npm - @runhalo/engine - Versions diffs - 0.4.0 → 0.5.0 - Mend

@runhalo/engine 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (33) hide show

package/dist/ast-engine.d.ts +60 -0
package/dist/ast-engine.js +653 -0
package/dist/ast-engine.js.map +1 -0
package/dist/context-analyzer.d.ts +209 -0
package/dist/context-analyzer.js +401 -0
package/dist/context-analyzer.js.map +1 -0
package/dist/data-flow-tracer.d.ts +106 -0
package/dist/data-flow-tracer.js +506 -0
package/dist/data-flow-tracer.js.map +1 -0
package/dist/frameworks/django.d.ts +11 -0
package/dist/frameworks/django.js +57 -0
package/dist/frameworks/django.js.map +1 -0
package/dist/frameworks/index.d.ts +59 -0
package/dist/frameworks/index.js +93 -0
package/dist/frameworks/index.js.map +1 -0
package/dist/frameworks/nextjs.d.ts +11 -0
package/dist/frameworks/nextjs.js +59 -0
package/dist/frameworks/nextjs.js.map +1 -0
package/dist/frameworks/rails.d.ts +11 -0
package/dist/frameworks/rails.js +58 -0
package/dist/frameworks/rails.js.map +1 -0
package/dist/frameworks/types.d.ts +29 -0
package/dist/frameworks/types.js +11 -0
package/dist/frameworks/types.js.map +1 -0
package/dist/index.d.ts +24 -0
package/dist/index.js +105 -7
package/dist/index.js.map +1 -1
package/dist/scope-analyzer.d.ts +91 -0
package/dist/scope-analyzer.js +300 -0
package/dist/scope-analyzer.js.map +1 -0
package/package.json +6 -2
package/rules/rules.json +1699 -72
package/rules/validation-report.json +58 -0

package/dist/ast-engine.d.ts ADDED Viewed

@@ -0,0 +1,60 @@
+/**
+ * Halo AST Rule Engine
+ *
+ * Takes a parsed tree-sitter AST + rule ID and returns an AST-based verdict
+ * that supplements the regex scanner. AST analysis can suppress false positives
+ * (e.g., a Schema that already has TTL) or confirm true positives with higher
+ * confidence.
+ *
+ * Sprint 8: 10 rule analyzers for JS/TS.
+ * HARD SCOPE: Single-file only (via DataFlowTracer).
+ */
+import Parser from 'tree-sitter';
+export type ASTVerdict = 'confirmed' | 'suppressed' | 'regex_only';
+export interface ASTResult {
+    /** Whether the violation is confirmed, suppressed, or not analyzable by AST */
+    verdict: ASTVerdict;
+    /** Confidence in the verdict: 0.0 to 1.0 */
+    confidence: number;
+    /** Human-readable reason for the verdict */
+    reason?: string;
+}
+/** Minimal violation info needed for AST analysis */
+export interface ViolationInfo {
+    ruleId: string;
+    line: number;
+    column: number;
+    codeSnippet: string;
+}
+export declare class ASTRuleEngine {
+    private scopeAnalyzer;
+    constructor();
+    /**
+     * Analyze a regex-detected violation using AST context.
+     *
+     * @param ruleId   - The COPPA/ethical rule ID
+     * @param content  - Full file content
+     * @param violation - The violation from the regex scanner
+     * @param tree     - Parsed tree-sitter AST
+     * @returns ASTResult with verdict, confidence, and reason
+     */
+    analyzeViolation(ruleId: string, content: string, violation: ViolationInfo, tree: Parser.Tree): ASTResult;
+    /**
+     * Analyze a violation with a known file path (used from scanFileWithAST integration).
+     * This version passes the real file path for scope analysis.
+     */
+    analyzeViolationWithPath(ruleId: string, filePath: string, content: string, violation: ViolationInfo, tree: Parser.Tree): ASTResult;
+    private getAnalyzer;
+    private analyzeTracking003;
+    private analyzeRetention005;
+    private analyzeExtLinks017;
+    private analyzeXSS015;
+    private analyzeAuth001;
+    private analyzeUI008;
+    private checkPrivacyInContent;
+    private analyzeUGC014;
+    private analyzeFlow009;
+    private analyzeCookies016;
+    private analyzeInfiniteScroll001;
+}
+export default ASTRuleEngine;