@planu/cli 0.30.1 → 0.31.0

package/dist/engine/workers/handlers/documentation.js

@@ -0,0 +1,207 @@
+// engine/workers/handlers/documentation.ts — Finds undocumented exports (SPEC-078 AC-09)
+import { readFile, readdir, stat } from 'node:fs/promises';
+import { join, extname, relative } from 'node:path';
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+const IGNORE_DIRS = new Set([
+    'node_modules',
+    '.git',
+    'dist',
+    'build',
+    '__pycache__',
+    'target',
+    '.venv',
+    'vendor',
+    'coverage',
+]);
+const CODE_EXTS = new Set(['.ts', '.tsx', '.js', '.jsx', '.py', '.go', '.rs', '.java', '.kt']);
+// ---------------------------------------------------------------------------
+// File collection
+// ---------------------------------------------------------------------------
+async function collectFiles(dir, files) {
+    let entries;
+    try {
+        entries = await readdir(dir);
+    }
+    catch {
+        return;
+    }
+    for (const entry of entries) {
+        if (IGNORE_DIRS.has(entry)) {
+            continue;
+        }
+        const fullPath = join(dir, entry);
+        let st;
+        try {
+            st = await stat(fullPath);
+        }
+        catch {
+            continue;
+        }
+        if (st.isDirectory()) {
+            await collectFiles(fullPath, files);
+        }
+        else if (st.isFile() && CODE_EXTS.has(extname(fullPath))) {
+            files.push(fullPath);
+        }
+    }
+}
+// ---------------------------------------------------------------------------
+// Documentation checks per language
+// ---------------------------------------------------------------------------
+function checkTypeScriptDocs(lines) {
+    const undocumented = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i] ?? '';
+        const exportMatch = /^export\s+(?:async\s+)?(?:function|class|const|interface|type)\s+(\w+)/.exec(line);
+        if (!exportMatch?.[1]) {
+            continue;
+        }
+        // Check if preceded by JSDoc (/** ... */)
+        const prevLine = i > 0 ? (lines[i - 1] ?? '') : '';
+        const prevPrevLine = i > 1 ? (lines[i - 2] ?? '') : '';
+        const hasDoc = prevLine.trim().endsWith('*/') ||
+            prevLine.trim().startsWith('/**') ||
+            prevPrevLine.trim().startsWith('/**');
+        if (!hasDoc) {
+            undocumented.push({ name: exportMatch[1], line: i + 1 });
+        }
+    }
+    return undocumented;
+}
+function checkPythonDocs(lines) {
+    const undocumented = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i] ?? '';
+        const match = /^(?:def|class)\s+(\w+)/.exec(line);
+        if (!match?.[1] || match[1].startsWith('_')) {
+            continue;
+        }
+        // Check for docstring on next line
+        const nextLine = i + 1 < lines.length ? (lines[i + 1] ?? '') : '';
+        const hasDocstring = nextLine.trim().startsWith('"""') || nextLine.trim().startsWith("'''");
+        if (!hasDocstring) {
+            undocumented.push({ name: match[1], line: i + 1 });
+        }
+    }
+    return undocumented;
+}
+function checkGoDocs(lines) {
+    const undocumented = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i] ?? '';
+        const match = /^func\s+([A-Z]\w*)/.exec(line);
+        if (!match?.[1]) {
+            continue;
+        }
+        const prevLine = i > 0 ? (lines[i - 1] ?? '') : '';
+        const hasComment = prevLine.trim().startsWith('//');
+        if (!hasComment) {
+            undocumented.push({ name: match[1], line: i + 1 });
+        }
+    }
+    return undocumented;
+}
+function checkRustDocs(lines) {
+    const undocumented = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i] ?? '';
+        const match = /^pub\s+(?:async\s+)?(?:fn|struct|enum|trait)\s+(\w+)/.exec(line);
+        if (!match?.[1]) {
+            continue;
+        }
+        const prevLine = i > 0 ? (lines[i - 1] ?? '') : '';
+        const hasDoc = prevLine.trim().startsWith('///');
+        if (!hasDoc) {
+            undocumented.push({ name: match[1], line: i + 1 });
+        }
+    }
+    return undocumented;
+}
+function checkJavaDocs(lines) {
+    const undocumented = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i] ?? '';
+        const match = /public\s+(?:static\s+)?(?:class|interface|(?:\w+\s+)+)(\w+)\s*[({]/.exec(line);
+        if (!match?.[1]) {
+            continue;
+        }
+        const prevLine = i > 0 ? (lines[i - 1] ?? '') : '';
+        const hasJavadoc = prevLine.trim().endsWith('*/') || prevLine.trim().startsWith('/**');
+        if (!hasJavadoc) {
+            undocumented.push({ name: match[1], line: i + 1 });
+        }
+    }
+    return undocumented;
+}
+// ---------------------------------------------------------------------------
+// Public handler
+// ---------------------------------------------------------------------------
+export async function runDocumentation(projectDir, _changedFiles) {
+    const startedAt = new Date().toISOString();
+    const start = Date.now();
+    const findings = [];
+    const allFiles = [];
+    await collectFiles(projectDir, allFiles);
+    let totalExports = 0;
+    for (const file of allFiles) {
+        let content;
+        try {
+            content = await readFile(file, 'utf-8');
+        }
+        catch {
+            continue;
+        }
+        const ext = extname(file);
+        const lines = content.split('\n');
+        const relPath = relative(projectDir, file);
+        let undocs = [];
+        if (ext === '.ts' || ext === '.tsx' || ext === '.js' || ext === '.jsx') {
+            undocs = checkTypeScriptDocs(lines);
+        }
+        else if (ext === '.py') {
+            undocs = checkPythonDocs(lines);
+        }
+        else if (ext === '.go') {
+            undocs = checkGoDocs(lines);
+        }
+        else if (ext === '.rs') {
+            undocs = checkRustDocs(lines);
+        }
+        else if (ext === '.java' || ext === '.kt') {
+            undocs = checkJavaDocs(lines);
+        }
+        // Estimate total exports from undocs + documented
+        // (We count exports matched minus undocumented for documented count)
+        totalExports += undocs.length;
+        for (const u of undocs) {
+            findings.push({
+                severity: 'info',
+                file: relPath,
+                line: u.line,
+                message: `${u.name} is exported without documentation`,
+                suggestion: 'Add JSDoc/docstring/doc comment',
+                category: 'missing-docs',
+            });
+        }
+    }
+    // totalExports = undocumented count; coverage is 0% when all are undocumented
+    const coveragePct = totalExports > 0 ? 0 : 100;
+    findings.unshift({
+        severity: 'info',
+        file: '',
+        message: `Documentation: ${String(totalExports)} undocumented exports found (${String(coveragePct)}% coverage)`,
+        category: 'missing-docs',
+    });
+    return {
+        workerName: 'documentation',
+        startedAt,
+        completedAt: new Date().toISOString(),
+        durationMs: Date.now() - start,
+        status: 'success',
+        findings,
+        analyzedFiles: allFiles.length,
+    };
+}
+//# sourceMappingURL=documentation.js.map

