,eAAe,GAAG,oBAAoB,CAAC;AAC7C,MAAM,qBAAqB,GAAG,uBAAuB,CAAC;AAEtD,gEAAgE;AAChE,MAAM,eAAe,GAAG,4CAA4C,CAAC;AACrE,MAAM,cAAc,GAAG,2CAA2C,CAAC;AACnE,MAAM,aAAa,GAAG,2BAA2B,CAAC;AAClD,MAAM,gBAAgB,GAAG,4BAA4B,CAAC;AAEtD,wBAAwB;AACxB,MAAM,oBAAoB,GAAG,mCAAmC,CAAC;AACjE,MAAM,qBAAqB,GAAG,oCAAoC,CAAC;AACnE,MAAM,oBAAoB,GAAG,mCAAmC,CAAC;AACjE,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AACvE,MAAM,sBAAsB,GAAG,qCAAqC,CAAC;AAErE,yBAAyB;AACzB,MAAM,kBAAkB,GAAG,YAAY,CAAC;AACxC,MAAM,oBAAoB,GAAG,cAAc,CAAC;AAC5C,MAAM,gBAAgB,GAAG,WAAW,CAAC;AACrC,MAAM,4BAA4B,GAAG,YAAY,CAAC;AAElD,sBAAsB;AACtB,MAAM,qBAAqB,GAAG,WAAW,CAAC;AAC1C,MAAM,sBAAsB,GAAG,UAAU,CAAC;AAC1C,MAAM,yBAAyB,GAAG,aAAa,CAAC;AAChD,MAAM,yBAAyB,GAAG,aAAa,CAAC;AAChD,MAAM,wBAAwB,GAAG,YAAY,CAAC;AAE9C,gFAAgF;AAChF,+CAA+C;AAC/C,gFAAgF;AAEhF,MAAM,sBAAsB,GAAG;IAC7B,cAAc;IACd,eAAe;IACf,eAAe;IACf,qBAAqB;CACtB,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,eAAe,EAAE,cAAc,EAAE,aAAa,EAAE,gBAAgB,CAAC,CAAC;AAE7F,MAAM,qBAAqB,GAAG;IAC5B,oBAAoB;IACpB,qBAAqB;IACrB,oBAAoB;IACpB,uBAAuB;IACvB,sBAAsB;CACvB,CAAC;AAEF,MAAM,sBAAsB,GAAG;IAC7B,kBAAkB;IAClB,oBAAoB;IACpB,gBAAgB;IAChB,4BAA4B;CAC7B,CAAC;AAEF,MAAM,mBAAmB,GAAG;IAC1B,qBAAqB;IACrB,sBAAsB;IACtB,yBAAyB;IACzB,yBAAyB;IACzB,wBAAwB;CACzB,CAAC;AAEF,gFAAgF;AAChF,mBAAmB;AACnB,gFAAgF;AAEhF,SAAS,mBAAmB,CAAC,OAAe;IAC1C,MAAM,CAAC,KAAK,CAAC;QACX,GAAG,EAAE,wDAAwD;QAC7D,GAAG,EAAE,8CAA8C;KACpD,CAAC,CAAC;IACH,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAe;IACzC,MAAM,CAAC,KAAK,CAAC;QACX,GAAG,EAAE,sDAAsD;QAC3D,GAAG,EAAE,0CAA0C;KAChD,CAAC,CAAC;IACH,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACpE,CAAC;AAED,SAAS,eAAe,CAAC,OAAe;IACtC,MAAM,CAAC,KAAK,CAAC;QACX,GAAG,EAAE,mDAAmD;QACxD,GAAG,EAAE,uCAAuC;KAC7C,CAAC,CAAC;IACH,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,2BAA2B,CAAC,OAAe;IAClD,MAAM,CAAC,KAAK,CAAC;QACX,GAAG,EAAE,gEAAgE;QACrE,GAAG,EAAE,oDAAoD;KAC1D,CAAC,CAAC;IACH,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,mBAAmB,CAAC,IAAY;IACvC,MAAM,CAAC,KAAK,CAAC;QACX,GAAG,EAAE,uDAAuD;QAC5D,GAAG,EAAE,gDAAgD;KACtD,CAAC,CAAC;IACH,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACnE,CAAC;AAED,SAAS,aAAa,CAAC,IAAY;IACjC,MAAM,CAAC,KAAK,CAAC;QACX,GAAG,EAAE,iDAAiD;QACtD,GAAG,EAAE,2CAA2C;KACjD,CAAC,CAAC;IACH,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,gFAAgF;AAChF,oBAAoB;AACpB,gFAAgF;AAEhF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,WAAW,CAAC;IAC1C,EAAE,EAAE,sCAAsC;IAC1C,IAAI,EAAE,mBAAmB;IACzB,KAAK,EAAE,EAAE,SAAS,EAAE,CAAC,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;IACrE,aAAa,EAAE,eAAe;IAE9B,UAAU,EAAE,QAAQ;IACpB,WAAW,EAAE,wDAAwD;IACrE,eAAe,EAAE;;;;;;;;6EAQ0D;IAC3E,IAAI,EAAE,CAAC,YAAY,EAAE,gBAAgB,EAAE,UAAU,CAAC;IAClD,SAAS,EAAE,CAAC,IAAI,CAAC;IAEjB,OAAO,CAAC,OAAe,EAAE,QAAgB;QACvC,MAAM,UAAU,GAAqB,EAAE,CAAC;QAExC,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAAC;YAClC,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,IAAI,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAChC,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,+BAA+B;QAC/B,KAAK,MAAM,OAAO,IAAI,sBAAsB,EAAE,CAAC;YAC7C,0HAA0H;YAC1H,6EAA6E;YAC7E,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACpC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,SAAS;YACX,CAAC;YAED,MAAM,UAAU,GAAG,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YACvD,UAAU,CAAC,IAAI,CAAC;gBACd,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,CAAC;gBACT,OAAO,EAAE,uDAAuD;gBAChE,QAAQ,EAAE,SAAS;gBACnB,UAAU,EACR,qJAAqJ;gBACvJ,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBACf,IAAI,EAAE,0BAA0B;gBAChC,QAAQ;aACT,CAAC,CAAC;YACH,iCAAiC;YACjC,MAAM;QACR,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;CACF,CAAC,CAAC;AAEH,gFAAgF;AAChF,yBAAyB;AACzB,gFAAgF;AAEhF;;;;;GAKG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,WAAW,CAAC;IAC9C,EAAE,EAAE,sCAAsC;IAC1C,IAAI,EAAE,wBAAwB;IAC9B,KAAK,EAAE,EAAE,SAAS,EAAE,CAAC,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;IACrE,WAAW,EAAE,2CAA2C;IACxD,eAAe,EAAE;;;;;;;;6EAQ0D;IAC3E,IAAI,EAAE,CAAC,YAAY,EAAE,UAAU,EAAE,eAAe,CAAC;IAEjD,OAAO,CAAC,OAAe,EAAE,QAAgB;QACvC,MAAM,UAAU,GAAqB,EAAE,CAAC;QAExC,gEAAgE;QAChE,iEAAiE;QACjE,wBAAwB;QACxB,IAAI,UAAU,CAAC,QAAQ,CAAC;YAAE,OAAO,UAAU,CAAC;QAE5C,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,OAAO,UAAU,CAAC;QACpB,CAAC;QAED,MAAM,qBAAqB,GAAG,2BAA2B,CAAC,OAAO,CAAC,CAAC;QACnE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;YACxC,IAAI,CAAC,IAAI;gBAAE,SAAS;YAEpB,MAAM,UAAU,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;YACvC,MAAM,WAAW,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAE9C,IAAI,UAAU,IAAI,WAAW,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBACxD,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;gBACzB,UAAU,CAAC,IAAI,CAAC;oBACd,IAAI,EAAE,UAAU;oBAChB,MAAM,EAAE,CAAC;oBACT,OAAO,EAAE,0CAA0C;oBACnD,QAAQ,EAAE,SAAS;oBACnB,UAAU,EACR,yJAAyJ;oBAC3J,KAAK,EAAE,IAAI,CAAC,IAAI,EAAE;oBAClB,IAAI,EAAE,kCAAkC;oBACxC,QAAQ;iBACT,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;CACF,CAAC,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Timer lifecycle check
|
|
3
|
+
*/
|
|
4
|
+
/**
|
|
5
|
+
* Check: resilience/timer-lifecycle
|
|
6
|
+
*
|
|
7
|
+
* Detects setInterval() calls without corresponding clearInterval() cleanup.