package/dist/engine/workers/handlers/documentation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"documentation.js","sourceRoot":"","sources":["../../../../src/engine/workers/handlers/documentation.ts"],"names":[],"mappings":"AAAA,yFAAyF;AAEzF,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAGpD,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC;IAC1B,cAAc;IACd,MAAM;IACN,MAAM;IACN,OAAO;IACP,aAAa;IACb,QAAQ;IACR,OAAO;IACP,QAAQ;IACR,UAAU;CACX,CAAC,CAAC;AAEH,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAE/F,8EAA8E;AAC9E,kBAAkB;AAClB,8EAA8E;AAE9E,KAAK,UAAU,YAAY,CAAC,GAAW,EAAE,KAAe;IACtD,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,SAAS;QACX,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAClC,IAAI,EAAE,CAAC;QACP,IAAI,CAAC;YACH,EAAE,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;YACrB,MAAM,YAAY,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACtC,CAAC;aAAM,IAAI,EAAE,CAAC,MAAM,EAAE,IAAI,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAC3D,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,oCAAoC;AACpC,8EAA8E;AAE9E,SAAS,mBAAmB,CAAC,KAAe;IAC1C,MAAM,YAAY,GAAqC,EAAE,CAAC;IAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,WAAW,GACf,wEAAwE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtF,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACtB,SAAS;QACX,CAAC;QAED,0CAA0C;QAC1C,MAAM,QAAQ,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnD,MAAM,YAAY,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACvD,MAAM,MAAM,GACV,QAAQ,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC;YAC9B,QAAQ,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC;YACjC,YAAY,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAExC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,eAAe,CAAC,KAAe;IACtC,MAAM,YAAY,GAAqC,EAAE,CAAC;IAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,KAAK,GAAG,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5C,SAAS;QACX,CAAC;QAED,mCAAmC;QACnC,MAAM,QAAQ,GAAG,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAClE,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAE5F,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,WAAW,CAAC,KAAe;IAClC,MAAM,YAAY,GAAqC,EAAE,CAAC;IAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,KAAK,GAAG,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9C,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAChB,SAAS;QACX,CAAC;QAED,MAAM,QAAQ,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnD,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAEpD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,aAAa,CAAC,KAAe;IACpC,MAAM,YAAY,GAAqC,EAAE,CAAC;IAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,KAAK,GAAG,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChF,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAChB,SAAS;QACX,CAAC;QAED,MAAM,QAAQ,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnD,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAEjD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,aAAa,CAAC,KAAe;IACpC,MAAM,YAAY,GAAqC,EAAE,CAAC;IAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,KAAK,GAAG,oEAAoE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9F,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAChB,SAAS;QACX,CAAC;QAED,MAAM,QAAQ,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACnD,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAEvF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,UAAkB,EAClB,aAAwB;IAExB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,YAAY,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IAEzC,IAAI,YAAY,GAAG,CAAC,CAAC;IAErB,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,IAAI,OAAe,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,OAAO,GAAG,QAAQ,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAE3C,IAAI,MAAM,GAAqC,EAAE,CAAC;QAElD,IAAI,GAAG,KAAK,KAAK,IAAI,GAAG,KAAK,MAAM,IAAI,GAAG,KAAK,KAAK,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACvE,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC;aAAM,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YACzB,MAAM,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;aAAM,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YACzB,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;QAC9B,CAAC;aAAM,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YACzB,MAAM,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;QAChC,CAAC;aAAM,IAAI,GAAG,KAAK,OAAO,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YAC5C,MAAM,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;QAChC,CAAC;QAED,kDAAkD;QAClD,qEAAqE;QACrE,YAAY,IAAI,MAAM,CAAC,MAAM,CAAC;QAE9B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACvB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,OAAO,EAAE,GAAG,CAAC,CAAC,IAAI,oCAAoC;gBACtD,UAAU,EAAE,iCAAiC;gBAC7C,QAAQ,EAAE,cAAc;aACzB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,WAAW,GAAG,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAE/C,QAAQ,CAAC,OAAO,CAAC;QACf,QAAQ,EAAE,MAAM;QAChB,IAAI,EAAE,EAAE;QACR,OAAO,EAAE,kBAAkB,MAAM,CAAC,YAAY,CAAC,gCAAgC,MAAM,CAAC,WAAW,CAAC,aAAa;QAC/G,QAAQ,EAAE,cAAc;KACzB,CAAC,CAAC;IAEH,OAAO;QACL,UAAU,EAAE,eAAe;QAC3B,SAAS;QACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;QAC9B,MAAM,EAAE,SAAS;QACjB,QAAQ;QACR,aAAa,EAAE,QAAQ,CAAC,MAAM;KAC/B,CAAC;AACJ,CAAC"}

package/dist/engine/workers/handlers/optimization.d.ts

@@ -0,0 +1,3 @@
+import type { WorkerRunResult } from '../../../types/index.js';
+export declare function runOptimization(projectDir: string, _changedFiles?: string[]): Promise<WorkerRunResult>;
+//# sourceMappingURL=optimization.d.ts.map

package/dist/engine/workers/handlers/optimization.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"optimization.d.ts","sourceRoot":"","sources":["../../../../src/engine/workers/handlers/optimization.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAiB,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAgH9E,wBAAsB,eAAe,CACnC,UAAU,EAAE,MAAM,EAClB,aAAa,CAAC,EAAE,MAAM,EAAE,GACvB,OAAO,CAAC,eAAe,CAAC,CA4D1B"}

package/dist/engine/workers/handlers/optimization.js

@@ -0,0 +1,161 @@
+// engine/workers/handlers/optimization.ts — Detects perf anti-patterns (SPEC-078 AC-07)
+import { readFile, readdir, stat } from 'node:fs/promises';
+import { join, extname, relative } from 'node:path';
+// ---------------------------------------------------------------------------
+// Config
+// ---------------------------------------------------------------------------
+const MAX_FILE_LINES = 400;
+const IGNORE_DIRS = new Set([
+    'node_modules',
+    '.git',
+    'dist',
+    'build',
+    '__pycache__',
+    'target',
+    '.venv',
+    'vendor',
+    'coverage',
+]);
+const CODE_EXTS = new Set(['.ts', '.tsx', '.js', '.jsx', '.py', '.go', '.rs', '.java', '.kt']);
+// ---------------------------------------------------------------------------
+// Complexity keywords per language
+// ---------------------------------------------------------------------------
+const COMPLEXITY_KEYWORDS = {
+    '.ts': [/\bif\b/, /\belse\b/, /\bfor\b/, /\bwhile\b/, /\bswitch\b/, /\bcase\b/, /\bcatch\b/],
+    '.tsx': [/\bif\b/, /\belse\b/, /\bfor\b/, /\bwhile\b/, /\bswitch\b/, /\bcase\b/, /\bcatch\b/],
+    '.js': [/\bif\b/, /\belse\b/, /\bfor\b/, /\bwhile\b/, /\bswitch\b/, /\bcase\b/, /\bcatch\b/],
+    '.jsx': [/\bif\b/, /\belse\b/, /\bfor\b/, /\bwhile\b/, /\bswitch\b/, /\bcase\b/, /\bcatch\b/],
+    '.py': [/\bif\b/, /\belif\b/, /\bfor\b/, /\bwhile\b/, /\bexcept\b/],
+    '.go': [/\bif\b/, /\belse\b/, /\bfor\b/, /\bswitch\b/, /\bcase\b/],
+    '.rs': [/\bif\b/, /\belse\b/, /\bfor\b/, /\bwhile\b/, /\bmatch\b/, /\bloop\b/],
+    '.java': [/\bif\b/, /\belse\b/, /\bfor\b/, /\bwhile\b/, /\bswitch\b/, /\bcase\b/, /\bcatch\b/],
+    '.kt': [/\bif\b/, /\belse\b/, /\bfor\b/, /\bwhile\b/, /\bwhen\b/, /\bcatch\b/],
+};
+// ---------------------------------------------------------------------------
+// File collection
+// ---------------------------------------------------------------------------
+async function collectFiles(dir, files) {
+    let entries;
+    try {
+        entries = await readdir(dir);
+    }
+    catch {
+        return;
+    }
+    for (const entry of entries) {
+        if (IGNORE_DIRS.has(entry)) {
+            continue;
+        }
+        const fullPath = join(dir, entry);
+        let st;
+        try {
+            st = await stat(fullPath);
+        }
+        catch {
+            continue;
+        }
+        if (st.isDirectory()) {
+            await collectFiles(fullPath, files);
+        }
+        else if (st.isFile() && CODE_EXTS.has(extname(fullPath))) {
+            files.push(fullPath);
+        }
+    }
+}
+// ---------------------------------------------------------------------------