|
|
8
|
+
*/
|
|
9
|
+
export declare const timerLifecycle: import("@opensip-cli/fitness").Check;
|
|
10
|
+
//# sourceMappingURL=timer-lifecycle.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"timer-lifecycle.d.ts","sourceRoot":"","sources":["../../../src/checks/resilience/timer-lifecycle.ts"],"names":[],"mappings":"AAAA;;GAEG;AA0DH;;;;GAIG;AACH,eAAO,MAAM,cAAc,sCAoBzB,CAAC"}
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Timer lifecycle check
|
|
3
|
+
*/
|
|
4
|
+
import { defineCheck } from '@opensip-cli/fitness';
|
|
5
|
+
/**
|
|
6
|
+
* Analyze a file for setInterval without corresponding clearInterval
|
|
7
|
+
*/
|
|
8
|
+
// eslint-disable-next-line sonarjs/cognitive-complexity -- Inherent complexity: line-by-line detection of setInterval/clearInterval pairs with variable capture tracking
|
|
9
|
+
function analyzeTimerLifecycle(content, _filePath) {
|
|
10
|
+
const violations = [];
|
|
11
|
+
const lines = content.split('\n');
|
|
12
|
+
// Quick check: skip files without setInterval
|
|
13
|
+
if (!content.includes('setInterval'))
|
|
14
|
+
return violations;
|
|
15
|
+
const intervalCreations = [];
|
|
16
|
+
let hasClearInterval = false;
|
|
17
|
+
for (const [i, line_] of lines.entries()) {
|
|
18
|
+
/* v8 ignore next -- defensive: lines.entries() never yields undefined */
|
|
19
|
+
const line = line_ ?? '';
|
|
20
|
+
const trimmed = line.trim();
|
|
21
|
+
// Skip comments
|
|
22
|
+
if (trimmed.startsWith('//') || trimmed.startsWith('*'))
|
|
23
|
+
continue;
|
|
24
|
+
// Detect setInterval with variable capture
|
|
25
|
+
const intervalMatch = /(?:const|let|var)\s+(\w+)\s*=\s*setInterval\s*\(/.exec(line);
|
|
26
|
+
if (intervalMatch) {
|
|
27
|
+
/* v8 ignore next -- defensive: regex (\w+) capture group always yields a string */
|
|
28
|
+
intervalCreations.push({ line: i + 1, varName: intervalMatch[1] ?? null });
|
|
29
|
+
}
|
|
30
|
+
else if (/\bsetInterval\s*\(/.test(line) && !line.includes('clearInterval')) {
|
|
31
|
+
// setInterval without variable capture
|
|
32
|
+
intervalCreations.push({ line: i + 1, varName: null });
|
|
33
|
+
}
|
|
34
|
+
// Detect cleanup
|
|
35
|
+
if (/\bclearInterval\s*\(/.test(line))
|
|
36
|
+
hasClearInterval = true;
|
|
37
|
+
}
|
|
38
|
+
// Flag intervals without corresponding cleanup
|
|
39
|
+
if (!hasClearInterval) {
|
|
40
|
+
for (const interval of intervalCreations) {
|
|
41
|
+
violations.push({
|
|
42
|
+
line: interval.line,
|
|
43
|
+
// eslint-disable-next-line sonarjs/no-nested-template-literals -- Optional variable name suffix is a single inline expression; clearer than pre-computing
|
|
44
|
+
message: `setInterval() created${interval.varName ? ` (${interval.varName})` : ''} without clearInterval() in the same module — potential timer leak`,
|
|
45
|
+
severity: 'warning',
|
|
46
|
+
suggestion: 'Store the timer ID and call clearInterval() in a cleanup/dispose/shutdown handler',
|
|
47
|
+
type: 'interval-without-cleanup',
|
|
48
|
+
});
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
return violations;
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Check: resilience/timer-lifecycle
|
|
55
|
+
*
|
|
56
|
+
* Detects setInterval() calls without corresponding clearInterval() cleanup.
|
|
57
|
+
*/
|
|
58
|
+
export const timerLifecycle = defineCheck({
|
|
59
|
+
id: 'f42299e1-6d22-4c4b-a236-6157a95f0949',
|
|
60
|
+
slug: 'timer-lifecycle',
|
|
61
|
+
scope: { languages: ['typescript'], concerns: ['backend', 'frontend', 'cli'] },
|
|
62
|
+
description: 'Detects setInterval() calls without corresponding clearInterval() cleanup — prevents timer leaks',
|
|
63
|
+
longDescription: `**Purpose:** Detects \`setInterval()\` calls that have no corresponding \`clearInterval()\` in the same module, which causes timer leaks.
|
|
64
|
+
|
|
65
|
+
**Detects:**
|
|
66
|
+
- \`setInterval()\` calls (with or without variable capture) where no \`clearInterval()\` exists in the same file
|
|
67
|
+
- Focuses on \`setInterval\` (always needs cleanup) rather than \`setTimeout\` (often fire-and-forget)
|
|
68
|
+
|
|
69
|
+
**Why it matters:** Leaked intervals cause memory leaks and can prevent graceful shutdown. They continue executing after their purpose has ended.