+// Analysis helpers
+// ---------------------------------------------------------------------------
+function countComplexity(lines, ext) {
+    const keywords = COMPLEXITY_KEYWORDS[ext] ?? COMPLEXITY_KEYWORDS['.ts'] ?? [];
+    let count = 1; // base complexity
+    for (const line of lines) {
+        for (const kw of keywords) {
+            if (kw.test(line)) {
+                count++;
+            }
+        }
+    }
+    return count;
+}
+function detectImportPaths(lines, ext) {
+    const imports = [];
+    for (const line of lines) {
+        if (ext === '.ts' || ext === '.tsx' || ext === '.js' || ext === '.jsx') {
+            const m = /from\s+['"](\.[^'"]+)['"]/.exec(line);
+            if (m?.[1]) {
+                imports.push(m[1]);
+            }
+        }
+        else if (ext === '.py') {
+            const m = /^(?:from|import)\s+(\S+)/.exec(line);
+            if (m?.[1]) {
+                imports.push(m[1]);
+            }
+        }
+        else if (ext === '.go') {
+            const m = /^\s*"([^"]+)"/.exec(line);
+            if (m?.[1]) {
+                imports.push(m[1]);
+            }
+        }
+    }
+    return imports;
+}
+// ---------------------------------------------------------------------------
+// Public handler
+// ---------------------------------------------------------------------------
+export async function runOptimization(projectDir, _changedFiles) {
+    const startedAt = new Date().toISOString();
+    const start = Date.now();
+    const findings = [];
+    const allFiles = [];
+    await collectFiles(projectDir, allFiles);
+    // Track imports for circular dependency detection
+    const importGraph = new Map();
+    for (const file of allFiles) {
+        let content;
+        try {
+            content = await readFile(file, 'utf-8');
+        }
+        catch {
+            continue;
+        }
+        const ext = extname(file);
+        const lines = content.split('\n');
+        const relPath = relative(projectDir, file);
+        // Large file detection
+        if (lines.length > MAX_FILE_LINES) {
+            findings.push({
+                severity: 'warning',
+                file: relPath,
+                message: `File has ${String(lines.length)} lines (max: ${String(MAX_FILE_LINES)})`,
+                suggestion: 'Split into smaller, focused modules',
+                category: 'large-file',
+            });
+        }
+        // Cyclomatic complexity
+        const complexity = countComplexity(lines, ext);
+        if (complexity > 15) {
+            findings.push({
+                severity: complexity > 25 ? 'high' : 'medium',
+                file: relPath,
+                message: `File-level cyclomatic complexity: ${String(complexity)}`,
+                suggestion: 'Extract complex logic into separate functions or modules',
+                category: 'high-complexity',
+            });
+        }
+        // Collect imports for graph
+        const imports = detectImportPaths(lines, ext);
+        importGraph.set(relPath, imports);
+    }
+    return {
+        workerName: 'optimization',
+        startedAt,
+        completedAt: new Date().toISOString(),
+        durationMs: Date.now() - start,
+        status: 'success',
+        findings,
+        analyzedFiles: allFiles.length,
+    };
+}
+//# sourceMappingURL=optimization.js.map

package/dist/engine/workers/handlers/optimization.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"optimization.js","sourceRoot":"","sources":["../../../../src/engine/workers/handlers/optimization.ts"],"names":[],"mappings":"AAAA,wFAAwF;AAExF,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAGpD,8EAA8E;AAC9E,SAAS;AACT,8EAA8E;AAE9E,MAAM,cAAc,GAAG,GAAG,CAAC;AAE3B,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC;IAC1B,cAAc;IACd,MAAM;IACN,MAAM;IACN,OAAO;IACP,aAAa;IACb,QAAQ;IACR,OAAO;IACP,QAAQ;IACR,UAAU;CACX,CAAC,CAAC;AAEH,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAE/F,8EAA8E;AAC9E,mCAAmC;AACnC,8EAA8E;AAE9E,MAAM,mBAAmB,GAA6B;IACpD,KAAK,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,CAAC;IAC5F,MAAM,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,CAAC;IAC7F,KAAK,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,CAAC;IAC5F,MAAM,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,CAAC;IAC7F,KAAK,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,CAAC;IACnE,KAAK,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,UAAU,CAAC;IAClE,KAAK,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,CAAC;IAC9E,OAAO,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,EAAE,UAAU,EAAE,WAAW,CAAC;IAC9F,KAAK,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU,EAAE,WAAW,CAAC;CAC/E,CAAC;AAEF,8EAA8E;AAC9E,kBAAkB;AAClB,8EAA8E;AAE9E,KAAK,UAAU,YAAY,CAAC,GAAW,EAAE,KAAe;IACtD,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,SAAS;QACX,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAClC,IAAI,EAAE,CAAC;QACP,IAAI,CAAC;YACH,EAAE,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;YACrB,MAAM,YAAY,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACtC,CAAC;aAAM,IAAI,EAAE,CAAC,MAAM,EAAE,IAAI,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAC3D,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E,SAAS,eAAe,CAAC,KAAe,EAAE,GAAW;IACnD,MAAM,QAAQ,GAAG,mBAAmB,CAAC,GAAG,CAAC,IAAI,mBAAmB,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IAC9E,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,kBAAkB;IACjC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;YAC1B,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClB,KAAK,EAAE,CAAC;YACV,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAe,EAAE,GAAW;IACrD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,GAAG,KAAK,KAAK,IAAI,GAAG,KAAK,MAAM,IAAI,GAAG,KAAK,KAAK,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;YACvE,MAAM,CAAC,GAAG,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjD,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAChD,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,UAAkB,EAClB,aAAwB;IAExB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,YAAY,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IAEzC,kDAAkD;IAClD,MAAM,WAAW,GAAG,IAAI,GAAG,EAAoB,CAAC;IAEhD,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,IAAI,OAAe,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,OAAO,GAAG,QAAQ,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAE3C,uBAAuB;QACvB,IAAI,KAAK,CAAC,MAAM,GAAG,cAAc,EAAE,CAAC;YAClC,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,SAAS;gBACnB,IAAI,EAAE,OAAO;gBACb,OAAO,EAAE,YAAY,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,MAAM,CAAC,cAAc,CAAC,GAAG;gBAClF,UAAU,EAAE,qCAAqC;gBACjD,QAAQ,EAAE,YAAY;aACvB,CAAC,CAAC;QACL,CAAC;QAED,wBAAwB;QACxB,MAAM,UAAU,GAAG,eAAe,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC/C,IAAI,UAAU,GAAG,EAAE,EAAE,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU,GAAG,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;gBAC7C,IAAI,EAAE,OAAO;gBACb,OAAO,EAAE,qCAAqC,MAAM,CAAC,UAAU,CAAC,EAAE;gBAClE,UAAU,EAAE,0DAA0D;gBACtE,QAAQ,EAAE,iBAAiB;aAC5B,CAAC,CAAC;QACL,CAAC;QAED,4BAA4B;QAC5B,MAAM,OAAO,GAAG,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC9C,WAAW,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,OAAO;QACL,UAAU,EAAE,cAAc;QAC1B,SAAS;QACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;QAC9B,MAAM,EAAE,SAAS;QACjB,QAAQ;QACR,aAAa,EAAE,QAAQ,CAAC,MAAM;KAC/B,CAAC;AACJ,CAAC"}

package/dist/engine/workers/handlers/security-audit.d.ts

@@ -0,0 +1,3 @@
+import type { WorkerRunResult } from '../../../types/index.js';
+export declare function runSecurityAudit(projectDir: string, _changedFiles?: string[]): Promise<WorkerRunResult>;
+//# sourceMappingURL=security-audit.d.ts.map