|
|
70
|
+
|
|
71
|
+
**Scope:** Backend code. Analyzes each file individually via regex.`,
|
|
72
|
+
tags: ['resilience', 'memory', 'lifecycle'],
|
|
73
|
+
fileTypes: ['ts'],
|
|
74
|
+
contentFilter: 'strip-strings',
|
|
75
|
+
confidence: 'medium',
|
|
76
|
+
analyze: analyzeTimerLifecycle,
|
|
77
|
+
});
|
|
78
|
+
//# sourceMappingURL=timer-lifecycle.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"timer-lifecycle.js","sourceRoot":"","sources":["../../../src/checks/resilience/timer-lifecycle.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,WAAW,EAAuB,MAAM,sBAAsB,CAAC;AAExE;;GAEG;AACH,yKAAyK;AACzK,SAAS,qBAAqB,CAAC,OAAe,EAAE,SAAiB;IAC/D,MAAM,UAAU,GAAqB,EAAE,CAAC;IACxC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,8CAA8C;IAC9C,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC;QAAE,OAAO,UAAU,CAAC;IAExD,MAAM,iBAAiB,GAA+C,EAAE,CAAC;IACzE,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAE7B,KAAK,MAAM,CAAC,CAAC,EAAE,KAAK,CAAC,IAAI,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;QACzC,yEAAyE;QACzE,MAAM,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAE5B,gBAAgB;QAChB,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QAElE,2CAA2C;QAC3C,MAAM,aAAa,GAAG,kDAAkD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpF,IAAI,aAAa,EAAE,CAAC;YAClB,mFAAmF;YACnF,iBAAiB,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAC7E,CAAC;aAAM,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;YAC9E,uCAAuC;YACvC,iBAAiB,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,iBAAiB;QACjB,IAAI,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,gBAAgB,GAAG,IAAI,CAAC;IACjE,CAAC;IAED,+CAA+C;IAC/C,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,KAAK,MAAM,QAAQ,IAAI,iBAAiB,EAAE,CAAC;YACzC,UAAU,CAAC,IAAI,CAAC;gBACd,IAAI,EAAE,QAAQ,CAAC,IAAI;gBACnB,0JAA0J;gBAC1J,OAAO,EAAE,wBAAwB,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,EAAE,oEAAoE;gBACrJ,QAAQ,EAAE,SAAS;gBACnB,UAAU,EACR,mFAAmF;gBACrF,IAAI,EAAE,0BAA0B;aACjC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,WAAW,CAAC;IACxC,EAAE,EAAE,sCAAsC;IAC1C,IAAI,EAAE,iBAAiB;IACvB,KAAK,EAAE,EAAE,SAAS,EAAE,CAAC,YAAY,CAAC,EAAE,QAAQ,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,KAAK,CAAC,EAAE;IAC9E,WAAW,EACT,kGAAkG;IACpG,eAAe,EAAE;;;;;;;;oEAQiD;IAClE,IAAI,EAAE,CAAC,YAAY,EAAE,QAAQ,EAAE,WAAW,CAAC;IAC3C,SAAS,EAAE,CAAC,IAAI,CAAC;IACjB,aAAa,EAAE,eAAe;IAC9B,UAAU,EAAE,QAAQ;IACpB,OAAO,EAAE,qBAAqB;CAC/B,CAAC,CAAC"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Transaction handling resilience checks
|
|
3
|
+
*/
|
|
4
|
+
/**
|
|
5
|
+
* Check: resilience/transaction-boundary-validation
|
|
6
|
+
*
|
|
7
|
+
* Validates transaction boundaries are properly managed:
|
|
8
|
+
* - Transactions are committed or rolled back
|
|
9
|
+
* - No async operations inside transactions that could cause long locks
|
|
10
|
+
* - Proper error handling in transaction blocks
|
|
11
|
+
*/
|
|
12
|
+
export declare const transactionBoundaryValidation: import("@opensip-cli/fitness").Check;
|
|
13
|
+
/**
|
|
14
|
+
* Check: resilience/transaction-timeout
|
|
15
|
+
*
|
|
16
|
+
* Validates transactions have timeout configurations:
|
|
17
|
+
* - Statement timeouts to prevent long-running queries
|
|
18
|
+
* - Lock timeouts to prevent deadlocks
|
|
19
|
+
*/
|
|
20
|
+
export declare const transactionTimeout: import("@opensip-cli/fitness").Check;
|
|
21
|
+
//# sourceMappingURL=transaction-patterns.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"transaction-patterns.d.ts","sourceRoot":"","sources":["../../../src/checks/resilience/transaction-patterns.ts"],"names":[],"mappings":"AAEA;;GAEG;AA8KH;;;;;;;GAOG;AACH,eAAO,MAAM,6BAA6B,sCAwCxC,CAAC;AAMH;;;;;;GAMG;AACH,eAAO,MAAM,kBAAkB,sCA2D7B,CAAC"}
|