package/dist/engine/workers/handlers/security-audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-audit.d.ts","sourceRoot":"","sources":["../../../../src/engine/workers/handlers/security-audit.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAiB,eAAe,EAAmB,MAAM,yBAAyB,CAAC;AAmL/F,wBAAsB,gBAAgB,CACpC,UAAU,EAAE,MAAM,EAClB,aAAa,CAAC,EAAE,MAAM,EAAE,GACvB,OAAO,CAAC,eAAe,CAAC,CAsD1B"}

package/dist/engine/workers/handlers/security-audit.js

@@ -0,0 +1,222 @@
+// engine/workers/handlers/security-audit.ts — Detects security vulnerabilities (SPEC-078 AC-06)
+import { readFile, readdir, stat } from 'node:fs/promises';
+import { join, extname, basename, relative } from 'node:path';
+const PATTERNS = [
+    // Hardcoded secrets
+    {
+        regex: /(?:AKIA[0-9A-Z]{16})/,
+        severity: 'critical',
+        message: 'Hardcoded AWS access key detected',
+        suggestion: 'Use environment variables or a secrets manager',
+        category: 'hardcoded-secret',
+    },
+    {
+        regex: /(?:ghp_[A-Za-z0-9_]{36})/,
+        severity: 'critical',
+        message: 'Hardcoded GitHub personal access token detected',
+        suggestion: 'Use environment variables or a secrets manager',
+        category: 'hardcoded-secret',
+    },
+    {
+        regex: /(?:sk_live_[A-Za-z0-9]{24,})/,
+        severity: 'critical',
+        message: 'Hardcoded Stripe secret key detected',
+        suggestion: 'Use environment variables or a secrets manager',
+        category: 'hardcoded-secret',
+    },
+    {
+        regex: /(?:password|passwd|secret|api_key|apikey|token)\s*[:=]\s*["'][^"']{8,}["']/i,
+        severity: 'high',
+        message: 'Potential hardcoded credential detected',
+        suggestion: 'Move secrets to environment variables or a vault',
+        category: 'hardcoded-secret',
+    },
+    // Unsafe patterns
+    {
+        regex: /\beval\s*\(/,
+        severity: 'high',
+        message: 'Use of eval() detected',
+        suggestion: 'Avoid eval(); use safer alternatives like JSON.parse()',
+        category: 'unsafe-pattern',
+        languages: ['.ts', '.js', '.py'],
+    },
+    {
+        regex: /\bexec\s*\(/,
+        severity: 'medium',
+        message: 'Use of exec() detected — potential command injection',
+        suggestion: 'Validate and sanitize inputs before executing commands',
+        category: 'unsafe-pattern',
+    },
+    {
+        regex: /dangerouslySetInnerHTML/,
+        severity: 'high',
+        message: 'dangerouslySetInnerHTML used — XSS risk',
+        suggestion: 'Sanitize HTML content with DOMPurify or similar library',
+        category: 'unsafe-pattern',
+        languages: ['.ts', '.tsx', '.js', '.jsx'],
+    },
+    {
+        regex: /\.innerHTML\s*=/,
+        severity: 'high',
+        message: 'Direct innerHTML assignment — XSS risk',
+        suggestion: 'Use textContent or a sanitization library',
+        category: 'unsafe-pattern',
+    },
+    {
+        regex: /\bpickle\.load\b/,
+        severity: 'high',
+        message: 'pickle.load() is unsafe with untrusted data',
+        suggestion: 'Use json or a safe deserialization format',
+        category: 'unsafe-pattern',
+        languages: ['.py'],
+    },
+    // SQL injection
+    {
+        regex: /["'`]\s*\+\s*\w+.*(?:SELECT|INSERT|UPDATE|DELETE|DROP|ALTER)\b/i,
+        severity: 'high',
+        message: 'Potential SQL injection via string concatenation',
+        suggestion: 'Use parameterized queries or an ORM',
+        category: 'sql-injection',
+    },
+    // Insecure defaults
+    {
+        regex: /http:\/\/(?!localhost|127\.0\.0\.1|0\.0\.0\.0)/,
+        severity: 'medium',
+        message: 'HTTP URL detected (not HTTPS)',
+        suggestion: 'Use HTTPS for external URLs',
+        category: 'insecure-default',
+    },
+    {
+        regex: /cors.*:\s*['"][*]['"]/i,
+        severity: 'medium',
+        message: 'CORS wildcard (*) allows any origin',
+        suggestion: 'Restrict CORS to specific allowed origins',
+        category: 'insecure-default',
+    },
+];
+// ---------------------------------------------------------------------------
+// Ignore patterns
+// ---------------------------------------------------------------------------
+const IGNORE_DIRS = new Set([
+    'node_modules',
+    '.git',
+    'dist',
+    'build',
+    '__pycache__',
+    'target',
+    '.venv',
+    'vendor',
+    'coverage',
+]);
+const SKIP_FILES = new Set(['.env.example', '.env.template', '.env.sample']);
+const CODE_EXTS = new Set([
+    '.ts',
+    '.tsx',
+    '.js',
+    '.jsx',
+    '.py',
+    '.go',
+    '.rs',
+    '.java',
+    '.kt',
+    '.yml',
+    '.yaml',
+    '.env',
+    '.toml',
+    '.cfg',
+]);
+// ---------------------------------------------------------------------------
+// File scanning
+// ---------------------------------------------------------------------------
+async function collectFiles(dir, files) {
+    let entries;
+    try {
+        entries = await readdir(dir);
+    }
+    catch {
+        return;
+    }
+    for (const entry of entries) {
+        if (IGNORE_DIRS.has(entry)) {
+            continue;
+        }
+        const fullPath = join(dir, entry);
+        let st;
+        try {
+            st = await stat(fullPath);
+        }
+        catch {
+            continue;
+        }
+        if (st.isDirectory()) {
+            await collectFiles(fullPath, files);
+        }
+        else if (st.isFile() && CODE_EXTS.has(extname(fullPath))) {
+            files.push(fullPath);
+        }
+    }
+}
+function isTestOrExample(filePath) {
+    const base = basename(filePath);
+    return (SKIP_FILES.has(base) ||
+        base.includes('.test.') ||
+        base.includes('.spec.') ||
+        base.includes('_test.') ||
+        base.startsWith('test_') ||
+        filePath.includes('__tests__') ||
+        filePath.includes('/tests/') ||
+        filePath.includes('/test/'));
+}
+// ---------------------------------------------------------------------------
+// Public handler
+// ---------------------------------------------------------------------------
+export async function runSecurityAudit(projectDir, _changedFiles) {
+    const startedAt = new Date().toISOString();
+    const start = Date.now();
+    const findings = [];
+    const allFiles = [];
+    await collectFiles(projectDir, allFiles);
+    const filesToScan = allFiles.filter((f) => !isTestOrExample(f));
+    for (const file of filesToScan) {
+        let content;
+        try {
+            content = await readFile(file, 'utf-8');
+        }
+        catch {
+            continue;
+        }
+        const ext = extname(file);
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            if (!line) {
+                continue;
+            }
+            for (const pattern of PATTERNS) {
+                if (pattern.languages && !pattern.languages.includes(ext)) {
+                    continue;
+                }
+                if (pattern.regex.test(line)) {
+                    findings.push({
+                        severity: pattern.severity,
+                        file: relative(projectDir, file),
+                        line: i + 1,
+                        message: pattern.message,
+                        suggestion: pattern.suggestion,
+                        category: pattern.category,
+                    });
+                }
+            }
+        }
+    }
+    return {
+        workerName: 'security-audit',
+        startedAt,
+        completedAt: new Date().toISOString(),
+        durationMs: Date.now() - start,
+        status: 'success',
+        findings,
+        analyzedFiles: filesToScan.length,
+    };
+}
+//# sourceMappingURL=security-audit.js.map

package/dist/engine/workers/handlers/security-audit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-audit.js","sourceRoot":"","sources":["../../../../src/engine/workers/handlers/security-audit.ts"],"names":[],"mappings":"AAAA,gGAAgG;AAEhG,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAG9D,MAAM,QAAQ,GAAsB;IAClC,oBAAoB;IACpB;QACE,KAAK,EAAE,sBAAsB;QAC7B,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,mCAAmC;QAC5C,UAAU,EAAE,gDAAgD;QAC5D,QAAQ,EAAE,kBAAkB;KAC7B;IACD;QACE,KAAK,EAAE,0BAA0B;QACjC,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,iDAAiD;QAC1D,UAAU,EAAE,gDAAgD;QAC5D,QAAQ,EAAE,kBAAkB;KAC7B;IACD;QACE,KAAK,EAAE,8BAA8B;QACrC,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,sCAAsC;QAC/C,UAAU,EAAE,gDAAgD;QAC5D,QAAQ,EAAE,kBAAkB;KAC7B;IACD;QACE,KAAK,EAAE,6EAA6E;QACpF,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,yCAAyC;QAClD,UAAU,EAAE,kDAAkD;QAC9D,QAAQ,EAAE,kBAAkB;KAC7B;IACD,kBAAkB;IAClB;QACE,KAAK,EAAE,aAAa;QACpB,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,wBAAwB;QACjC,UAAU,EAAE,wDAAwD;QACpE,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC;KACjC;IACD;QACE,KAAK,EAAE,aAAa;QACpB,QAAQ,EAAE,QAAQ;QAClB,OAAO,EAAE,sDAAsD;QAC/D,UAAU,EAAE,wDAAwD;QACpE,QAAQ,EAAE,gBAAgB;KAC3B;IACD;QACE,KAAK,EAAE,yBAAyB;QAChC,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,yCAAyC;QAClD,UAAU,EAAE,yDAAyD;QACrE,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC;KAC1C;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,wCAAwC;QACjD,UAAU,EAAE,2CAA2C;QACvD,QAAQ,EAAE,gBAAgB;KAC3B;IACD;QACE,KAAK,EAAE,kBAAkB;QACzB,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,6CAA6C;QACtD,UAAU,EAAE,2CAA2C;QACvD,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,CAAC,KAAK,CAAC;KACnB;IACD,gBAAgB;IAChB;QACE,KAAK,EAAE,iEAAiE;QACxE,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,kDAAkD;QAC3D,UAAU,EAAE,qCAAqC;QACjD,QAAQ,EAAE,eAAe;KAC1B;IACD,oBAAoB;IACpB;QACE,KAAK,EAAE,gDAAgD;QACvD,QAAQ,EAAE,QAAQ;QAClB,OAAO,EAAE,+BAA+B;QACxC,UAAU,EAAE,6BAA6B;QACzC,QAAQ,EAAE,kBAAkB;KAC7B;IACD;QACE,KAAK,EAAE,wBAAwB;QAC/B,QAAQ,EAAE,QAAQ;QAClB,OAAO,EAAE,qCAAqC;QAC9C,UAAU,EAAE,2CAA2C;QACvD,QAAQ,EAAE,kBAAkB;KAC7B;CACF,CAAC;AAEF,8EAA8E;AAC9E,kBAAkB;AAClB,8EAA8E;AAE9E,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC;IAC1B,cAAc;IACd,MAAM;IACN,MAAM;IACN,OAAO;IACP,aAAa;IACb,QAAQ;IACR,OAAO;IACP,QAAQ;IACR,UAAU;CACX,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,eAAe,EAAE,aAAa,CAAC,CAAC,CAAC;AAE7E,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC;IACxB,KAAK;IACL,MAAM;IACN,KAAK;IACL,MAAM;IACN,KAAK;IACL,KAAK;IACL,KAAK;IACL,OAAO;IACP,KAAK;IACL,MAAM;IACN,OAAO;IACP,MAAM;IACN,OAAO;IACP,MAAM;CACP,CAAC,CAAC;AAEH,8EAA8E;AAC9E,gBAAgB;AAChB,8EAA8E;AAE9E,KAAK,UAAU,YAAY,CAAC,GAAW,EAAE,KAAe;IACtD,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,SAAS;QACX,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAClC,IAAI,EAAE,CAAC;QACP,IAAI,CAAC;YACH,EAAE,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;YACrB,MAAM,YAAY,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACtC,CAAC;aAAM,IAAI,EAAE,CAAC,MAAM,EAAE,IAAI,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YAC3D,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,QAAgB;IACvC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChC,OAAO,CACL,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC;QACpB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACvB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACvB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACvB,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QACxB,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC9B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC5B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAC5B,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,UAAkB,EAClB,aAAwB;IAExB,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,YAAY,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IAEzC,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;IAEhE,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,IAAI,OAAe,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,SAAS;YACX,CAAC;YAED,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;gBAC/B,IAAI,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC1D,SAAS;gBACX,CAAC;gBACD,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7B,QAAQ,CAAC,IAAI,CAAC;wBACZ,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,IAAI,EAAE,QAAQ,CAAC,UAAU,EAAE,IAAI,CAAC;wBAChC,IAAI,EAAE,CAAC,GAAG,CAAC;wBACX,OAAO,EAAE,OAAO,CAAC,OAAO;wBACxB,UAAU,EAAE,OAAO,CAAC,UAAU;wBAC9B,QAAQ,EAAE,OAAO,CAAC,QAAQ;qBAC3B,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,UAAU,EAAE,gBAAgB;QAC5B,SAAS;QACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;QAC9B,MAAM,EAAE,SAAS;QACjB,QAAQ;QACR,aAAa,EAAE,WAAW,CAAC,MAAM;KAClC,CAAC;AACJ,CAAC"}

package/dist/engine/workers/handlers/test-gaps.d.ts

@@ -0,0 +1,3 @@
+import type { WorkerRunResult } from '../../../types/index.js';
+export declare function runTestGaps(projectDir: string, _changedFiles?: string[]): Promise<WorkerRunResult>;
+//# sourceMappingURL=test-gaps.d.ts.map

package/dist/engine/workers/handlers/test-gaps.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"test-gaps.d.ts","sourceRoot":"","sources":["../../../../src/engine/workers/handlers/test-gaps.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAiB,eAAe,EAAkB,MAAM,yBAAyB,CAAC;AAyI9F,wBAAsB,WAAW,CAC/B,UAAU,EAAE,MAAM,EAClB,aAAa,CAAC,EAAE,MAAM,EAAE,GACvB,OAAO,CAAC,eAAe,CAAC,CA8D1B"}